npm - mppx - Versions diffs - 0.5.14 → 0.5.16 - Mend

mppx 0.5.14 → 0.5.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (65) hide show

package/CHANGELOG.md +15 -0
package/dist/Method.d.ts +5 -2
package/dist/Method.d.ts.map +1 -1
package/dist/Method.js.map +1 -1
package/dist/mcp-sdk/server/Transport.d.ts.map +1 -1
package/dist/mcp-sdk/server/Transport.js +8 -2
package/dist/mcp-sdk/server/Transport.js.map +1 -1
package/dist/server/Mppx.d.ts.map +1 -1
package/dist/server/Mppx.js +17 -10
package/dist/server/Mppx.js.map +1 -1
package/dist/server/Request.js +5 -1
package/dist/server/Request.js.map +1 -1
package/dist/server/Transport.d.ts.map +1 -1
package/dist/server/Transport.js +4 -0
package/dist/server/Transport.js.map +1 -1
package/dist/stripe/server/internal/html.gen.d.ts +1 -1
package/dist/stripe/server/internal/html.gen.d.ts.map +1 -1
package/dist/stripe/server/internal/html.gen.js +1 -1
package/dist/stripe/server/internal/html.gen.js.map +1 -1
package/dist/tempo/Methods.d.ts.map +1 -1
package/dist/tempo/Methods.js +4 -2
package/dist/tempo/Methods.js.map +1 -1
package/dist/tempo/client/SessionManager.d.ts.map +1 -1
package/dist/tempo/client/SessionManager.js +20 -10
package/dist/tempo/client/SessionManager.js.map +1 -1
package/dist/tempo/internal/fee-payer.d.ts +4 -1
package/dist/tempo/internal/fee-payer.d.ts.map +1 -1
package/dist/tempo/internal/fee-payer.js +92 -21
package/dist/tempo/internal/fee-payer.js.map +1 -1
package/dist/tempo/server/Session.d.ts.map +1 -1
package/dist/tempo/server/Session.js +43 -20
package/dist/tempo/server/Session.js.map +1 -1
package/dist/tempo/server/internal/html.gen.d.ts +1 -1
package/dist/tempo/server/internal/html.gen.d.ts.map +1 -1
package/dist/tempo/server/internal/html.gen.js +1 -1
package/dist/tempo/server/internal/html.gen.js.map +1 -1
package/dist/tempo/server/internal/transport.d.ts +0 -7
package/dist/tempo/server/internal/transport.d.ts.map +1 -1
package/dist/tempo/server/internal/transport.js +84 -13
package/dist/tempo/server/internal/transport.js.map +1 -1
package/package.json +1 -1
package/src/Method.ts +5 -2
package/src/internal/changeset.test.ts +106 -0
package/src/mcp-sdk/client/McpClient.integration.test.ts +634 -0
package/src/mcp-sdk/server/Transport.test.ts +1 -0
package/src/mcp-sdk/server/Transport.ts +10 -2
package/src/proxy/Proxy.test.ts +149 -1
package/src/server/Mppx.test.ts +120 -0
package/src/server/Mppx.ts +27 -11
package/src/server/Request.test.ts +46 -1
package/src/server/Request.ts +6 -1
package/src/server/Transport.test.ts +2 -0
package/src/server/Transport.ts +4 -0
package/src/stripe/server/internal/html.gen.ts +1 -1
package/src/tempo/Methods.test.ts +13 -0
package/src/tempo/Methods.ts +23 -16
package/src/tempo/client/SessionManager.ts +32 -9
package/src/tempo/internal/fee-payer.test.ts +40 -4
package/src/tempo/internal/fee-payer.ts +105 -21
package/src/tempo/server/Session.test.ts +760 -2
package/src/tempo/server/Session.ts +59 -17
package/src/tempo/server/internal/html.gen.ts +1 -1
package/src/tempo/server/internal/transport.test.ts +321 -10
package/src/tempo/server/internal/transport.ts +101 -14
package/src/viem/Client.test.ts +52 -1

package/src/tempo/server/Session.ts CHANGED Viewed

@@ -181,7 +181,7 @@ export function session<const parameters extends session.Parameters>(
       }
     },
-    async verify({ credential, request }) {
+    async verify({ credential, envelope, request }) {
       const { challenge, payload } = credential as Credential.Credential<SessionCredentialPayload>
       const resolvedRequest = Methods.session.schema.request.parse(request)
@@ -255,6 +255,28 @@ export function session<const parameters extends session.Parameters>(
           })
       }
+      // In the default HTTP request/response mode, each successful content
+      // request consumes one unit immediately after the credential is accepted.
+      // This keeps equal-voucher replays bounded by the voucher's remaining
+      // balance instead of serving repeated responses for free.
+      if (
+        !parameters.sse &&
+        envelope &&
+        isBillableContentRequest(envelope.capturedRequest) &&
+        (payload.action === 'open' || payload.action === 'voucher')
+      ) {
+        const charged = await charge(
+          store,
+          sessionReceipt.channelId,
+          BigInt(resolvedRequest.amount),
+        )
+        sessionReceipt = {
+          ...sessionReceipt,
+          spent: charged.spent.toString(),
+          units: charged.units,
+        }
+      }
       return sessionReceipt
     },
@@ -265,28 +287,24 @@ export function session<const parameters extends session.Parameters>(
     //
     // close and topUp are always gated (204) — they are pure management.
     //
-    // open and voucher are gated only for bodyless POSTs (management
-    // updates). POSTs with a body are content requests — the client's
-    // original request piggybacked on the credential — so they fall
-    // through to serve content. GETs always fall through so auto-mode
-    // clients (whose fetch wrapper bundles open+voucher into a single
-    // GET retry) receive content as expected.
-    respond({ credential, input }) {
+    // open and voucher share the same captured-request classifier used
+    // during verification. Non-billable requests are treated as management
+    // updates; billable requests fall through to the application handler.
+    respond({ credential, envelope, input }) {
       const { payload } = credential as Credential.Credential<SessionCredentialPayload>
       if (payload.action === 'close') return new Response(null, { status: 204 })
       if (payload.action === 'topUp') return new Response(null, { status: 204 })
-      // open and voucher: gate only bodyless POSTs (management updates).
-      // POSTs with a body are content requests — fall through so the
-      // upstream response is returned to the client.
-      if (input.method === 'POST') {
-        const contentLength = input.headers.get('content-length')
-        if (contentLength !== null && contentLength !== '0') return undefined
-        if (input.headers.has('transfer-encoding')) return undefined
-        return new Response(null, { status: 204 })
+      const capturedRequest = envelope?.capturedRequest ?? {
+        hasBody: input.body !== null,
+        headers: input.headers,
+        method: input.method,
+        url: new URL(input.url),
       }
-      return undefined
+      if (isBillableContentRequest(capturedRequest)) return undefined
+      return new Response(null, { status: 204 })
     },
   })
 }
@@ -452,6 +470,30 @@ function validateOnChainChannel(
   }
 }
+function isBillableContentRequest(input: {
+  hasBody?: boolean | undefined
+  headers: Headers
+  method: string
+}): boolean {
+  if (input.method === 'POST') return hasCapturedRequestBody(input)
+  if (input.method === 'HEAD') return false
+  return true
+}
+function hasCapturedRequestBody(input: {
+  hasBody?: boolean | undefined
+  headers: Headers
+}): boolean {
+  const contentLength = input.headers.get('content-length')
+  const headerIndicatesBody =
+    (contentLength !== null && contentLength !== '0') || input.headers.has('transfer-encoding')
+  if (input.hasBody === true) return true
+  return headerIndicatesBody
+}
 /**
  * Shared logic for verifying an incremental voucher and updating channel state.
  * Used by both handleVoucher and (indirectly) handleOpen.