npm - ssh-mcp-pro - Versions diffs - 1.0.0 → 1.1.3 - Mend

ssh-mcp-pro 1.0.0 → 1.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (66) hide show

package/ARCHITECTURE.md +1 -1
package/CHANGELOG.md +71 -0
package/LICENSES/MIT.txt +1 -1
package/README.md +38 -1
package/SUPPORT.md +95 -0
package/dist/agent-bin.js +0 -0
package/dist/config-parsers.d.ts +12 -0
package/dist/config-parsers.d.ts.map +1 -0
package/dist/config-parsers.js +60 -0
package/dist/config-parsers.js.map +1 -0
package/dist/config.d.ts +3 -2
package/dist/config.d.ts.map +1 -1
package/dist/config.js +3 -58
package/dist/config.js.map +1 -1
package/dist/ensure-pkg.d.ts +9 -0
package/dist/ensure-pkg.d.ts.map +1 -0
package/dist/ensure-pkg.js +105 -0
package/dist/ensure-pkg.js.map +1 -0
package/dist/ensure.d.ts.map +1 -1
package/dist/ensure.js +2 -104
package/dist/ensure.js.map +1 -1
package/dist/fs-sftp.d.ts +58 -0
package/dist/fs-sftp.d.ts.map +1 -0
package/dist/fs-sftp.js +184 -0
package/dist/fs-sftp.js.map +1 -0
package/dist/fs-tools.d.ts.map +1 -1
package/dist/fs-tools.js +2 -144
package/dist/fs-tools.js.map +1 -1
package/dist/index.js +0 -0
package/dist/mcp.d.ts +1 -1
package/dist/mcp.js +1 -1
package/dist/remote/agent-executor.d.ts.map +1 -1
package/dist/remote/agent-executor.js +16 -4
package/dist/remote/agent-executor.js.map +1 -1
package/dist/remote/agent-handler.d.ts +36 -0
package/dist/remote/agent-handler.d.ts.map +1 -0
package/dist/remote/agent-handler.js +255 -0
package/dist/remote/agent-handler.js.map +1 -0
package/dist/remote/control-plane.d.ts +4 -17
package/dist/remote/control-plane.d.ts.map +1 -1
package/dist/remote/control-plane.js +24 -651
package/dist/remote/control-plane.js.map +1 -1
package/dist/remote/http-util.d.ts +29 -0
package/dist/remote/http-util.d.ts.map +1 -0
package/dist/remote/http-util.js +159 -0
package/dist/remote/http-util.js.map +1 -0
package/dist/remote/oauth-handler.d.ts +47 -0
package/dist/remote/oauth-handler.d.ts.map +1 -0
package/dist/remote/oauth-handler.js +296 -0
package/dist/remote/oauth-handler.js.map +1 -0
package/dist/session-auth.d.ts +39 -0
package/dist/session-auth.d.ts.map +1 -0
package/dist/session-auth.js +148 -0
package/dist/session-auth.js.map +1 -0
package/dist/session.d.ts +0 -19
package/dist/session.d.ts.map +1 -1
package/dist/session.js +8 -154
package/dist/session.js.map +1 -1
package/docs/audit/2026-06-05-ecosystem-audit.md +146 -0
package/docs/docker.md +39 -0
package/docs/governance/issue-taxonomy.json +141 -0
package/docs/testing.md +50 -0
package/mcp.json +1 -1
package/package.json +80 -71
package/registry/ssh-mcp-pro/mcp.json +1 -1
package/server.json +3 -3

package/docs/testing.md ADDED Viewed

@@ -0,0 +1,50 @@
+# Testing
+## Mutation testing
+Mutation testing is configured for policy-critical security surfaces only. The
+line-range allowlist lives in `stryker.conf.mjs` and covers the allow/deny
+branches in `src/policy.ts`, `src/safety.ts`, `src/config.ts`,
+`src/session.ts`, `src/http-security.ts`, and the auth and remote control-plane
+policy modules. Whole-file mutation targets are intentionally avoided so the
+scheduled gate stays bounded. Stryker uses `vitest.mutation.config.ts` so the
+advisory gate runs only unit-level security regression tests and does not
+require integration, E2E, or performance fixtures. Static file-load mutants are
+ignored with Stryker's `ignoreStatic` setting to keep the scheduled gate runtime
+predictable while the mutation score is advisory.
+The CI mutation job is advisory while the score is calibrated. It runs on
+`schedule` and `workflow_dispatch`, uses `continue-on-error: true`, and uploads
+`reports/mutation` for review.
+Promotion criteria:
+- Keep the mutation allowlist focused on policy-critical modules until runtime
+  is stable.
+- Reach and hold the 80% high-score target for at least three scheduled runs.
+- Investigate surviving mutants in root login denial, strict host-key mode,
+  destructive command denial, raw sudo denial, tunnel bind-host denial, and path
+  policy denial before raising the gate.
+- Promote by removing `continue-on-error`, setting a non-null
+  `thresholds.break`, and adding the job to required branch protection only
+  after the score is stable.
+Local validation on Linux/macOS:
+```bash
+pnpm run test:coverage
+pnpm run test:integration
+pnpm run test:e2e
+pnpm run test:perf
+pnpm run test:mutation
+```
+Windows 11 PowerShell validation:
+```powershell
+pnpm run test:coverage
+pnpm run test:integration:windows
+pnpm run test:e2e
+pnpm run test:perf
+pnpm run test:mutation
+```

package/mcp.json CHANGED Viewed

@@ -2,7 +2,7 @@
   "name": "ssh-mcp-pro",
   "display_name": "ssh-mcp-pro",
   "description": "Secure MCP SSH automation server with policy controls, resources, prompts, stdio, and HTTP.",
-  "version": "1.0.0",
+  "version": "1.1.3",
   "author": "Osman Aslan",
   "license": "MIT",
   "runtime": "node",

package/package.json CHANGED Viewed

@@ -1,10 +1,9 @@
 {
   "name": "ssh-mcp-pro",
-  "version": "1.0.0",
+  "version": "1.1.3",
   "mcpName": "io.github.oaslananka/ssh-mcp-pro",
   "description": "Model Context Protocol (MCP) SSH client server for remote automation",
   "type": "module",
-  "packageManager": "pnpm@11.0.9",
   "main": "dist/index.js",
   "exports": "./dist/index.js",
   "types": "dist/index.d.ts",
@@ -20,9 +19,11 @@
     "mcp.json",
     "server.json",
     "README.md",
+    "CHANGELOG.md",
     "LICENSE",
     "LICENSES/MIT.txt",
     "SECURITY.md",
+    "SUPPORT.md",
     "REGISTRY_SUBMISSION.md",
     "registry"
   ],
@@ -30,11 +31,70 @@
     "ssh-mcp-pro": "dist/index.js",
     "ssh-mcp-pro-agent": "dist/agent-bin.js"
   },
+  "keywords": [
+    "mcp",
+    "ssh",
+    "copilot",
+    "automation",
+    "remote",
+    "model-context-protocol",
+    "github-copilot",
+    "ssh-client",
+    "devops",
+    "infrastructure"
+  ],
+  "author": "Osman Aslan <oaslananka>",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/oaslananka/ssh-mcp-pro.git"
+  },
+  "homepage": "https://github.com/oaslananka/ssh-mcp-pro#readme",
+  "bugs": {
+    "url": "https://github.com/oaslananka/ssh-mcp-pro/issues"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "engines": {
+    "node": ">=22.22.2",
+    "pnpm": "^11.5.1"
+  },
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.29.0",
+    "@opentelemetry/api": "^1.9.1",
+    "@opentelemetry/exporter-trace-otlp-http": "^0.218.0",
+    "@opentelemetry/resources": "^2.7.1",
+    "@opentelemetry/sdk-node": "^0.218.0",
+    "@opentelemetry/semantic-conventions": "^1.41.1",
+    "jose": "6.2.3",
+    "node-ssh": "^13.2.1",
+    "zod": "^4.4.3"
+  },
+  "devDependencies": {
+    "@stryker-mutator/core": "9.6.1",
+    "@stryker-mutator/typescript-checker": "9.6.1",
+    "@stryker-mutator/vitest-runner": "9.6.1",
+    "@types/node": "^24.13.1",
+    "@types/ssh2": "^1.15.5",
+    "@typescript-eslint/eslint-plugin": "^8.61.0",
+    "@typescript-eslint/parser": "^8.61.0",
+    "@vitest/coverage-v8": "^4.1.8",
+    "ajv": "^8.20.0",
+    "autocannon": "^7.15.0",
+    "dependency-cruiser": "^17.4.3",
+    "eslint": "^10.4.1",
+    "fast-check": "^4.8.0",
+    "knip": "^6.16.1",
+    "prettier": "^3.8.4",
+    "typedoc": "0.28.19",
+    "typescript": "^6.0.3",
+    "vite": "^7.3.5",
+    "vitest": "^4.1.8"
+  },
   "scripts": {
     "build": "tsc -p tsconfig.json",
     "dev": "tsc -p tsconfig.json -w",
-    "dev:control-plane": "pnpm run build && node scripts/dev-control-plane.mjs",
-    "dev:agent": "pnpm run build && node scripts/dev-agent.mjs",
     "typecheck": "tsc --noEmit -p tsconfig.json",
     "test": "vitest run --project unit --reporter=default --reporter=junit",
     "test:coverage": "vitest run --coverage --project unit --project integration --project e2e",
@@ -43,15 +103,14 @@
     "test:e2e": "vitest run --project e2e",
     "test:perf": "vitest run --project perf",
     "test:perf:baseline": "WRITE_BASELINE=true pnpm run test:perf",
-    "lint": "eslint \"src/**/*.ts\" \"test/**/*.ts\" \"vitest.config.ts\"",
-    "lint:fix": "eslint \"src/**/*.ts\" \"test/**/*.ts\" \"vitest.config.ts\" --fix",
+    "test:mutation": "stryker run",
+    "test:mutation:ci": "stryker run",
+    "lint": "eslint \"src/**/*.ts\" \"test/**/*.ts\" \"vitest.config.ts\" \"vitest.mutation.config.ts\"",
+    "lint:fix": "eslint \"src/**/*.ts\" \"test/**/*.ts\" \"vitest.config.ts\" \"vitest.mutation.config.ts\" --fix",
     "lint:staged": "node scripts/run-staged-checks.mjs --lint-only",
-    "format": "prettier --write \"src/**/*.ts\" \"test/**/*.ts\" \"scripts/**/*.{mjs,cjs}\" \".github/workflows/*.{yml,yaml}\" \"vitest.config.ts\"",
-    "format:check": "prettier --check \"src/**/*.ts\" \"test/**/*.ts\" \"scripts/**/*.{mjs,cjs}\" \".github/workflows/*.{yml,yaml}\" \"vitest.config.ts\"",
+    "format": "prettier --write \"src/**/*.ts\" \"test/**/*.ts\" \"scripts/**/*.{mjs,cjs}\" \"docs/**/*.md\" \".github/workflows/*.{yml,yaml}\" \"stryker.conf.mjs\" \"vitest.config.ts\" \"vitest.mutation.config.ts\"",
+    "format:check": "prettier --check \"src/**/*.ts\" \"test/**/*.ts\" \"scripts/**/*.{mjs,cjs}\" \"docs/**/*.md\" \".github/workflows/*.{yml,yaml}\" \"stryker.conf.mjs\" \"vitest.config.ts\" \"vitest.mutation.config.ts\"",
     "format:staged": "node scripts/run-staged-checks.mjs",
-    "prepare": "node scripts/setup-git-hooks.mjs",
-    "prepack": "pnpm run build && pnpm run sync-version -- --check && pnpm run validate:mcp-metadata && pnpm run validate:chatgpt-app && pnpm run validate:claude-connector",
-    "prepublishOnly": "pnpm run check",
     "docker:ssh-fixture:up": "node scripts/docker-ssh-fixture.mjs up",
     "docker:ssh-fixture:down": "node scripts/docker-ssh-fixture.mjs down",
     "e2e:docker": "node scripts/docker-ssh-fixture.mjs run e2e",
@@ -59,27 +118,33 @@
     "docs": "pnpm exec typedoc --options typedoc.json",
     "docs:check": "pnpm exec typedoc --options typedoc.json --treatWarningsAsErrors",
     "start:http": "node dist/render-http.js",
-    "setup:chatgpt": "node scripts/setup-chatgpt.mjs",
     "sync-version": "node scripts/sync-version.mjs",
     "validate:mcp-metadata": "node scripts/validate-mcp-metadata.mjs",
     "validate:mcp-registry": "node scripts/check-mcp-registry-record.mjs",
     "validate:chatgpt-app": "node scripts/validate-chatgpt-app.mjs",
     "validate:claude-connector": "node scripts/validate-claude-connector.mjs",
     "check:doc-language": "node scripts/check-doc-language.mjs",
+    "check:package-scripts": "node scripts/check-package-scripts.mjs",
+    "check:freshness": "node scripts/check-dependency-freshness.mjs --json artifacts/dependency-freshness.json --markdown artifacts/dependency-freshness.md",
     "check:rulesets": "node scripts/check-rulesets.mjs",
-    "reuse:lint": "reuse lint",
     "lint:commits": "node scripts/lint-commits.mjs",
     "lint:pr-title": "node scripts/lint-pr-title.mjs",
     "test:pr-title-lint": "node scripts/test-pr-title-lint.mjs",
     "verify:actions-runtime": "node scripts/verify-actions-runtime.mjs",
+    "check:governance": "node scripts/check-governance.mjs",
     "review:threads": "node scripts/check-review-threads.mjs",
     "release:state": "node scripts/release-state.mjs",
     "check:npm-name": "node scripts/check-npm-name.mjs ssh-mcp-pro",
     "audit": "pnpm audit --audit-level moderate",
     "licenses:check": "node scripts/check-licenses.mjs",
+    "reuse:lint": "reuse lint",
     "pack:check": "node scripts/check-package-contents.mjs",
     "pack:install-smoke": "node scripts/check-package-install-smoke.mjs",
-    "check:quality": "pnpm run format:check && pnpm run check:doc-language && pnpm run check:rulesets && pnpm run verify:actions-runtime && pnpm run lint && pnpm run typecheck && pnpm run audit && pnpm run licenses:check",
+    "check:knip": "knip -c knip.jsonc --reporter compact || true",
+    "check:circular": "depcruise src --config .dependency-cruiser.mjs || true",
+    "check:module-size": "node scripts/check-module-size.mjs",
+    "check:maintainability": "pnpm run check:module-size && pnpm run check:circular && pnpm run check:knip",
+    "check:quality": "pnpm run format:check && pnpm run check:doc-language && pnpm run check:package-scripts && pnpm run check:rulesets && pnpm run verify:actions-runtime && pnpm run lint && pnpm run typecheck && pnpm run audit && pnpm run licenses:check",
     "check:package": "pnpm run build && pnpm run sync-version -- --check && pnpm run validate:mcp-metadata && pnpm run validate:chatgpt-app && pnpm run validate:claude-connector && pnpm run docs:check && pnpm run pack:check && pnpm run pack:install-smoke",
     "check:push": "pnpm run format:check && pnpm run lint && pnpm run typecheck && pnpm test",
     "check": "pnpm run check:quality && pnpm run test:coverage && pnpm run check:package",
@@ -87,61 +152,5 @@
     "hook:pre-push": "pnpm run check:push",
     "release:dry-run": "node scripts/validate-release-please.mjs && node scripts/release-state.mjs --offline --json && pnpm run check:package",
     "sbom": "node scripts/generate-sbom.mjs"
-  },
-  "keywords": [
-    "mcp",
-    "ssh",
-    "copilot",
-    "automation",
-    "remote",
-    "model-context-protocol",
-    "github-copilot",
-    "ssh-client",
-    "devops",
-    "infrastructure"
-  ],
-  "author": "Osman Aslan <oaslananka>",
-  "license": "MIT",
-  "repository": {
-    "type": "git",
-    "url": "git+https://github.com/oaslananka/ssh-mcp-pro.git"
-  },
-  "homepage": "https://github.com/oaslananka/ssh-mcp-pro#readme",
-  "bugs": {
-    "url": "https://github.com/oaslananka/ssh-mcp-pro/issues"
-  },
-  "publishConfig": {
-    "access": "public"
-  },
-  "engines": {
-    "node": "^22.22.2 || ^24.15.0",
-    "pnpm": "^11.0.9"
-  },
-  "dependencies": {
-    "@modelcontextprotocol/sdk": "^1.29.0",
-    "@opentelemetry/api": "^1.9.1",
-    "@opentelemetry/exporter-trace-otlp-http": "^0.218.0",
-    "@opentelemetry/resources": "^2.7.1",
-    "@opentelemetry/sdk-node": "^0.218.0",
-    "@opentelemetry/semantic-conventions": "^1.41.1",
-    "jose": "6.2.3",
-    "node-ssh": "^13.2.1",
-    "zod": "^4.4.3"
-  },
-  "devDependencies": {
-    "@types/node": "^24.12.4",
-    "@types/ssh2": "^1.15.5",
-    "@typescript-eslint/eslint-plugin": "^8.59.4",
-    "@typescript-eslint/parser": "^8.59.4",
-    "@vitest/coverage-v8": "^4.1.7",
-    "ajv": "^8.20.0",
-    "autocannon": "^7.15.0",
-    "eslint": "^9.39.4",
-    "fast-check": "^4.8.0",
-    "prettier": "^3.8.3",
-    "typedoc": "0.28.19",
-    "typescript": "^5.9.3",
-    "vite": "^7.3.3",
-    "vitest": "^4.1.7"
   }
-}
+}

package/registry/ssh-mcp-pro/mcp.json CHANGED Viewed

@@ -2,7 +2,7 @@
   "name": "ssh-mcp-pro",
   "display_name": "ssh-mcp-pro",
   "description": "Secure MCP SSH automation server with policy controls, resources, prompts, stdio, and HTTP.",
-  "version": "1.0.0",
+  "version": "1.1.3",
   "author": "Osman Aslan",
   "license": "MIT",
   "runtime": "node",

package/server.json CHANGED Viewed

@@ -7,13 +7,13 @@
     "url": "https://github.com/oaslananka/ssh-mcp-pro",
     "source": "github"
   },
-  "version": "1.0.0",
+  "version": "1.1.3",
   "packages": [
     {
       "registryType": "npm",
       "registryBaseUrl": "https://registry.npmjs.org",
       "identifier": "ssh-mcp-pro",
-      "version": "1.0.0",
+      "version": "1.1.3",
       "transport": {
         "type": "stdio"
       }
@@ -22,7 +22,7 @@
       "registryType": "npm",
       "registryBaseUrl": "https://registry.npmjs.org",
       "identifier": "ssh-mcp-pro",
-      "version": "1.0.0",
+      "version": "1.1.3",
       "runtimeHint": "npx",
       "transport": {
         "type": "streamable-http",