npm - screenpipe-mcp - Versions diffs - 0.17.0 → 0.18.1 - Mend

screenpipe-mcp 0.17.0 → 0.18.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/index.js CHANGED Viewed

@@ -53,32 +53,60 @@ for (let i = 0; i < args.length; i++) {
     }
 }
 const SCREENPIPE_API = `http://localhost:${port}`;
-// Discover API key: env var > db.sqlite direct read > npx fallbacks
+// Discover the local API key, in priority order:
+//
+//   1. env vars set by the launcher (Claude Desktop config, terminal, etc.)
+//   2. direct sqlite3 read of ~/.screenpipe/db.sqlite (plaintext entries only —
+//      encrypted ones need keychain, handled by 3+)
+//   3. bundled `bun` shipped with the desktop app → `bun x screenpipe@latest auth token`
+//      this is the kill-shot for Claude-Desktop-via-MCP: Claude strips PATH so
+//      `npx` and `sqlite3` lookups fail, but the desktop app's bundled bun is
+//      at a deterministic path. We invoke it with an absolute path, which
+//      then runs the screenpipe CLI's `auth token` command — which goes
+//      through `find_api_auth_key` (handles the encrypted-secret-store case).
+//   4. node-adjacent npx (legacy fallback for users without the desktop app)
+//   5. PATH-based npx (very last resort)
+//
+// If all 5 miss we log a loud stderr warning so it surfaces in the host's
+// MCP log instead of the user just seeing 403s with no explanation.
 function discoverApiKey() {
     const envKey = process.env.SCREENPIPE_LOCAL_API_KEY || process.env.SCREENPIPE_API_KEY;
     if (envKey)
         return envKey;
+    // eslint-disable-next-line @typescript-eslint/no-var-requires
     const os = require("os");
+    // eslint-disable-next-line @typescript-eslint/no-var-requires
     const path = require("path");
+    // eslint-disable-next-line @typescript-eslint/no-var-requires
     const fs = require("fs");
+    // eslint-disable-next-line @typescript-eslint/no-var-requires
     const { execFileSync, execSync } = require("child_process");
-    // Read api_auth_key directly from ~/.screenpipe/db.sqlite.
-    // The key may be stored as plaintext base64 (nonce=zeros, keychain unavailable)
-    // or encrypted (non-zero nonce, keychain was available at write time).
-    // If plaintext: decode and return. If encrypted: skip, fall through to CLI.
+    // Common absolute paths for `sqlite3`. Claude Desktop's MCP launcher
+    // strips PATH so the bare command name `sqlite3` would fail spawn
+    // even though `/usr/bin/sqlite3` is always present on macOS. Try the
+    // bare name first (cheap; works on dev machines with a normal shell)
+    // then walk known absolute paths.
+    const sqliteCandidates = process.platform === "win32"
+        ? ["sqlite3.exe", "C\\:Windows\\System32\\sqlite3.exe"]
+        : process.platform === "darwin"
+            ? ["sqlite3", "/usr/bin/sqlite3", "/opt/homebrew/bin/sqlite3", "/usr/local/bin/sqlite3"]
+            : ["sqlite3", "/usr/bin/sqlite3", "/usr/local/bin/sqlite3"];
+    // 2. Direct sqlite3 read of the secret store. Only succeeds for
+    //    plaintext entries (nonce all zeros). Encrypted entries fall
+    //    through to the CLI path which can decrypt via keychain.
     try {
         const dbPath = path.join(os.homedir(), ".screenpipe", "db.sqlite");
         if (fs.existsSync(dbPath)) {
-            const sqliteBin = process.platform === "win32" ? "sqlite3.exe" : "sqlite3";
-            // Check nonce — all zeros means plaintext base64, non-zero means encrypted
-            const row = execFileSync(sqliteBin, [
-                dbPath,
-                "SELECT hex(nonce), value FROM secrets WHERE key = 'api_auth_key';",
-            ], {
-                timeout: 5000,
-                encoding: "utf-8",
-                stdio: ["pipe", "pipe", "pipe"],
-            }).trim();
+            let row = null;
+            for (const candidate of sqliteCandidates) {
+                try {
+                    row = execFileSync(candidate, [dbPath, "SELECT hex(nonce), value FROM secrets WHERE key = 'api_auth_key';"], { timeout: 5000, encoding: "utf-8", stdio: ["pipe", "pipe", "pipe"] }).trim();
+                    break;
+                }
+                catch {
+                    // try next candidate
+                }
+            }
             if (row) {
                 const sepIdx = row.indexOf("|");
                 const nonceHex = sepIdx >= 0 ? row.substring(0, sepIdx) : "";
@@ -91,34 +119,97 @@ function discoverApiKey() {
                     if (value.startsWith("sp-"))
                         return value;
                 }
-                // Non-zero nonce = encrypted — fall through to CLI which can decrypt via keychain
+                // Non-zero nonce = encrypted — fall through to bun/npx which decrypt via keychain.
             }
         }
     }
     catch { }
-    // Fallback: use the current Node binary to find npx (no PATH dependency)
+    // 3. Bundled `bun` shipped with the desktop app. The Tauri externalBin
+    //    config (apps/screenpipe-app-tauri/src-tauri/tauri.prod.conf.json)
+    //    places it next to the main app executable; on each OS the install
+    //    path is deterministic so we don't need PATH or current_exe — both
+    //    of which Claude Desktop's MCP launcher rolls back.
+    const home = os.homedir();
+    const bunCandidates = process.platform === "darwin"
+        ? [
+            // Standard system-wide install
+            "/Applications/screenpipe.app/Contents/MacOS/bun",
+            // Per-user install
+            path.join(home, "Applications", "screenpipe.app", "Contents", "MacOS", "bun"),
+        ]
+        : process.platform === "win32"
+            ? [
+                // NSIS per-user (default on Windows)
+                path.join(home, "AppData", "Local", "screenpipe", "bun.exe"),
+                // Per-user under "screenpipe-app" (older builds)
+                path.join(home, "AppData", "Local", "screenpipe-app", "bun.exe"),
+                // System-wide install
+                "C:\\Program Files\\screenpipe\\bun.exe",
+            ]
+            : [
+                // Linux .deb
+                "/opt/screenpipe/bun",
+                "/usr/lib/screenpipe/bun",
+                "/usr/bin/bun",
+            ];
+    for (const bunPath of bunCandidates) {
+        if (!fs.existsSync(bunPath))
+            continue;
+        try {
+            const token = execFileSync(bunPath, ["x", "screenpipe@latest", "auth", "token"], {
+                timeout: 30000, // first run downloads the package; subsequent runs are cached
+                encoding: "utf-8",
+                stdio: ["pipe", "pipe", "pipe"],
+            }).trim();
+            if (token && token.startsWith("sp-"))
+                return token;
+        }
+        catch {
+            // try next candidate
+        }
+    }
+    // 4. npx adjacent to the running node — works in dev environments
+    //    where the user installed @screenpipe/mcp via npx without the
+    //    desktop app.
     try {
-        const npxPath = path.join(path.dirname(process.execPath), "npx");
-        const token = execFileSync(npxPath, ["screenpipe@latest", "auth", "token"], {
-            timeout: 15000,
-            encoding: "utf-8",
-            stdio: ["pipe", "pipe", "pipe"],
-        }).trim();
-        if (token)
-            return token;
+        const npxName = process.platform === "win32" ? "npx.cmd" : "npx";
+        const npxPath = path.join(path.dirname(process.execPath), npxName);
+        if (fs.existsSync(npxPath)) {
+            const token = execFileSync(npxPath, ["screenpipe@latest", "auth", "token"], {
+                timeout: 30000,
+                encoding: "utf-8",
+                stdio: ["pipe", "pipe", "pipe"],
+            }).trim();
+            if (token && token.startsWith("sp-"))
+                return token;
+        }
     }
     catch { }
-    // Last resort: npx on PATH
+    // 5. PATH-based npx — last-ditch. Will fail under Claude Desktop's
+    //    sanitized env; useful only on raw shells.
     try {
         const token = execSync("npx screenpipe@latest auth token", {
-            timeout: 15000,
+            timeout: 30000,
             encoding: "utf-8",
             stdio: ["pipe", "pipe", "pipe"],
         }).trim();
-        if (token)
+        if (token && token.startsWith("sp-"))
             return token;
     }
     catch { }
+    // All five paths missed. Log loudly to stderr so the host's MCP
+    // panel surfaces this instead of the user seeing cryptic 403s from
+    // the screenpipe server on every tool call.
+    process.stderr.write([
+        "[screenpipe-mcp] could not discover SCREENPIPE_LOCAL_API_KEY from any source.",
+        "  - env vars (SCREENPIPE_LOCAL_API_KEY / SCREENPIPE_API_KEY) not set",
+        "  - direct sqlite3 read of ~/.screenpipe/db.sqlite failed",
+        "  - bundled `bun` from screenpipe.app not found at any known install path",
+        "  - npx fallback unavailable",
+        "Fix: set SCREENPIPE_LOCAL_API_KEY in your MCP launcher's env block,",
+        "or install the screenpipe desktop app (https://screenpi.pe).",
+        "",
+    ].join("\n"));
     return "";
 }
 const API_KEY = discoverApiKey();
@@ -437,6 +528,30 @@ const TOOLS = [
             required: ["id"],
         },
     },
+    {
+        name: "update-meeting",
+        description: "Update a meeting's mutable fields (title, attendees, note, app, start/end). Partial: only the fields you pass are written, " +
+            "others stay as-is. Use this to save an AI-generated summary into the meeting note — read the current note first via get-meeting " +
+            "and pass the existing notes plus your additions so you don't overwrite the user's writing. " +
+            "Convention: append AI-generated summary text under a `## Summary` heading at the bottom of the existing note.",
+        annotations: { title: "Update Meeting", readOnlyHint: false, destructiveHint: false, openWorldHint: false, idempotentHint: true },
+        inputSchema: {
+            type: "object",
+            properties: {
+                id: { type: "integer", description: "Meeting ID" },
+                title: { type: "string", description: "Meeting title" },
+                attendees: { type: "string", description: "Comma-separated attendee names" },
+                note: {
+                    type: "string",
+                    description: "Full new note body. To preserve existing notes, fetch them first via get-meeting and concatenate before passing.",
+                },
+                meeting_app: { type: "string", description: "App / source name (e.g. 'meet.google.com', 'manual')" },
+                meeting_start: { type: "string", description: "ISO 8601 start time (rarely needed)" },
+                meeting_end: { type: "string", description: "ISO 8601 end time (rarely needed)" },
+            },
+            required: ["id"],
+        },
+    },
     {
         name: "keyword-search",
         description: "Fast keyword search using FTS index. Faster than search-content for exact keyword matching. " +
@@ -1186,6 +1301,39 @@ server.setRequestHandler(types_js_1.CallToolRequestSchema, async (request) => {
                     content: [{ type: "text", text: JSON.stringify(meeting, null, 2) }],
                 };
             }
+            case "update-meeting": {
+                const meetingId = args.id;
+                if (!meetingId) {
+                    return { content: [{ type: "text", text: "Error: id is required" }] };
+                }
+                // Build partial body — only forward fields the caller provided.
+                const body = {};
+                for (const k of ["title", "attendees", "note", "meeting_app", "meeting_start", "meeting_end"]) {
+                    if (args[k] !== undefined && args[k] !== null)
+                        body[k] = args[k];
+                }
+                if (Object.keys(body).length === 0) {
+                    return {
+                        content: [
+                            {
+                                type: "text",
+                                text: "Error: pass at least one field to update (title, attendees, note, meeting_app, meeting_start, meeting_end).",
+                            },
+                        ],
+                    };
+                }
+                const response = await fetchAPI(`/meetings/${meetingId}`, {
+                    method: "PATCH",
+                    headers: { "Content-Type": "application/json" },
+                    body: JSON.stringify(body),
+                });
+                if (!response.ok)
+                    throw new Error(`HTTP error: ${response.status}`);
+                const updated = await response.json();
+                return {
+                    content: [{ type: "text", text: JSON.stringify(updated, null, 2) }],
+                };
+            }
             case "keyword-search": {
                 const params = new URLSearchParams();
                 for (const [key, value] of Object.entries(args)) {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "screenpipe-mcp",
-  "version": "0.17.0",
+  "version": "0.18.1",
   "description": "MCP server for screenpipe - search your screen recordings and audio transcriptions",
   "main": "dist/index.js",
   "bin": {

package/src/index.ts CHANGED Viewed

@@ -28,33 +28,66 @@ for (let i = 0; i < args.length; i++) {
 const SCREENPIPE_API = `http://localhost:${port}`;
-// Discover API key: env var > db.sqlite direct read > npx fallbacks
+// Discover the local API key, in priority order:
+//
+//   1. env vars set by the launcher (Claude Desktop config, terminal, etc.)
+//   2. direct sqlite3 read of ~/.screenpipe/db.sqlite (plaintext entries only —
+//      encrypted ones need keychain, handled by 3+)
+//   3. bundled `bun` shipped with the desktop app → `bun x screenpipe@latest auth token`
+//      this is the kill-shot for Claude-Desktop-via-MCP: Claude strips PATH so
+//      `npx` and `sqlite3` lookups fail, but the desktop app's bundled bun is
+//      at a deterministic path. We invoke it with an absolute path, which
+//      then runs the screenpipe CLI's `auth token` command — which goes
+//      through `find_api_auth_key` (handles the encrypted-secret-store case).
+//   4. node-adjacent npx (legacy fallback for users without the desktop app)
+//   5. PATH-based npx (very last resort)
+//
+// If all 5 miss we log a loud stderr warning so it surfaces in the host's
+// MCP log instead of the user just seeing 403s with no explanation.
 function discoverApiKey(): string {
   const envKey = process.env.SCREENPIPE_LOCAL_API_KEY || process.env.SCREENPIPE_API_KEY;
   if (envKey) return envKey;
+  // eslint-disable-next-line @typescript-eslint/no-var-requires
   const os = require("os");
+  // eslint-disable-next-line @typescript-eslint/no-var-requires
   const path = require("path");
+  // eslint-disable-next-line @typescript-eslint/no-var-requires
   const fs = require("fs");
+  // eslint-disable-next-line @typescript-eslint/no-var-requires
   const { execFileSync, execSync } = require("child_process");
-  // Read api_auth_key directly from ~/.screenpipe/db.sqlite.
-  // The key may be stored as plaintext base64 (nonce=zeros, keychain unavailable)
-  // or encrypted (non-zero nonce, keychain was available at write time).
-  // If plaintext: decode and return. If encrypted: skip, fall through to CLI.
+  // Common absolute paths for `sqlite3`. Claude Desktop's MCP launcher
+  // strips PATH so the bare command name `sqlite3` would fail spawn
+  // even though `/usr/bin/sqlite3` is always present on macOS. Try the
+  // bare name first (cheap; works on dev machines with a normal shell)
+  // then walk known absolute paths.
+  const sqliteCandidates: string[] =
+    process.platform === "win32"
+      ? ["sqlite3.exe", "C\\:Windows\\System32\\sqlite3.exe"]
+      : process.platform === "darwin"
+      ? ["sqlite3", "/usr/bin/sqlite3", "/opt/homebrew/bin/sqlite3", "/usr/local/bin/sqlite3"]
+      : ["sqlite3", "/usr/bin/sqlite3", "/usr/local/bin/sqlite3"];
+  // 2. Direct sqlite3 read of the secret store. Only succeeds for
+  //    plaintext entries (nonce all zeros). Encrypted entries fall
+  //    through to the CLI path which can decrypt via keychain.
   try {
     const dbPath = path.join(os.homedir(), ".screenpipe", "db.sqlite");
     if (fs.existsSync(dbPath)) {
-      const sqliteBin = process.platform === "win32" ? "sqlite3.exe" : "sqlite3";
-      // Check nonce — all zeros means plaintext base64, non-zero means encrypted
-      const row = execFileSync(sqliteBin, [
-        dbPath,
-        "SELECT hex(nonce), value FROM secrets WHERE key = 'api_auth_key';",
-      ], {
-        timeout: 5000,
-        encoding: "utf-8",
-        stdio: ["pipe", "pipe", "pipe"],
-      }).trim();
+      let row: string | null = null;
+      for (const candidate of sqliteCandidates) {
+        try {
+          row = execFileSync(
+            candidate,
+            [dbPath, "SELECT hex(nonce), value FROM secrets WHERE key = 'api_auth_key';"],
+            { timeout: 5000, encoding: "utf-8", stdio: ["pipe", "pipe", "pipe"] },
+          ).trim();
+          break;
+        } catch {
+          // try next candidate
+        }
+      }
       if (row) {
         const sepIdx = row.indexOf("|");
         const nonceHex = sepIdx >= 0 ? row.substring(0, sepIdx) : "";
@@ -65,32 +98,96 @@ function discoverApiKey(): string {
           if (decoded && decoded.startsWith("sp-")) return decoded;
           if (value.startsWith("sp-")) return value;
         }
-        // Non-zero nonce = encrypted — fall through to CLI which can decrypt via keychain
+        // Non-zero nonce = encrypted — fall through to bun/npx which decrypt via keychain.
       }
     }
   } catch {}
-  // Fallback: use the current Node binary to find npx (no PATH dependency)
+  // 3. Bundled `bun` shipped with the desktop app. The Tauri externalBin
+  //    config (apps/screenpipe-app-tauri/src-tauri/tauri.prod.conf.json)
+  //    places it next to the main app executable; on each OS the install
+  //    path is deterministic so we don't need PATH or current_exe — both
+  //    of which Claude Desktop's MCP launcher rolls back.
+  const home = os.homedir();
+  const bunCandidates: string[] =
+    process.platform === "darwin"
+      ? [
+          // Standard system-wide install
+          "/Applications/screenpipe.app/Contents/MacOS/bun",
+          // Per-user install
+          path.join(home, "Applications", "screenpipe.app", "Contents", "MacOS", "bun"),
+        ]
+      : process.platform === "win32"
+      ? [
+          // NSIS per-user (default on Windows)
+          path.join(home, "AppData", "Local", "screenpipe", "bun.exe"),
+          // Per-user under "screenpipe-app" (older builds)
+          path.join(home, "AppData", "Local", "screenpipe-app", "bun.exe"),
+          // System-wide install
+          "C:\\Program Files\\screenpipe\\bun.exe",
+        ]
+      : [
+          // Linux .deb
+          "/opt/screenpipe/bun",
+          "/usr/lib/screenpipe/bun",
+          "/usr/bin/bun",
+        ];
+  for (const bunPath of bunCandidates) {
+    if (!fs.existsSync(bunPath)) continue;
+    try {
+      const token = execFileSync(bunPath, ["x", "screenpipe@latest", "auth", "token"], {
+        timeout: 30000, // first run downloads the package; subsequent runs are cached
+        encoding: "utf-8",
+        stdio: ["pipe", "pipe", "pipe"],
+      }).trim();
+      if (token && token.startsWith("sp-")) return token;
+    } catch {
+      // try next candidate
+    }
+  }
+  // 4. npx adjacent to the running node — works in dev environments
+  //    where the user installed @screenpipe/mcp via npx without the
+  //    desktop app.
   try {
-    const npxPath = path.join(path.dirname(process.execPath), "npx");
-    const token = execFileSync(npxPath, ["screenpipe@latest", "auth", "token"], {
-      timeout: 15000,
-      encoding: "utf-8",
-      stdio: ["pipe", "pipe", "pipe"],
-    }).trim();
-    if (token) return token;
+    const npxName = process.platform === "win32" ? "npx.cmd" : "npx";
+    const npxPath = path.join(path.dirname(process.execPath), npxName);
+    if (fs.existsSync(npxPath)) {
+      const token = execFileSync(npxPath, ["screenpipe@latest", "auth", "token"], {
+        timeout: 30000,
+        encoding: "utf-8",
+        stdio: ["pipe", "pipe", "pipe"],
+      }).trim();
+      if (token && token.startsWith("sp-")) return token;
+    }
   } catch {}
-  // Last resort: npx on PATH
+  // 5. PATH-based npx — last-ditch. Will fail under Claude Desktop's
+  //    sanitized env; useful only on raw shells.
   try {
     const token = execSync("npx screenpipe@latest auth token", {
-      timeout: 15000,
+      timeout: 30000,
       encoding: "utf-8",
       stdio: ["pipe", "pipe", "pipe"],
     }).trim();
-    if (token) return token;
+    if (token && token.startsWith("sp-")) return token;
   } catch {}
+  // All five paths missed. Log loudly to stderr so the host's MCP
+  // panel surfaces this instead of the user seeing cryptic 403s from
+  // the screenpipe server on every tool call.
+  process.stderr.write(
+    [
+      "[screenpipe-mcp] could not discover SCREENPIPE_LOCAL_API_KEY from any source.",
+      "  - env vars (SCREENPIPE_LOCAL_API_KEY / SCREENPIPE_API_KEY) not set",
+      "  - direct sqlite3 read of ~/.screenpipe/db.sqlite failed",
+      "  - bundled `bun` from screenpipe.app not found at any known install path",
+      "  - npx fallback unavailable",
+      "Fix: set SCREENPIPE_LOCAL_API_KEY in your MCP launcher's env block,",
+      "or install the screenpipe desktop app (https://screenpi.pe).",
+      "",
+    ].join("\n"),
+  );
   return "";
 }
@@ -426,6 +523,32 @@ const TOOLS: Tool[] = [
       required: ["id"],
     },
   },
+  {
+    name: "update-meeting",
+    description:
+      "Update a meeting's mutable fields (title, attendees, note, app, start/end). Partial: only the fields you pass are written, " +
+      "others stay as-is. Use this to save an AI-generated summary into the meeting note — read the current note first via get-meeting " +
+      "and pass the existing notes plus your additions so you don't overwrite the user's writing. " +
+      "Convention: append AI-generated summary text under a `## Summary` heading at the bottom of the existing note.",
+    annotations: { title: "Update Meeting", readOnlyHint: false, destructiveHint: false, openWorldHint: false, idempotentHint: true },
+    inputSchema: {
+      type: "object",
+      properties: {
+        id: { type: "integer", description: "Meeting ID" },
+        title: { type: "string", description: "Meeting title" },
+        attendees: { type: "string", description: "Comma-separated attendee names" },
+        note: {
+          type: "string",
+          description:
+            "Full new note body. To preserve existing notes, fetch them first via get-meeting and concatenate before passing.",
+        },
+        meeting_app: { type: "string", description: "App / source name (e.g. 'meet.google.com', 'manual')" },
+        meeting_start: { type: "string", description: "ISO 8601 start time (rarely needed)" },
+        meeting_end: { type: "string", description: "ISO 8601 end time (rarely needed)" },
+      },
+      required: ["id"],
+    },
+  },
   {
     name: "keyword-search",
     description:
@@ -1296,6 +1419,38 @@ server.setRequestHandler(CallToolRequestSchema, async (request) => {
         };
       }
+      case "update-meeting": {
+        const meetingId = args.id as number;
+        if (!meetingId) {
+          return { content: [{ type: "text", text: "Error: id is required" }] };
+        }
+        // Build partial body — only forward fields the caller provided.
+        const body: Record<string, unknown> = {};
+        for (const k of ["title", "attendees", "note", "meeting_app", "meeting_start", "meeting_end"] as const) {
+          if (args[k] !== undefined && args[k] !== null) body[k] = args[k];
+        }
+        if (Object.keys(body).length === 0) {
+          return {
+            content: [
+              {
+                type: "text",
+                text: "Error: pass at least one field to update (title, attendees, note, meeting_app, meeting_start, meeting_end).",
+              },
+            ],
+          };
+        }
+        const response = await fetchAPI(`/meetings/${meetingId}`, {
+          method: "PATCH",
+          headers: { "Content-Type": "application/json" },
+          body: JSON.stringify(body),
+        });
+        if (!response.ok) throw new Error(`HTTP error: ${response.status}`);
+        const updated = await response.json();
+        return {
+          content: [{ type: "text", text: JSON.stringify(updated, null, 2) }],
+        };
+      }
       case "keyword-search": {
         const params = new URLSearchParams();
         for (const [key, value] of Object.entries(args)) {