ofw-mcp 2.0.17 → 2.0.19

package/.claude-plugin/marketplace.json

@@ -6,7 +6,7 @@
   },
   "metadata": {
     "description": "OurFamilyWizard tools for Claude Code",
-    "version": "2.0.17"
+    "version": "2.0.19"
   },
   "plugins": [
     {
@@ -14,7 +14,7 @@
       "displayName": "OurFamilyWizard",
       "source": "./",
       "description": "OurFamilyWizard co-parenting tools for Claude — messages, calendar, expenses, and journal via MCP",
-      "version": "2.0.17",
+      "version": "2.0.19",
       "author": {
         "name": "Chris Chall"
       },

package/.claude-plugin/plugin.json

@@ -1,7 +1,7 @@
 {
   "name": "ofw",
   "displayName": "OurFamilyWizard",
-  "version": "2.0.17",
+  "version": "2.0.19",
   "description": "OurFamilyWizard co-parenting tools for Claude — messages, calendar, expenses, and journal via MCP",
   "author": {
     "name": "Chris Chall"

package/README.md

@@ -21,6 +21,28 @@ Ask Claude things like:
 - [Node.js](https://nodejs.org) 22.5 or later (`node:sqlite` is the cache backend)
 - An active OurFamilyWizard account
 
+## Acknowledgement of Terms
+
+By using this MCP server, you acknowledge and agree to the following:
+
+**1. This server accesses your own OurFamilyWizard account.** Auth happens via your own credentials. It does not — and cannot — access your co-parent's account, your children's accounts, or anyone else's.
+
+**2. [OurFamilyWizard's Terms](https://www.ourfamilywizard.com/legal/terms) govern your use of this server**, just as they govern your direct use of OFW. There is no explicit anti-scraping clause; the governing language is broader:
+
+> Users may not obtain or attempt to obtain any materials or information through any means not intentionally made available.
+
+And on credentials: *"You are solely responsible for (1) maintaining the strict confidentiality of assigned Authentication Methods, (2) instructing any individual to whom the assigned Authentication Method is shared ('Authorized User') to not allow another person to use the Authentication Method."* OFW does contemplate "Authorized Users" and third-party-enabled integrations — but the account holder remains responsible.
+
+You are agreeing to those terms — read by the maintainer 2026-05-23 — every time you invoke a tool in this server.
+
+**3. Personal, family use only.** This project is not affiliated with, endorsed by, sponsored by, or in partnership with OurFamilyWizard, LLC or its parent. It is a personal automation tool for the named account holder. Do not use it on behalf of a co-parent without their consent, do not share credentials with anyone, and do not use it to bulk-extract another family's data.
+
+**4. OFW is a court-of-record platform.** Messages, expenses, calendar entries, and journal entries on OFW may be entered into legal proceedings — including custody, divorce, and parenting-plan-modification cases. Anything this server writes to OFW (drafts you save, events you create, expenses you log) will appear with the same legal weight as if you had typed it yourself. **Do not let this MCP send a message, create an event, or log an expense that you have not read and approved.** Review every write operation before confirming.
+
+**5. You accept full responsibility** for any consequences — both technical (account warnings, suspension) and legal (anything OFW records about your account activity). The MCP author is not your attorney; if you're using OFW in connection with an active legal matter, talk to your actual attorney before automating anything.
+
+This section is the maintainer's good-faith summary of the terms — it is not legal advice and does not modify or supersede OurFamilyWizard's actual ToS.
+
 ## Installation
 
 ### 1. Clone and build

package/dist/bundle.js

@@ -7572,6 +7572,10 @@ var require_receiver = __commonJS({
        *     extensions
        * @param {Boolean} [options.isServer=false] Specifies whether to operate in
        *     client or server mode
+       * @param {Number} [options.maxBufferedChunks=0] The maximum number of
+       *     buffered data chunks
+       * @param {Number} [options.maxFragments=0] The maximum number of message
+       *     fragments
        * @param {Number} [options.maxPayload=0] The maximum allowed message length
        * @param {Boolean} [options.skipUTF8Validation=false] Specifies whether or
        *     not to skip UTF-8 validation for text and close messages
@@ -7582,6 +7586,8 @@ var require_receiver = __commonJS({
         this._binaryType = options.binaryType || BINARY_TYPES[0];
         this._extensions = options.extensions || {};
         this._isServer = !!options.isServer;
+        this._maxBufferedChunks = options.maxBufferedChunks | 0;
+        this._maxFragments = options.maxFragments | 0;
         this._maxPayload = options.maxPayload | 0;
         this._skipUTF8Validation = !!options.skipUTF8Validation;
         this[kWebSocket] = void 0;
@@ -7611,6 +7617,18 @@ var require_receiver = __commonJS({
        */
       _write(chunk, encoding, cb) {
         if (this._opcode === 8 && this._state == GET_INFO) return cb();
+        if (this._maxBufferedChunks > 0 && this._buffers.length >= this._maxBufferedChunks) {
+          cb(
+            this.createError(
+              RangeError,
+              "Too many buffered chunks",
+              false,
+              1008,
+              "WS_ERR_TOO_MANY_BUFFERED_PARTS"
+            )
+          );
+          return;
+        }
         this._bufferedBytes += chunk.length;
         this._buffers.push(chunk);
         this.startLoop(cb);
@@ -7940,6 +7958,17 @@ var require_receiver = __commonJS({
           return;
         }
         if (data.length) {
+          if (this._maxFragments > 0 && this._fragments.length >= this._maxFragments) {
+            const error51 = this.createError(
+              RangeError,
+              "Too many message fragments",
+              false,
+              1008,
+              "WS_ERR_TOO_MANY_BUFFERED_PARTS"
+            );
+            cb(error51);
+            return;
+          }
           this._messageLength = this._totalPayloadLength;
           this._fragments.push(data);
         }
@@ -7969,6 +7998,17 @@ var require_receiver = __commonJS({
               cb(error51);
               return;
             }
+            if (this._maxFragments > 0 && this._fragments.length >= this._maxFragments) {
+              const error51 = this.createError(
+                RangeError,
+                "Too many message fragments",
+                false,
+                1008,
+                "WS_ERR_TOO_MANY_BUFFERED_PARTS"
+              );
+              cb(error51);
+              return;
+            }
             this._fragments.push(buf);
           }
           this.dataMessage(cb);
@@ -9175,6 +9215,10 @@ var require_websocket = __commonJS({
        *     multiple times in the same tick
        * @param {Function} [options.generateMask] The function used to generate the
        *     masking key
+       * @param {Number} [options.maxBufferedChunks=0] The maximum number of
+       *     buffered data chunks
+       * @param {Number} [options.maxFragments=0] The maximum number of message
+       *     fragments
        * @param {Number} [options.maxPayload=0] The maximum allowed message size
        * @param {Boolean} [options.skipUTF8Validation=false] Specifies whether or
        *     not to skip UTF-8 validation for text and close messages
@@ -9186,6 +9230,8 @@ var require_websocket = __commonJS({
           binaryType: this.binaryType,
           extensions: this._extensions,
           isServer: this._isServer,
+          maxBufferedChunks: options.maxBufferedChunks,
+          maxFragments: options.maxFragments,
           maxPayload: options.maxPayload,
           skipUTF8Validation: options.skipUTF8Validation
         });
@@ -9485,6 +9531,8 @@ var require_websocket = __commonJS({
         autoPong: true,
         closeTimeout: CLOSE_TIMEOUT,
         protocolVersion: protocolVersions[1],
+        maxBufferedChunks: 1024 * 1024,
+        maxFragments: 128 * 1024,
         maxPayload: 100 * 1024 * 1024,
         skipUTF8Validation: false,
         perMessageDeflate: true,
@@ -9727,6 +9775,8 @@ var require_websocket = __commonJS({
         websocket.setSocket(socket, head, {
           allowSynchronousEvents: opts.allowSynchronousEvents,
           generateMask: opts.generateMask,
+          maxBufferedChunks: opts.maxBufferedChunks,
+          maxFragments: opts.maxFragments,
           maxPayload: opts.maxPayload,
           skipUTF8Validation: opts.skipUTF8Validation
         });
@@ -10069,6 +10119,10 @@ var require_websocket_server = __commonJS({
        *     called
        * @param {Function} [options.handleProtocols] A hook to handle protocols
        * @param {String} [options.host] The hostname where to bind the server
+       * @param {Number} [options.maxBufferedChunks=1048576] The maximum number of
+       *     buffered data chunks
+       * @param {Number} [options.maxFragments=131072] The maximum number of message
+       *     fragments
        * @param {Number} [options.maxPayload=104857600] The maximum allowed message
        *     size
        * @param {Boolean} [options.noServer=false] Enable no server mode
@@ -10090,6 +10144,8 @@ var require_websocket_server = __commonJS({
         options = {
           allowSynchronousEvents: true,
           autoPong: true,
+          maxBufferedChunks: 1024 * 1024,
+          maxFragments: 128 * 1024,
           maxPayload: 100 * 1024 * 1024,
           skipUTF8Validation: false,
           perMessageDeflate: false,
@@ -10369,6 +10425,8 @@ var require_websocket_server = __commonJS({
         socket.removeListener("error", socketOnError);
         ws.setSocket(socket, head, {
           allowSynchronousEvents: this.options.allowSynchronousEvents,
+          maxBufferedChunks: this.options.maxBufferedChunks,
+          maxFragments: this.options.maxFragments,
           maxPayload: this.options.maxPayload,
           skipUTF8Validation: this.options.skipUTF8Validation
         });
@@ -34495,6 +34553,7 @@ import { fileURLToPath } from "url";
 
 // node_modules/@fetchproxy/protocol/dist/frames.js
 var PROTOCOL_VERSION = 2;
+var HKDF_SESSION_INFO = "fetchproxy/1.0.0/session";
 var KNOWN_CAPABILITIES = /* @__PURE__ */ new Set([
   "fetch",
   "read_cookies",
@@ -34569,7 +34628,7 @@ var ProtocolError = class extends Error {
 var FORBIDDEN_KEYS = /* @__PURE__ */ new Set(["__proto__", "constructor", "prototype"]);
 var BASE64_RE = /^[A-Za-z0-9+/]*={0,2}$/;
 var SCOPE_KEY_RE = /^[A-Za-z0-9_.\-]{1,256}$/;
-var SCOPE_KEY_GLOB_RE = /^[A-Za-z0-9_.\-]{1,255}\*?$/;
+var SCOPE_KEY_GLOB_RE = /^[A-Za-z0-9_.\-]{1,256}\*?$/;
 var HEADER_NAME_RE = /^[A-Za-z0-9_\-]{1,128}$/;
 var HOSTNAME_RE = /^[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?(\.[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)+$/i;
 function assertObject(x, label) {
@@ -34698,7 +34757,7 @@ function assertStoragePointersArray(value, label, declaredKeys) {
     if (entry.jsonPointer === void 0) {
       throw new ProtocolError(`${label}[${i}].jsonPointer: missing`);
     }
-    if (typeof entry.key !== "string" || !SCOPE_KEY_GLOB_RE.test(entry.key)) {
+    if (typeof entry.key !== "string" || !SCOPE_KEY_RE.test(entry.key)) {
       throw new ProtocolError(`${label}[${i}].key: invalid key ${JSON.stringify(entry.key)}`);
     }
     if (typeof entry.jsonPointer !== "string" || !isValidJsonPointer(entry.jsonPointer)) {
@@ -35480,15 +35539,20 @@ async function startHost(opts) {
   let extensionWs = null;
   const peers = /* @__PURE__ */ new Map();
   const ownInnerListeners = [];
+  const disconnectListeners = [];
   let ownSession = null;
   let resolveOwnSession;
   let rejectOwnSession;
-  const ownSessionReady = new Promise((resolve2, reject) => {
-    resolveOwnSession = resolve2;
-    rejectOwnSession = reject;
-  });
-  ownSessionReady.catch(() => {
-  });
+  let ownSessionReady;
+  function resetSessionPromise() {
+    ownSessionReady = new Promise((resolve2, reject) => {
+      resolveOwnSession = resolve2;
+      rejectOwnSession = reject;
+    });
+    ownSessionReady.catch(() => {
+    });
+  }
+  resetSessionPromise();
   let extensionHello = null;
   wss.on("connection", (ws) => {
     let identified = null;
@@ -35557,11 +35621,11 @@ async function startHost(opts) {
             }
             const extPub = fromB64(frame.extensionSessionPub);
             const shared = await ecdhX25519(opts.ownIdentity.x25519Priv, extPub);
-            const key = await hkdfSha256(shared, ownSessionNonce, enc2.encode("fetchproxy/0.1.0/session"), 32);
-            if (!ownSession) {
-              ownSession = new SessionState(key);
-              resolveOwnSession(ownSession);
-            }
+            const key = await hkdfSha256(shared, ownSessionNonce, enc2.encode(HKDF_SESSION_INFO), 32);
+            if (extensionWs !== ws)
+              return;
+            ownSession = new SessionState(key);
+            resolveOwnSession(ownSession);
           } else {
             const slot = peers.get(frame.mcpId);
             if (slot)
@@ -35603,6 +35667,9 @@ async function startHost(opts) {
         if (!ownSession) {
           rejectOwnSession(new Error("extension disconnected before ready"));
         }
+        ownSession = null;
+        resetSessionPromise();
+        disconnectListeners.forEach((cb) => cb());
       }
       if (identified === "peer" && peerMcpId)
         peers.delete(peerMcpId);
@@ -35627,6 +35694,9 @@ async function startHost(opts) {
     },
     onOwnInner: (cb) => {
       ownInnerListeners.push(cb);
+    },
+    onExtensionDisconnect: (cb) => {
+      disconnectListeners.push(cb);
     }
   };
 }
@@ -35666,7 +35736,7 @@ async function startPeer(opts) {
         if (frame.type === "ready" && frame.mcpId === opts.mcpId) {
           const extPub = fromB64(frame.extensionSessionPub);
           const shared = await ecdhX25519(opts.identity.x25519Priv, extPub);
-          const sessionKey = await hkdfSha256(shared, sessionNonce, enc3.encode("fetchproxy/0.1.0/session"), 32);
+          const sessionKey = await hkdfSha256(shared, sessionNonce, enc3.encode(HKDF_SESSION_INFO), 32);
           session = new SessionState(sessionKey);
           resolve2(session);
           return;
@@ -35757,6 +35827,32 @@ async function loadOrCreateIdentity(serverName, dir = defaultIdentityDir()) {
   return id;
 }
 
+// node_modules/@fetchproxy/server/dist/error-kind.js
+function classifyFetchError(error51) {
+  if (/Could not establish connection/i.test(error51) || /Receiving end does not exist/i.test(error51)) {
+    return "content_script_unreachable";
+  }
+  if (/^tab fetch failed:/.test(error51)) {
+    return "tab_fetch_failed";
+  }
+  if (/^fetch threw:/.test(error51)) {
+    return "tab_fetch_failed";
+  }
+  if (/^no tab matching /.test(error51)) {
+    return "no_tab";
+  }
+  if (/not in domains \[/.test(error51)) {
+    return "domain_denied";
+  }
+  if (/^capability .+ not granted/.test(error51)) {
+    return "capability_denied";
+  }
+  if (/^(request|response) body too large:/.test(error51)) {
+    return "body_too_large";
+  }
+  return "other";
+}
+
 // node_modules/@fetchproxy/server/dist/ws-server.js
 var FetchproxyProtocolError = class extends Error {
   constructor(message) {
@@ -35903,6 +35999,7 @@ var FetchproxyServer = class {
         onPairCode: this.opts.onPairCode
       });
       this.hostHandle.onOwnInner((inner) => this.onInner(inner));
+      this.hostHandle.onExtensionDisconnect(() => this.rejectAllPending());
     } else {
       this.role = "peer";
       this.peerHandle = await startPeer({
@@ -36321,10 +36418,11 @@ var FetchproxyServer = class {
         if (inner.op === void 0 || inner.op === "fetch") {
           fetchCb({ ok: true, status: inner.status, url: inner.url, body: inner.body });
         } else {
-          fetchCb({ ok: false, error: `unexpected ${inner.op} response on fetch awaiter` });
+          const error51 = `unexpected ${inner.op} response on fetch awaiter`;
+          fetchCb({ ok: false, error: error51, kind: classifyFetchError(error51) });
         }
       } else {
-        fetchCb({ ok: false, error: inner.error });
+        fetchCb({ ok: false, error: inner.error, kind: classifyFetchError(inner.error) });
       }
       return;
     }
@@ -36391,6 +36489,26 @@ var FetchproxyServer = class {
       }
     }
   }
+  rejectAllPending() {
+    const err = new FetchproxyProtocolError("extension disconnected");
+    for (const cb of this.pending.values()) {
+      cb({ ok: false, error: err.message, kind: classifyFetchError(err.message) });
+    }
+    this.pending.clear();
+    for (const cb of this.pendingReadCookies.values()) {
+      cb({ ok: false, error: err.message });
+    }
+    this.pendingReadCookies.clear();
+    for (const { reject } of this.pendingStorage.values())
+      reject(err);
+    this.pendingStorage.clear();
+    for (const { reject } of this.pendingCapture.values())
+      reject(err);
+    this.pendingCapture.clear();
+    for (const { reject } of this.pendingIdb.values())
+      reject(err);
+    this.pendingIdb.clear();
+  }
   /**
    * Shut down the bridge. Host: terminates the WebSocket server and any
    * still-attached extension/peer clients. Peer: closes the upstream
@@ -36398,6 +36516,7 @@ var FetchproxyServer = class {
    * twice in a row.
    */
   async close() {
+    this.rejectAllPending();
     if (this.hostHandle)
       await this.hostHandle.close();
     if (this.peerHandle)
@@ -36493,8 +36612,7 @@ async function bootstrap(opts) {
       for (const p of localStoragePointers) {
         pointers[p.outputKey] = { storageKey: p.storageKey, jsonPointer: p.jsonPointer };
       }
-      const stub = server2;
-      localStorage = await stub.readLocalStorage({
+      localStorage = await server2.readLocalStorage({
         keys: allKeys,
         ...storageDomainOpts,
         ...localStoragePointers.length > 0 ? { pointers } : {}
@@ -36507,8 +36625,7 @@ async function bootstrap(opts) {
       for (const p of sessionStoragePointers) {
         pointers[p.outputKey] = { storageKey: p.storageKey, jsonPointer: p.jsonPointer };
       }
-      const stub = server2;
-      sessionStorage = await stub.readSessionStorage({
+      sessionStorage = await server2.readSessionStorage({
         keys: allKeys,
         ...storageDomainOpts,
         ...sessionStoragePointers.length > 0 ? { pointers } : {}
@@ -36531,9 +36648,6 @@ async function bootstrap(opts) {
     }
     const indexedDbBucket = {};
     for (const d of indexedDb) {
-      if (!server2.readIndexedDb) {
-        throw new Error("bootstrap: server factory does not implement readIndexedDb (declared indexedDb but server stub omits it)");
-      }
       const values = await server2.readIndexedDb({
         database: d.database,
         store: d.store,
@@ -36652,7 +36766,7 @@ function getDefaultInlineAttachments() {
 // package.json
 var package_default = {
   name: "ofw-mcp",
-  version: "2.0.17",
+  version: "2.0.19",
   mcpName: "io.github.chrischall/ofw-mcp",
   description: "OurFamilyWizard MCP server for Claude \u2014 developed and maintained by AI (Claude Code)",
   author: "Claude Code (AI) <https://www.anthropic.com/claude>",
@@ -36679,7 +36793,7 @@ var package_default = {
     "test:watch": "vitest"
   },
   dependencies: {
-    "@fetchproxy/bootstrap": "^0.4.2",
+    "@fetchproxy/bootstrap": "^0.5.1",
     "@modelcontextprotocol/sdk": "^1.29.0",
     dotenv: "^17.4.0",
     zod: "^4.4.2"
@@ -38039,7 +38153,7 @@ process.emit = function(event, ...args) {
   }
   return originalEmit(event, ...args);
 };
-var server = new McpServer({ name: "ofw", version: "2.0.17" });
+var server = new McpServer({ name: "ofw", version: "2.0.19" });
 registerUserTools(server, client);
 registerMessageTools(server, client);
 registerCalendarTools(server, client);

package/dist/index.js

@@ -17,7 +17,7 @@ import { registerMessageTools } from './tools/messages.js';
 import { registerCalendarTools } from './tools/calendar.js';
 import { registerExpenseTools } from './tools/expenses.js';
 import { registerJournalTools } from './tools/journal.js';
-const server = new McpServer({ name: 'ofw', version: '2.0.17' }); // x-release-please-version
+const server = new McpServer({ name: 'ofw', version: '2.0.19' }); // x-release-please-version
 registerUserTools(server, client);
 registerMessageTools(server, client);
 registerCalendarTools(server, client);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "ofw-mcp",
-  "version": "2.0.17",
+  "version": "2.0.19",
   "mcpName": "io.github.chrischall/ofw-mcp",
   "description": "OurFamilyWizard MCP server for Claude — developed and maintained by AI (Claude Code)",
   "author": "Claude Code (AI) <https://www.anthropic.com/claude>",
@@ -27,7 +27,7 @@
     "test:watch": "vitest"
   },
   "dependencies": {
-    "@fetchproxy/bootstrap": "^0.4.2",
+    "@fetchproxy/bootstrap": "^0.5.1",
     "@modelcontextprotocol/sdk": "^1.29.0",
     "dotenv": "^17.4.0",
     "zod": "^4.4.2"

package/server.json

@@ -6,12 +6,12 @@
     "url": "https://github.com/chrischall/ofw-mcp",
     "source": "github"
   },
-  "version": "2.0.17",
+  "version": "2.0.19",
   "packages": [
     {
       "registryType": "npm",
       "identifier": "ofw-mcp",
-      "version": "2.0.17",
+      "version": "2.0.19",
       "transport": {
         "type": "stdio"
       },