npm - vmoo-mcp-database-server - Versions diffs - 1.3.8 → 1.3.10 - Mend

vmoo-mcp-database-server 1.3.8 → 1.3.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/README.md +20 -0
package/package.json +1 -1
package/shared/database-utils.js +1 -1
package/shared/privacy-utils.js +30 -32
package/shared/security-utils.js +3 -2
package/vmoo-database-deliver/server.js +11 -0
package/vmoo-database-deliver-prod/server.js +11 -0
package/vmoo-database-dev/server.js +11 -0
package/vmoo-database-prod/server.js +11 -0

package/README.md CHANGED Viewed

@@ -188,6 +188,26 @@ node mcp-vmoo-database-server.js 2> debug.log
 - 验证Augment配置文件路径正确
 - 确保Node.js版本 >= 18.0.0
+## 🚀 自动发布
+本项目已配置 GitHub Actions CI/CD，推送到 `main` 分支时会自动发布新版本到 npm。
+### 发版流程
+```bash
+# 1. 修改 package.json 中的 version
+# 2. 提交并推送
+git add .
+git commit -m "bump: 版本 x.x.x - 变更说明"
+git push origin main
+```
+- ✅ 自动检测版本号变化，仅在版本号更新时触发发布
+- ✅ 仅核心文件变更时触发（`shared/`、`vmoo-database-*/`、`bin/`、`index.js`、`package.json`）
+- ⏭️ 版本号未变化时自动跳过
+> 首次配置请参考 [NPM 自动发布配置指南](docs/npm-publish-setup.md)
 ##  许可证
 MIT License

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "vmoo-mcp-database-server",
-  "version": "1.3.8",
+  "version": "1.3.10",
   "description": "VMOO数据库MCP服务器集合 - 支持开发和生产环境的安全数据库访问",
   "type": "module",
   "main": "index.js",

package/shared/database-utils.js CHANGED Viewed

@@ -30,7 +30,7 @@ function createConnectionPool(config) {
   return mysql.createPool({
     ...processedConfig,
     waitForConnections: true,
-    connectionLimit: 10,
+    connectionLimit: 3,
     queueLimit: 0
   });
 }

package/shared/privacy-utils.js CHANGED Viewed

@@ -139,42 +139,42 @@ function anonymizeBankCard(bankCard) {
 /**
  * 对查询结果进行数据匿名化处理
+ * 使用精确字段名匹配，避免误伤业务数据（如 location_name, goods_name 等）
  * @param {Array} rows 查询结果
  * @returns {Array} 匿名化后的结果
  */
 function anonymizeQueryResults(rows) {
   if (!Array.isArray(rows)) return rows;
-  // 需要匿名化的字段映射
-  const fieldMappings = {
-    // 手机号字段
-    mobile: anonymizePhone,
-    phone: anonymizePhone,
-    tel: anonymizePhone,
-    telephone: anonymizePhone,
+  // 精确匹配的字段名 -> 匿名化函数映射
+  // 只列举数据库中真正包含用户隐私的字段名
+  const exactFieldMappings = {
+    // === 手机号字段 ===
+    'mobile': anonymizePhone,           // fanwe_user.mobile, fanwe_dc_consignee.mobile, fanwe_dc_order.mobile, ps_user.mobile
+    'phone': anonymizePhone,            // ps_sender.phone, ps_receiver.phone
+    'pre_mobile': anonymizePhone,       // fanwe_dc_order.pre_mobile
+    'lottery_mobile': anonymizePhone,   // fanwe_user.lottery_mobile
-    // 身份证字段
-    id_card: anonymizeIdCard,
-    identity_card: anonymizeIdCard,
-    id_number: anonymizeIdCard,
+    // === 身份证字段 ===
+    'id_card': anonymizeIdCard,         // ps_user.id_card
-    // 邮箱字段
-    email: anonymizeEmail,
-    mail: anonymizeEmail,
+    // === 邮箱字段 ===
+    'email': anonymizeEmail,            // fanwe_user.email
-    // 姓名字段
-    name: anonymizeName,
-    real_name: anonymizeName,
-    user_name: anonymizeName,
-    consignee: anonymizeName,
+    // === 真实姓名字段（仅限真正的人名，不包括业务名称） ===
+    'true_name': anonymizeName,         // ps_user.true_name, ps_order.true_name
+    'trun_old_true_name': anonymizeName,// ps_order.trun_old_true_name (转单前骑手名)
+    'consignee': anonymizeName,         // fanwe_dc_consignee.consignee, fanwe_dc_order.consignee (收货人姓名)
-    // 地址字段
-    address: anonymizeAddress,
-    delivery_address: anonymizeAddress,
+    // === 用户地址字段（仅限收货/配送地址，不包括店铺地址等业务地址） ===
+    'address': anonymizeAddress,        // fanwe_dc_consignee.address, ps_sender.address, ps_receiver.address
+    'api_address': anonymizeAddress,    // fanwe_dc_consignee.api_address, fanwe_dc_order.api_address
+    'address_detail': anonymizeAddress, // ps_sender.address_detail, ps_receiver.address_detail
+    'geo_address': anonymizeAddress,    // fanwe_user.geo_address
-    // 银行卡字段
-    bank_card: anonymizeBankCard,
-    card_number: anonymizeBankCard
+    // === 银行卡字段 ===
+    'bank_card': anonymizeBankCard,
+    'card_number': anonymizeBankCard
   };
   return rows.map(row => {
@@ -183,13 +183,11 @@ function anonymizeQueryResults(rows) {
     Object.keys(anonymizedRow).forEach(key => {
       const lowerKey = key.toLowerCase();
-      // 检查是否需要匿名化
-      Object.keys(fieldMappings).forEach(fieldPattern => {
-        if (lowerKey.includes(fieldPattern)) {
-          const anonymizeFunc = fieldMappings[fieldPattern];
-          anonymizedRow[key] = anonymizeFunc(anonymizedRow[key]);
-        }
-      });
+      // 使用精确匹配，而非 includes 模糊匹配
+      if (exactFieldMappings[lowerKey]) {
+        const anonymizeFunc = exactFieldMappings[lowerKey];
+        anonymizedRow[key] = anonymizeFunc(anonymizedRow[key]);
+      }
     });
     return anonymizedRow;

package/shared/security-utils.js CHANGED Viewed

@@ -17,8 +17,9 @@ class QueryRateLimiter {
     this.maxQueriesPerMinute = 10;
     this.cleanupInterval = 60000; // 1分钟清理一次
-    // 定期清理过期记录
-    setInterval(() => this.cleanup(), this.cleanupInterval);
+    // 定期清理过期记录（使用 unref 防止 timer 阻止进程退出）
+    const cleanupTimer = setInterval(() => this.cleanup(), this.cleanupInterval);
+    cleanupTimer.unref();
   }
   /**

package/vmoo-database-deliver/server.js CHANGED Viewed

@@ -283,6 +283,17 @@ async function main() {
   console.error(`VMOO配送测试站MCP服务器已启动 - ${config.server.name} v${config.server.version}`);
   console.error(`安全级别: ${config.security.level} - ${config.security.description}`);
   console.error(`️ 表前缀: ${prefixConfig ? (prefixConfig.enabled ? prefixConfig.prefix : '无前缀') : 'fanwe_(默认)'}`);
+  // Graceful shutdown：当 MCP 通信管道关闭时，主动退出进程
+  const gracefulShutdown = async () => {
+    console.error('MCP服务器正在关闭...');
+    try { await pool.end(); } catch (e) { /* ignore */ }
+    process.exit(0);
+  };
+  process.stdin.on('end', gracefulShutdown);
+  process.on('SIGTERM', gracefulShutdown);
+  process.on('SIGINT', gracefulShutdown);
 }
 main().catch(console.error);

package/vmoo-database-deliver-prod/server.js CHANGED Viewed

@@ -299,6 +299,17 @@ async function main() {
   console.error(`安全级别: ${config.security.level} - ${config.security.description}`);
   console.error(`️ 防护功能: 频率限制防爬虫数据匿名化`);
   console.error(`️ 表前缀: ${prefixConfig ? (prefixConfig.enabled ? prefixConfig.prefix : '无前缀') : 'fanwe_(默认)'}`);
+  // Graceful shutdown：当 MCP 通信管道关闭时，主动退出进程
+  const gracefulShutdown = async () => {
+    console.error('MCP服务器正在关闭...');
+    try { await pool.end(); } catch (e) { /* ignore */ }
+    process.exit(0);
+  };
+  process.stdin.on('end', gracefulShutdown);
+  process.on('SIGTERM', gracefulShutdown);
+  process.on('SIGINT', gracefulShutdown);
 }
 main().catch(console.error);

package/vmoo-database-dev/server.js CHANGED Viewed

@@ -276,6 +276,17 @@ async function main() {
   await server.connect(transport);
   console.error(`VMOO开发环境MCP服务器已启动 - ${config.server.name} v${config.server.version}`);
   console.error(`安全级别: ${config.security.level} - ${config.security.description}`);
+  // Graceful shutdown：当 MCP 通信管道关闭时，主动退出进程
+  const gracefulShutdown = async () => {
+    console.error('MCP服务器正在关闭...');
+    try { await pool.end(); } catch (e) { /* ignore */ }
+    process.exit(0);
+  };
+  process.stdin.on('end', gracefulShutdown);
+  process.on('SIGTERM', gracefulShutdown);
+  process.on('SIGINT', gracefulShutdown);
 }
 main().catch(console.error);

package/vmoo-database-prod/server.js CHANGED Viewed

@@ -295,6 +295,17 @@ async function main() {
   console.error(`VMOO生产环境MCP服务器已启动 - ${config.server.name} v${config.server.version}`);
   console.error(`安全级别: ${config.security.level} - ${config.security.description}`);
   console.error(`️ 防护功能: 频率限制防爬虫数据匿名化`);
+  // Graceful shutdown：当 MCP 通信管道关闭时，主动退出进程
+  const gracefulShutdown = async () => {
+    console.error('MCP服务器正在关闭...');
+    try { await pool.end(); } catch (e) { /* ignore */ }
+    process.exit(0);
+  };
+  process.stdin.on('end', gracefulShutdown);
+  process.on('SIGTERM', gracefulShutdown);
+  process.on('SIGINT', gracefulShutdown);
 }
 main().catch(console.error);