mssql-mcp 2.0.3 → 2.1.1

package/README.md

@@ -1,6 +1,6 @@
-# MS SQL Server MCP Server v2.0.3
+# MS SQL Server MCP Server v2.1.1
 
-🚀 **Smart Trust-Based Model Context Protocol (MCP) server** for Microsoft SQL Server with intelligent auto-connection and AI-friendly design.
+🚀 **Model Context Protocol (MCP) server** for Microsoft SQL Server - compatible with Claude Desktop, Cursor, Windsurf and VS Code.
 
 ## 🚀 Quick Start
 
@@ -24,6 +24,7 @@ npm install -g mssql-mcp
         "DB_DATABASE": "your-database",
         "DB_USER": "your-username",
         "DB_PASSWORD": "your-password",
+        "DB_ENCRYPT": "true",
         "DB_TRUST_SERVER_CERTIFICATE": "true"
       }
     }
@@ -43,6 +44,7 @@ npm install -g mssql-mcp
         "DB_DATABASE": "your-database",
         "DB_USER": "your-username",
         "DB_PASSWORD": "your-password",
+        "DB_ENCRYPT": "true",
         "DB_TRUST_SERVER_CERTIFICATE": "true"
       }
     }
@@ -50,77 +52,108 @@ npm install -g mssql-mcp
 }
 ```
 
-> Replace with your actual database credentials. Server auto-connects using these.
+> Replace with your actual database credentials.
 
 ## 🛠️ Available Tools
 
 | Tool | Description |
 |------|-------------|
+| `connect_database` | Connect to database using environment variables |
+| `disconnect_database` | Close current database connection |
+| `connection_status` | Check connection state with pool info |
 | `execute_query` | Execute any SQL query with parameters |
 | `get_schema` | List database objects (tables, views, procedures) |
 | `describe_table` | Get detailed table structure |
 | `get_table_data` | Retrieve data with pagination |
 | `execute_procedure` | Execute stored procedures |
 | `list_databases` | List all databases |
-| `connection_status` | Check connection state |
-| `connect_database` | Manual connection (rarely needed) |
-| `disconnect_database` | Close connection |
-| `clear_cache` | Clear query cache |
-
-All tools auto-connect using environment variables.
 
 ## 🔧 Environment Variables
 
-| Variable | Required | Default |
-|----------|----------|---------|
-| `DB_SERVER` | ✅ | - |
-| `DB_DATABASE` | ✅ | - |
-| `DB_USER` | ✅ | - |
-| `DB_PASSWORD` | ✅ | - |
-| `DB_PORT` | ❌ | 1433 |
-| `DB_TRUST_SERVER_CERTIFICATE` | ❌ | true |
-| `DB_CONNECTION_TIMEOUT` | ❌ | 30000 |
-| `DB_REQUEST_TIMEOUT` | ❌ | 30000 |
-
-## 🛡️ Security
-
-**✅ Supported:** All database operations (SELECT, INSERT, UPDATE, DELETE, CREATE, ALTER, DROP)
+| Variable | Required | Default | Description |
+|----------|----------|---------|-------------|
+| `DB_SERVER` | ✅ | - | SQL Server hostname |
+| `DB_DATABASE` | ❌ | - | Database name |
+| `DB_USER` | ❌ | - | Username |
+| `DB_PASSWORD` | ❌ | - | Password |
+| `DB_PORT` | ❌ | 1433 | SQL Server port |
+| `DB_ENCRYPT` | ❌ | true | Enable TLS encryption (required for Azure SQL) |
+| `DB_TRUST_SERVER_CERTIFICATE` | ❌ | false | Trust self-signed certificates |
+| `DB_CONNECTION_TIMEOUT` | ❌ | 30000 | Connection timeout (ms) |
+| `DB_REQUEST_TIMEOUT` | ❌ | 30000 | Request timeout (ms) |
+
+### Azure SQL Configuration
+For Azure SQL Database, use these settings:
+```json
+{
+  "DB_ENCRYPT": "true",
+  "DB_TRUST_SERVER_CERTIFICATE": "false"
+}
+```
 
-**🚨 Blocked:** Server-level operations only (SHUTDOWN, XP_CMDSHELL, RECONFIGURE)
+### Local SQL Server (Self-signed cert)
+For local development with self-signed certificates:
+```json
+{
+  "DB_ENCRYPT": "true",
+  "DB_TRUST_SERVER_CERTIFICATE": "true"
+}
+```
 
 ## 🏆 Features
 
-- ✅ **Auto-Connection**: Environment-based, no manual steps
+- ✅ **MCP SDK 1.25.1**: Latest Model Context Protocol SDK
+- ✅ **Azure SQL Compatible**: TLS encryption enabled by default
 - ✅ **Complete SQL Support**: All database operations
-- ✅ **No Rate Limiting**: Natural workflow
-- ✅ **Query Caching**: 5-minute TTL for SELECT queries
+- ✅ **Parameterized Queries**: SQL injection protection
+- ✅ **Connection Pooling**: Efficient resource management
 - ✅ **Performance Monitoring**: Execution time tracking
-- ✅ **Latest MCP SDK**: v1.20.2 with 2025 protocol
-- ✅ **Clean Logging**: Minimal console output, MCP protocol compatible
+
+## 📋 Usage Examples
+
+### Connect to Database
+```
+Use the connect_database tool to establish a connection.
+```
+
+### Execute a Query
+```sql
+SELECT TOP 10 * FROM Customers WHERE Country = @country
+-- With parameters: { "country": "USA" }
+```
+
+### Get Table Schema
+```
+Use describe_table with tableName: "Customers" to see column details.
+```
 
 ## 🔍 Troubleshooting
 
-**❌ Auto-connection failed**
-- Set all required environment variables
-- Verify server accessibility and credentials
-- Check network connectivity
+**❌ Connection failed**
+- Verify all required environment variables are set
+- Check server accessibility and credentials
+- Ensure network connectivity to SQL Server
 
-**❌ SQL Security Alert**
-- Only server operations are blocked
-- Database operations should work normally
+**❌ SSL/Certificate errors**
+- For Azure SQL: Set `DB_ENCRYPT=true` (default)
+- For self-signed certs: Set `DB_TRUST_SERVER_CERTIFICATE=true`
+- For local dev without encryption: Set `DB_ENCRYPT=false`
 
 ## 📋 Version History
 
-### v2.0.3 - Latest
-- ✅ Updated documentation with modern styling
-- ✅ Improved troubleshooting section
-- ✅ Enhanced feature descriptions
+### v2.1.1 - Latest
+- ✅ Added `DB_ENCRYPT` environment variable (Issue #1)
+- ✅ Azure SQL Database compatibility improved
+- ✅ Encryption enabled by default (`DB_ENCRYPT=true`)
+- ✅ Fixed `DB_TRUST_SERVER_CERTIFICATE` default to `false`
+
+### v2.1.0
+- ✅ Updated to MCP SDK 1.25.1
+- ✅ Migrated to `registerTool()` / `registerResource()` API
+- ✅ Added tool titles for better UI display
 
-### v2.0.2 - Performance & Compatibility
-- ✅ Simplified logging for MCP protocol compatibility
-- ✅ All console output moved to stderr
-- ✅ Clean, professional log messages
-- ✅ Version bump to 2.0.2
+### v2.0.3
+- ✅ Documentation improvements
 
 ## 📄 License
 
@@ -133,4 +166,4 @@ MIT License
 
 ---
 
-**🎉 v2.0.3: Enhanced documentation and user experience**
+**🎉 v2.1.1: Azure SQL compatibility with DB_ENCRYPT support**

package/dist/index.js

@@ -13,7 +13,8 @@ const ConfigSchema = z.object({
     user: z.string().optional(),
     password: z.string().optional(),
     port: z.number().int().min(1).max(65535).optional().default(1433),
-    trustServerCertificate: z.boolean().optional().default(true),
+    encrypt: z.boolean().optional().default(true),
+    trustServerCertificate: z.boolean().optional().default(false),
     connectionTimeout: z.number().int().min(1000).max(60000).optional().default(30000),
     requestTimeout: z.number().int().min(1000).max(300000).optional().default(30000),
 });
@@ -24,16 +25,20 @@ class MSSQLMCPServer {
     constructor() {
         this.server = new McpServer({
             name: "mssql-mcp-server",
-            version: "2.0.3",
+            version: "2.1.1",
         });
         this.setupTools();
         this.setupResources();
     }
     setupTools() {
         // Tool: Connect to database with enhanced security validation (only uses environment variables)
-        this.server.tool("connect_database", "Connect to MS SQL Server database with security validation (uses only environment variables for security)", {
-        // No parameters - only environment variables will be used for security
-        }, async (args) => {
+        this.server.registerTool("connect_database", {
+            title: "Connect Database",
+            description: "Connect to MS SQL Server database with security validation (uses only environment variables for security)",
+            inputSchema: {
+            // No parameters - only environment variables will be used for security
+            },
+        }, async () => {
             try {
                 // SECURITY: Only use environment variables, ignore all user parameters
                 const config = ConfigSchema.parse({
@@ -42,6 +47,7 @@ class MSSQLMCPServer {
                     user: process.env.DB_USER,
                     password: process.env.DB_PASSWORD,
                     port: process.env.DB_PORT ? parseInt(process.env.DB_PORT) : 1433,
+                    encrypt: process.env.DB_ENCRYPT !== 'false', // Default true for Azure SQL compatibility
                     trustServerCertificate: process.env.DB_TRUST_SERVER_CERTIFICATE === 'true',
                     connectionTimeout: process.env.DB_CONNECTION_TIMEOUT ? parseInt(process.env.DB_CONNECTION_TIMEOUT) : 30000,
                     requestTimeout: process.env.DB_REQUEST_TIMEOUT ? parseInt(process.env.DB_REQUEST_TIMEOUT) : 30000,
@@ -74,9 +80,13 @@ class MSSQLMCPServer {
             }
         });
         // Tool: Execute SQL query with enhanced security
-        this.server.tool("execute_query", "Execute a SQL query against the connected database with security validation", {
-            query: z.string().min(1, "Query cannot be empty").describe("SQL query to execute"),
-            parameters: z.record(z.any()).optional().describe("Query parameters (key-value pairs) - always use parameters for user input"),
+        this.server.registerTool("execute_query", {
+            title: "Execute Query",
+            description: "Execute a SQL query against the connected database with security validation",
+            inputSchema: {
+                query: z.string().min(1, "Query cannot be empty").describe("SQL query to execute"),
+                parameters: z.record(z.any()).optional().describe("Query parameters (key-value pairs) - always use parameters for user input"),
+            },
         }, async ({ query, parameters }) => {
             try {
                 if (!this.pool) {
@@ -122,9 +132,13 @@ class MSSQLMCPServer {
             }
         });
         // Tool: Get database schema
-        this.server.tool("get_schema", "Get database schema information (tables, columns, etc.)", {
-            objectType: z.enum(["tables", "views", "procedures", "functions", "all"]).optional().default("tables"),
-            schemaName: z.string().optional().describe("Specific schema name to filter"),
+        this.server.registerTool("get_schema", {
+            title: "Get Schema",
+            description: "Get database schema information (tables, columns, etc.)",
+            inputSchema: {
+                objectType: z.enum(["tables", "views", "procedures", "functions", "all"]).optional().default("tables"),
+                schemaName: z.string().optional().describe("Specific schema name to filter"),
+            },
         }, async ({ objectType, schemaName }) => {
             try {
                 if (!this.pool) {
@@ -207,9 +221,13 @@ class MSSQLMCPServer {
             }
         });
         // Tool: Get table structure
-        this.server.tool("describe_table", "Get detailed structure of a specific table", {
-            tableName: z.string().describe("Name of the table"),
-            schemaName: z.string().optional().default("dbo").describe("Schema name"),
+        this.server.registerTool("describe_table", {
+            title: "Describe Table",
+            description: "Get detailed structure of a specific table",
+            inputSchema: {
+                tableName: z.string().describe("Name of the table"),
+                schemaName: z.string().optional().default("dbo").describe("Schema name"),
+            },
         }, async ({ tableName, schemaName }) => {
             try {
                 if (!this.pool) {
@@ -256,7 +274,11 @@ class MSSQLMCPServer {
             }
         });
         // Tool: Get enhanced connection status
-        this.server.tool("connection_status", "Check current database connection status with detailed information", {}, async () => {
+        this.server.registerTool("connection_status", {
+            title: "Connection Status",
+            description: "Check current database connection status with detailed information",
+            inputSchema: {},
+        }, async () => {
             const isConnected = this.pool?.connected || false;
             const status = {
                 connected: isConnected,
@@ -284,7 +306,11 @@ class MSSQLMCPServer {
             };
         });
         // Tool: Disconnect from database
-        this.server.tool("disconnect_database", "Disconnect from the current database", {}, async () => {
+        this.server.registerTool("disconnect_database", {
+            title: "Disconnect Database",
+            description: "Disconnect from the current database",
+            inputSchema: {},
+        }, async () => {
             try {
                 if (this.pool) {
                     await this.pool.close();
@@ -313,14 +339,18 @@ class MSSQLMCPServer {
             }
         });
         // Tool: Get table data with enhanced security and validation
-        this.server.tool("get_table_data", "Get data from a specific table with optional filtering, pagination and input validation", {
-            tableName: z.string().min(1).regex(/^[a-zA-Z0-9_]+$/, "Table name can only contain letters, numbers, and underscores").describe("Name of the table"),
-            schemaName: z.string().regex(/^[a-zA-Z0-9_]+$/, "Schema name can only contain letters, numbers, and underscores").optional().default("dbo").describe("Schema name"),
-            limit: z.number().int().min(1).max(10000).optional().default(100).describe("Maximum number of rows to return (1-10000)"),
-            offset: z.number().int().min(0).optional().default(0).describe("Number of rows to skip"),
-            whereClause: z.string().optional().describe("WHERE clause (without the WHERE keyword) - use parameters for values"),
-            orderBy: z.string().optional().describe("ORDER BY clause (without the ORDER BY keyword)"),
-            parameters: z.record(z.any()).optional().describe("Parameters for WHERE clause"),
+        this.server.registerTool("get_table_data", {
+            title: "Get Table Data",
+            description: "Get data from a specific table with optional filtering, pagination and input validation",
+            inputSchema: {
+                tableName: z.string().min(1).regex(/^[a-zA-Z0-9_]+$/, "Table name can only contain letters, numbers, and underscores").describe("Name of the table"),
+                schemaName: z.string().regex(/^[a-zA-Z0-9_]+$/, "Schema name can only contain letters, numbers, and underscores").optional().default("dbo").describe("Schema name"),
+                limit: z.number().int().min(1).max(10000).optional().default(100).describe("Maximum number of rows to return (1-10000)"),
+                offset: z.number().int().min(0).optional().default(0).describe("Number of rows to skip"),
+                whereClause: z.string().optional().describe("WHERE clause (without the WHERE keyword) - use parameters for values"),
+                orderBy: z.string().optional().describe("ORDER BY clause (without the ORDER BY keyword)"),
+                parameters: z.record(z.any()).optional().describe("Parameters for WHERE clause"),
+            },
         }, async ({ tableName, schemaName, limit, offset, whereClause, orderBy, parameters }) => {
             try {
                 if (!this.pool) {
@@ -349,7 +379,7 @@ class MSSQLMCPServer {
                 if (orderBy) {
                     // Validate ORDER BY clause for basic security
                     // Allow dotted identifiers, bracketed identifiers, commas, spaces and optional ASC/DESC per column
-                    const orderByPattern = /^([\[\]a-zA-Z0-9_.]+(\s+(ASC|DESC))?)(\s*,\s*[\[\]a-zA-Z0-9_.]+(\s+(ASC|DESC))?)*$/i;
+                    const orderByPattern = /^([\[\]a-zA-Z0-9_.]+(\s+(ASC|DESC))?)((\s*,\s*)[\[\]a-zA-Z0-9_.]+(\s+(ASC|DESC))?)*$/i;
                     if (!orderByPattern.test(orderBy)) {
                         throw new Error("Invalid ORDER BY clause. Only column names, commas, spaces, ASC, and DESC are allowed.");
                     }
@@ -398,10 +428,14 @@ class MSSQLMCPServer {
             }
         });
         // Tool: Execute stored procedure
-        this.server.tool("execute_procedure", "Execute a stored procedure with parameters", {
-            procedureName: z.string().describe("Name of the stored procedure"),
-            schemaName: z.string().optional().default("dbo").describe("Schema name"),
-            parameters: z.record(z.any()).optional().describe("Procedure parameters (key-value pairs)"),
+        this.server.registerTool("execute_procedure", {
+            title: "Execute Procedure",
+            description: "Execute a stored procedure with parameters",
+            inputSchema: {
+                procedureName: z.string().describe("Name of the stored procedure"),
+                schemaName: z.string().optional().default("dbo").describe("Schema name"),
+                parameters: z.record(z.any()).optional().describe("Procedure parameters (key-value pairs)"),
+            },
         }, async ({ procedureName, schemaName, parameters }) => {
             try {
                 if (!this.pool) {
@@ -442,7 +476,11 @@ class MSSQLMCPServer {
             }
         });
         // Tool: Get database list
-        this.server.tool("list_databases", "List all databases on the connected SQL Server instance", {}, async () => {
+        this.server.registerTool("list_databases", {
+            title: "List Databases",
+            description: "List all databases on the connected SQL Server instance",
+            inputSchema: {},
+        }, async () => {
             try {
                 if (!this.pool) {
                     throw new Error("No database connection. Please connect first.");
@@ -487,7 +525,11 @@ class MSSQLMCPServer {
     }
     setupResources() {
         // Resource: Current connection info
-        this.server.resource("connection-info", "mssql://connection/info", async () => {
+        this.server.registerResource("connection-info", "mssql://connection/info", {
+            title: "Connection Info",
+            description: "Current MSSQL connection information",
+            mimeType: "application/json",
+        }, async () => {
             const info = {
                 connected: this.pool?.connected || false,
                 config: this.config ? {
@@ -523,9 +565,9 @@ class MSSQLMCPServer {
                 password: config.password,
                 port: config.port,
                 options: {
+                    encrypt: config.encrypt,
                     trustServerCertificate: config.trustServerCertificate,
                     enableArithAbort: true,
-                    encrypt: !config.trustServerCertificate, // Enable encryption when not trusting server certificate
                 },
                 connectionTimeout: config.connectionTimeout,
                 requestTimeout: config.requestTimeout,
@@ -593,7 +635,7 @@ class MSSQLMCPServer {
             console.error('Unhandled Rejection:', reason);
             shutdown('unhandledRejection');
         });
-        console.error("MSSQL MCP Server v2.0.3 starting...");
+        console.error("MSSQL MCP Server v2.1.1 starting...");
         await this.server.connect(transport);
         console.error("Server ready");
     }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "mssql-mcp",
-  "version": "2.0.3",
+  "version": "2.1.1",
   "description": "MCP Server for MS SQL Server integration with Claude Desktop, Cursor, Windsurf and VS Code",
   "main": "dist/index.js",
   "type": "module",
@@ -45,10 +45,10 @@
   "author": "BYMCS <hello@bymcs.com>",
   "license": "MIT",
   "dependencies": {
-    "@modelcontextprotocol/sdk": "^1.17.1",
+    "@modelcontextprotocol/sdk": "^1.25.1",
     "dotenv": "^16.3.1",
     "mssql": "^11.0.1",
-    "zod": "^3.22.4"
+    "zod": "^3.25.0"
   },
   "devDependencies": {
     "@types/mssql": "^9.1.7",
@@ -56,4 +56,4 @@
     "rimraf": "^5.0.0",
     "typescript": "^5.3.0"
   }
-}
+}