memory-journal-mcp 4.3.0 → 4.4.0

package/SECURITY.md

@@ -1,220 +1,225 @@
-# 🔒 Security Guide
-
-The Memory Journal MCP server implements comprehensive security measures to protect your personal journal data.
-
-## 🛡️ **Database Security**
-
-### **WAL Mode Enabled**
-
-- ✅ **Write-Ahead Logging (WAL)** enabled for better concurrency and crash recovery
-- ✅ **Atomic transactions** ensure data consistency
-- ✅ **Better performance** with concurrent read/write operations
-
-### **Optimized PRAGMA Settings**
-
-```sql
-PRAGMA foreign_keys = ON          -- Enforce referential integrity
-PRAGMA journal_mode = WAL         -- Enable WAL mode
-PRAGMA synchronous = NORMAL       -- Balance safety and performance
-PRAGMA cache_size = -64000        -- 64MB cache for better performance
-PRAGMA mmap_size = 268435456      -- 256MB memory-mapped I/O
-PRAGMA temp_store = MEMORY        -- Store temp tables in memory
-PRAGMA busy_timeout = 30000       -- 30-second timeout for busy database
-```
-
-### **File Permissions**
-
-- ✅ **Database files**: `600` (read/write for owner only)
-- ✅ **Data directory**: `700` (full access for owner only)
-- ✅ **Automatic permission setting** on database creation
-
-## 🔐 **Input Validation**
-
-### **Content Limits**
-
-- **Journal entries**: 50,000 characters maximum
-- **Tags**: 100 characters maximum
-- **Entry types**: 50 characters maximum
-- **Significance types**: 50 characters maximum
-
-### **Character Filtering**
-
-Dangerous characters are blocked in tags:
-
-- `<` `>` `"` `'` `&` `\x00`
-
-### **SQL Injection Prevention**
-
-- ✅ **Parameterized queries** used throughout
-- ✅ **Input validation** before database operations
-- ✅ **Warning system** for potentially dangerous content patterns
-
-## 🐳 **Docker Security**
-
-### **Non-Root User**
-
-- ✅ **Dedicated user**: `appuser` with minimal privileges
-- ✅ **No shell access**: `/bin/false` shell for security
-- ✅ **Restricted home directory**: `/app/user`
-
-### **File System Security**
-
-- ✅ **Minimal base image**: `python:3.11-slim`
-- ✅ **Restricted data directory**: `700` permissions
-- ✅ **Volume mounting**: Data persists outside container
-
-### **Container Isolation**
-
-- ✅ **Process isolation** from host system
-- ✅ **Network isolation** (no external network access needed)
-- ✅ **Resource limits** can be applied via Docker
-
-## 🔍 **Data Privacy**
-
-### **Local-First Architecture**
-
-- ✅ **No external services**: All processing happens locally
-- ✅ **No telemetry**: No data sent to external servers
-- ✅ **Full data ownership**: SQLite database stays on your machine
-
-### **Context Bundle Security**
-
-- ✅ **Git context**: Only reads local repository information
-- ✅ **No sensitive data**: Doesn't access private keys or credentials
-- ✅ **Optional GitHub integration**: Only if explicitly configured
-
-## 🚨 **Security Best Practices**
-
-### **For Users**
-
-1. **Keep Docker updated**: Regularly update Docker and base images
-2. **Secure host system**: Ensure your host machine is secure
-3. **Regular backups**: Back up your `data/` directory
-4. **Monitor logs**: Check container logs for any unusual activity
-5. **Limit access**: Don't expose the container to external networks
-
-### **For Developers**
-
-1. **Regular updates**: Keep Python and dependencies updated
-2. **Security scanning**: Regularly scan Docker images for vulnerabilities
-3. **Code review**: All database operations use parameterized queries
-4. **Input validation**: All user inputs are validated before processing
-
-## 🔧 **Security Configuration**
-
-### **Environment Variables**
-
-```bash
-# Database location (should be on secure volume)
-DB_PATH=/app/data/memory_journal.db
-
-# Python path for module resolution
-PYTHONPATH=/app
-```
-
-### **Volume Mounting Security**
-
-```bash
-# Secure volume mounting
-docker run -v ./data:/app/data:rw,noexec,nosuid,nodev memory-journal-mcp
-```
-
-### **Resource Limits**
-
-```bash
-# Apply resource limits
-docker run --memory=1g --cpus=1 memory-journal-mcp
-```
-
-## 📋 **Security Checklist**
-
-- [x] WAL mode enabled for database consistency
-- [x] Proper file permissions (600/700)
-- [x] Input validation and length limits
-- [x] Parameterized SQL queries
-- [x] Non-root Docker user
-- [x] Minimal container attack surface
-- [x] Local-first data architecture
-- [x] No external network dependencies
-- [x] Comprehensive error handling
-- [x] Security documentation
-
-## 🚨 **Reporting Security Issues**
-
-If you discover a security vulnerability, please:
-
-1. **Do not** open a public GitHub issue
-2. **Contact** the maintainers privately
-3. **Provide** detailed information about the vulnerability
-4. **Allow** time for the issue to be addressed before public disclosure
-
-## 🔄 **Security Updates**
-
-- **Database maintenance**: Run `ANALYZE` and `PRAGMA optimize` regularly
-- **Container updates**: Rebuild Docker images when base images are updated
-- **Dependency updates**: Keep Python packages updated
-- **Security patches**: Apply host system security updates
-
-### **Recent Security Fixes**
-
-#### **CodeQL #110, #111: URL Substring Sanitization Vulnerability** (Fixed: October 26, 2025)
-
-- **Issue**: Incomplete URL substring sanitization in GitHub remote URL parsing
-- **Severity**: MEDIUM
-- **Affected Code**: `_extract_repo_owner_from_remote()` function in server.py
-- **Vulnerability Details**:
-  - Used unsafe substring checks: `'github.com' in remote_url` and `'github.com/' in remote_url`
-  - Could allow malicious URLs to bypass hostname validation
-  - Example bypasses: `http://evil.com/github.com/fake/repo` or `http://github.com.evil.com/fake/repo`
-- **Mitigation**:
-  - ✅ **Proper URL Parsing**: Implemented `urllib.parse.urlparse()` for HTTPS/HTTP URLs
-  - ✅ **Exact Hostname Matching**: Validates `parsed.hostname == 'github.com'` (not substring or endswith)
-  - ✅ **SSH URL Validation**: Explicit `startswith('git@github.com:')` check for SSH format
-  - ✅ **Defense in Depth**: Returns `None` for any non-GitHub URLs instead of attempting to parse
-- **Technical Details**:
-  - Vulnerability: CWE-20 (Improper Input Validation)
-  - CodeQL Rule: `py/incomplete-url-substring-sanitization`
-  - Context: Limited impact as this only parses Git remote URLs from local repositories
-  - However, could be exploited if an attacker could manipulate Git config files
-- **Verification**: Review `_extract_repo_owner_from_remote()` function for proper urlparse usage
-- **Impact**: Prevents URL spoofing attacks in repository owner detection
-- **Reference**: [OWASP: SSRF](https://owasp.org/www-community/attacks/Server_Side_Request_Forgery) | [CWE-20](https://cwe.mitre.org/data/definitions/20.html)
-
-#### **CVE-2025-58050: PCRE2 Heap Buffer Overflow** (Fixed: October 26, 2025)
-
-- **Issue**: PCRE2 heap-buffer-overflow read in match_ref due to missing boundary restoration
-- **Severity**: CRITICAL
-- **Affected Package**: pcre2 <10.46-r0
-- **Mitigation**:
-  - ✅ **Alpine Package**: Explicitly upgraded to pcre2=10.46-r0 in Dockerfile
-  - ✅ **Early Installation**: Upgraded in first layer to ensure all subsequent packages use patched version
-  - ✅ **Docker Base Image**: Using Python 3.14-alpine with latest security patches
-- **Technical Details**:
-  - Vulnerability could allow heap buffer overflow attacks during regex pattern matching
-  - Fixed version restores boundaries correctly in match_ref function
-  - PCRE2 is a system dependency used by various tools including git and grep
-- **Verification**: Run `apk info pcre2` in Alpine container to confirm version ≥10.46-r0
-- **Impact**: Prevents potential remote code execution via malformed regex patterns
-- **Reference**: [CVE-2025-58050](https://avd.aquasec.com/nvd/cve-2025-58050)
-
-#### **CVE-2025-8869: pip Symbolic Link Vulnerability** (Fixed: October 20, 2025)
-
-- **Issue**: pip missing checks on symbolic link extraction in fallback tar implementation (when Python doesn't implement PEP 706)
-- **Severity**: MEDIUM
-- **Affected Package**: pip <25.0 (with Python versions without PEP 706 support)
-- **Comprehensive Mitigations**:
-  - ✅ **Python Version**: Minimum requirement bumped to 3.10.12+ (all versions ≥3.10.12 implement PEP 706)
-  - ✅ **pip Upgrade**: Explicitly upgrading to pip>=25.0 in all build processes (CI, Docker, local)
-  - ✅ **Docker Base Image**: Using Python 3.14-alpine which fully implements PEP 706
-  - ✅ **CI/CD Pipelines**: Updated to test against minimum Python 3.10.12
-  - ✅ **pyproject.toml**: Enforced minimum Python version requirement
-- **Technical Details**:
-  - PEP 706 provides secure tar extraction with symlink validation
-  - When Python implements PEP 706, pip uses the secure implementation
-  - Otherwise, pip falls back to its own implementation which had the vulnerability
-  - Our fix addresses both the pip version and underlying Python version
-- **Verification**: Run `pip --version` to confirm pip>=25.0
-- **Impact**: Prevents potential exploitation during package installation via tar extraction
-- **Reference**: [CVE-2025-8869](https://nvd.nist.gov/vuln/detail/CVE-2025-8869) | [PEP 706](https://peps.python.org/pep-0706/)
-
-The Memory Journal MCP server is designed with **security-first principles** to protect your personal journal data while maintaining excellent performance and usability.
+# 🔒 Security Guide
+
+The Memory Journal MCP server implements comprehensive security measures to protect your personal journal data.
+
+## 🛡️ **Database Security**
+
+### **WAL Mode Enabled**
+
+- ✅ **Write-Ahead Logging (WAL)** enabled for better concurrency and crash recovery
+- ✅ **Atomic transactions** ensure data consistency
+- ✅ **Better performance** with concurrent read/write operations
+
+### **Optimized PRAGMA Settings**
+
+```sql
+PRAGMA foreign_keys = ON          -- Enforce referential integrity
+PRAGMA journal_mode = WAL         -- Enable WAL mode
+PRAGMA synchronous = NORMAL       -- Balance safety and performance
+PRAGMA cache_size = -64000        -- 64MB cache for better performance
+PRAGMA mmap_size = 268435456      -- 256MB memory-mapped I/O
+PRAGMA temp_store = MEMORY        -- Store temp tables in memory
+PRAGMA busy_timeout = 30000       -- 30-second timeout for busy database
+```
+
+### **File Permissions**
+
+- ✅ **Database files**: `600` (read/write for owner only)
+- ✅ **Data directory**: `700` (full access for owner only)
+- ✅ **Automatic permission setting** on database creation
+
+## 🔐 **Input Validation**
+
+### **Content Limits**
+
+- **Journal entries**: 50,000 characters maximum
+- **Tags**: 100 characters maximum
+- **Entry types**: 50 characters maximum
+- **Significance types**: 50 characters maximum
+- **HTTP request body**: 1MB maximum (prevents memory exhaustion)
+
+### **Character Filtering**
+
+Dangerous characters are blocked in tags:
+
+- `<` `>` `"` `'` `&` `\x00`
+
+### **SQL Injection Prevention**
+
+- ✅ **Parameterized queries** used throughout
+- ✅ **Input validation** via Zod schemas before database operations
+- ✅ **Warning system** for potentially dangerous content patterns
+- ✅ **LIKE pattern sanitization** (escapes `%`, `_`, `\` wildcards)
+- ✅ **Date format whitelisting** (prevents strftime injection)
+
+### **Path Traversal Protection**
+
+- ✅ **Backup filenames validated** - rejects `/`, `\`, `..` in paths
+- ✅ **Typed security errors** with consistent error codes
+
+## 🌐 **HTTP Transport Security**
+
+When running in HTTP mode (`--transport http`), the following security measures apply:
+
+### **CORS Configuration**
+
+- ✅ **Configurable origin** via `--cors-origin` flag or `MCP_CORS_ORIGIN` environment variable
+- ⚠️ **Default: `*`** (allow all origins) for backward compatibility
+- 🔒 **Recommended**: Set a specific origin for production deployments
+
+```bash
+# Restrict CORS to specific origin
+memory-journal-mcp --transport http --cors-origin "http://localhost:3000"
+
+# Or via environment variable
+export MCP_CORS_ORIGIN="http://localhost:3000"
+```
+
+### **Security Headers**
+
+- ✅ **X-Content-Type-Options: nosniff** - prevents MIME sniffing
+- ✅ **X-Frame-Options: DENY** - prevents clickjacking
+
+### **Session Management (Stateful Mode)**
+
+- ✅ **UUID-based session IDs** (cryptographically random)
+- ✅ **30-minute session timeout** - idle sessions automatically expired
+- ✅ **5-minute sweep interval** - periodic cleanup of abandoned sessions
+- ✅ **Explicit session termination** via `DELETE /mcp`
+
+### **Request Size Limits**
+
+- ✅ **1MB body limit** on JSON requests (prevents memory exhaustion DoS)
+
+## 🐙 **GitHub Token Security**
+
+### **Token Handling**
+
+- ✅ **Environment variables only** - tokens never stored in config files
+- ✅ **Error message scrubbing** - Authorization headers stripped from error logs
+- ✅ **Optional integration** - server works fully offline without GitHub token
+- ✅ **Minimal scopes** - only requires `repo`, `project`, `read:org`
+
+### **Environment Variables**
+
+```bash
+# Required for GitHub features
+GITHUB_TOKEN=ghp_...            # GitHub personal access token
+
+# Optional
+GITHUB_ORG_TOKEN=ghp_...        # For organization projects
+GITHUB_REPO_PATH=/path/to/repo  # For auto-detecting owner/repo
+DEFAULT_PROJECT_NUMBER=1         # Default project for issue assignment
+MCP_CORS_ORIGIN=*               # CORS origin (default: *)
+MCP_HOST=localhost               # Server bind host
+AUTO_REBUILD_INDEX=true          # Rebuild vector index on startup
+```
+
+## 🐳 **Docker Security**
+
+### **Non-Root User**
+
+- ✅ **Dedicated user**: `appuser` (UID 1001) with minimal privileges
+- ✅ **Restricted group**: `appgroup` (GID 1001)
+- ✅ **Restricted data directory**: `700` permissions
+
+### **Container Hardening**
+
+- ✅ **Minimal base image**: `node:24-alpine`
+- ✅ **Multi-stage build**: Build dependencies not in production image
+- ✅ **Process isolation** from host system
+- ✅ **No shell access needed** for production
+
+### **Volume Mounting Security**
+
+```bash
+# Secure volume mounting
+docker run -v ./data:/app/data:rw,noexec,nosuid,nodev memory-journal-mcp
+```
+
+### **Resource Limits**
+
+```bash
+# Apply resource limits
+docker run --memory=1g --cpus=1 memory-journal-mcp
+```
+
+## 🔍 **Data Privacy**
+
+### **Local-First Architecture**
+
+- ✅ **No external services**: All processing happens locally
+- ✅ **No telemetry**: No data sent to external servers
+- ✅ **Full data ownership**: SQLite database stays on your machine
+- ✅ **Semantic search**: ML model runs locally via `@xenova/transformers`
+
+### **Context Security**
+
+- ✅ **Git context**: Only reads local repository information
+- ✅ **No sensitive data**: Doesn't access private keys or credentials
+- ✅ **Optional GitHub integration**: Only if explicitly configured with token
+
+## 🔄 **CI/CD Security**
+
+- ✅ **CodeQL analysis** - automated static analysis on push/PR
+- ✅ **Trivy container scanning** - Docker image vulnerability detection
+- ✅ **TruffleHog + Gitleaks** - secret scanning on push/PR
+- ✅ **npm audit** - dependency vulnerability checking
+- ✅ **Dependabot** - automated dependency update PRs
+
+## 🚨 **Security Best Practices**
+
+### **For Users**
+
+1. **Set a CORS origin** when exposing the HTTP transport on a network
+2. **Keep Node.js updated**: Use Node.js 24+ (LTS)
+3. **Secure host system**: Ensure your host machine is secure
+4. **Regular backups**: Use the `backup_journal` tool or back up your `.db` file
+5. **Limit network access**: Don't expose the HTTP transport to untrusted networks
+6. **Use resource limits**: Apply Docker `--memory` and `--cpus` limits
+
+### **For Developers**
+
+1. **Regular updates**: Keep Node.js and npm dependencies updated
+2. **Security scanning**: Regularly scan Docker images for vulnerabilities
+3. **Code review**: All database operations use parameterized queries
+4. **Input validation**: All tool inputs validated via Zod schemas
+
+## 📋 **Security Checklist**
+
+- [x] WAL mode enabled for database consistency
+- [x] Proper file permissions (600/700)
+- [x] Input validation and length limits (Zod schemas)
+- [x] Parameterized SQL queries
+- [x] SQL injection detection heuristics
+- [x] Path traversal protection
+- [x] LIKE pattern sanitization
+- [x] Date format whitelisting
+- [x] HTTP body size limit (1MB)
+- [x] Configurable CORS origin
+- [x] Security headers (X-Content-Type-Options, X-Frame-Options)
+- [x] Session timeout (30 minutes)
+- [x] Non-root Docker user
+- [x] Multi-stage Docker build
+- [x] Local-first data architecture
+- [x] GitHub token error scrubbing
+- [x] CI/CD security pipeline (CodeQL, Trivy, secret scanning)
+- [x] Comprehensive security documentation
+
+## 🚨 **Reporting Security Issues**
+
+If you discover a security vulnerability, please:
+
+1. **Do not** open a public GitHub issue
+2. **Contact** the maintainers privately
+3. **Provide** detailed information about the vulnerability
+4. **Allow** time for the issue to be addressed before public disclosure
+
+## 🔄 **Security Updates**
+
+- **Container updates**: Rebuild Docker images when base images are updated
+- **Dependency updates**: Keep npm packages updated via `npm audit` and Dependabot
+- **Database maintenance**: Run `ANALYZE` and `PRAGMA optimize` regularly
+- **Security patches**: Apply host system security updates
+
+The Memory Journal MCP server is designed with **security-first principles** to protect your personal journal data while maintaining excellent performance and usability.

package/dist/cli.js

@@ -12,25 +12,31 @@ program
     .version(pkg.version)
     .option('--transport <type>', 'Transport type: stdio or http', 'stdio')
     .option('--port <number>', 'HTTP port (for http transport)', '3000')
+    .option('--server-host <host>', 'Server bind host for HTTP transport (default: localhost)')
     .option('--stateless', 'Use stateless HTTP mode (no session management)')
     .option('--db <path>', 'Database path', './memory_journal.db')
     .option('--tool-filter <filter>', 'Tool filter string (e.g., "starter", "core,search")')
     .option('--default-project <number>', 'Default GitHub Project number')
     .option('--auto-rebuild-index', 'Rebuild vector index on server startup')
+    .option('--cors-origin <origin>', 'CORS allowed origin for HTTP transport (default: *)')
     .option('--log-level <level>', 'Log level: debug, info, warning, error', 'info')
     .action(async (options) => {
     // Set log level
     logger.setLevel(options.logLevel);
+    // Resolve host: CLI flag > env var > default (localhost)
+    const host = options.serverHost ?? process.env['MCP_HOST'] ?? process.env['HOST'] ?? undefined;
     logger.info('Starting Memory Journal MCP Server', {
         module: 'CLI',
         transport: options.transport,
         stateless: options.stateless ?? false,
         db: options.db,
+        ...(host ? { host } : {}),
     });
     try {
         await createServer({
             transport: options.transport,
             port: parseInt(options.port, 10),
+            host,
             statelessHttp: options.stateless === true,
             dbPath: options.db,
             toolFilter: options.toolFilter,
@@ -40,6 +46,7 @@ program
                     ? parseInt(process.env['DEFAULT_PROJECT_NUMBER'], 10)
                     : undefined,
             autoRebuildIndex: options.autoRebuildIndex ?? process.env['AUTO_REBUILD_INDEX'] === 'true',
+            corsOrigin: options.corsOrigin,
         });
     }
     catch (error) {

package/dist/cli.js.map

@@ -1 +1 @@
-{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;AACnC,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAA;AACpD,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAA;AAC1C,OAAO,GAAG,MAAM,iBAAiB,CAAC,OAAO,IAAI,EAAE,MAAM,EAAE,CAAA;AAEvD,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAA;AAE7B,OAAO;KACF,IAAI,CAAC,oBAAoB,CAAC;KAC1B,WAAW,CAAC,wDAAwD,CAAC;KACrE,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC;KACpB,MAAM,CAAC,oBAAoB,EAAE,+BAA+B,EAAE,OAAO,CAAC;KACtE,MAAM,CAAC,iBAAiB,EAAE,gCAAgC,EAAE,MAAM,CAAC;KACnE,MAAM,CAAC,aAAa,EAAE,iDAAiD,CAAC;KACxE,MAAM,CAAC,aAAa,EAAE,eAAe,EAAE,qBAAqB,CAAC;KAC7D,MAAM,CAAC,wBAAwB,EAAE,qDAAqD,CAAC;KACvF,MAAM,CAAC,4BAA4B,EAAE,+BAA+B,CAAC;KACrE,MAAM,CAAC,sBAAsB,EAAE,wCAAwC,CAAC;KACxE,MAAM,CAAC,qBAAqB,EAAE,wCAAwC,EAAE,MAAM,CAAC;KAC/E,MAAM,CACH,KAAK,EAAE,OASN,EAAE,EAAE;IACD,gBAAgB;IAChB,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,QAAkD,CAAC,CAAA;IAE3E,MAAM,CAAC,IAAI,CAAC,oCAAoC,EAAE;QAC9C,MAAM,EAAE,KAAK;QACb,SAAS,EAAE,OAAO,CAAC,SAAS;QAC5B,SAAS,EAAE,OAAO,CAAC,SAAS,IAAI,KAAK;QACrC,EAAE,EAAE,OAAO,CAAC,EAAE;KACjB,CAAC,CAAA;IAEF,IAAI,CAAC;QACD,MAAM,YAAY,CAAC;YACf,SAAS,EAAE,OAAO,CAAC,SAA6B;YAChD,IAAI,EAAE,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;YAChC,aAAa,EAAE,OAAO,CAAC,SAAS,KAAK,IAAI;YACzC,MAAM,EAAE,OAAO,CAAC,EAAE;YAClB,UAAU,EAAE,OAAO,CAAC,UAAU;YAC9B,oBAAoB,EAAE,OAAO,CAAC,cAAc;gBACxC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,cAAc,EAAE,EAAE,CAAC;gBACtC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC;oBACrC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC,EAAE,EAAE,CAAC;oBACrD,CAAC,CAAC,SAAS;YACjB,gBAAgB,EACZ,OAAO,CAAC,gBAAgB,IAAI,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,KAAK,MAAM;SAC/E,CAAC,CAAA;IACN,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACb,MAAM,CAAC,KAAK,CAAC,wBAAwB,EAAE;YACnC,MAAM,EAAE,KAAK;YACb,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;SAChE,CAAC,CAAA;QACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IACnB,CAAC;AACL,CAAC,CACJ,CAAA;AAEL,OAAO,CAAC,KAAK,EAAE,CAAA"}
+{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;AACnC,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAA;AACpD,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAA;AAC1C,OAAO,GAAG,MAAM,iBAAiB,CAAC,OAAO,IAAI,EAAE,MAAM,EAAE,CAAA;AAEvD,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAA;AAE7B,OAAO;KACF,IAAI,CAAC,oBAAoB,CAAC;KAC1B,WAAW,CAAC,wDAAwD,CAAC;KACrE,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC;KACpB,MAAM,CAAC,oBAAoB,EAAE,+BAA+B,EAAE,OAAO,CAAC;KACtE,MAAM,CAAC,iBAAiB,EAAE,gCAAgC,EAAE,MAAM,CAAC;KACnE,MAAM,CAAC,sBAAsB,EAAE,0DAA0D,CAAC;KAC1F,MAAM,CAAC,aAAa,EAAE,iDAAiD,CAAC;KACxE,MAAM,CAAC,aAAa,EAAE,eAAe,EAAE,qBAAqB,CAAC;KAC7D,MAAM,CAAC,wBAAwB,EAAE,qDAAqD,CAAC;KACvF,MAAM,CAAC,4BAA4B,EAAE,+BAA+B,CAAC;KACrE,MAAM,CAAC,sBAAsB,EAAE,wCAAwC,CAAC;KACxE,MAAM,CAAC,wBAAwB,EAAE,qDAAqD,CAAC;KACvF,MAAM,CAAC,qBAAqB,EAAE,wCAAwC,EAAE,MAAM,CAAC;KAC/E,MAAM,CACH,KAAK,EAAE,OAWN,EAAE,EAAE;IACD,gBAAgB;IAChB,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,QAAkD,CAAC,CAAA;IAE3E,yDAAyD;IACzD,MAAM,IAAI,GACN,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,SAAS,CAAA;IAErF,MAAM,CAAC,IAAI,CAAC,oCAAoC,EAAE;QAC9C,MAAM,EAAE,KAAK;QACb,SAAS,EAAE,OAAO,CAAC,SAAS;QAC5B,SAAS,EAAE,OAAO,CAAC,SAAS,IAAI,KAAK;QACrC,EAAE,EAAE,OAAO,CAAC,EAAE;QACd,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAC5B,CAAC,CAAA;IAEF,IAAI,CAAC;QACD,MAAM,YAAY,CAAC;YACf,SAAS,EAAE,OAAO,CAAC,SAA6B;YAChD,IAAI,EAAE,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;YAChC,IAAI;YACJ,aAAa,EAAE,OAAO,CAAC,SAAS,KAAK,IAAI;YACzC,MAAM,EAAE,OAAO,CAAC,EAAE;YAClB,UAAU,EAAE,OAAO,CAAC,UAAU;YAC9B,oBAAoB,EAAE,OAAO,CAAC,cAAc;gBACxC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,cAAc,EAAE,EAAE,CAAC;gBACtC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC;oBACrC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC,EAAE,EAAE,CAAC;oBACrD,CAAC,CAAC,SAAS;YACjB,gBAAgB,EACZ,OAAO,CAAC,gBAAgB,IAAI,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,KAAK,MAAM;YAC5E,UAAU,EAAE,OAAO,CAAC,UAAU;SACjC,CAAC,CAAA;IACN,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACb,MAAM,CAAC,KAAK,CAAC,wBAAwB,EAAE;YACnC,MAAM,EAAE,KAAK;YACb,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;SAChE,CAAC,CAAA;QACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IACnB,CAAC;AACL,CAAC,CACJ,CAAA;AAEL,OAAO,CAAC,KAAK,EAAE,CAAA"}

package/dist/constants/ServerInstructions.d.ts

@@ -4,7 +4,7 @@
  * These instructions are automatically sent to MCP clients during initialization,
  * providing guidance for AI agents on tool usage.
  *
- * v3.1.6: Optimized for token efficiency with tiered instruction levels.
+ * Unreleased: Optimized for token efficiency with tiered instruction levels.
  */
 /**
  * Resource definition for instruction generation

package/dist/constants/ServerInstructions.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"ServerInstructions.d.ts","sourceRoot":"","sources":["../../src/constants/ServerInstructions.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAKH;;GAEG;AACH,MAAM,WAAW,kBAAkB;IAC/B,GAAG,EAAE,MAAM,CAAA;IACX,IAAI,EAAE,MAAM,CAAA;IACZ,WAAW,CAAC,EAAE,MAAM,CAAA;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC7B,IAAI,EAAE,MAAM,CAAA;IACZ,WAAW,CAAC,EAAE,MAAM,CAAA;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAChC,EAAE,EAAE,MAAM,CAAA;IACV,SAAS,EAAE,MAAM,CAAA;IACjB,SAAS,EAAE,MAAM,CAAA;IACjB,OAAO,EAAE,MAAM,CAAA;CAClB;AAED;;;;;GAKG;AACH,MAAM,MAAM,gBAAgB,GAAG,WAAW,GAAG,UAAU,GAAG,MAAM,CAAA;AAuLhE;;;;;;;;GAQG;AACH,wBAAgB,oBAAoB,CAChC,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,EACzB,UAAU,EAAE,kBAAkB,EAAE,EAChC,OAAO,EAAE,gBAAgB,EAAE,EAC3B,WAAW,CAAC,EAAE,mBAAmB,EACjC,KAAK,GAAE,gBAA6B,GACrC,MAAM,CAuCR;AAkBD;;;GAGG;AACH,eAAO,MAAM,mBAAmB,QAA+C,CAAA"}
+{"version":3,"file":"ServerInstructions.d.ts","sourceRoot":"","sources":["../../src/constants/ServerInstructions.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAKH;;GAEG;AACH,MAAM,WAAW,kBAAkB;IAC/B,GAAG,EAAE,MAAM,CAAA;IACX,IAAI,EAAE,MAAM,CAAA;IACZ,WAAW,CAAC,EAAE,MAAM,CAAA;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC7B,IAAI,EAAE,MAAM,CAAA;IACZ,WAAW,CAAC,EAAE,MAAM,CAAA;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAChC,EAAE,EAAE,MAAM,CAAA;IACV,SAAS,EAAE,MAAM,CAAA;IACjB,SAAS,EAAE,MAAM,CAAA;IACjB,OAAO,EAAE,MAAM,CAAA;CAClB;AAED;;;;;GAKG;AACH,MAAM,MAAM,gBAAgB,GAAG,WAAW,GAAG,UAAU,GAAG,MAAM,CAAA;AAmOhE;;;;;;;;GAQG;AACH,wBAAgB,oBAAoB,CAChC,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,EACzB,UAAU,EAAE,kBAAkB,EAAE,EAChC,OAAO,EAAE,gBAAgB,EAAE,EAC3B,WAAW,CAAC,EAAE,mBAAmB,EACjC,KAAK,GAAE,gBAA6B,GACrC,MAAM,CAuCR;AAkBD;;;GAGG;AACH,eAAO,MAAM,mBAAmB,QAA+C,CAAA"}