npm - sunpeak - Versions diffs - 0.16.1 → 0.16.2 - Mend

sunpeak 0.16.1 → 0.16.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (47) hide show

package/README.md +2 -1
package/bin/commands/build.mjs +106 -2
package/bin/commands/dev.mjs +104 -8
package/bin/commands/start.mjs +215 -0
package/bin/sunpeak.js +11 -1
package/dist/chatgpt/index.cjs +2 -2
package/dist/chatgpt/index.js +2 -2
package/dist/claude/index.cjs +1 -1
package/dist/claude/index.js +1 -1
package/dist/{index-BvQ_ZuOO.cjs → index-Bll1bszc.cjs} +2 -2
package/dist/{index-BvQ_ZuOO.cjs.map → index-Bll1bszc.cjs.map} +1 -1
package/dist/{index-CTGEqlgk.js → index-CACtnwu2.js} +2 -2
package/dist/{index-CTGEqlgk.js.map → index-CACtnwu2.js.map} +1 -1
package/dist/{index-BjnAsaqp.js → index-CLcr8IyR.js} +2 -2
package/dist/index-CLcr8IyR.js.map +1 -0
package/dist/{index-C9CVbGFt.cjs → index-CaQmwZJc.cjs} +2 -2
package/dist/index-CaQmwZJc.cjs.map +1 -0
package/dist/index.cjs +5 -5
package/dist/index.js +6 -6
package/dist/mcp/index.cjs +1579 -3
package/dist/mcp/index.cjs.map +1 -1
package/dist/mcp/index.d.ts +2 -0
package/dist/mcp/index.js +1580 -4
package/dist/mcp/index.js.map +1 -1
package/dist/mcp/production-server.d.ts +156 -0
package/dist/platform/chatgpt/index.cjs +1 -1
package/dist/platform/chatgpt/index.js +1 -1
package/dist/{protocol-DFbsCx7E.js → protocol-BD5jDQEx.js} +8 -1
package/dist/{protocol-DFbsCx7E.js.map → protocol-BD5jDQEx.js.map} +1 -1
package/dist/{protocol-CL4_Npj5.cjs → protocol-BOjXuK6l.cjs} +8 -1
package/dist/{protocol-CL4_Npj5.cjs.map → protocol-BOjXuK6l.cjs.map} +1 -1
package/dist/simulator/index.cjs +1 -1
package/dist/simulator/index.js +1 -1
package/dist/{simulator-C0H_k092.js → simulator-B7rw83zP.js} +2 -2
package/dist/{simulator-C0H_k092.js.map → simulator-B7rw83zP.js.map} +1 -1
package/dist/{simulator-B56j5P8W.cjs → simulator-DjZNa1MI.cjs} +2 -2
package/dist/{simulator-B56j5P8W.cjs.map → simulator-DjZNa1MI.cjs.map} +1 -1
package/dist/{use-app-BuufpXTQ.cjs → use-app-BpAJqzdE.cjs} +2 -2
package/dist/{use-app-BuufpXTQ.cjs.map → use-app-BpAJqzdE.cjs.map} +1 -1
package/dist/{use-app-BThbgFFT.js → use-app-WOUdh1PR.js} +2 -2
package/dist/{use-app-BThbgFFT.js.map → use-app-WOUdh1PR.js.map} +1 -1
package/package.json +1 -1
package/template/README.md +13 -12
package/template/package.json +1 -0
package/template/src/server.ts +7 -5
package/dist/index-BjnAsaqp.js.map +0 -1
package/dist/index-C9CVbGFt.cjs.map +0 -1

package/dist/mcp/index.cjs CHANGED Viewed

@@ -4,9 +4,14 @@ const node_http = require("node:http");
 const node_url = require("node:url");
 const fs = require("node:fs");
 const path = require("node:path");
-const protocol = require("../protocol-CL4_Npj5.cjs");
+const protocol = require("../protocol-BOjXuK6l.cjs");
 const zod = require("zod");
 const sse_js = require("@modelcontextprotocol/sdk/server/sse.js");
+const node_crypto = require("node:crypto");
+require("http");
+const http2 = require("http2");
+const stream = require("stream");
+const crypto$1 = require("crypto");
 const FAVICON_BASE64 = "iVBORw0KGgoAAAANSUhEUgAAAIAAAACACAYAAADDPmHLAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAOdEVYdFNvZnR3YXJlAEZpZ21hnrGWYwAAB3dJREFUeAHtnU9MFFccx78L/gPULkkTrESzok1ND7BGSWkvLgeSNj0IRxNT8aTpocDFHpqIeOm/g3BqPBUSTr0s3pr0wHJRG0xcOdVUcDEpkVbjVhG0SOnvN7AR11mYmS0zb+b3+ySTnZmdjZH3+f3eezPvzYvBFak48Keddpr4gDY6RgJKgCzngViWdmiLjQHVGSCTd/rrmLPLWlLA0gn6xzrpJ3EopjMIVPYBN3IbXbiBAFbE99JON5QwMriRCOsIYEX9j9AUH3ZytHUA41m7Lyvsf9PcRYU/Ci38KJCg7RbwgW0Wt8kAXPjoRwSJ1ywhvvMlbUvWfjG52W3Iz21B/lkloklFD/Dra2VbJEBzEpYt4SVR9wLJhgUk9rxAU8M87c9bBc7n3ZCb3b4iBMlwe7IG2clqZKeqrXPhprKV2gSZwtEaAVoSYUz7XLDtH+VxvPEJUo1zFNkvsZmwGNmpKoxN7EZmYpclRsjIAYtHqNdodRXXCNDMDb5OhIBU41Oc+PCxVfBuI/v/hoVgEYZ+edv6DAlUDYz38M6qAFb034PBJA/OW4Xe3fHnpke5Vwoy9A3Xh6CqWKkKVgUwN/o52ntP/WF9holCVhikzVAGKAt0kwBJutmz9TEMo7PtIRX8TOApvlw4K/QN7zVRBGoDLB4gAY7Svf2KNAwhKgVfjKEinCEBmrlf2IWACWuqdwuL0HHpkCm9hwG641H/JQLs+vENmR++mEb/ufsU9f8g6vA9iXOf/mX9X29P1QR902kHC8AZYAcCoJ1a9aPf30HL4TlIg3s13I39mwTgG0wB8ZyrgGX4DEf9ZYp4ru8VWO2CoLqOvguQPLiA9IXfI9fIKxduG7SeP+y7BL4KsNLQm4FSmp4r+3xtIAZSBSjmUAFFNCqAcFQA4agAwlEBhKMCCEcFEI4KIBwVQDgqgHBUAOFsQRnwkz2eeKEEB48lyE5WwSueBeARLfpYN3h4RNGBz5o8jyzyXAXw+D0t/OApDK7xiicBeDiTjuYxBy4Lr4NpPQmQvnAXillwRvaCawHYNk395sEZwEtWdi2ADukyFy9l40oAjX6z4bJxmwVcCaDRbz5uy8ixABr94YDLyE2PwLEAp9seQQkHbnoEjgTgu36pxidQwgFnAL5X4wRHAnjtYyrBwfMuneDoWcD07HaT33Sh2PDWziVH1+nMIOHoeADhqADCUQGEowIIRwUQjgogHBVAOCqAcFQA4agAwlEBhFPyYVB3x6ztujpK+OBJI/3pOtvvSj4MWv55HEp0iH3cbHvetgqI79TIjxqlsrm9AIYuyaJ4h5fLs8NWAAmvbZdGqayuvQAhuKICFDmoAMJRAYRjK0B+LqqLJyvF2AsQ2dWz5VJqJZISApT17ijFQPJz9mWqVYAQSmX1kqHec2W/PgyKCOtV6TozSDjaDRSOCiAcFUA4KoBwVADhqADCUQGEowIIRwUQjgogHBVAOI6e+/afve/4tWOKGfDz/77h+g2vcyQAjw/o6piFEh6cvtfRURUwci0OJVz0De91dJ0jAXhpsszEbijhIDOxi6qA7Y6uddwIdGqUEjxDLl7r61gAN1YpwZFz+V5nV91AzQLm47aMXAnAZmkWMJech7e6u74RpFnAXLyUjWsB2DDtEZhHzuOaDp5uBWsWMI+OS4fgBU8CcI9gSFcQMQaO/OxkNbzg+WFQ95X9OofQADj1l5ORy5oYwitTJRsWoARHdqrKc/QzOjNIODoeQDgqgHBUAOGoAMJRAYSjAghHBRCOCiAcFUA4KoBwVADh+PpGyOTBBVw+Ow2lNDybhx+3+4XvD4MSdS8w+t0d61N5BT/W5UEd5TzZ84LvVQD/R1vPv6cDStbAf4sjn7/ve+EzlUB9J336OveL5xqOXK/FNMnA1YLURar473Dy6wZ889M7eL4YSHMsXxBgDwKAp5xdvR5HLQnAg0skwcO4PvnqXfob1CBAbnAboJ92uhAwyYZ5pHvvRr5twCOqeQiXnw29dRjgDMDR346AefB4KwZG6iJbLXDbh1/AzZs5k2ti31IGSFL9v/UefG4HbERn20P0npoJfUYoDNocNLLRu1gbW9kxoxqwg0U43fYIqcYnCBOGpXo7BoHxM6sCHEtROhiFwXAmuEgZ4XjjU2OzArfqB9J11MOJB9Klc0flAWoD5mKvThylLFBhZBYoJkUScGYwQQZO8Vevxa1urcHRXswgRz/vrBGA2wLbbgHLCYQI7j6yECwD9yQ2WwiOci7oMdr41Tnhmy0dy1Ggt3L0W0evf2l+VbARLAD3IliGJpKDl73hc27F4ILlhZZ44sVtul/Bx9nJqihMjz9C0Z8tHMTe/P5YN52+jAjCq6Jz99JucWye5saLZVlbZFdNW+4BbvavPROzvzC6EsjlzcJnYqV/0Jykr9NhaxMoxXCd/y81+G5m7L5dZ3rvzANg31USoJYOklDCyABQcxK49lupC2JwREsCWLpIO6ehmE6etiEK3JFSUb8WhwIUSFFX8WmKuhG0oQkrmUFfIxosOawU+hht1LqvoYLP5J3++D/8aGq5otzXywAAAABJRU5ErkJggg==";
 const FAVICON_BUFFER = Buffer.from(FAVICON_BASE64, "base64");
 function getDefaultExportFromCjs(x2) {
@@ -4135,8 +4140,8 @@ function requireCore$1() {
             return this;
           }
           case "object": {
-            const cacheKey = schemaKeyRef;
-            this._cache.delete(cacheKey);
+            const cacheKey2 = schemaKeyRef;
+            this._cache.delete(cacheKey2);
             let id2 = schemaKeyRef[this.opts.schemaId];
             if (id2) {
               id2 = (0, resolve_1.normalizeId)(id2);
@@ -14582,13 +14587,1584 @@ function runMCPServer(config) {
     }
   };
 }
+var RequestError = class extends Error {
+  constructor(message, options) {
+    super(message, options);
+    this.name = "RequestError";
+  }
+};
+var toRequestError = (e) => {
+  if (e instanceof RequestError) {
+    return e;
+  }
+  return new RequestError(e.message, { cause: e });
+};
+var GlobalRequest = global.Request;
+var Request = class extends GlobalRequest {
+  constructor(input, options) {
+    if (typeof input === "object" && getRequestCache in input) {
+      input = input[getRequestCache]();
+    }
+    if (typeof options?.body?.getReader !== "undefined") {
+      options.duplex ??= "half";
+    }
+    super(input, options);
+  }
+};
+var newHeadersFromIncoming = (incoming) => {
+  const headerRecord = [];
+  const rawHeaders = incoming.rawHeaders;
+  for (let i = 0; i < rawHeaders.length; i += 2) {
+    const { [i]: key, [i + 1]: value } = rawHeaders;
+    if (key.charCodeAt(0) !== /*:*/
+    58) {
+      headerRecord.push([key, value]);
+    }
+  }
+  return new Headers(headerRecord);
+};
+var wrapBodyStream = /* @__PURE__ */ Symbol("wrapBodyStream");
+var newRequestFromIncoming = (method, url, headers, incoming, abortController) => {
+  const init = {
+    method,
+    headers,
+    signal: abortController.signal
+  };
+  if (method === "TRACE") {
+    init.method = "GET";
+    const req = new Request(url, init);
+    Object.defineProperty(req, "method", {
+      get() {
+        return "TRACE";
+      }
+    });
+    return req;
+  }
+  if (!(method === "GET" || method === "HEAD")) {
+    if ("rawBody" in incoming && incoming.rawBody instanceof Buffer) {
+      init.body = new ReadableStream({
+        start(controller) {
+          controller.enqueue(incoming.rawBody);
+          controller.close();
+        }
+      });
+    } else if (incoming[wrapBodyStream]) {
+      let reader;
+      init.body = new ReadableStream({
+        async pull(controller) {
+          try {
+            reader ||= stream.Readable.toWeb(incoming).getReader();
+            const { done, value } = await reader.read();
+            if (done) {
+              controller.close();
+            } else {
+              controller.enqueue(value);
+            }
+          } catch (error) {
+            controller.error(error);
+          }
+        }
+      });
+    } else {
+      init.body = stream.Readable.toWeb(incoming);
+    }
+  }
+  return new Request(url, init);
+};
+var getRequestCache = /* @__PURE__ */ Symbol("getRequestCache");
+var requestCache = /* @__PURE__ */ Symbol("requestCache");
+var incomingKey = /* @__PURE__ */ Symbol("incomingKey");
+var urlKey = /* @__PURE__ */ Symbol("urlKey");
+var headersKey = /* @__PURE__ */ Symbol("headersKey");
+var abortControllerKey = /* @__PURE__ */ Symbol("abortControllerKey");
+var getAbortController = /* @__PURE__ */ Symbol("getAbortController");
+var requestPrototype = {
+  get method() {
+    return this[incomingKey].method || "GET";
+  },
+  get url() {
+    return this[urlKey];
+  },
+  get headers() {
+    return this[headersKey] ||= newHeadersFromIncoming(this[incomingKey]);
+  },
+  [getAbortController]() {
+    this[getRequestCache]();
+    return this[abortControllerKey];
+  },
+  [getRequestCache]() {
+    this[abortControllerKey] ||= new AbortController();
+    return this[requestCache] ||= newRequestFromIncoming(
+      this.method,
+      this[urlKey],
+      this.headers,
+      this[incomingKey],
+      this[abortControllerKey]
+    );
+  }
+};
+[
+  "body",
+  "bodyUsed",
+  "cache",
+  "credentials",
+  "destination",
+  "integrity",
+  "mode",
+  "redirect",
+  "referrer",
+  "referrerPolicy",
+  "signal",
+  "keepalive"
+].forEach((k2) => {
+  Object.defineProperty(requestPrototype, k2, {
+    get() {
+      return this[getRequestCache]()[k2];
+    }
+  });
+});
+["arrayBuffer", "blob", "clone", "formData", "json", "text"].forEach((k2) => {
+  Object.defineProperty(requestPrototype, k2, {
+    value: function() {
+      return this[getRequestCache]()[k2]();
+    }
+  });
+});
+Object.setPrototypeOf(requestPrototype, Request.prototype);
+var newRequest = (incoming, defaultHostname) => {
+  const req = Object.create(requestPrototype);
+  req[incomingKey] = incoming;
+  const incomingUrl = incoming.url || "";
+  if (incomingUrl[0] !== "/" && // short-circuit for performance. most requests are relative URL.
+  (incomingUrl.startsWith("http://") || incomingUrl.startsWith("https://"))) {
+    if (incoming instanceof http2.Http2ServerRequest) {
+      throw new RequestError("Absolute URL for :path is not allowed in HTTP/2");
+    }
+    try {
+      const url2 = new URL(incomingUrl);
+      req[urlKey] = url2.href;
+    } catch (e) {
+      throw new RequestError("Invalid absolute URL", { cause: e });
+    }
+    return req;
+  }
+  const host = (incoming instanceof http2.Http2ServerRequest ? incoming.authority : incoming.headers.host) || defaultHostname;
+  if (!host) {
+    throw new RequestError("Missing host header");
+  }
+  let scheme;
+  if (incoming instanceof http2.Http2ServerRequest) {
+    scheme = incoming.scheme;
+    if (!(scheme === "http" || scheme === "https")) {
+      throw new RequestError("Unsupported scheme");
+    }
+  } else {
+    scheme = incoming.socket && incoming.socket.encrypted ? "https" : "http";
+  }
+  const url = new URL(`${scheme}://${host}${incomingUrl}`);
+  if (url.hostname.length !== host.length && url.hostname !== host.replace(/:\d+$/, "")) {
+    throw new RequestError("Invalid host header");
+  }
+  req[urlKey] = url.href;
+  return req;
+};
+var responseCache = /* @__PURE__ */ Symbol("responseCache");
+var getResponseCache = /* @__PURE__ */ Symbol("getResponseCache");
+var cacheKey = /* @__PURE__ */ Symbol("cache");
+var GlobalResponse = global.Response;
+var Response2 = class _Response {
+  #body;
+  #init;
+  [getResponseCache]() {
+    delete this[cacheKey];
+    return this[responseCache] ||= new GlobalResponse(this.#body, this.#init);
+  }
+  constructor(body, init) {
+    let headers;
+    this.#body = body;
+    if (init instanceof _Response) {
+      const cachedGlobalResponse = init[responseCache];
+      if (cachedGlobalResponse) {
+        this.#init = cachedGlobalResponse;
+        this[getResponseCache]();
+        return;
+      } else {
+        this.#init = init.#init;
+        headers = new Headers(init.#init.headers);
+      }
+    } else {
+      this.#init = init;
+    }
+    if (typeof body === "string" || typeof body?.getReader !== "undefined" || body instanceof Blob || body instanceof Uint8Array) {
+      headers ||= init?.headers || { "content-type": "text/plain; charset=UTF-8" };
+      this[cacheKey] = [init?.status || 200, body, headers];
+    }
+  }
+  get headers() {
+    const cache = this[cacheKey];
+    if (cache) {
+      if (!(cache[2] instanceof Headers)) {
+        cache[2] = new Headers(cache[2]);
+      }
+      return cache[2];
+    }
+    return this[getResponseCache]().headers;
+  }
+  get status() {
+    return this[cacheKey]?.[0] ?? this[getResponseCache]().status;
+  }
+  get ok() {
+    const status = this.status;
+    return status >= 200 && status < 300;
+  }
+};
+["body", "bodyUsed", "redirected", "statusText", "trailers", "type", "url"].forEach((k2) => {
+  Object.defineProperty(Response2.prototype, k2, {
+    get() {
+      return this[getResponseCache]()[k2];
+    }
+  });
+});
+["arrayBuffer", "blob", "clone", "formData", "json", "text"].forEach((k2) => {
+  Object.defineProperty(Response2.prototype, k2, {
+    value: function() {
+      return this[getResponseCache]()[k2]();
+    }
+  });
+});
+Object.setPrototypeOf(Response2, GlobalResponse);
+Object.setPrototypeOf(Response2.prototype, GlobalResponse.prototype);
+async function readWithoutBlocking(readPromise) {
+  return Promise.race([readPromise, Promise.resolve().then(() => Promise.resolve(void 0))]);
+}
+function writeFromReadableStreamDefaultReader(reader, writable, currentReadPromise) {
+  const cancel = (error) => {
+    reader.cancel(error).catch(() => {
+    });
+  };
+  writable.on("close", cancel);
+  writable.on("error", cancel);
+  (currentReadPromise ?? reader.read()).then(flow, handleStreamError);
+  return reader.closed.finally(() => {
+    writable.off("close", cancel);
+    writable.off("error", cancel);
+  });
+  function handleStreamError(error) {
+    if (error) {
+      writable.destroy(error);
+    }
+  }
+  function onDrain() {
+    reader.read().then(flow, handleStreamError);
+  }
+  function flow({ done, value }) {
+    try {
+      if (done) {
+        writable.end();
+      } else if (!writable.write(value)) {
+        writable.once("drain", onDrain);
+      } else {
+        return reader.read().then(flow, handleStreamError);
+      }
+    } catch (e) {
+      handleStreamError(e);
+    }
+  }
+}
+function writeFromReadableStream(stream2, writable) {
+  if (stream2.locked) {
+    throw new TypeError("ReadableStream is locked.");
+  } else if (writable.destroyed) {
+    return;
+  }
+  return writeFromReadableStreamDefaultReader(stream2.getReader(), writable);
+}
+var buildOutgoingHttpHeaders = (headers) => {
+  const res = {};
+  if (!(headers instanceof Headers)) {
+    headers = new Headers(headers ?? void 0);
+  }
+  const cookies = [];
+  for (const [k2, v] of headers) {
+    if (k2 === "set-cookie") {
+      cookies.push(v);
+    } else {
+      res[k2] = v;
+    }
+  }
+  if (cookies.length > 0) {
+    res["set-cookie"] = cookies;
+  }
+  res["content-type"] ??= "text/plain; charset=UTF-8";
+  return res;
+};
+var X_ALREADY_SENT = "x-hono-already-sent";
+var webFetch = global.fetch;
+if (typeof global.crypto === "undefined") {
+  global.crypto = crypto$1;
+}
+global.fetch = (info, init) => {
+  init = {
+    // Disable compression handling so people can return the result of a fetch
+    // directly in the loader without messing with the Content-Encoding header.
+    compress: false,
+    ...init
+  };
+  return webFetch(info, init);
+};
+var outgoingEnded = /* @__PURE__ */ Symbol("outgoingEnded");
+var handleRequestError = () => new Response(null, {
+  status: 400
+});
+var handleFetchError = (e) => new Response(null, {
+  status: e instanceof Error && (e.name === "TimeoutError" || e.constructor.name === "TimeoutError") ? 504 : 500
+});
+var handleResponseError = (e, outgoing) => {
+  const err = e instanceof Error ? e : new Error("unknown error", { cause: e });
+  if (err.code === "ERR_STREAM_PREMATURE_CLOSE") {
+    console.info("The user aborted a request.");
+  } else {
+    console.error(e);
+    if (!outgoing.headersSent) {
+      outgoing.writeHead(500, { "Content-Type": "text/plain" });
+    }
+    outgoing.end(`Error: ${err.message}`);
+    outgoing.destroy(err);
+  }
+};
+var flushHeaders = (outgoing) => {
+  if ("flushHeaders" in outgoing && outgoing.writable) {
+    outgoing.flushHeaders();
+  }
+};
+var responseViaCache = async (res, outgoing) => {
+  let [status, body, header] = res[cacheKey];
+  if (header instanceof Headers) {
+    header = buildOutgoingHttpHeaders(header);
+  }
+  if (typeof body === "string") {
+    header["Content-Length"] = Buffer.byteLength(body);
+  } else if (body instanceof Uint8Array) {
+    header["Content-Length"] = body.byteLength;
+  } else if (body instanceof Blob) {
+    header["Content-Length"] = body.size;
+  }
+  outgoing.writeHead(status, header);
+  if (typeof body === "string" || body instanceof Uint8Array) {
+    outgoing.end(body);
+  } else if (body instanceof Blob) {
+    outgoing.end(new Uint8Array(await body.arrayBuffer()));
+  } else {
+    flushHeaders(outgoing);
+    await writeFromReadableStream(body, outgoing)?.catch(
+      (e) => handleResponseError(e, outgoing)
+    );
+  }
+  outgoing[outgoingEnded]?.();
+};
+var isPromise = (res) => typeof res.then === "function";
+var responseViaResponseObject = async (res, outgoing, options = {}) => {
+  if (isPromise(res)) {
+    if (options.errorHandler) {
+      try {
+        res = await res;
+      } catch (err) {
+        const errRes = await options.errorHandler(err);
+        if (!errRes) {
+          return;
+        }
+        res = errRes;
+      }
+    } else {
+      res = await res.catch(handleFetchError);
+    }
+  }
+  if (cacheKey in res) {
+    return responseViaCache(res, outgoing);
+  }
+  const resHeaderRecord = buildOutgoingHttpHeaders(res.headers);
+  if (res.body) {
+    const reader = res.body.getReader();
+    const values = [];
+    let done = false;
+    let currentReadPromise = void 0;
+    if (resHeaderRecord["transfer-encoding"] !== "chunked") {
+      let maxReadCount = 2;
+      for (let i = 0; i < maxReadCount; i++) {
+        currentReadPromise ||= reader.read();
+        const chunk = await readWithoutBlocking(currentReadPromise).catch((e) => {
+          console.error(e);
+          done = true;
+        });
+        if (!chunk) {
+          if (i === 1) {
+            await new Promise((resolve2) => setTimeout(resolve2));
+            maxReadCount = 3;
+            continue;
+          }
+          break;
+        }
+        currentReadPromise = void 0;
+        if (chunk.value) {
+          values.push(chunk.value);
+        }
+        if (chunk.done) {
+          done = true;
+          break;
+        }
+      }
+      if (done && !("content-length" in resHeaderRecord)) {
+        resHeaderRecord["content-length"] = values.reduce((acc, value) => acc + value.length, 0);
+      }
+    }
+    outgoing.writeHead(res.status, resHeaderRecord);
+    values.forEach((value) => {
+      outgoing.write(value);
+    });
+    if (done) {
+      outgoing.end();
+    } else {
+      if (values.length === 0) {
+        flushHeaders(outgoing);
+      }
+      await writeFromReadableStreamDefaultReader(reader, outgoing, currentReadPromise);
+    }
+  } else if (resHeaderRecord[X_ALREADY_SENT]) ;
+  else {
+    outgoing.writeHead(res.status, resHeaderRecord);
+    outgoing.end();
+  }
+  outgoing[outgoingEnded]?.();
+};
+var getRequestListener = (fetchCallback, options = {}) => {
+  const autoCleanupIncoming = options.autoCleanupIncoming ?? true;
+  if (options.overrideGlobalObjects !== false && global.Request !== Request) {
+    Object.defineProperty(global, "Request", {
+      value: Request
+    });
+    Object.defineProperty(global, "Response", {
+      value: Response2
+    });
+  }
+  return async (incoming, outgoing) => {
+    let res, req;
+    try {
+      req = newRequest(incoming, options.hostname);
+      let incomingEnded = !autoCleanupIncoming || incoming.method === "GET" || incoming.method === "HEAD";
+      if (!incomingEnded) {
+        ;
+        incoming[wrapBodyStream] = true;
+        incoming.on("end", () => {
+          incomingEnded = true;
+        });
+        if (incoming instanceof http2.Http2ServerRequest) {
+          ;
+          outgoing[outgoingEnded] = () => {
+            if (!incomingEnded) {
+              setTimeout(() => {
+                if (!incomingEnded) {
+                  setTimeout(() => {
+                    incoming.destroy();
+                    outgoing.destroy();
+                  });
+                }
+              });
+            }
+          };
+        }
+      }
+      outgoing.on("close", () => {
+        const abortController = req[abortControllerKey];
+        if (abortController) {
+          if (incoming.errored) {
+            req[abortControllerKey].abort(incoming.errored.toString());
+          } else if (!outgoing.writableFinished) {
+            req[abortControllerKey].abort("Client connection prematurely closed.");
+          }
+        }
+        if (!incomingEnded) {
+          setTimeout(() => {
+            if (!incomingEnded) {
+              setTimeout(() => {
+                incoming.destroy();
+              });
+            }
+          });
+        }
+      });
+      res = fetchCallback(req, { incoming, outgoing });
+      if (cacheKey in res) {
+        return responseViaCache(res, outgoing);
+      }
+    } catch (e) {
+      if (!res) {
+        if (options.errorHandler) {
+          res = await options.errorHandler(req ? e : toRequestError(e));
+          if (!res) {
+            return;
+          }
+        } else if (!req) {
+          res = handleRequestError();
+        } else {
+          res = handleFetchError(e);
+        }
+      } else {
+        return handleResponseError(e, outgoing);
+      }
+    }
+    try {
+      return await responseViaResponseObject(res, outgoing, options);
+    } catch (e) {
+      return handleResponseError(e, outgoing);
+    }
+  };
+};
+class WebStandardStreamableHTTPServerTransport {
+  constructor(options = {}) {
+    this._started = false;
+    this._streamMapping = /* @__PURE__ */ new Map();
+    this._requestToStreamMapping = /* @__PURE__ */ new Map();
+    this._requestResponseMap = /* @__PURE__ */ new Map();
+    this._initialized = false;
+    this._enableJsonResponse = false;
+    this._standaloneSseStreamId = "_GET_stream";
+    this.sessionIdGenerator = options.sessionIdGenerator;
+    this._enableJsonResponse = options.enableJsonResponse ?? false;
+    this._eventStore = options.eventStore;
+    this._onsessioninitialized = options.onsessioninitialized;
+    this._onsessionclosed = options.onsessionclosed;
+    this._allowedHosts = options.allowedHosts;
+    this._allowedOrigins = options.allowedOrigins;
+    this._enableDnsRebindingProtection = options.enableDnsRebindingProtection ?? false;
+    this._retryInterval = options.retryInterval;
+  }
+  /**
+   * Starts the transport. This is required by the Transport interface but is a no-op
+   * for the Streamable HTTP transport as connections are managed per-request.
+   */
+  async start() {
+    if (this._started) {
+      throw new Error("Transport already started");
+    }
+    this._started = true;
+  }
+  /**
+   * Helper to create a JSON error response
+   */
+  createJsonErrorResponse(status, code2, message, options) {
+    const error = { code: code2, message };
+    if (options?.data !== void 0) {
+      error.data = options.data;
+    }
+    return new Response(JSON.stringify({
+      jsonrpc: "2.0",
+      error,
+      id: null
+    }), {
+      status,
+      headers: {
+        "Content-Type": "application/json",
+        ...options?.headers
+      }
+    });
+  }
+  /**
+   * Validates request headers for DNS rebinding protection.
+   * @returns Error response if validation fails, undefined if validation passes.
+   */
+  validateRequestHeaders(req) {
+    if (!this._enableDnsRebindingProtection) {
+      return void 0;
+    }
+    if (this._allowedHosts && this._allowedHosts.length > 0) {
+      const hostHeader = req.headers.get("host");
+      if (!hostHeader || !this._allowedHosts.includes(hostHeader)) {
+        const error = `Invalid Host header: ${hostHeader}`;
+        this.onerror?.(new Error(error));
+        return this.createJsonErrorResponse(403, -32e3, error);
+      }
+    }
+    if (this._allowedOrigins && this._allowedOrigins.length > 0) {
+      const originHeader = req.headers.get("origin");
+      if (originHeader && !this._allowedOrigins.includes(originHeader)) {
+        const error = `Invalid Origin header: ${originHeader}`;
+        this.onerror?.(new Error(error));
+        return this.createJsonErrorResponse(403, -32e3, error);
+      }
+    }
+    return void 0;
+  }
+  /**
+   * Handles an incoming HTTP request, whether GET, POST, or DELETE
+   * Returns a Response object (Web Standard)
+   */
+  async handleRequest(req, options) {
+    const validationError = this.validateRequestHeaders(req);
+    if (validationError) {
+      return validationError;
+    }
+    switch (req.method) {
+      case "POST":
+        return this.handlePostRequest(req, options);
+      case "GET":
+        return this.handleGetRequest(req);
+      case "DELETE":
+        return this.handleDeleteRequest(req);
+      default:
+        return this.handleUnsupportedRequest();
+    }
+  }
+  /**
+   * Writes a priming event to establish resumption capability.
+   * Only sends if eventStore is configured (opt-in for resumability) and
+   * the client's protocol version supports empty SSE data (>= 2025-11-25).
+   */
+  async writePrimingEvent(controller, encoder, streamId, protocolVersion) {
+    if (!this._eventStore) {
+      return;
+    }
+    if (protocolVersion < "2025-11-25") {
+      return;
+    }
+    const primingEventId = await this._eventStore.storeEvent(streamId, {});
+    let primingEvent = `id: ${primingEventId}
+data:
+`;
+    if (this._retryInterval !== void 0) {
+      primingEvent = `id: ${primingEventId}
+retry: ${this._retryInterval}
+data:
+`;
+    }
+    controller.enqueue(encoder.encode(primingEvent));
+  }
+  /**
+   * Handles GET requests for SSE stream
+   */
+  async handleGetRequest(req) {
+    const acceptHeader = req.headers.get("accept");
+    if (!acceptHeader?.includes("text/event-stream")) {
+      return this.createJsonErrorResponse(406, -32e3, "Not Acceptable: Client must accept text/event-stream");
+    }
+    const sessionError = this.validateSession(req);
+    if (sessionError) {
+      return sessionError;
+    }
+    const protocolError = this.validateProtocolVersion(req);
+    if (protocolError) {
+      return protocolError;
+    }
+    if (this._eventStore) {
+      const lastEventId = req.headers.get("last-event-id");
+      if (lastEventId) {
+        return this.replayEvents(lastEventId);
+      }
+    }
+    if (this._streamMapping.get(this._standaloneSseStreamId) !== void 0) {
+      return this.createJsonErrorResponse(409, -32e3, "Conflict: Only one SSE stream is allowed per session");
+    }
+    const encoder = new TextEncoder();
+    let streamController;
+    const readable = new ReadableStream({
+      start: (controller) => {
+        streamController = controller;
+      },
+      cancel: () => {
+        this._streamMapping.delete(this._standaloneSseStreamId);
+      }
+    });
+    const headers = {
+      "Content-Type": "text/event-stream",
+      "Cache-Control": "no-cache, no-transform",
+      Connection: "keep-alive"
+    };
+    if (this.sessionId !== void 0) {
+      headers["mcp-session-id"] = this.sessionId;
+    }
+    this._streamMapping.set(this._standaloneSseStreamId, {
+      controller: streamController,
+      encoder,
+      cleanup: () => {
+        this._streamMapping.delete(this._standaloneSseStreamId);
+        try {
+          streamController.close();
+        } catch {
+        }
+      }
+    });
+    return new Response(readable, { headers });
+  }
+  /**
+   * Replays events that would have been sent after the specified event ID
+   * Only used when resumability is enabled
+   */
+  async replayEvents(lastEventId) {
+    if (!this._eventStore) {
+      return this.createJsonErrorResponse(400, -32e3, "Event store not configured");
+    }
+    try {
+      let streamId;
+      if (this._eventStore.getStreamIdForEventId) {
+        streamId = await this._eventStore.getStreamIdForEventId(lastEventId);
+        if (!streamId) {
+          return this.createJsonErrorResponse(400, -32e3, "Invalid event ID format");
+        }
+        if (this._streamMapping.get(streamId) !== void 0) {
+          return this.createJsonErrorResponse(409, -32e3, "Conflict: Stream already has an active connection");
+        }
+      }
+      const headers = {
+        "Content-Type": "text/event-stream",
+        "Cache-Control": "no-cache, no-transform",
+        Connection: "keep-alive"
+      };
+      if (this.sessionId !== void 0) {
+        headers["mcp-session-id"] = this.sessionId;
+      }
+      const encoder = new TextEncoder();
+      let streamController;
+      const readable = new ReadableStream({
+        start: (controller) => {
+          streamController = controller;
+        },
+        cancel: () => {
+        }
+      });
+      const replayedStreamId = await this._eventStore.replayEventsAfter(lastEventId, {
+        send: async (eventId, message) => {
+          const success = this.writeSSEEvent(streamController, encoder, message, eventId);
+          if (!success) {
+            this.onerror?.(new Error("Failed replay events"));
+            try {
+              streamController.close();
+            } catch {
+            }
+          }
+        }
+      });
+      this._streamMapping.set(replayedStreamId, {
+        controller: streamController,
+        encoder,
+        cleanup: () => {
+          this._streamMapping.delete(replayedStreamId);
+          try {
+            streamController.close();
+          } catch {
+          }
+        }
+      });
+      return new Response(readable, { headers });
+    } catch (error) {
+      this.onerror?.(error);
+      return this.createJsonErrorResponse(500, -32e3, "Error replaying events");
+    }
+  }
+  /**
+   * Writes an event to an SSE stream via controller with proper formatting
+   */
+  writeSSEEvent(controller, encoder, message, eventId) {
+    try {
+      let eventData = `event: message
+`;
+      if (eventId) {
+        eventData += `id: ${eventId}
+`;
+      }
+      eventData += `data: ${JSON.stringify(message)}
+`;
+      controller.enqueue(encoder.encode(eventData));
+      return true;
+    } catch {
+      return false;
+    }
+  }
+  /**
+   * Handles unsupported requests (PUT, PATCH, etc.)
+   */
+  handleUnsupportedRequest() {
+    return new Response(JSON.stringify({
+      jsonrpc: "2.0",
+      error: {
+        code: -32e3,
+        message: "Method not allowed."
+      },
+      id: null
+    }), {
+      status: 405,
+      headers: {
+        Allow: "GET, POST, DELETE",
+        "Content-Type": "application/json"
+      }
+    });
+  }
+  /**
+   * Handles POST requests containing JSON-RPC messages
+   */
+  async handlePostRequest(req, options) {
+    try {
+      const acceptHeader = req.headers.get("accept");
+      if (!acceptHeader?.includes("application/json") || !acceptHeader.includes("text/event-stream")) {
+        return this.createJsonErrorResponse(406, -32e3, "Not Acceptable: Client must accept both application/json and text/event-stream");
+      }
+      const ct2 = req.headers.get("content-type");
+      if (!ct2 || !ct2.includes("application/json")) {
+        return this.createJsonErrorResponse(415, -32e3, "Unsupported Media Type: Content-Type must be application/json");
+      }
+      const requestInfo = {
+        headers: Object.fromEntries(req.headers.entries())
+      };
+      let rawMessage;
+      if (options?.parsedBody !== void 0) {
+        rawMessage = options.parsedBody;
+      } else {
+        try {
+          rawMessage = await req.json();
+        } catch {
+          return this.createJsonErrorResponse(400, -32700, "Parse error: Invalid JSON");
+        }
+      }
+      let messages;
+      try {
+        if (Array.isArray(rawMessage)) {
+          messages = rawMessage.map((msg) => protocol.JSONRPCMessageSchema.parse(msg));
+        } else {
+          messages = [protocol.JSONRPCMessageSchema.parse(rawMessage)];
+        }
+      } catch {
+        return this.createJsonErrorResponse(400, -32700, "Parse error: Invalid JSON-RPC message");
+      }
+      const isInitializationRequest = messages.some(protocol.isInitializeRequest);
+      if (isInitializationRequest) {
+        if (this._initialized && this.sessionId !== void 0) {
+          return this.createJsonErrorResponse(400, -32600, "Invalid Request: Server already initialized");
+        }
+        if (messages.length > 1) {
+          return this.createJsonErrorResponse(400, -32600, "Invalid Request: Only one initialization request is allowed");
+        }
+        this.sessionId = this.sessionIdGenerator?.();
+        this._initialized = true;
+        if (this.sessionId && this._onsessioninitialized) {
+          await Promise.resolve(this._onsessioninitialized(this.sessionId));
+        }
+      }
+      if (!isInitializationRequest) {
+        const sessionError = this.validateSession(req);
+        if (sessionError) {
+          return sessionError;
+        }
+        const protocolError = this.validateProtocolVersion(req);
+        if (protocolError) {
+          return protocolError;
+        }
+      }
+      const hasRequests = messages.some(protocol.isJSONRPCRequest);
+      if (!hasRequests) {
+        for (const message of messages) {
+          this.onmessage?.(message, { authInfo: options?.authInfo, requestInfo });
+        }
+        return new Response(null, { status: 202 });
+      }
+      const streamId = crypto.randomUUID();
+      const initRequest = messages.find((m2) => protocol.isInitializeRequest(m2));
+      const clientProtocolVersion = initRequest ? initRequest.params.protocolVersion : req.headers.get("mcp-protocol-version") ?? protocol.DEFAULT_NEGOTIATED_PROTOCOL_VERSION;
+      if (this._enableJsonResponse) {
+        return new Promise((resolve2) => {
+          this._streamMapping.set(streamId, {
+            resolveJson: resolve2,
+            cleanup: () => {
+              this._streamMapping.delete(streamId);
+            }
+          });
+          for (const message of messages) {
+            if (protocol.isJSONRPCRequest(message)) {
+              this._requestToStreamMapping.set(message.id, streamId);
+            }
+          }
+          for (const message of messages) {
+            this.onmessage?.(message, { authInfo: options?.authInfo, requestInfo });
+          }
+        });
+      }
+      const encoder = new TextEncoder();
+      let streamController;
+      const readable = new ReadableStream({
+        start: (controller) => {
+          streamController = controller;
+        },
+        cancel: () => {
+          this._streamMapping.delete(streamId);
+        }
+      });
+      const headers = {
+        "Content-Type": "text/event-stream",
+        "Cache-Control": "no-cache",
+        Connection: "keep-alive"
+      };
+      if (this.sessionId !== void 0) {
+        headers["mcp-session-id"] = this.sessionId;
+      }
+      for (const message of messages) {
+        if (protocol.isJSONRPCRequest(message)) {
+          this._streamMapping.set(streamId, {
+            controller: streamController,
+            encoder,
+            cleanup: () => {
+              this._streamMapping.delete(streamId);
+              try {
+                streamController.close();
+              } catch {
+              }
+            }
+          });
+          this._requestToStreamMapping.set(message.id, streamId);
+        }
+      }
+      await this.writePrimingEvent(streamController, encoder, streamId, clientProtocolVersion);
+      for (const message of messages) {
+        let closeSSEStream;
+        let closeStandaloneSSEStream;
+        if (protocol.isJSONRPCRequest(message) && this._eventStore && clientProtocolVersion >= "2025-11-25") {
+          closeSSEStream = () => {
+            this.closeSSEStream(message.id);
+          };
+          closeStandaloneSSEStream = () => {
+            this.closeStandaloneSSEStream();
+          };
+        }
+        this.onmessage?.(message, { authInfo: options?.authInfo, requestInfo, closeSSEStream, closeStandaloneSSEStream });
+      }
+      return new Response(readable, { status: 200, headers });
+    } catch (error) {
+      this.onerror?.(error);
+      return this.createJsonErrorResponse(400, -32700, "Parse error", { data: String(error) });
+    }
+  }
+  /**
+   * Handles DELETE requests to terminate sessions
+   */
+  async handleDeleteRequest(req) {
+    const sessionError = this.validateSession(req);
+    if (sessionError) {
+      return sessionError;
+    }
+    const protocolError = this.validateProtocolVersion(req);
+    if (protocolError) {
+      return protocolError;
+    }
+    await Promise.resolve(this._onsessionclosed?.(this.sessionId));
+    await this.close();
+    return new Response(null, { status: 200 });
+  }
+  /**
+   * Validates session ID for non-initialization requests.
+   * Returns Response error if invalid, undefined otherwise
+   */
+  validateSession(req) {
+    if (this.sessionIdGenerator === void 0) {
+      return void 0;
+    }
+    if (!this._initialized) {
+      return this.createJsonErrorResponse(400, -32e3, "Bad Request: Server not initialized");
+    }
+    const sessionId = req.headers.get("mcp-session-id");
+    if (!sessionId) {
+      return this.createJsonErrorResponse(400, -32e3, "Bad Request: Mcp-Session-Id header is required");
+    }
+    if (sessionId !== this.sessionId) {
+      return this.createJsonErrorResponse(404, -32001, "Session not found");
+    }
+    return void 0;
+  }
+  /**
+   * Validates the MCP-Protocol-Version header on incoming requests.
+   *
+   * For initialization: Version negotiation handles unknown versions gracefully
+   * (server responds with its supported version).
+   *
+   * For subsequent requests with MCP-Protocol-Version header:
+   * - Accept if in supported list
+   * - 400 if unsupported
+   *
+   * For HTTP requests without the MCP-Protocol-Version header:
+   * - Accept and default to the version negotiated at initialization
+   */
+  validateProtocolVersion(req) {
+    const protocolVersion = req.headers.get("mcp-protocol-version");
+    if (protocolVersion !== null && !protocol.SUPPORTED_PROTOCOL_VERSIONS.includes(protocolVersion)) {
+      return this.createJsonErrorResponse(400, -32e3, `Bad Request: Unsupported protocol version: ${protocolVersion} (supported versions: ${protocol.SUPPORTED_PROTOCOL_VERSIONS.join(", ")})`);
+    }
+    return void 0;
+  }
+  async close() {
+    this._streamMapping.forEach(({ cleanup }) => {
+      cleanup();
+    });
+    this._streamMapping.clear();
+    this._requestResponseMap.clear();
+    this.onclose?.();
+  }
+  /**
+   * Close an SSE stream for a specific request, triggering client reconnection.
+   * Use this to implement polling behavior during long-running operations -
+   * client will reconnect after the retry interval specified in the priming event.
+   */
+  closeSSEStream(requestId) {
+    const streamId = this._requestToStreamMapping.get(requestId);
+    if (!streamId)
+      return;
+    const stream2 = this._streamMapping.get(streamId);
+    if (stream2) {
+      stream2.cleanup();
+    }
+  }
+  /**
+   * Close the standalone GET SSE stream, triggering client reconnection.
+   * Use this to implement polling behavior for server-initiated notifications.
+   */
+  closeStandaloneSSEStream() {
+    const stream2 = this._streamMapping.get(this._standaloneSseStreamId);
+    if (stream2) {
+      stream2.cleanup();
+    }
+  }
+  async send(message, options) {
+    let requestId = options?.relatedRequestId;
+    if (protocol.isJSONRPCResultResponse(message) || protocol.isJSONRPCErrorResponse(message)) {
+      requestId = message.id;
+    }
+    if (requestId === void 0) {
+      if (protocol.isJSONRPCResultResponse(message) || protocol.isJSONRPCErrorResponse(message)) {
+        throw new Error("Cannot send a response on a standalone SSE stream unless resuming a previous client request");
+      }
+      let eventId;
+      if (this._eventStore) {
+        eventId = await this._eventStore.storeEvent(this._standaloneSseStreamId, message);
+      }
+      const standaloneSse = this._streamMapping.get(this._standaloneSseStreamId);
+      if (standaloneSse === void 0) {
+        return;
+      }
+      if (standaloneSse.controller && standaloneSse.encoder) {
+        this.writeSSEEvent(standaloneSse.controller, standaloneSse.encoder, message, eventId);
+      }
+      return;
+    }
+    const streamId = this._requestToStreamMapping.get(requestId);
+    if (!streamId) {
+      throw new Error(`No connection established for request ID: ${String(requestId)}`);
+    }
+    const stream2 = this._streamMapping.get(streamId);
+    if (!this._enableJsonResponse && stream2?.controller && stream2?.encoder) {
+      let eventId;
+      if (this._eventStore) {
+        eventId = await this._eventStore.storeEvent(streamId, message);
+      }
+      this.writeSSEEvent(stream2.controller, stream2.encoder, message, eventId);
+    }
+    if (protocol.isJSONRPCResultResponse(message) || protocol.isJSONRPCErrorResponse(message)) {
+      this._requestResponseMap.set(requestId, message);
+      const relatedIds = Array.from(this._requestToStreamMapping.entries()).filter(([_, sid]) => sid === streamId).map(([id2]) => id2);
+      const allResponsesReady = relatedIds.every((id2) => this._requestResponseMap.has(id2));
+      if (allResponsesReady) {
+        if (!stream2) {
+          throw new Error(`No connection established for request ID: ${String(requestId)}`);
+        }
+        if (this._enableJsonResponse && stream2.resolveJson) {
+          const headers = {
+            "Content-Type": "application/json"
+          };
+          if (this.sessionId !== void 0) {
+            headers["mcp-session-id"] = this.sessionId;
+          }
+          const responses = relatedIds.map((id2) => this._requestResponseMap.get(id2));
+          if (responses.length === 1) {
+            stream2.resolveJson(new Response(JSON.stringify(responses[0]), { status: 200, headers }));
+          } else {
+            stream2.resolveJson(new Response(JSON.stringify(responses), { status: 200, headers }));
+          }
+        } else {
+          stream2.cleanup();
+        }
+        for (const id2 of relatedIds) {
+          this._requestResponseMap.delete(id2);
+          this._requestToStreamMapping.delete(id2);
+        }
+      }
+    }
+  }
+}
+class StreamableHTTPServerTransport {
+  constructor(options = {}) {
+    this._requestContext = /* @__PURE__ */ new WeakMap();
+    this._webStandardTransport = new WebStandardStreamableHTTPServerTransport(options);
+    this._requestListener = getRequestListener(async (webRequest) => {
+      const context = this._requestContext.get(webRequest);
+      return this._webStandardTransport.handleRequest(webRequest, {
+        authInfo: context?.authInfo,
+        parsedBody: context?.parsedBody
+      });
+    });
+  }
+  /**
+   * Gets the session ID for this transport instance.
+   */
+  get sessionId() {
+    return this._webStandardTransport.sessionId;
+  }
+  /**
+   * Sets callback for when the transport is closed.
+   */
+  set onclose(handler) {
+    this._webStandardTransport.onclose = handler;
+  }
+  get onclose() {
+    return this._webStandardTransport.onclose;
+  }
+  /**
+   * Sets callback for transport errors.
+   */
+  set onerror(handler) {
+    this._webStandardTransport.onerror = handler;
+  }
+  get onerror() {
+    return this._webStandardTransport.onerror;
+  }
+  /**
+   * Sets callback for incoming messages.
+   */
+  set onmessage(handler) {
+    this._webStandardTransport.onmessage = handler;
+  }
+  get onmessage() {
+    return this._webStandardTransport.onmessage;
+  }
+  /**
+   * Starts the transport. This is required by the Transport interface but is a no-op
+   * for the Streamable HTTP transport as connections are managed per-request.
+   */
+  async start() {
+    return this._webStandardTransport.start();
+  }
+  /**
+   * Closes the transport and all active connections.
+   */
+  async close() {
+    return this._webStandardTransport.close();
+  }
+  /**
+   * Sends a JSON-RPC message through the transport.
+   */
+  async send(message, options) {
+    return this._webStandardTransport.send(message, options);
+  }
+  /**
+   * Handles an incoming HTTP request, whether GET or POST.
+   *
+   * This method converts Node.js HTTP objects to Web Standard Request/Response
+   * and delegates to the underlying WebStandardStreamableHTTPServerTransport.
+   *
+   * @param req - Node.js IncomingMessage, optionally with auth property from middleware
+   * @param res - Node.js ServerResponse
+   * @param parsedBody - Optional pre-parsed body from body-parser middleware
+   */
+  async handleRequest(req, res, parsedBody) {
+    const authInfo = req.auth;
+    const handler = getRequestListener(async (webRequest) => {
+      return this._webStandardTransport.handleRequest(webRequest, {
+        authInfo,
+        parsedBody
+      });
+    });
+    await handler(req, res);
+  }
+  /**
+   * Close an SSE stream for a specific request, triggering client reconnection.
+   * Use this to implement polling behavior during long-running operations -
+   * client will reconnect after the retry interval specified in the priming event.
+   */
+  closeSSEStream(requestId) {
+    this._webStandardTransport.closeSSEStream(requestId);
+  }
+  /**
+   * Close the standalone GET SSE stream, triggering client reconnection.
+   * Use this to implement polling behavior for server-initiated notifications.
+   */
+  closeStandaloneSSEStream() {
+    this._webStandardTransport.closeStandaloneSSEStream();
+  }
+}
+function createProductionMcpServer(config) {
+  const { name = "sunpeak-app", version = "0.1.0", tools, resources } = config;
+  const mcpServer = new McpServer(
+    {
+      name,
+      version,
+      icons: [
+        {
+          src: `data:image/png;base64,${FAVICON_BASE64}`,
+          mimeType: "image/png",
+          sizes: ["128x128"]
+        }
+      ]
+    },
+    { capabilities: { resources: {}, tools: {} } }
+  );
+  const resourceByName = /* @__PURE__ */ new Map();
+  for (const res of resources) {
+    resourceByName.set(res.name, res);
+  }
+  const registeredResources = /* @__PURE__ */ new Set();
+  for (const tool of tools) {
+    const res = resourceByName.get(tool.tool.resource);
+    if (!res) {
+      console.warn(
+        `[MCP] Warning: Resource "${tool.tool.resource}" not found for tool "${tool.name}". Skipping.`
+      );
+      continue;
+    }
+    if (!registeredResources.has(res.uri)) {
+      registeredResources.add(res.uri);
+      ak(
+        mcpServer,
+        res.name,
+        res.uri,
+        {
+          description: res.description,
+          _meta: res._meta
+        },
+        async () => ({
+          contents: [
+            {
+              uri: res.uri,
+              mimeType: EI,
+              text: res.html,
+              _meta: res._meta
+            }
+          ]
+        })
+      );
+    }
+    const toolConfig = {
+      title: tool.tool.title,
+      description: tool.tool.description,
+      annotations: tool.tool.annotations,
+      ...tool.schema ? { inputSchema: tool.schema } : {},
+      _meta: {
+        ...tool.tool._meta,
+        ui: {
+          resourceUri: res.uri,
+          ...tool.tool._meta?.ui ?? {}
+        }
+      }
+    };
+    const callback = async (...cbArgs) => {
+      const hasSchema = !!tool.schema;
+      const args = hasSchema ? cbArgs[0] : {};
+      const extra = hasSchema ? cbArgs[1] : cbArgs[0];
+      const argKeys = Object.keys(args);
+      const argsStr = argKeys.length > 0 ? `{${argKeys.join(", ")}}` : "{}";
+      console.log(`[MCP] CallTool: ${tool.name}${argsStr}`);
+      const result = await tool.handler(args, extra);
+      if (typeof result === "string") {
+        return { content: [{ type: "text", text: result }] };
+      }
+      return result;
+    };
+    hk(
+      mcpServer,
+      tool.name,
+      toolConfig,
+      callback
+    );
+  }
+  const toolCount = tools.filter((t) => resourceByName.has(t.tool.resource)).length;
+  const resourceCount = registeredResources.size;
+  console.log(`[MCP] Registered ${toolCount} tool(s) and ${resourceCount} resource(s)`);
+  return mcpServer;
+}
+const MCP_PATH = "/mcp";
+const SESSION_IDLE_TIMEOUT_MS = 5 * 60 * 1e3;
+function isJsonRpcMessage(value) {
+  return typeof value === "object" && value !== null && typeof value.method === "string";
+}
+const CORS_HEADERS = {
+  "Access-Control-Allow-Origin": "*",
+  "Access-Control-Allow-Methods": "GET, POST, DELETE, OPTIONS",
+  "Access-Control-Allow-Headers": "content-type, accept, authorization, mcp-session-id, ngrok-skip-browser-warning",
+  "Access-Control-Expose-Headers": "mcp-session-id"
+};
+function createMcpHandler(config) {
+  const sessions2 = /* @__PURE__ */ new Map();
+  const authFn = config.auth;
+  const cleanupInterval = setInterval(() => {
+    const now = Date.now();
+    for (const [id2, session] of sessions2) {
+      if (now - session.lastActivity > SESSION_IDLE_TIMEOUT_MS) {
+        sessions2.delete(id2);
+        session.transport.close?.();
+        session.server.close();
+        console.log(`[MCP] Session expired: ${id2.substring(0, 8)}... (${sessions2.size} active)`);
+      }
+    }
+  }, 6e4);
+  cleanupInterval.unref();
+  return async (req, res) => {
+    if (!req.url) return;
+    const url = new node_url.URL(req.url, `http://${req.headers.host ?? "localhost"}`);
+    if (url.pathname !== MCP_PATH) return;
+    if (req.method === "OPTIONS") {
+      res.writeHead(204, CORS_HEADERS);
+      res.end();
+      return;
+    }
+    for (const [key, value] of Object.entries(CORS_HEADERS)) {
+      res.setHeader(key, value);
+    }
+    if (authFn) {
+      const authInfo = await authFn(req);
+      if (!authInfo) {
+        res.writeHead(401, { "WWW-Authenticate": "Bearer" });
+        res.end("Unauthorized");
+        return;
+      }
+      req.auth = authInfo;
+    }
+    let parsedBody;
+    if (req.method === "POST") {
+      const chunks = [];
+      await new Promise((resolve2, reject) => {
+        req.on("data", (chunk) => {
+          chunks.push(Buffer.isBuffer(chunk) ? chunk : Buffer.from(chunk));
+        });
+        req.on("end", resolve2);
+        req.on("error", reject);
+      });
+      const rawBody = Buffer.concat(chunks).toString("utf8");
+      try {
+        parsedBody = JSON.parse(rawBody);
+        if (isJsonRpcMessage(parsedBody)) {
+          const sid = req.headers["mcp-session-id"];
+          const sidStr = sid ? ` (${sid.substring(0, 8)}...)` : "";
+          const extra = parsedBody.method === "resources/read" ? ` uri=${JSON.stringify(parsedBody.params?.uri)}` : "";
+          console.log(`[MCP] ← ${parsedBody.method}${extra}${sidStr}`);
+        }
+      } catch {
+        res.writeHead(400).end("Invalid JSON");
+        return;
+      }
+    }
+    const sessionId = req.headers["mcp-session-id"];
+    if (sessionId) {
+      const session = sessions2.get(sessionId);
+      if (!session) {
+        res.writeHead(404).end("Unknown session");
+        return;
+      }
+      session.lastActivity = Date.now();
+      await session.transport.handleRequest(req, res, parsedBody);
+      return;
+    }
+    if (req.method === "POST") {
+      const server = createProductionMcpServer(config);
+      const transport = new StreamableHTTPServerTransport({
+        sessionIdGenerator: () => node_crypto.randomUUID(),
+        onsessioninitialized: (id2) => {
+          sessions2.set(id2, { server, transport, lastActivity: Date.now() });
+          console.log(`[MCP] Session started: ${id2.substring(0, 8)}... (${sessions2.size} active)`);
+        },
+        onsessionclosed: (id2) => {
+          sessions2.delete(id2);
+          console.log(`[MCP] Session closed: ${id2.substring(0, 8)}... (${sessions2.size} active)`);
+        }
+      });
+      transport.onerror = (error) => {
+        const id2 = transport.sessionId;
+        console.error(`[MCP] Transport error${id2 ? ` (${id2.substring(0, 8)}...)` : ""}:`, error);
+      };
+      transport.onclose = async () => {
+        const id2 = transport.sessionId;
+        if (id2 && sessions2.has(id2)) {
+          sessions2.delete(id2);
+          console.log(`[MCP] Session closed: ${id2.substring(0, 8)}... (${sessions2.size} active)`);
+        }
+        await server.close();
+      };
+      await server.connect(transport);
+      await transport.handleRequest(req, res, parsedBody);
+      return;
+    }
+    res.writeHead(400).end("Bad Request: session ID required");
+  };
+}
+function createHandler(config) {
+  const sessions2 = /* @__PURE__ */ new Map();
+  const authFn = config.auth;
+  const cleanupInterval = setInterval(() => {
+    const now = Date.now();
+    for (const [id2, session] of sessions2) {
+      if (now - session.lastActivity > SESSION_IDLE_TIMEOUT_MS) {
+        sessions2.delete(id2);
+        session.transport.close?.();
+        session.server.close();
+        console.log(`[MCP] Session expired: ${id2.substring(0, 8)}... (${sessions2.size} active)`);
+      }
+    }
+  }, 6e4);
+  cleanupInterval.unref();
+  return async (req) => {
+    if (req.method === "OPTIONS") {
+      return new Response(null, { status: 204, headers: CORS_HEADERS });
+    }
+    let authInfo;
+    if (authFn) {
+      const result = await authFn(req);
+      if (!result) {
+        return new Response("Unauthorized", {
+          status: 401,
+          headers: { "WWW-Authenticate": "Bearer", "Access-Control-Allow-Origin": "*" }
+        });
+      }
+      authInfo = result;
+    }
+    let parsedBody;
+    if (req.method === "POST") {
+      try {
+        parsedBody = await req.json();
+      } catch {
+        return new Response("Invalid JSON", { status: 400 });
+      }
+    }
+    const sessionId = req.headers.get("mcp-session-id");
+    if (sessionId) {
+      const session = sessions2.get(sessionId);
+      if (!session) {
+        return new Response("Unknown session", { status: 404 });
+      }
+      session.lastActivity = Date.now();
+      const response = await session.transport.handleRequest(req, { parsedBody, authInfo });
+      return addCorsHeaders(response);
+    }
+    if (req.method === "POST") {
+      const { name, version, tools, resources } = config;
+      const server = createProductionMcpServer({ name, version, tools, resources });
+      const transport = new WebStandardStreamableHTTPServerTransport({
+        sessionIdGenerator: () => node_crypto.randomUUID(),
+        onsessioninitialized: (id2) => {
+          sessions2.set(id2, { server, transport, lastActivity: Date.now() });
+          console.log(`[MCP] Session started: ${id2.substring(0, 8)}... (${sessions2.size} active)`);
+        },
+        onsessionclosed: (id2) => {
+          sessions2.delete(id2);
+          console.log(`[MCP] Session closed: ${id2.substring(0, 8)}... (${sessions2.size} active)`);
+        }
+      });
+      transport.onerror = (error) => {
+        console.error("[MCP] Transport error:", error);
+      };
+      transport.onclose = async () => {
+        const id2 = transport.sessionId;
+        if (id2 && sessions2.has(id2)) {
+          sessions2.delete(id2);
+        }
+        await server.close();
+      };
+      await server.connect(transport);
+      const response = await transport.handleRequest(req, { parsedBody, authInfo });
+      return addCorsHeaders(response);
+    }
+    return new Response("Bad Request: session ID required", { status: 400 });
+  };
+}
+function addCorsHeaders(response) {
+  const headers = new Headers(response.headers);
+  headers.set("Access-Control-Allow-Origin", "*");
+  headers.set("Access-Control-Expose-Headers", "mcp-session-id");
+  return new Response(response.body, {
+    status: response.status,
+    statusText: response.statusText,
+    headers
+  });
+}
+function startProductionHttpServer(config, port) {
+  const mcpHandler = createMcpHandler(config);
+  const httpServer = node_http.createServer(async (req, res) => {
+    if (!req.url) {
+      res.writeHead(400).end("Missing URL");
+      return;
+    }
+    const url = new node_url.URL(req.url, `http://${req.headers.host ?? "localhost"}`);
+    if (req.method === "OPTIONS") {
+      res.writeHead(204, CORS_HEADERS);
+      res.end();
+      return;
+    }
+    if (req.method === "GET" && url.pathname === "/") {
+      res.writeHead(200, {
+        "Content-Type": "text/html",
+        "Access-Control-Allow-Origin": "*"
+      });
+      res.end(`<!DOCTYPE html>
+<html>
+<head>
+<meta charset="UTF-8" />
+<link rel="icon" type="image/png" href="/favicon.ico" />
+<title>Sunpeak MCP Server</title>
+</head>
+<body><h1>Sunpeak MCP Server</h1><p>Connect via <a href="/mcp">/mcp</a></p></body>
+</html>`);
+      return;
+    }
+    if (req.method === "GET" && url.pathname === "/favicon.ico") {
+      res.writeHead(200, {
+        "Content-Type": "image/png",
+        "Content-Length": FAVICON_BUFFER.length,
+        "Cache-Control": "public, max-age=86400",
+        "Access-Control-Allow-Origin": "*"
+      });
+      res.end(FAVICON_BUFFER);
+      return;
+    }
+    await mcpHandler(req, res);
+    if (!res.headersSent) {
+      res.writeHead(404).end("Not Found");
+    }
+  });
+  httpServer.on("clientError", (err, socket) => {
+    console.error("HTTP client error", err);
+    socket.end("HTTP/1.1 400 Bad Request\r\n\r\n");
+  });
+  httpServer.listen(port, () => {
+    console.log(`Sunpeak MCP server listening on http://localhost:${port}`);
+    console.log(`  MCP endpoint: http://localhost:${port}${MCP_PATH}`);
+  });
+  const shutdown = async () => {
+    console.log("\nShutting down MCP server...");
+    httpServer.close(() => {
+      console.log("MCP server closed");
+      process.exit(0);
+    });
+    setTimeout(() => {
+      console.error("Force closing MCP server");
+      process.exit(1);
+    }, 5e3);
+  };
+  process.on("SIGTERM", () => void shutdown());
+  process.on("SIGINT", () => void shutdown());
+}
 exports.EXTENSION_ID = C6;
 exports.FAVICON_BASE64 = FAVICON_BASE64;
 exports.FAVICON_BUFFER = FAVICON_BUFFER;
 exports.RESOURCE_MIME_TYPE = EI;
 exports.RESOURCE_URI_META_KEY = je;
+exports.createHandler = createHandler;
+exports.createMcpHandler = createMcpHandler;
+exports.createProductionMcpServer = createProductionMcpServer;
 exports.getUiCapability = pk;
 exports.registerAppResource = ak;
 exports.registerAppTool = hk;
 exports.runMCPServer = runMCPServer;
+exports.startProductionHttpServer = startProductionHttpServer;
 //# sourceMappingURL=index.cjs.map