npm - sunpeak - Versions diffs - 0.18.12 → 0.18.14 - Mend

sunpeak 0.18.12 → 0.18.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/bin/commands/start.mjs +2 -1
package/dist/mcp/index.cjs +60 -16
package/dist/mcp/index.cjs.map +1 -1
package/dist/mcp/index.js +60 -16
package/dist/mcp/index.js.map +1 -1
package/dist/mcp/production-server.d.ts +12 -0
package/package.json +1 -1
package/template/dist/albums/albums.json +1 -1
package/template/dist/carousel/carousel.json +1 -1
package/template/dist/map/map.json +1 -1
package/template/dist/review/review.json +1 -1

package/bin/commands/start.mjs CHANGED Viewed

@@ -44,6 +44,7 @@ export async function start(projectRoot = process.cwd(), args = []) {
   }
   const jsonLogs = args.includes('--json-logs');
+  const sse = args.includes('--sse');
   // Import production server from sunpeak
   const isTemplate = projectRoot.endsWith('/template') || projectRoot.endsWith('\\template');
@@ -191,7 +192,7 @@ export async function start(projectRoot = process.cwd(), args = []) {
   console.log(`\nStarting ${name} v${version} on ${host}:${port}...`);
   startProductionHttpServer(
-    { name, version, serverInfo: serverConfig, tools, resources, auth },
+    { name, version, serverInfo: serverConfig, tools, resources, auth, ...(sse ? { enableJsonResponse: false } : {}) },
     { port, host }
   );
 }

package/dist/mcp/index.cjs CHANGED Viewed

@@ -7570,7 +7570,7 @@ var toRequestError = (e) => {
 	return new RequestError(e.message, { cause: e });
 };
 var GlobalRequest = global.Request;
-var Request = class extends GlobalRequest {
+var Request$1 = class extends GlobalRequest {
 	constructor(input, options) {
 		if (typeof input === "object" && getRequestCache in input) input = input[getRequestCache]();
 		if (typeof options?.body?.getReader !== "undefined") options.duplex ??= "half";
@@ -7595,7 +7595,7 @@ var newRequestFromIncoming = (method, url, headers, incoming, abortController) =
 	};
 	if (method === "TRACE") {
 		init.method = "GET";
-		const req = new Request(url, init);
+		const req = new Request$1(url, init);
 		Object.defineProperty(req, "method", { get() {
 			return "TRACE";
 		} });
@@ -7618,7 +7618,7 @@ var newRequestFromIncoming = (method, url, headers, incoming, abortController) =
 			}
 		} });
 	} else init.body = stream.Readable.toWeb(incoming);
-	return new Request(url, init);
+	return new Request$1(url, init);
 };
 var getRequestCache = Symbol("getRequestCache");
 var requestCache = Symbol("requestCache");
@@ -7675,7 +7675,7 @@ var requestPrototype = {
 		return this[getRequestCache]()[k]();
 	} });
 });
-Object.setPrototypeOf(requestPrototype, Request.prototype);
+Object.setPrototypeOf(requestPrototype, Request$1.prototype);
 var newRequest = (incoming, defaultHostname) => {
 	const req = Object.create(requestPrototype);
 	req[incomingKey] = incoming;
@@ -7926,8 +7926,8 @@ var responseViaResponseObject = async (res, outgoing, options = {}) => {
 };
 var getRequestListener = (fetchCallback, options = {}) => {
 	const autoCleanupIncoming = options.autoCleanupIncoming ?? true;
-	if (options.overrideGlobalObjects !== false && global.Request !== Request) {
-		Object.defineProperty(global, "Request", { value: Request });
+	if (options.overrideGlobalObjects !== false && global.Request !== Request$1) {
+		Object.defineProperty(global, "Request", { value: Request$1 });
 		Object.defineProperty(global, "Response", { value: Response2 });
 	}
 	return async (incoming, outgoing) => {
@@ -9870,6 +9870,39 @@ var CORS_HEADERS = {
 	"Access-Control-Allow-Headers": "content-type, accept, authorization, mcp-session-id, ngrok-skip-browser-warning",
 	"Access-Control-Expose-Headers": "mcp-session-id"
 };
+/** Convert a Node.js IncomingMessage to a minimal Web Standard Request (body is passed separately). */
+function nodeReqToWebRequest(req) {
+	const url = new node_url.URL(req.url, `http://${req.headers.host ?? "localhost"}`);
+	const headers = new Headers();
+	for (const [key, value] of Object.entries(req.headers)) if (value != null) headers.set(key, Array.isArray(value) ? value.join(", ") : value);
+	return new Request(url.toString(), {
+		method: req.method,
+		headers
+	});
+}
+/** Pipe a Web Standard Response (including streaming SSE) back to a Node.js ServerResponse. */
+async function pipeWebResponseToNode(webResponse, res) {
+	const headers = {};
+	webResponse.headers.forEach((value, key) => {
+		headers[key] = value;
+	});
+	res.writeHead(webResponse.status, headers);
+	if (!webResponse.body) {
+		res.end();
+		return;
+	}
+	const reader = webResponse.body.getReader();
+	res.on("close", () => reader.cancel());
+	try {
+		for (;;) {
+			const { done, value } = await reader.read();
+			if (done) break;
+			if (!res.destroyed) res.write(value);
+		}
+	} finally {
+		if (!res.destroyed) res.end();
+	}
+}
 /**
 * Create a request handler that manages MCP sessions over Streamable HTTP.
 *
@@ -9921,15 +9954,18 @@ function createMcpHandler(config) {
 			res.end();
 			return;
 		}
-		for (const [key, value] of Object.entries(CORS_HEADERS)) res.setHeader(key, value);
+		let authInfo;
 		if (authFn) {
-			const authInfo = await authFn(req);
-			if (!authInfo) {
-				res.writeHead(401, { "WWW-Authenticate": "Bearer" });
+			const result = await authFn(req);
+			if (!result) {
+				res.writeHead(401, {
+					...CORS_HEADERS,
+					"WWW-Authenticate": "Bearer"
+				});
 				res.end("Unauthorized");
 				return;
 			}
-			req.auth = authInfo;
+			authInfo = result;
 		}
 		let parsedBody;
 		if (req.method === "POST") {
@@ -9955,6 +9991,7 @@ function createMcpHandler(config) {
 				return;
 			}
 		}
+		const webRequest = nodeReqToWebRequest(req);
 		const sessionId = req.headers["mcp-session-id"];
 		if (sessionId) {
 			const session = sessions.get(sessionId);
@@ -9963,13 +10000,17 @@ function createMcpHandler(config) {
 				return;
 			}
 			session.lastActivity = Date.now();
-			await session.transport.handleRequest(req, res, parsedBody);
+			await pipeWebResponseToNode(addCorsHeaders(await session.transport.handleRequest(webRequest, {
+				parsedBody,
+				authInfo
+			})), res);
 			return;
 		}
 		if (req.method === "POST") {
 			const server = createProductionMcpServer(config);
-			const transport = new StreamableHTTPServerTransport({
+			const transport = new WebStandardStreamableHTTPServerTransport({
 				sessionIdGenerator: () => (0, node_crypto.randomUUID)(),
+				enableJsonResponse: config.enableJsonResponse ?? true,
 				onsessioninitialized: (id) => {
 					sessions.set(id, {
 						server,
@@ -10007,7 +10048,10 @@ function createMcpHandler(config) {
 				}
 			};
 			await server.connect(transport);
-			await transport.handleRequest(req, res, parsedBody);
+			await pipeWebResponseToNode(addCorsHeaders(await transport.handleRequest(webRequest, {
+				parsedBody,
+				authInfo
+			})), res);
 			return;
 		}
 		res.writeHead(400).end("Bad Request: session ID required");
@@ -10101,6 +10145,7 @@ function createHandler(config) {
 			});
 			const transport = new WebStandardStreamableHTTPServerTransport({
 				sessionIdGenerator: () => (0, node_crypto.randomUUID)(),
+				enableJsonResponse: config.enableJsonResponse ?? true,
 				onsessioninitialized: (id) => {
 					sessions.set(id, {
 						server,
@@ -10139,8 +10184,7 @@ function createHandler(config) {
 /** Add CORS headers to a response (including streaming SSE responses). */
 function addCorsHeaders(response) {
 	const headers = new Headers(response.headers);
-	headers.set("Access-Control-Allow-Origin", "*");
-	headers.set("Access-Control-Expose-Headers", "mcp-session-id");
+	for (const [key, value] of Object.entries(CORS_HEADERS)) headers.set(key, value);
 	return new Response(response.body, {
 		status: response.status,
 		statusText: response.statusText,