memory-journal-mcp 6.1.2 → 6.2.1

package/SECURITY.md

@@ -1,227 +0,0 @@
-# 🔒 Security Guide
-
-The Memory Journal MCP server implements comprehensive security measures to protect your personal journal data.
-
-## 🛡️ **Database Security**
-
-### **Native SQLite Architecture**
-
-The server uses the native **better-sqlite3** driver with **sqlite-vec** for vector operations, running directly against the filesystem.
-
-- ✅ **PRAGMA foreign_keys = ON** — enforces referential integrity and `ON DELETE CASCADE`
-- ✅ **Parameterized queries** — all user input bound via `?` placeholders
-- ✅ **WAL journal mode** — high concurrency with non-blocking reads (`PRAGMA journal_mode = WAL`)
-- ✅ **Synchronous Normal** — optimized durability and performance (`PRAGMA synchronous = NORMAL`)
-
-### **File Permissions (Docker)**
-
-- ✅ **Data directory**: `700` (full access for owner only) in Docker
-- ✅ **Non-root user** (`appuser:appgroup`) owns data directory
-
-## 🔐 **Input Validation**
-
-### **Content Limits**
-
-- **Journal entries**: 50,000 characters maximum
-- **Tags**: 100 characters maximum
-- **Entry types**: 50 characters maximum
-- **Significance types**: 50 characters maximum
-- **HTTP request body**: 1MB maximum (prevents memory exhaustion)
-
-### **Character Handling**
-
-Tags are stored as-is via parameterized queries. Special characters in tags
-are safely handled by the database layer and do not pose injection risks.
-
-### **SQL Injection Prevention**
-
-- ✅ **Parameterized queries** used throughout
-- ✅ **Input validation** via Zod schemas before database operations
-- ✅ **Warning system** for potentially dangerous content patterns
-- ✅ **FTS5 / LIKE pattern sanitization** (escapes `%`, `_`, `\` wildcards and handles FTS5 syntax errors gracefully)
-- ✅ **Date format whitelisting** (prevents strftime injection)
-
-### **Path Traversal Protection**
-
-- ✅ **Backup filenames validated** - rejects `/`, `\`, `..` in paths
-- ✅ **Typed security errors** with consistent error codes
-
-## 🌐 **HTTP Transport Security**
-
-When running in HTTP mode (`--transport http`), the following security measures apply:
-
-### **CORS Configuration**
-
-- ✅ **Configurable multiple origins** via comma-separated `--cors-origin` flag or `MCP_CORS_ORIGIN` environment variable
-- ✅ **Exact-match verification** (no wildcard matching for custom domains)
-- ⚠️ **Default: `*`** (allow all origins) for backward compatibility
-- 🔒 **Recommended**: Set specific origins for production deployments
-
-```bash
-# Restrict CORS to specific origins
-memory-journal-mcp --transport http --cors-origin "http://localhost:3000,https://my-app.com"
-
-# Or via environment variable
-export MCP_CORS_ORIGIN="http://localhost:3000,https://my-app.com"
-```
-
-### **Security Headers & Protections**
-
-- ✅ **DNS Rebinding Protection** — `hostHeaderValidation` middleware prevents CVE-2025-66414
-- ✅ **Strict-Transport-Security (HSTS)** — max-age=31536000; includeSubDomains (opt-in via `--enable-hsts`)
-- ✅ **X-Content-Type-Options: nosniff** — prevents MIME sniffing
-- ✅ **X-Frame-Options: DENY** — prevents clickjacking
-- ✅ **Content-Security-Policy: default-src 'none'; frame-ancestors 'none'** — prevents XSS and framing
-- ✅ **Cache-Control: no-store, no-cache, must-revalidate** — prevents caching of sensitive journal data
-- ✅ **Referrer-Policy: no-referrer** — prevents referrer leakage
-- ⚠️ **CORS wildcard warning** — server logs a warning when CORS origin is `*`
-
-### **Rate Limiting & Timeouts**
-
-- ✅ **Built-in Rate Limiting** — 100 requests/minute per IP (sliding window with `Retry-After` header)
-- ✅ **HTTP Timeouts** — Request timeout (120s), keep-alive timeout (65s), headers timeout (66s)
-
-### **Session Management (Stateful Mode)**
-
-- ✅ **UUID-based session IDs** (cryptographically random)
-- ✅ **30-minute session timeout** - idle sessions automatically expired
-- ✅ **5-minute sweep interval** - periodic cleanup of abandoned sessions
-- ✅ **Explicit session termination** via `DELETE /mcp`
-
-### **Request Size Limits**
-
-- ✅ **1MB body limit** on JSON requests (prevents memory exhaustion DoS)
-
-## 🐙 **GitHub Token Security**
-
-### **Token Handling**
-
-- ✅ **Environment variables only** - tokens never stored in config files
-- ✅ **Error message scrubbing** - Authorization headers stripped from error logs
-- ✅ **Optional integration** - server works fully offline without GitHub token
-- ✅ **Minimal scopes** - only requires `repo`, `project`, `read:org`
-
-### **Environment Variables**
-
-```bash
-# Required for GitHub features
-GITHUB_TOKEN=ghp_...            # GitHub personal access token
-
-# Optional
-GITHUB_ORG_TOKEN=ghp_...        # For organization projects
-GITHUB_REPO_PATH=/path/to/repo  # For auto-detecting owner/repo
-DEFAULT_PROJECT_NUMBER=1         # Default project for issue assignment
-MCP_CORS_ORIGIN=*               # CORS origin (default: *)
-MCP_HOST=localhost               # Server bind host
-AUTO_REBUILD_INDEX=true          # Rebuild vector index on startup
-```
-
-## 🐳 **Docker Security**
-
-### **Non-Root User**
-
-- ✅ **Dedicated user**: `appuser` (UID 1001) with minimal privileges
-- ✅ **Restricted group**: `appgroup` (GID 1001)
-- ✅ **Restricted data directory**: `700` permissions
-
-### **Container Hardening**
-
-- ✅ **Minimal base image**: `node:24-alpine`
-- ✅ **Multi-stage build**: Build dependencies not in production image
-- ✅ **Process isolation** from host system
-- ✅ **No shell access needed** for production
-
-### **Volume Mounting Security**
-
-```bash
-# Secure volume mounting
-docker run -v ./data:/app/data:rw,noexec,nosuid,nodev memory-journal-mcp
-```
-
-### **Resource Limits**
-
-```bash
-# Apply resource limits
-docker run --memory=1g --cpus=1 memory-journal-mcp
-```
-
-## 🔍 **Data Privacy**
-
-### **Local-First Architecture**
-
-- ✅ **No external services**: All processing happens locally
-- ✅ **No telemetry**: No data sent to external servers
-- ✅ **Full data ownership**: SQLite database stays on your machine
-- ✅ **Semantic search**: ML model runs locally via `@huggingface/transformers`
-
-### **Context Security**
-
-- ✅ **Git context**: Only reads local repository information
-- ✅ **No sensitive data**: Doesn't access private keys or credentials
-- ✅ **Optional GitHub integration**: Only if explicitly configured with token
-
-## 🔄 **CI/CD Security**
-
-- ✅ **CodeQL analysis** - automated static analysis on push/PR
-- ✅ **Trivy container scanning** - Docker image vulnerability detection
-- ✅ **TruffleHog + Gitleaks** - secret scanning on push/PR
-- ✅ **npm audit** - dependency vulnerability checking
-- ✅ **Dependabot** - automated dependency update PRs
-
-## 🚨 **Security Best Practices**
-
-### **For Users**
-
-1. **Set a CORS origin** when exposing the HTTP transport on a network
-2. **Keep Node.js updated**: Use Node.js 24+ (LTS)
-3. **Secure host system**: Ensure your host machine is secure
-4. **Regular backups**: Use the `backup_journal` tool or back up your `.db` file
-5. **Limit network access**: Don't expose the HTTP transport to untrusted networks
-6. **Use resource limits**: Apply Docker `--memory` and `--cpus` limits
-
-### **For Developers**
-
-1. **Regular updates**: Keep Node.js and npm dependencies updated
-2. **Security scanning**: Regularly scan Docker images for vulnerabilities
-3. **Code review**: All database operations use parameterized queries
-4. **Input validation**: All tool inputs validated via Zod schemas
-
-## 📋 **Security Checklist**
-
-- [x] Foreign key enforcement (`PRAGMA foreign_keys = ON`)
-- [x] Input validation and length limits (Zod schemas)
-- [x] Parameterized SQL queries
-- [x] SQL injection detection heuristics (defense-in-depth)
-- [x] Path traversal protection (`assertNoPathTraversal`)
-- [x] FTS5 / LIKE pattern sanitization (`sanitizeSearchQuery`)
-- [x] Date format whitelisting (`validateDateFormatPattern`)
-- [x] HTTP body size limit (1MB)
-- [x] Configurable CORS multi-origin with exact-match enforcement
-- [x] HTTP timeouts and built-in rate limiter (100 req/min)
-- [x] DNS rebinding protection and strict HSTS
-- [x] Security headers (CSP, X-Content-Type-Options, X-Frame-Options, Cache-Control, Referrer-Policy, Permissions-Policy)
-- [x] Session timeout (30 minutes)
-- [x] Non-root Docker user
-- [x] Multi-stage Docker build
-- [x] Local-first data architecture
-- [x] GitHub token error scrubbing
-- [x] CI/CD security pipeline (CodeQL, Trivy, secret scanning)
-- [x] Comprehensive security documentation
-
-## 🚨 **Reporting Security Issues**
-
-If you discover a security vulnerability, please:
-
-1. **Do not** open a public GitHub issue
-2. **Contact** the maintainers privately
-3. **Provide** detailed information about the vulnerability
-4. **Allow** time for the issue to be addressed before public disclosure
-
-## 🔄 **Security Updates**
-
-- **Container updates**: Rebuild Docker images when base images are updated
-- **Dependency updates**: Keep npm packages updated via `npm audit` and Dependabot
-- **Database maintenance**: Run `ANALYZE` and `PRAGMA optimize` regularly
-- **Security patches**: Apply host system security updates
-
-The Memory Journal MCP server is designed with **security-first principles** to protect your personal journal data while maintaining excellent performance and usability.

package/UNRELEASED.md

@@ -1 +0,0 @@
-## [Unreleased]

package/dist/tools-T4U5A3X4.js

@@ -1,2 +0,0 @@
-export { callTool, getTools } from './chunk-X4SWFATC.js';
-import './chunk-OKOVZ5QE.js';

package/docker-compose.yml

@@ -1,71 +0,0 @@
-services:
-  memory-journal-mcp:
-    build: .
-    container_name: memory-journal-mcp
-    volumes:
-      # Mount local data directory for persistent SQLite database
-      - ./data:/app/data:rw,noexec,nosuid,nodev
-    environment:
-      - DB_PATH=/app/data/memory_journal.db
-      # Optional: GitHub integration
-      # - GITHUB_TOKEN=<your-github-token>
-      # - GITHUB_REPO_PATH=/app/repo
-      # Optional: CORS origin (default: *)
-      # - MCP_CORS_ORIGIN=http://localhost:3000
-    read_only: true
-    tmpfs:
-      - /tmp:noexec,nosuid,nodev
-    security_opt:
-      - no-new-privileges:true
-    cap_drop:
-      - ALL
-    networks:
-      - mcp-net
-    stdin_open: true
-    tty: true
-    # MCP stdio communication (default transport)
-    command: ['node', 'dist/cli.js']
-    restart: unless-stopped
-
-  # HTTP transport service for remote access
-  memory-journal-mcp-http:
-    build: .
-    container_name: memory-journal-mcp-http
-    volumes:
-      - ./data:/app/data:rw,noexec,nosuid,nodev
-    environment:
-      - NODE_ENV=production
-      - DB_PATH=/app/data/memory_journal.db
-      - MCP_HOST=0.0.0.0
-      # Optional: Bearer token authentication (recommended for production)
-      # - MCP_AUTH_TOKEN=your_secret_token_here
-      # Optional: GitHub integration
-      # - GITHUB_TOKEN=<your-github-token>
-      # - GITHUB_REPO_PATH=/app/repo
-      # Optional: CORS origin (default: *)
-      # - MCP_CORS_ORIGIN=http://localhost:3000
-    read_only: true
-    tmpfs:
-      - /tmp:noexec,nosuid,nodev
-    security_opt:
-      - no-new-privileges:true
-    cap_drop:
-      - ALL
-    networks:
-      - mcp-net
-    ports:
-      - '3000:3000'
-    command:
-      ['node', 'dist/cli.js', '--transport', 'http', '--port', '3000', '--server-host', '0.0.0.0']
-    restart: unless-stopped
-    deploy:
-      resources:
-        limits:
-          memory: 1g
-          cpus: '1.0'
-    profiles:
-      - http
-
-networks:
-  mcp-net:
-    driver: bridge

package/docs/README.md

@@ -1,18 +0,0 @@
-# docs/
-
-Agent-optimized reference documentation for memory-journal-mcp internals.
-
-## Files
-
-| Document                             | Purpose                                          | Read When                                   |
-| ------------------------------------ | ------------------------------------------------ | ------------------------------------------- |
-| [copilot-setup.md](copilot-setup.md) | GitHub Copilot ↔ memory-journal-mcp bridge setup | Configuring Copilot code review integration |
-
-## See Also
-
-| Location                                                         | Contents                                                                            |
-| ---------------------------------------------------------------- | ----------------------------------------------------------------------------------- |
-| `test-server/`                                                   | Agent testing orchestration (test-tools.md, test-tools2.md, test-tools-codemode.md) |
-| [Wiki](https://github.com/neverinfamous/memory-journal-mcp/wiki) | User-facing documentation (installation, configuration, examples)                   |
-| `CHANGELOG.md`                                                   | Released version history                                                            |
-| `UNRELEASED.md`                                                  | Pending changes for next release                                                    |

package/docs/agentic-journal-synergy.md

@@ -1,175 +0,0 @@
-# Agentic Journal Synergy — Preliminary Plan
-
-> **Status**: Concept / Future Exploration
-> **Prerequisites**: Agentic workflows battle-tested, MCP server deployed in HTTP mode
-
-## Overview
-
-The memory-journal-mcp server currently serves as persistent memory for IDE agents. Separately, GitHub Copilot Coding Agent workflows (dependency maintenance, docs drift detection, CI health monitoring) run on the repository's CI infrastructure. These two systems operate independently — but there is a natural integration point where the agentic workflows could **write findings into the journal**, creating a persistent, searchable audit trail that IDE agents see at session start.
-
-## Current State
-
-```
-┌──────────────────────┐     ┌──────────────────────┐
-│  IDE Agent           │     │  Copilot Workflows   │
-│  (AntiGravity/Cursor)│     │  (GitHub Actions)    │
-│                      │     │                      │
-│  Reads/writes        │     │  Posts PR comments   │
-│  memory-journal-mcp  │     │  Creates issues      │
-│                      │     │  Opens PRs           │
-└──────────┬───────────┘     └──────────────────────┘
-           │                          (no connection)
-           ▼
-   ┌───────────────┐
-   │  SQLite DB    │
-   │  (journal)    │
-   └───────────────┘
-```
-
-## Proposed State
-
-```
-┌──────────────────────┐     ┌─────────────────────┐
-│  IDE Agent           │     │  Copilot Workflows   │
-│  (AntiGravity/Cursor)│     │  (GitHub Actions)    │
-│                      │     │                      │
-│  Reads/writes        │     │  Writes findings     │
-│  memory-journal-mcp  │     │  via HTTP MCP calls  │
-│                      │     │                      │
-└──────────┬───────────┘     └──────────┬───────────┘
-           │                            │
-           ▼                            ▼
-   ┌───────────────────────────────────────┐
-   │  memory-journal-mcp (HTTP mode)       │
-   │  SQLite DB (shared journal)           │
-   └───────────────────────────────────────┘
-```
-
-## Concrete Use Cases
-
-### 1. Dependency Update Audit Trail
-
-**Workflow**: `dependency-maintenance.md`
-**Tag**: `deps-update`
-
-After updating dependencies, the agent writes a journal entry:
-
-```javascript
-create_entry({
-  content:
-    'Updated 3 npm packages: zod 4.3.6→4.4.0, @octokit/rest 21.1→21.2, tsup 9.1→9.2. Dockerfile tar patch 7.5.11→7.5.12 (CVE-2025-XXXX). npm audit clean.',
-  entry_type: 'maintenance',
-  tags: ['deps-update', 'automated', 'npm', 'docker'],
-})
-```
-
-**IDE agent benefit**: `memory://briefing` shows recent dependency changes. The agent can `search_entries({ tags: ["deps-update"] })` to understand the dependency update cadence and any recurring issues.
-
-### 2. Documentation Drift Findings
-
-**Workflow**: `docs-drift-detector.md`
-**Tag**: `docs-drift`
-
-When drift is detected, the agent writes a journal entry:
-
-```javascript
-create_entry({
-  content:
-    'PR #47: README.md tool count says 44 but tool-reference.md lists 46. DOCKER_README.md version badge says v5.1.2 but package.json is v5.2.0.',
-  entry_type: 'documentation',
-  tags: ['docs-drift', 'automated', 'readme'],
-  pr_number: 47,
-})
-```
-
-**IDE agent benefit**: Before updating docs, the agent searches `search_entries({ tags: ["docs-drift"] })` to see what patterns of drift recur — informing which sections are most fragile and need structural fixes (e.g., dynamic generation instead of hardcoded values).
-
-### 3. CI Health Findings
-
-**Workflow**: `ci-health-monitor.md`
-**Tag**: `ci-health`
-
-When CI deprecations or issues are found:
-
-```javascript
-create_entry({
-  content:
-    'actions/checkout@v5 deprecated — upgrade to v6. TruffleHog action still on Node 20 runtime. Dependabot missing Docker ecosystem.',
-  entry_type: 'maintenance',
-  tags: ['ci-health', 'automated', 'github-actions'],
-})
-```
-
-**IDE agent benefit**: The agent can proactively fix CI issues before they become blocking, and track the health trend over time via `get_analytics`.
-
-## Architecture Requirements
-
-### Option A: Direct HTTP Calls (Simplest)
-
-The agentic workflow `.md` prompts instruct Copilot to make HTTP requests to the journal's HTTP endpoint:
-
-```bash
-curl -X POST https://journal.example.com/mcp \
-  -H "Authorization: Bearer $MCP_TOKEN" \
-  -d '{"method":"tools/call","params":{"name":"create_entry","arguments":{...}}}'
-```
-
-**Pros**: Zero changes to memory-journal-mcp code
-**Cons**: Requires deployed HTTP instance, OAuth/token management in CI
-
-### Option B: MCP Client in CI (Richer)
-
-Add memory-journal-mcp as an MCP server available to the Copilot agent:
-
-```yaml
-# In the .md workflow frontmatter
-tools:
-  - name: memory-journal
-    type: mcp
-    command: npx -y memory-journal-mcp
-    env:
-      DB_PATH: ./memory-journal.db
-```
-
-**Pros**: Full MCP protocol, agent uses `create_entry` naturally
-**Cons**: Requires `gh-aw` to support MCP tool sources (may not be available yet)
-
-### Option C: GitHub API Proxy (Interim)
-
-Use GitHub Issues or Discussions as the transport layer — the agentic workflow creates a labeled issue, and the IDE agent reads it via the existing GitHub integration:
-
-```javascript
-// Agentic workflow creates a GitHub issue
-create - issue({ title: '[deps-audit] 2026-03-13', labels: ['deps-audit', 'automated'] })
-
-// IDE agent sees it via memory-journal's GitHub integration
-// Already built into memory://briefing
-```
-
-**Pros**: Works today with zero changes
-**Cons**: Loses journal-specific features (tags, search, analytics, relationships)
-
-## Implementation Phases
-
-### Phase 1: Validate Concept (Option C)
-
-Use GitHub Issues as the transport. No code changes needed. The `dependency-maintenance` workflow already creates issues (fallback) and PRs. Add structured labels for filtering.
-
-### Phase 2: Deploy HTTP Endpoint
-
-Deploy memory-journal-mcp in HTTP mode (Docker or bare metal). Set up OAuth for CI authentication. Test with manual `curl` calls from GitHub Actions.
-
-### Phase 3: Integrate Workflows
-
-Update the 3 agentic workflow `.md` prompts to call the journal's HTTP endpoint after their primary task. Add a new `automated` entry type and corresponding `search_entries` filter.
-
-### Phase 4: IDE Agent Awareness
-
-Update `memory://briefing` to surface automated entries separately (e.g., "🤖 Automated Findings" section). Update server instructions to guide IDE agents on how to leverage automated findings.
-
-## Open Questions
-
-1. **Where to host the HTTP endpoint?** — Cloudflare Worker, VPS, or same machine as the dev environment?
-2. **Authentication for CI?** — OAuth token in GitHub Secrets, or shared API key?
-3. **Entry retention?** — Should automated entries expire after N days, or persist indefinitely?
-4. **Entry deduplication?** — If the same drift pattern recurs across PRs, should entries be merged or kept separate for trend analysis?

package/docs/copilot-setup.md

@@ -1,72 +0,0 @@
-# Copilot ↔ Memory Journal MCP Bridge
-
-Connect memory-journal-mcp to GitHub Copilot for cross-agent knowledge sharing. Two agents, one shared memory.
-
-## How It Works
-
-```
-IDE Agent (AntiGravity/Cursor)  ←→  memory-journal-mcp  ←→  Copilot (GitHub)
-         reads reviews via API        shared memory         reads context via MCP
-```
-
-**Pattern 1 — Learn from reviews:** The IDE agent reads Copilot's PR review findings with `get_copilot_reviews`, creates `copilot-finding` journal entries, and suggests rule updates.
-
-**Pattern 2 — Pre-emptive checking:** Before writing code, the IDE agent searches past `copilot-finding` entries and applies patterns proactively.
-
-**Pattern 3 — Context-aware reviews:** Copilot uses memory-journal-mcp as an MCP server during PR review, gaining access to project history and architectural decisions.
-
-## Setup: Copilot → Memory Journal (MCP Server)
-
-### Local MCP (VS Code / Copilot Chat)
-
-Add to your workspace `.vscode/mcp.json`:
-
-```json
-{
-  "servers": {
-    "memory-journal": {
-      "command": "npx",
-      "args": ["-y", "memory-journal-mcp"],
-      "env": {
-        "DB_PATH": "./memory-journal.db",
-        "GITHUB_TOKEN": "${env:GITHUB_TOKEN}",
-        "GITHUB_REPO_PATH": "."
-      }
-    }
-  }
-}
-```
-
-### Remote MCP (HTTP Transport)
-
-For Copilot Code Review or remote agents, deploy in HTTP mode:
-
-```bash
-npx memory-journal-mcp --transport http --port 3100
-```
-
-Then configure as a remote MCP server in your GitHub Copilot settings.
-
-## Setup: IDE Agent → Copilot Reviews
-
-Enable Copilot review data in the briefing by setting:
-
-```
-BRIEFING_COPILOT_REVIEWS=true
-```
-
-Or use the CLI flag:
-
-```
---briefing-copilot
-```
-
-Then use `get_copilot_reviews(pr_number)` to fetch Copilot's findings for any PR.
-
-## Security Note
-
-When connecting memory-journal-mcp to Copilot:
-
-- Use **read-only OAuth scopes** (e.g., a `read`-level scope) and follow the principle of least privilege if OAuth is enabled
-- The journal database may contain project decisions, architecture notes, and code patterns — share only what's appropriate
-- Copilot's access follows your GitHub repository permissions

package/eslint.config.js

@@ -1,110 +0,0 @@
-import js from '@eslint/js'
-import globals from 'globals'
-import tseslint from 'typescript-eslint'
-
-export default tseslint.config(
-    { ignores: ['dist', 'node_modules', '**/__tests__/**', '**/*.test.ts', '**/*.spec.ts'] },
-    // Main source configuration
-    {
-        extends: [
-            js.configs.recommended,
-            ...tseslint.configs.strictTypeChecked,
-            ...tseslint.configs.stylisticTypeChecked,
-        ],
-        files: ['src/**/*.ts'],
-        languageOptions: {
-            ecmaVersion: 2022,
-            globals: {
-                ...globals.node,
-            },
-            parserOptions: {
-                projectService: true,
-                tsconfigRootDir: import.meta.dirname,
-            },
-        },
-        rules: {
-            // Strict rules - type safety
-            '@typescript-eslint/no-explicit-any': 'error',
-            '@typescript-eslint/explicit-function-return-type': [
-                'error',
-                {
-                    allowExpressions: true,
-                    allowTypedFunctionExpressions: true,
-                    allowHigherOrderFunctions: true,
-                    allowDirectConstAssertionInArrowFunctions: true,
-                    allowConciseArrowFunctionExpressionsStartingWithVoid: true,
-                },
-            ],
-            '@typescript-eslint/no-unused-vars': ['error', { argsIgnorePattern: '^_' }],
-            '@typescript-eslint/no-non-null-assertion': 'error',
-            '@typescript-eslint/strict-boolean-expressions': [
-                'error',
-                {
-                    allowNullableBoolean: true,
-                    allowNullableString: true,
-                    allowNullableNumber: false,
-                    allowNullableObject: true,
-                },
-            ],
-            '@typescript-eslint/no-floating-promises': 'error',
-            '@typescript-eslint/no-misused-promises': [
-                'error',
-                {
-                    checksVoidReturn: {
-                        attributes: false,
-                        properties: false,
-                    },
-                },
-            ],
-            '@typescript-eslint/await-thenable': 'error',
-            '@typescript-eslint/require-await': 'error',
-            '@typescript-eslint/no-unnecessary-condition': 'off',
-            '@typescript-eslint/prefer-nullish-coalescing': [
-                'error',
-                {
-                    ignorePrimitives: { string: true, number: true },
-                },
-            ],
-            '@typescript-eslint/prefer-optional-chain': 'error',
-            // Unsafe any rules
-            '@typescript-eslint/no-unsafe-assignment': 'error',
-            '@typescript-eslint/no-unsafe-member-access': 'error',
-            '@typescript-eslint/no-unsafe-call': 'error',
-            '@typescript-eslint/no-unsafe-return': 'error',
-            '@typescript-eslint/no-unsafe-argument': 'error',
-            '@typescript-eslint/restrict-template-expressions': [
-                'error',
-                {
-                    allowNumber: true,
-                    allowBoolean: true,
-                },
-            ],
-            '@typescript-eslint/restrict-plus-operands': [
-                'error',
-                {
-                    allowNumberAndString: true,
-                    allowAny: true,
-                },
-            ],
-            '@typescript-eslint/no-confusing-void-expression': [
-                'error',
-                {
-                    ignoreArrowShorthand: true,
-                    ignoreVoidOperator: true,
-                },
-            ],
-            '@typescript-eslint/consistent-type-imports': [
-                'error',
-                {
-                    prefer: 'type-imports',
-                    fixStyle: 'inline-type-imports',
-                },
-            ],
-            '@typescript-eslint/consistent-type-exports': 'error',
-            '@typescript-eslint/no-misused-spread': 'off',
-            // Prevent console.log() which writes to stdout and corrupts MCP stdio transport
-            // Only stderr output (error, warn) is safe for MCP servers
-            'no-console': ['error', { allow: ['error', 'warn'] }],
-        },
-    }
-)