ralph-hero-mcp-server 2.5.129 → 2.5.139

package/dist/github-client.js

@@ -6,9 +6,33 @@
  * rateLimit fragment for continuous tracking.
  */
 import { graphql } from "@octokit/graphql";
+import { trace, SpanStatusCode } from "@opentelemetry/api";
 import { RateLimiter } from "./lib/rate-limiter.js";
 import { SessionCache } from "./lib/cache.js";
 import { extractOperationName, sanitize } from "./lib/debug-logger.js";
+/**
+ * Classify a GraphQL error into one of: "rate_limit" | "network" | "graphql".
+ *
+ * - `rate_limit` — HTTP 403 with a `retry-after` header (GitHub's secondary
+ *   rate limit signal). Plain 403s without retry-after fall through to
+ *   `graphql` since they're more commonly permission errors.
+ * - `network` — no `status` field on the error (fetch-level failure, DNS,
+ *   socket reset, etc.)
+ * - `graphql` — everything else (GraphQL validation errors, 4xx, 5xx).
+ */
+function classifyGraphQLError(error) {
+    if (!error || typeof error !== "object") {
+        return "graphql";
+    }
+    const e = error;
+    if (typeof e.status !== "number") {
+        return "network";
+    }
+    if (e.status === 403 && e.headers?.["retry-after"]) {
+        return "rate_limit";
+    }
+    return "graphql";
+}
 /**
  * The rateLimit fragment to include in every query for proactive tracking.
  */
@@ -44,6 +68,11 @@ export function createGitHubClient(clientConfig, debugLogger) {
     const cache = new SessionCache();
     /**
      * Execute a raw GraphQL request and handle rate limit tracking.
+     *
+     * Wraps the request in a `ralph_hero.graphql` OpenTelemetry span when a
+     * tracer is available. When `RALPH_DEBUG` is unset and the SDK has not been
+     * initialized, `@opentelemetry/api` returns a no-op tracer/span — calls are
+     * essentially free.
      */
     async function executeGraphQL(queryString, variables, graphqlFn = graphqlWithAuth) {
         await rateLimiter.checkBeforeRequest();
@@ -62,53 +91,88 @@ export function createGitHubClient(clientConfig, debugLogger) {
                         fullQuery.slice(insertPos);
             }
         }
-        const t0 = Date.now();
-        try {
-            const response = await graphqlFn(fullQuery, variables || {});
-            // Update rate limit tracker from response
-            if (response && typeof response === "object" && "rateLimit" in response) {
-                const rl = response.rateLimit;
-                if (rl) {
-                    rateLimiter.update(rl);
+        const tracer = trace.getTracer("ralph-hero");
+        const operation = extractOperationName(fullQuery);
+        return tracer.startActiveSpan("ralph_hero.graphql", async (span) => {
+            if (operation) {
+                span.setAttribute("ralph_hero.operation", operation);
+            }
+            const t0 = Date.now();
+            try {
+                const response = await graphqlFn(fullQuery, variables || {});
+                // Update rate limit tracker from response
+                if (response && typeof response === "object" && "rateLimit" in response) {
+                    const rl = response.rateLimit;
+                    if (rl) {
+                        rateLimiter.update(rl);
+                        if (typeof rl.remaining === "number") {
+                            span.setAttribute("ralph_hero.rate_limit.remaining", rl.remaining);
+                        }
+                        if (typeof rl.cost === "number") {
+                            span.setAttribute("ralph_hero.rate_limit.cost", rl.cost);
+                        }
+                    }
                 }
+                debugLogger?.logGraphQL({
+                    operation,
+                    variables: sanitize(variables),
+                    durationMs: Date.now() - t0,
+                    status: 200,
+                    rateLimitRemaining: response
+                        .rateLimit?.remaining,
+                    rateLimitCost: response.rateLimit
+                        ?.cost,
+                });
+                return response;
             }
-            debugLogger?.logGraphQL({
-                operation: extractOperationName(fullQuery),
-                variables: sanitize(variables),
-                durationMs: Date.now() - t0,
-                status: 200,
-                rateLimitRemaining: response.rateLimit?.remaining,
-                rateLimitCost: response.rateLimit?.cost,
-            });
-            return response;
-        }
-        catch (error) {
-            debugLogger?.logGraphQL({
-                operation: extractOperationName(fullQuery),
-                variables: sanitize(variables),
-                durationMs: Date.now() - t0,
-                status: error && typeof error === "object" && "status" in error
-                    ? error.status
-                    : 500,
-                error: error instanceof Error ? error.message : String(error),
-            });
-            // Handle rate limit errors (403)
-            if (error &&
-                typeof error === "object" &&
-                "status" in error &&
-                error.status === 403) {
-                const retryAfter = error && typeof error === "object" && "headers" in error
+            catch (error) {
+                // Detect rate-limit retry-able case FIRST. On the retry path we
+                // intentionally do NOT mark this span ERROR (or log a 500-shaped
+                // entry) — the retry may succeed and we don't want Langfuse to
+                // show a permanently-failed parent for a request that eventually
+                // returned 200. Only the non-retry path mutates span status.
+                const is403 = error &&
+                    typeof error === "object" &&
+                    "status" in error &&
+                    error.status === 403;
+                const retryAfter = is403 && error && typeof error === "object" && "headers" in error
                     ? error.headers?.["retry-after"]
                     : undefined;
                 if (retryAfter) {
                     const waitMs = parseInt(retryAfter, 10) * 1000;
                     console.error(`[github-client] Rate limited. Waiting ${retryAfter}s before retry.`);
                     await new Promise((resolve) => setTimeout(resolve, waitMs));
-                    return executeGraphQL(queryString, variables, graphqlFn);
+                    // `await` is critical: in an async fn, `finally { span.end() }`
+                    // runs as soon as the return expression evaluates. Without
+                    // `await`, the inner Promise would still be pending while
+                    // `span.end()` fires, exporting a half-finished outer span.
+                    return await executeGraphQL(queryString, variables, graphqlFn);
                 }
+                // Non-retry error path: mark span ERROR, log, rethrow.
+                const errorType = classifyGraphQLError(error);
+                span.setAttribute("ralph_hero.error_type", errorType);
+                span.setStatus({
+                    code: SpanStatusCode.ERROR,
+                    message: error instanceof Error ? error.message : String(error),
+                });
+                if (error instanceof Error) {
+                    span.recordException(error);
+                }
+                debugLogger?.logGraphQL({
+                    operation,
+                    variables: sanitize(variables),
+                    durationMs: Date.now() - t0,
+                    status: error && typeof error === "object" && "status" in error
+                        ? error.status
+                        : 500,
+                    error: error instanceof Error ? error.message : String(error),
+                });
+                throw error;
             }
-            throw error;
-        }
+            finally {
+                span.end();
+            }
+        });
     }
     return {
         config: clientConfig,

package/dist/index.js

@@ -14,6 +14,7 @@ import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"
 import { createGitHubClient } from "./github-client.js";
 import { FieldOptionCache } from "./lib/cache.js";
 import { createDebugLogger, wrapServerToolWithLogging } from "./lib/debug-logger.js";
+import { initTelemetry } from "./lib/telemetry.js";
 import { toolSuccess, resolveProjectOwner } from "./types.js";
 import { resolveRepoFromProject } from "./lib/helpers.js";
 import { detectOrphanRepoIssues } from "./lib/health.js";
@@ -360,6 +361,21 @@ function registerCoreTools(server, client) {
  */
 async function main() {
     console.error("[ralph-hero] Starting MCP server...");
+    // OTel SDK init MUST happen before initGitHubClient so the first GraphQL
+    // call from the client (repo inference) is captured as a span. initTelemetry
+    // returns null when RALPH_DEBUG !== "true" — no SDK objects allocated and
+    // no exporter threads in that path.
+    const sdk = (await initTelemetry());
+    if (sdk) {
+        console.error("[ralph-hero] OTel telemetry enabled");
+        // Best-effort flush on graceful shutdown. Errors swallowed because by the
+        // time SIGTERM fires we're already on the way out — partial trace loss is
+        // acceptable. SIGINT is not wired because Claude Code's stdio transport
+        // already cleans up on EOF.
+        process.on("SIGTERM", () => {
+            void sdk.shutdown().catch(() => undefined);
+        });
+    }
     const debugLogger = createDebugLogger();
     if (debugLogger) {
         console.error("[ralph-hero] Debug logging enabled (RALPH_DEBUG=true)");

package/dist/lib/telemetry.js

@@ -0,0 +1,156 @@
+/**
+ * OpenTelemetry initialization for the ralph-hero MCP server.
+ *
+ * Lazy-initialized when `RALPH_DEBUG=true`. When the env var is unset or any
+ * value other than the literal string `"true"`, `initTelemetry()` returns
+ * `null` and no OpenTelemetry SDK objects are constructed — zero overhead.
+ *
+ * The OTLP HTTP exporter reads its endpoint from `OTEL_EXPORTER_OTLP_ENDPOINT`
+ * (standard OTel convention). Auto-instrumentation is explicitly OFF — only
+ * the explicit `ralph_hero.graphql` spans emitted from `github-client.ts`
+ * appear in the resulting trace.
+ *
+ * A custom `SpanProcessor` redacts token-shaped attribute values at span
+ * start so secrets never reach the exporter. See `redactTokenAttributes()`.
+ */
+import { readFileSync } from "node:fs";
+import { fileURLToPath } from "node:url";
+import { dirname, resolve } from "node:path";
+/**
+ * Attribute value matching `^gh[ps]_` (GitHub PAT/server-to-server token shape)
+ * and key matching `_TOKEN$` (case-insensitive) or `^authorization$` are
+ * replaced with this sentinel before the span is exported.
+ */
+const REDACTED = "[REDACTED]";
+const TOKEN_VALUE_RE = /^gh[ps]_/;
+const TOKEN_KEY_RE = /(_TOKEN$|^authorization$)/i;
+/**
+ * Pure function — exported for unit tests. Returns a shallow copy of `attrs`
+ * with any token-shaped value or key replaced by `[REDACTED]`.
+ *
+ * Keys are matched case-insensitively against `_TOKEN$` and `^authorization$`.
+ * Values are matched (when they are strings) against `^gh[ps]_`.
+ *
+ * Non-matching attributes (including non-string values like numbers and
+ * booleans) pass through unchanged.
+ */
+export function redactTokenAttributes(attrs) {
+    if (!attrs)
+        return {};
+    const out = {};
+    for (const [key, value] of Object.entries(attrs)) {
+        if (TOKEN_KEY_RE.test(key)) {
+            out[key] = REDACTED;
+            continue;
+        }
+        if (typeof value === "string" && TOKEN_VALUE_RE.test(value)) {
+            out[key] = REDACTED;
+            continue;
+        }
+        out[key] = value;
+    }
+    return out;
+}
+/**
+ * SpanProcessor that scrubs token-shaped attributes from each span.
+ *
+ * The scrub runs on `onEnd` rather than `onStart` because we need to see the
+ * full set of attributes that any caller has set on the span. Crucially, once
+ * a span has ended, `span.setAttribute()` is a documented no-op — the only
+ * way to mutate the final exported attribute set is to write directly to the
+ * `attributes` object. TypeScript types it as readonly but the runtime
+ * representation is a plain mutable object owned by the span instance.
+ *
+ * Order matters: this processor must be registered BEFORE the exporting
+ * processor (`BatchSpanProcessor` or `SimpleSpanProcessor`) so the mutation
+ * is visible by the time the export call reads `attributes`.
+ */
+export class TokenScrubbingSpanProcessor {
+    onStart(_span, _parentContext) {
+        // No-op — attributes set on an active span go through `setAttribute`,
+        // not the readable snapshot. We catch them all in `onEnd`.
+    }
+    onEnd(span) {
+        const attrs = span.attributes;
+        if (!attrs)
+            return;
+        // attrs is `Attributes` (readonly per the type) but mutable at runtime.
+        // Mutate in-place so downstream processors see the redacted values.
+        const mut = attrs;
+        for (const [key, value] of Object.entries(mut)) {
+            if (TOKEN_KEY_RE.test(key)) {
+                mut[key] = REDACTED;
+            }
+            else if (typeof value === "string" && TOKEN_VALUE_RE.test(value)) {
+                mut[key] = REDACTED;
+            }
+        }
+    }
+    async shutdown() {
+        // No-op — this processor holds no resources.
+    }
+    async forceFlush() {
+        // No-op — this processor performs no async work.
+    }
+}
+/**
+ * Read the MCP server semver from package.json next to this module.
+ *
+ * Falls back to `"unknown"` if the file is missing or unreadable so the SDK
+ * still starts up — the version is informational, not load-bearing.
+ */
+function resolveServiceVersion() {
+    try {
+        // In ESM, __dirname isn't defined; compute it from import.meta.url.
+        const here = dirname(fileURLToPath(import.meta.url));
+        // Walk up from src/lib (or dist/lib at runtime) to the package root.
+        const pkgPath = resolve(here, "..", "..", "package.json");
+        const raw = readFileSync(pkgPath, "utf8");
+        const pkg = JSON.parse(raw);
+        return pkg.version ?? "unknown";
+    }
+    catch {
+        return "unknown";
+    }
+}
+/**
+ * Initialize the OpenTelemetry NodeSDK when `RALPH_DEBUG=true`.
+ *
+ * - Returns `null` (zero overhead) when `process.env.RALPH_DEBUG !== "true"`.
+ * - When enabled: configures an OTLP/HTTP trace exporter, no auto-instrumentation,
+ *   a `TokenScrubbingSpanProcessor` ahead of the default batch processor, and
+ *   resource attrs `service.name = "ralph-hero"`, `service.version = <semver>`.
+ *
+ * Caller is responsible for calling `sdk.shutdown()` (e.g., on SIGTERM) to
+ * flush in-flight spans.
+ */
+export async function initTelemetry() {
+    if (process.env.RALPH_DEBUG !== "true") {
+        return null;
+    }
+    // Dynamic imports keep zero-overhead in the disabled path — when RALPH_DEBUG
+    // is unset, none of these modules are loaded into memory.
+    const { NodeSDK } = await import("@opentelemetry/sdk-node");
+    const { OTLPTraceExporter } = await import("@opentelemetry/exporter-trace-otlp-http");
+    const { Resource } = await import("@opentelemetry/resources");
+    const { SEMRESATTRS_SERVICE_NAME, SEMRESATTRS_SERVICE_VERSION, } = await import("@opentelemetry/semantic-conventions");
+    const { BatchSpanProcessor } = await import("@opentelemetry/sdk-trace-base");
+    const endpoint = process.env.OTEL_EXPORTER_OTLP_ENDPOINT ??
+        "http://localhost:3100/api/public/otel/v1/traces";
+    const exporter = new OTLPTraceExporter({ url: endpoint });
+    const sdk = new NodeSDK({
+        resource: new Resource({
+            [SEMRESATTRS_SERVICE_NAME]: "ralph-hero",
+            [SEMRESATTRS_SERVICE_VERSION]: resolveServiceVersion(),
+        }),
+        spanProcessors: [
+            new TokenScrubbingSpanProcessor(),
+            new BatchSpanProcessor(exporter),
+        ],
+        // No auto-instrumentation — only explicit ralph_hero.* spans are emitted.
+        instrumentations: [],
+    });
+    sdk.start();
+    return sdk;
+}
+//# sourceMappingURL=telemetry.js.map

package/dist/lib/workflow-states.js

@@ -129,6 +129,6 @@ export const WORKFLOW_STATE_TO_STATUS = {
     "In Review": "In Progress",
     "Done": "Done",
     "Canceled": "Done",
-    "Human Needed": "Done",
+    "Human Needed": "Todo",
 };
 //# sourceMappingURL=workflow-states.js.map

package/dist/tools/issue-tools.js

@@ -25,7 +25,7 @@ export function registerIssueTools(server, client, fieldCache) {
     // -------------------------------------------------------------------------
     // ralph_hero__list_issues
     // -------------------------------------------------------------------------
-    server.tool("ralph_hero__list_issues", "List issues from a GitHub repository with optional filters. Fetches all project items (full project scan, no silent 500-cap) and applies filters client-side, so items at any board position are visible regardless of default ordering. Returns: number, title, state, workflowState, estimate, priority, iteration, labels, assignees. Use workflowState filter to find issues in a specific phase. Use iteration filter with @current/@next or sprint title. Recovery: if no results, broaden filters or check that issues exist in the project.", {
+    server.tool("ralph_hero__list_issues", "List issues from a GitHub repository with optional filters. Fetches all project items (full project scan, no silent 500-cap) and applies filters client-side, so items at any board position are visible regardless of default ordering. By default returns issues in any state (both OPEN and CLOSED) so visibility matches the dashboard family (pipeline_dashboard, next_actions, project_hygiene); pass the `state` parameter (\"OPEN\" or \"CLOSED\") to narrow. Returns: number, title, state, workflowState, estimate, priority, iteration, labels, assignees. Use workflowState filter to find issues in a specific phase. Use iteration filter with @current/@next or sprint title. Recovery: if no results, broaden filters or check that issues exist in the project.", {
         owner: z
             .string()
             .optional()
@@ -68,8 +68,8 @@ export function registerIssueTools(server, client, fieldCache) {
         state: z
             .enum(["OPEN", "CLOSED"])
             .optional()
-            .default("OPEN")
-            .describe("Issue state filter (default: OPEN)"),
+            .describe("Issue state filter. When omitted, returns issues in any state " +
+            "(matches dashboard-family behavior). Pass 'OPEN' or 'CLOSED' to narrow."),
         reason: z
             .enum(["completed", "not_planned", "reopened"])
             .optional()

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "ralph-hero-mcp-server",
-  "version": "2.5.129",
+  "version": "2.5.139",
   "description": "MCP server for GitHub Projects V2 - Ralph workflow automation",
   "type": "module",
   "main": "dist/index.js",
@@ -20,6 +20,12 @@
     "@modelcontextprotocol/sdk": "^1.26.0",
     "@octokit/graphql": "^9.0.3",
     "@octokit/plugin-paginate-graphql": "^6.0.0",
+    "@opentelemetry/api": "^1.9.0",
+    "@opentelemetry/exporter-trace-otlp-http": "^0.57.0",
+    "@opentelemetry/resources": "^1.30.0",
+    "@opentelemetry/sdk-node": "^0.57.0",
+    "@opentelemetry/sdk-trace-base": "^1.30.0",
+    "@opentelemetry/semantic-conventions": "^1.28.0",
     "yaml": "^2.7.0",
     "zod": "^3.25.0"
   },