stuf-mcp 1.0.0 → 2.0.0

package/README.md

@@ -78,4 +78,4 @@ You can also configure via environment variables (skips pairing):
 
 ## License
 
-MIT
+AGPL-3.0

package/crypto.js

@@ -12,8 +12,9 @@ export async function setEncryptionKey(base64Key) {
 export async function encrypt(data) {
   if (!encryptionKey) throw new Error('Encryption key not set');
   const iv = crypto.getRandomValues(new Uint8Array(12));
-  const encoded = new TextEncoder().encode(JSON.stringify(data));
-  const ciphertext = await crypto.subtle.encrypt({ name: 'AES-GCM', iv }, encryptionKey, encoded);
+  // data is Uint8Array or Array — encrypt raw bytes
+  const input = data instanceof Uint8Array ? data : new Uint8Array(data);
+  const ciphertext = await crypto.subtle.encrypt({ name: 'AES-GCM', iv }, encryptionKey, input);
   const combined = new Uint8Array(iv.length + ciphertext.byteLength);
   combined.set(iv);
   combined.set(new Uint8Array(ciphertext), iv.length);
@@ -26,5 +27,5 @@ export async function decrypt(base64Data) {
   const iv = combined.slice(0, 12);
   const ciphertext = combined.slice(12);
   const decrypted = await crypto.subtle.decrypt({ name: 'AES-GCM', iv }, encryptionKey, ciphertext);
-  return JSON.parse(new TextDecoder().decode(decrypted));
+  return new Uint8Array(decrypted);
 }

package/index.js

@@ -165,7 +165,7 @@ server.tool('delete_task', 'Delete a task', {
 
   const taskName = doc.todos[idx].name;
   await applyAndPush(d => {
-    d.todos.deleteAt(idx);
+    d.todos.splice(idx, 1);
   });
 
   return { content: [{ type: 'text', text: `Deleted: ${taskName}` }] };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "stuf-mcp",
-  "version": "1.0.0",
+  "version": "2.0.0",
   "type": "module",
   "description": "MCP server for stuf — AI-powered task management",
   "main": "index.js",
@@ -26,14 +26,14 @@
     "claude"
   ],
   "author": "asbjornenge",
-  "license": "MIT",
+  "license": "AGPL-3.0",
   "repository": {
     "type": "git",
     "url": "https://github.com/asbjornenge/stuf"
   },
   "dependencies": {
     "@modelcontextprotocol/sdk": "^1.0.0",
-    "automerge": "^0.14.2",
+    "@automerge/automerge": "^3.0.0",
     "ws": "^8.18.0"
   }
 }

package/sync.js

@@ -1,4 +1,4 @@
-import Automerge from 'automerge';
+import * as Automerge from '@automerge/automerge';
 import WebSocket from 'ws';
 import { encrypt, decrypt } from './crypto.js';
 
@@ -35,7 +35,7 @@ export async function pullChanges() {
   for (const { data } of changes) {
     try {
       const change = await decrypt(data);
-      doc = Automerge.applyChanges(doc, [change]);
+      [doc] = Automerge.applyChanges(doc, [change]);
     } catch (err) {
       console.warn(`Failed to apply change: ${err.message}`);
     }
@@ -53,8 +53,7 @@ export async function pullSnapshot() {
   const { data, seq } = await res.json();
   if (data) {
     const decrypted = await decrypt(data);
-    const bytes = new Uint8Array(decrypted);
-    doc = Automerge.load(bytes);
+    doc = Automerge.load(decrypted);
     lastSeq = seq || 0;
   }
   return doc;
@@ -63,11 +62,11 @@ export async function pullSnapshot() {
 export async function pushChanges(oldDoc, newDoc) {
   const changes = Automerge.getChanges(oldDoc, newDoc);
   if (changes.length === 0) return;
-  const encrypted = await Promise.all(changes.map(c => encrypt(c)));
+  const encrypted = await Promise.all(changes.map(c => encrypt(Array.from(c))));
   const res = await fetch(`${serverUrl}/api/changes`, {
     method: 'POST',
     headers: headers(),
-    body: JSON.stringify({ changes: encrypted })
+    body: JSON.stringify({ changes: encrypted, formatVersion: 3 })
   });
   if (!res.ok) throw new Error(`Push failed: ${res.status} ${await res.text()}`);
   const { lastSeq: newSeq } = await res.json();