zero-config-cli-bridge 1.3.0 → 1.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/dist/executor.d.ts +5 -1
  2. package/dist/executor.d.ts.map +1 -1
  3. package/dist/executor.js +35 -14
  4. package/dist/executor.js.map +1 -1
  5. package/dist/index.js +49 -37
  6. package/dist/index.js.map +1 -1
  7. package/dist/schema.d.ts +17 -5
  8. package/dist/schema.d.ts.map +1 -1
  9. package/dist/schema.js +30 -56
  10. package/dist/schema.js.map +1 -1
  11. package/package.json +1 -1
package/dist/executor.d.ts CHANGED
@@ -6,6 +6,10 @@ export interface ExecuteResult {
6
6
  /**
7
7
  * Executes a binary directly with an args array.
8
8
  * NO shell intermediary — shell injection is structurally impossible.
9
+ *
10
+ * stdout is accumulated faithfully up to MAX_STDOUT_BYTES.
11
+ * If the ceiling is hit, the subprocess is killed with SIGKILL and the
12
+ * promise rejects — callers route this to an error envelope.
9
13
  */
10
- export declare function executeCommand(bin: string, args: string[]): Promise<ExecuteResult>;
14
+ export declare function executeCommand(bin: string, args: string[], timeoutMs?: number): Promise<ExecuteResult>;
11
15
  //# sourceMappingURL=executor.d.ts.map
package/dist/executor.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"executor.d.ts","sourceRoot":"","sources":["../src/executor.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,aAAa;IAC5B,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;CAClB;AAcD;;;GAGG;AACH,wBAAgB,cAAc,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,aAAa,CAAC,CAgClF"}
1
+ {"version":3,"file":"executor.d.ts","sourceRoot":"","sources":["../src/executor.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,aAAa;IAC5B,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;CAClB;AAoBD;;;;;;;GAOG;AACH,wBAAgB,cAAc,CAC5B,GAAG,EAAE,MAAM,EACX,IAAI,EAAE,MAAM,EAAE,EACd,SAAS,GAAE,MAAmB,GAC7B,OAAO,CAAC,aAAa,CAAC,CA8CxB"}
package/dist/executor.js CHANGED
@@ -1,20 +1,28 @@
1
1
  import { spawn } from 'child_process';
2
- // stdout carries structured JSON — large ceiling so index.ts can apply item-level truncation.
3
- const MAX_STDOUT_CHARS = 2_000_000; // 2 MB
4
- // stderr carries error messages and probe text keep tight.
2
+ // stdout carries structured JSON. Byte-level truncation corrupts JSON structure,
3
+ // so we monitor cumulative size and kill the process if it exceeds the ceiling.
4
+ // At that point we reject index.ts routes the error through the envelope.
5
+ //
6
+ // Practical ceiling: STATIC_FIELDS × 30 items ≈ 300 KB in normal operation.
7
+ // 5 MB is unreachable in normal use and prevents OOM from runaway output.
8
+ const MAX_STDOUT_BYTES = 5 * 1024 * 1024; // 5 MB
9
+ // stderr carries error messages (human-readable, bounded by design).
5
10
  const MAX_STDERR_CHARS = 4_096;
6
- const RAW_TRUNCATION_MSG = '\n...[Output truncated. Use grep/jq to filter]';
7
11
  const TIMEOUT_MS = 15_000;
8
- function truncate(s, limit) {
9
- if (s.length <= limit)
12
+ function truncateStderr(s) {
13
+ if (s.length <= MAX_STDERR_CHARS)
10
14
  return s;
11
- return s.slice(0, limit) + RAW_TRUNCATION_MSG;
15
+ return s.slice(0, MAX_STDERR_CHARS) + '\n...[stderr truncated]';
12
16
  }
13
17
  /**
14
18
  * Executes a binary directly with an args array.
15
19
  * NO shell intermediary — shell injection is structurally impossible.
20
+ *
21
+ * stdout is accumulated faithfully up to MAX_STDOUT_BYTES.
22
+ * If the ceiling is hit, the subprocess is killed with SIGKILL and the
23
+ * promise rejects — callers route this to an error envelope.
16
24
  */
17
- export function executeCommand(bin, args) {
25
+ export function executeCommand(bin, args, timeoutMs = TIMEOUT_MS) {
18
26
  return new Promise((resolve, reject) => {
19
27
  const proc = spawn(bin, args, {
20
28
  env: { ...process.env, CI: 'true' },
@@ -22,17 +30,30 @@ export function executeCommand(bin, args) {
22
30
  });
23
31
  let stdoutBuf = '';
24
32
  let stderrBuf = '';
25
- proc.stdout.on('data', (chunk) => { stdoutBuf += chunk.toString(); });
26
- proc.stderr.on('data', (chunk) => { stderrBuf += chunk.toString(); });
33
+ let sizeExceeded = false;
34
+ proc.stdout.on('data', (chunk) => {
35
+ stdoutBuf += chunk.toString();
36
+ if (stdoutBuf.length > MAX_STDOUT_BYTES) {
37
+ sizeExceeded = true;
38
+ proc.kill('SIGKILL');
39
+ }
40
+ });
41
+ proc.stderr.on('data', (chunk) => {
42
+ stderrBuf += chunk.toString();
43
+ });
27
44
  const timer = setTimeout(() => {
28
45
  proc.kill('SIGKILL');
29
- reject(new Error(`Command timed out after ${TIMEOUT_MS}ms`));
30
- }, TIMEOUT_MS);
46
+ reject(new Error(`Command timed out after ${timeoutMs}ms`));
47
+ }, timeoutMs);
31
48
  proc.on('close', (code) => {
32
49
  clearTimeout(timer);
50
+ if (sizeExceeded) {
51
+ reject(new Error(`stdout exceeded ${MAX_STDOUT_BYTES}-byte limit. Use --limit or filters to reduce output.`));
52
+ return;
53
+ }
33
54
  resolve({
34
- stdout: truncate(stdoutBuf, MAX_STDOUT_CHARS),
35
- stderr: truncate(stderrBuf, MAX_STDERR_CHARS),
55
+ stdout: stdoutBuf,
56
+ stderr: truncateStderr(stderrBuf),
36
57
  exitCode: code ?? 1,
37
58
  });
38
59
  });
package/dist/executor.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"executor.js","sourceRoot":"","sources":["../src/executor.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AAQtC,8FAA8F;AAC9F,MAAM,gBAAgB,GAAG,SAAS,CAAC,CAAC,OAAO;AAC3C,6DAA6D;AAC7D,MAAM,gBAAgB,GAAG,KAAK,CAAC;AAC/B,MAAM,kBAAkB,GAAG,gDAAgD,CAAC;AAC5E,MAAM,UAAU,GAAG,MAAM,CAAC;AAE1B,SAAS,QAAQ,CAAC,CAAS,EAAE,KAAa;IACxC,IAAI,CAAC,CAAC,MAAM,IAAI,KAAK;QAAE,OAAO,CAAC,CAAC;IAChC,OAAO,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,GAAG,kBAAkB,CAAC;AAChD,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,cAAc,CAAC,GAAW,EAAE,IAAc;IACxD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,IAAI,GAAG,KAAK,CAAC,GAAG,EAAE,IAAI,EAAE;YAC5B,GAAG,EAAE,EAAE,GAAG,OAAO,CAAC,GAAG,EAAE,EAAE,EAAE,MAAM,EAAE;YACnC,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC;SAClC,CAAC,CAAC;QAEH,IAAI,SAAS,GAAG,EAAE,CAAC;QACnB,IAAI,SAAS,GAAG,EAAE,CAAC;QAEnB,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE,GAAG,SAAS,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE,GAAG,SAAS,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAE9E,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE;YAC5B,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YACrB,MAAM,CAAC,IAAI,KAAK,CAAC,2BAA2B,UAAU,IAAI,CAAC,CAAC,CAAC;QAC/D,CAAC,EAAE,UAAU,CAAC,CAAC;QAEf,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAmB,EAAE,EAAE;YACvC,YAAY,CAAC,KAAK,CAAC,CAAC;YACpB,OAAO,CAAC;gBACN,MAAM,EAAE,QAAQ,CAAC,SAAS,EAAE,gBAAgB,CAAC;gBAC7C,MAAM,EAAE,QAAQ,CAAC,SAAS,EAAE,gBAAgB,CAAC;gBAC7C,QAAQ,EAAE,IAAI,IAAI,CAAC;aACpB,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAU,EAAE,EAAE;YAC9B,YAAY,CAAC,KAAK,CAAC,CAAC;YACpB,MAAM,CAAC,GAAG,CAAC,CAAC;QACd,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC"}
1
+ {"version":3,"file":"executor.js","sourceRoot":"","sources":["../src/executor.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AAQtC,iFAAiF;AACjF,gFAAgF;AAChF,4EAA4E;AAC5E,EAAE;AACF,4EAA4E;AAC5E,0EAA0E;AAC1E,MAAM,gBAAgB,GAAG,CAAC,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC,OAAO;AAEjD,qEAAqE;AACrE,MAAM,gBAAgB,GAAG,KAAK,CAAC;AAE/B,MAAM,UAAU,GAAG,MAAM,CAAC;AAE1B,SAAS,cAAc,CAAC,CAAS;IAC/B,IAAI,CAAC,CAAC,MAAM,IAAI,gBAAgB;QAAE,OAAO,CAAC,CAAC;IAC3C,OAAO,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,gBAAgB,CAAC,GAAG,yBAAyB,CAAC;AAClE,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,cAAc,CAC5B,GAAW,EACX,IAAc,EACd,YAAoB,UAAU;IAE9B,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,IAAI,GAAG,KAAK,CAAC,GAAG,EAAE,IAAI,EAAE;YAC5B,GAAG,EAAE,EAAE,GAAG,OAAO,CAAC,GAAG,EAAE,EAAE,EAAE,MAAM,EAAE;YACnC,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC;SAClC,CAAC,CAAC;QAEH,IAAI,SAAS,GAAG,EAAE,CAAC;QACnB,IAAI,SAAS,GAAG,EAAE,CAAC;QACnB,IAAI,YAAY,GAAG,KAAK,CAAC;QAEzB,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE;YACvC,SAAS,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;YAC9B,IAAI,SAAS,CAAC,MAAM,GAAG,gBAAgB,EAAE,CAAC;gBACxC,YAAY,GAAG,IAAI,CAAC;gBACpB,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YACvB,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE;YACvC,SAAS,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;QAChC,CAAC,CAAC,CAAC;QAEH,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE;YAC5B,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YACrB,MAAM,CAAC,IAAI,KAAK,CAAC,2BAA2B,SAAS,IAAI,CAAC,CAAC,CAAC;QAC9D,CAAC,EAAE,SAAS,CAAC,CAAC;QAEd,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAmB,EAAE,EAAE;YACvC,YAAY,CAAC,KAAK,CAAC,CAAC;YACpB,IAAI,YAAY,EAAE,CAAC;gBACjB,MAAM,CAAC,IAAI,KAAK,CAAC,mBAAmB,gBAAgB,uDAAuD,CAAC,CAAC,CAAC;gBAC9G,OAAO;YACT,CAAC;YACD,OAAO,CAAC;gBACN,MAAM,EAAE,SAAS;gBACjB,MAAM,EAAE,cAAc,CAAC,SAAS,CAAC;gBACjC,QAAQ,EAAE,IAAI,IAAI,CAAC;aACpB,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAU,EAAE,EAAE;YAC9B,YAAY,CAAC,KAAK,CAAC,CAAC;YACpB,MAAM,CAAC,GAAG,CAAC,CAAC;QACd,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC"}
package/dist/index.js CHANGED
@@ -6,24 +6,33 @@ import { executeCommand } from './executor.js';
6
6
  import { validateSubcommand, validateArgs } from './security.js';
7
7
  import { buildToolDefinitions, buildGhArgs } from './schema.js';
8
8
  const MAX_JSON_ITEMS = 30;
9
- const MAX_TEXT_CHARS = 2000;
10
- function toEnvelope(raw) {
11
- // --- JSON path ---
9
+ const MAX_SERIALISED_CHARS = 200_000; // 200 KB cap for non-array JSON objects
10
+ /**
11
+ * Converts gh stdout (JSON) into a bounded, always-valid envelope.
12
+ * Called only when exitCode === 0.
13
+ *
14
+ * stdout is passed unmodified from executor — no byte-level truncation
15
+ * has occurred. item-level truncation is the sole guard here.
16
+ */
17
+ function stdoutToEnvelope(stdout) {
18
+ if (!stdout.trim()) {
19
+ return { data: [], meta: { truncated: false, returnedItems: 0 } };
20
+ }
12
21
  let parsed;
13
22
  try {
14
- parsed = JSON.parse(raw);
23
+ parsed = JSON.parse(stdout);
15
24
  }
16
25
  catch {
17
- // Non-JSON (error messages, plain text)
18
- const text = raw.length > MAX_TEXT_CHARS
19
- ? raw.slice(0, MAX_TEXT_CHARS) + '...[truncated]'
20
- : raw;
26
+ // gh returned non-JSON despite --json flag (should not happen in normal operation)
21
27
  return {
22
28
  data: null,
23
- meta: { truncated: raw.length > MAX_TEXT_CHARS, error: text },
29
+ meta: {
30
+ truncated: false,
31
+ error: `Unexpected non-JSON output from gh: ${stdout.slice(0, 200)}`,
32
+ },
24
33
  };
25
34
  }
26
- // Array response: truncate at item level
35
+ // Array response: truncate at item level — primary case for list commands
27
36
  if (Array.isArray(parsed)) {
28
37
  const truncated = parsed.length > MAX_JSON_ITEMS;
29
38
  const data = truncated ? parsed.slice(0, MAX_JSON_ITEMS) : parsed;
@@ -38,9 +47,9 @@ function toEnvelope(raw) {
38
47
  },
39
48
  };
40
49
  }
41
- // Non-array JSON object: cap by serialised size
50
+ // Non-array JSON object: guard against unbounded size
42
51
  const serialised = JSON.stringify(parsed);
43
- if (serialised.length > MAX_TEXT_CHARS) {
52
+ if (serialised.length > MAX_SERIALISED_CHARS) {
44
53
  return {
45
54
  data: null,
46
55
  meta: {
@@ -51,8 +60,24 @@ function toEnvelope(raw) {
51
60
  }
52
61
  return { data: parsed, meta: { truncated: false } };
53
62
  }
54
- const server = new Server({ name: 'zero-config-cli-bridge', version: '1.3.0' }, { capabilities: { tools: {} } });
55
- let toolRegistry = new Map();
63
+ /**
64
+ * Wraps an error string in the standard envelope.
65
+ * stderr is already bounded to 4KB by executor.
66
+ */
67
+ function stderrToEnvelope(stderr, stdout) {
68
+ const error = (stderr || stdout || 'Command failed with no output').trim();
69
+ return { data: null, meta: { truncated: false, error } };
70
+ }
71
+ function envelopeToResponse(envelope, isError) {
72
+ return {
73
+ content: [{ type: 'text', text: JSON.stringify(envelope, null, 2) }],
74
+ isError,
75
+ };
76
+ }
77
+ // Tool registry is synchronously populated at startup — no subprocess calls.
78
+ const tools = buildToolDefinitions();
79
+ const toolRegistry = new Map(tools.map((t) => [t.name, t]));
80
+ const server = new Server({ name: 'zero-config-cli-bridge', version: '1.4.0' }, { capabilities: { tools: {} } });
56
81
  server.setRequestHandler(ListToolsRequestSchema, async () => ({
57
82
  tools: Array.from(toolRegistry.values()).map(({ name, description, inputSchema }) => ({
58
83
  name,
@@ -65,11 +90,7 @@ server.setRequestHandler(CallToolRequestSchema, async (request) => {
65
90
  const args = (rawArgs ?? {});
66
91
  const tool = toolRegistry.get(toolName);
67
92
  if (!tool) {
68
- const envelope = {
69
- data: null,
70
- meta: { truncated: false, error: `Unknown tool "${toolName}".` },
71
- };
72
- return { content: [{ type: 'text', text: JSON.stringify(envelope, null, 2) }], isError: true };
93
+ return envelopeToResponse({ data: null, meta: { truncated: false, error: `Unknown tool "${toolName}".` } }, true);
73
94
  }
74
95
  // Security: whitelist subcommand + validate arg values
75
96
  try {
@@ -77,11 +98,7 @@ server.setRequestHandler(CallToolRequestSchema, async (request) => {
77
98
  validateArgs(args);
78
99
  }
79
100
  catch (err) {
80
- const envelope = {
81
- data: null,
82
- meta: { truncated: false, error: err instanceof Error ? err.message : String(err) },
83
- };
84
- return { content: [{ type: 'text', text: JSON.stringify(envelope, null, 2) }], isError: true };
101
+ return envelopeToResponse({ data: null, meta: { truncated: false, error: err instanceof Error ? err.message : String(err) } }, true);
85
102
  }
86
103
  // Direct spawn — no shell, no injection surface
87
104
  const ghArgs = buildGhArgs(tool, args);
@@ -90,22 +107,17 @@ server.setRequestHandler(CallToolRequestSchema, async (request) => {
90
107
  result = await executeCommand('gh', ghArgs);
91
108
  }
92
109
  catch (err) {
93
- const envelope = {
94
- data: null,
95
- meta: { truncated: false, error: `Execution error: ${err instanceof Error ? err.message : String(err)}` },
96
- };
97
- return { content: [{ type: 'text', text: JSON.stringify(envelope, null, 2) }], isError: true };
110
+ return envelopeToResponse({ data: null, meta: { truncated: false, error: `Execution error: ${err instanceof Error ? err.message : String(err)}` } }, true);
98
111
  }
99
- const raw = result.stdout || result.stderr || '';
100
- const envelope = toEnvelope(raw);
101
- return {
102
- content: [{ type: 'text', text: JSON.stringify(envelope, null, 2) }],
103
- isError: result.exitCode !== 0,
104
- };
112
+ // stdout and stderr are semantically distinct:
113
+ // exitCode === 0 → stdout is structured JSON data; stderr is ignored warnings
114
+ // exitCode !== 0 → stderr is the error message; stdout is typically empty
115
+ if (result.exitCode !== 0) {
116
+ return envelopeToResponse(stderrToEnvelope(result.stderr, result.stdout), true);
117
+ }
118
+ return envelopeToResponse(stdoutToEnvelope(result.stdout), false);
105
119
  });
106
120
  async function main() {
107
- const tools = await buildToolDefinitions();
108
- toolRegistry = new Map(tools.map((t) => [t.name, t]));
109
121
  const transport = new StdioServerTransport();
110
122
  await server.connect(transport);
111
123
  }
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,2CAA2C,CAAC;AACnE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EACL,qBAAqB,EACrB,sBAAsB,GACvB,MAAM,oCAAoC,CAAC;AAE5C,OAAO,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAC/C,OAAO,EAAE,kBAAkB,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AACjE,OAAO,EAAE,oBAAoB,EAAE,WAAW,EAAkB,MAAM,aAAa,CAAC;AAEhF,MAAM,cAAc,GAAG,EAAE,CAAC;AAC1B,MAAM,cAAc,GAAG,IAAI,CAAC;AAsB5B,SAAS,UAAU,CAAC,GAAW;IAC7B,oBAAoB;IACpB,IAAI,MAAe,CAAC;IACpB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC3B,CAAC;IAAC,MAAM,CAAC;QACP,wCAAwC;QACxC,MAAM,IAAI,GAAG,GAAG,CAAC,MAAM,GAAG,cAAc;YACtC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,cAAc,CAAC,GAAG,gBAAgB;YACjD,CAAC,CAAC,GAAG,CAAC;QACR,OAAO;YACL,IAAI,EAAE,IAAI;YACV,IAAI,EAAE,EAAE,SAAS,EAAE,GAAG,CAAC,MAAM,GAAG,cAAc,EAAE,KAAK,EAAE,IAAI,EAAE;SAC9D,CAAC;IACJ,CAAC;IAED,yCAAyC;IACzC,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAC1B,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,GAAG,cAAc,CAAC;QACjD,MAAM,IAAI,GAAG,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;QAClE,OAAO;YACL,IAAI;YACJ,IAAI,EAAE;gBACJ,SAAS;gBACT,aAAa,EAAE,IAAI,CAAC,MAAM;gBAC1B,GAAG,CAAC,SAAS;oBACX,CAAC,CAAC,EAAE,IAAI,EAAE,iBAAiB,cAAc,mDAAmD,EAAE;oBAC9F,CAAC,CAAC,EAAE,CAAC;aACR;SACF,CAAC;IACJ,CAAC;IAED,gDAAgD;IAChD,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;IAC1C,IAAI,UAAU,CAAC,MAAM,GAAG,cAAc,EAAE,CAAC;QACvC,OAAO;YACL,IAAI,EAAE,IAAI;YACV,IAAI,EAAE;gBACJ,SAAS,EAAE,IAAI;gBACf,KAAK,EAAE,8BAA8B,UAAU,CAAC,MAAM,yCAAyC;aAChG;SACF,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,EAAE,CAAC;AACtD,CAAC;AAED,MAAM,MAAM,GAAG,IAAI,MAAM,CACvB,EAAE,IAAI,EAAE,wBAAwB,EAAE,OAAO,EAAE,OAAO,EAAE,EACpD,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,CAChC,CAAC;AAEF,IAAI,YAAY,GAAG,IAAI,GAAG,EAA0B,CAAC;AAErD,MAAM,CAAC,iBAAiB,CAAC,sBAAsB,EAAE,KAAK,IAAI,EAAE,CAAC,CAAC;IAC5D,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,WAAW,EAAE,EAAE,EAAE,CAAC,CAAC;QACpF,IAAI;QACJ,WAAW;QACX,WAAW;KACZ,CAAC,CAAC;CACJ,CAAC,CAAC,CAAC;AAEJ,MAAM,CAAC,iBAAiB,CAAC,qBAAqB,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE;IAChE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC;IAC9D,MAAM,IAAI,GAAG,CAAC,OAAO,IAAI,EAAE,CAA4B,CAAC;IAExD,MAAM,IAAI,GAAG,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACxC,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,MAAM,QAAQ,GAAiB;YAC7B,IAAI,EAAE,IAAI;YACV,IAAI,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,KAAK,EAAE,iBAAiB,QAAQ,IAAI,EAAE;SACjE,CAAC;QACF,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IACjG,CAAC;IAED,uDAAuD;IACvD,IAAI,CAAC;QACH,kBAAkB,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;QAC9C,YAAY,CAAC,IAAI,CAAC,CAAC;IACrB,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,QAAQ,GAAiB;YAC7B,IAAI,EAAE,IAAI;YACV,IAAI,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE;SACpF,CAAC;QACF,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IACjG,CAAC;IAED,gDAAgD;IAChD,MAAM,MAAM,GAAG,WAAW,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IAEvC,IAAI,MAAM,CAAC;IACX,IAAI,CAAC;QACH,MAAM,GAAG,MAAM,cAAc,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IAC9C,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,QAAQ,GAAiB;YAC7B,IAAI,EAAE,IAAI;YACV,IAAI,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,KAAK,EAAE,oBAAoB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE;SAC1G,CAAC;QACF,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IACjG,CAAC;IAED,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC;IACjD,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;IAEjC,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;QACpE,OAAO,EAAE,MAAM,CAAC,QAAQ,KAAK,CAAC;KAC/B,CAAC;AACJ,CAAC,CAAC,CAAC;AAEH,KAAK,UAAU,IAAI;IACjB,MAAM,KAAK,GAAG,MAAM,oBAAoB,EAAE,CAAC;IAC3C,YAAY,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;IAEtD,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;AAClC,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;IACnB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,gBAAgB,GAAG,IAAI,CAAC,CAAC;IAC9C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,2CAA2C,CAAC;AACnE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EACL,qBAAqB,EACrB,sBAAsB,GACvB,MAAM,oCAAoC,CAAC;AAE5C,OAAO,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAC/C,OAAO,EAAE,kBAAkB,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AACjE,OAAO,EAAE,oBAAoB,EAAE,WAAW,EAAkB,MAAM,aAAa,CAAC;AAEhF,MAAM,cAAc,GAAG,EAAE,CAAC;AAC1B,MAAM,oBAAoB,GAAG,OAAO,CAAC,CAAC,wCAAwC;AAiB9E;;;;;;GAMG;AACH,SAAS,gBAAgB,CAAC,MAAc;IACtC,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC;QACnB,OAAO,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,aAAa,EAAE,CAAC,EAAE,EAAE,CAAC;IACpE,CAAC;IAED,IAAI,MAAe,CAAC;IACpB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAC9B,CAAC;IAAC,MAAM,CAAC;QACP,mFAAmF;QACnF,OAAO;YACL,IAAI,EAAE,IAAI;YACV,IAAI,EAAE;gBACJ,SAAS,EAAE,KAAK;gBAChB,KAAK,EAAE,uCAAuC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;aACrE;SACF,CAAC;IACJ,CAAC;IAED,0EAA0E;IAC1E,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAC1B,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,GAAG,cAAc,CAAC;QACjD,MAAM,IAAI,GAAG,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;QAClE,OAAO;YACL,IAAI;YACJ,IAAI,EAAE;gBACJ,SAAS;gBACT,aAAa,EAAE,IAAI,CAAC,MAAM;gBAC1B,GAAG,CAAC,SAAS;oBACX,CAAC,CAAC,EAAE,IAAI,EAAE,iBAAiB,cAAc,mDAAmD,EAAE;oBAC9F,CAAC,CAAC,EAAE,CAAC;aACR;SACF,CAAC;IACJ,CAAC;IAED,sDAAsD;IACtD,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;IAC1C,IAAI,UAAU,CAAC,MAAM,GAAG,oBAAoB,EAAE,CAAC;QAC7C,OAAO;YACL,IAAI,EAAE,IAAI;YACV,IAAI,EAAE;gBACJ,SAAS,EAAE,IAAI;gBACf,KAAK,EAAE,8BAA8B,UAAU,CAAC,MAAM,yCAAyC;aAChG;SACF,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,EAAE,CAAC;AACtD,CAAC;AAED;;;GAGG;AACH,SAAS,gBAAgB,CAAC,MAAc,EAAE,MAAc;IACtD,MAAM,KAAK,GAAG,CAAC,MAAM,IAAI,MAAM,IAAI,+BAA+B,CAAC,CAAC,IAAI,EAAE,CAAC;IAC3E,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE,CAAC;AAC3D,CAAC;AAED,SAAS,kBAAkB,CAAC,QAAsB,EAAE,OAAgB;IAClE,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;QACpE,OAAO;KACR,CAAC;AACJ,CAAC;AAED,6EAA6E;AAC7E,MAAM,KAAK,GAAG,oBAAoB,EAAE,CAAC;AACrC,MAAM,YAAY,GAAG,IAAI,GAAG,CAAyB,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;AAEpF,MAAM,MAAM,GAAG,IAAI,MAAM,CACvB,EAAE,IAAI,EAAE,wBAAwB,EAAE,OAAO,EAAE,OAAO,EAAE,EACpD,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,CAChC,CAAC;AAEF,MAAM,CAAC,iBAAiB,CAAC,sBAAsB,EAAE,KAAK,IAAI,EAAE,CAAC,CAAC;IAC5D,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,WAAW,EAAE,EAAE,EAAE,CAAC,CAAC;QACpF,IAAI;QACJ,WAAW;QACX,WAAW;KACZ,CAAC,CAAC;CACJ,CAAC,CAAC,CAAC;AAEJ,MAAM,CAAC,iBAAiB,CAAC,qBAAqB,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE;IAChE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC;IAC9D,MAAM,IAAI,GAAG,CAAC,OAAO,IAAI,EAAE,CAA4B,CAAC;IAExD,MAAM,IAAI,GAAG,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACxC,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO,kBAAkB,CACvB,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,KAAK,EAAE,iBAAiB,QAAQ,IAAI,EAAE,EAAE,EAChF,IAAI,CACL,CAAC;IACJ,CAAC;IAED,uDAAuD;IACvD,IAAI,CAAC;QACH,kBAAkB,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;QAC9C,YAAY,CAAC,IAAI,CAAC,CAAC;IACrB,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,kBAAkB,CACvB,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,EACnG,IAAI,CACL,CAAC;IACJ,CAAC;IAED,gDAAgD;IAChD,MAAM,MAAM,GAAG,WAAW,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IAEvC,IAAI,MAAM,CAAC;IACX,IAAI,CAAC;QACH,MAAM,GAAG,MAAM,cAAc,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IAC9C,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,kBAAkB,CACvB,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,KAAK,EAAE,oBAAoB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,EACzH,IAAI,CACL,CAAC;IACJ,CAAC;IAED,+CAA+C;IAC/C,gFAAgF;IAChF,4EAA4E;IAC5E,IAAI,MAAM,CAAC,QAAQ,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO,kBAAkB,CAAC,gBAAgB,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,CAAC;IAClF,CAAC;IAED,OAAO,kBAAkB,CAAC,gBAAgB,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,KAAK,CAAC,CAAC;AACpE,CAAC,CAAC,CAAC;AAEH,KAAK,UAAU,IAAI;IACjB,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;AAClC,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;IACnB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,gBAAgB,GAAG,IAAI,CAAC,CAAC;IAC9C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}
package/dist/schema.d.ts CHANGED
@@ -1,3 +1,17 @@
1
+ /**
2
+ * Schema definitions for exposed gh tools.
3
+ *
4
+ * Field list design:
5
+ * STATIC_FIELDS is the authoritative source of truth.
6
+ * It contains only fields that work with the standard `repo` OAuth scope
7
+ * and have been stable across gh major versions.
8
+ *
9
+ * The probe (detectJsonFields) is NOT called at startup.
10
+ * Rationale: the probe has no reliability guarantee — gh's output format
11
+ * is human-readable and can change with any release. Running an unreliable
12
+ * subprocess at every server start adds latency and timeout risk for zero
13
+ * guaranteed gain. Static fields are the correct default.
14
+ */
1
15
  export interface ToolDefinition {
2
16
  name: string;
3
17
  description: string;
@@ -9,16 +23,14 @@ export interface ToolDefinition {
9
23
  }>;
10
24
  required?: string[];
11
25
  };
12
- /** gh subcommand tokens, e.g. ['issue', 'list'] */
13
26
  subcommand: string[];
14
- /** JSON fields confirmed available in the local gh binary, filtered to repo-scope-safe set */
15
27
  jsonFields: string[];
16
28
  }
17
- export declare function buildToolDefinitions(): Promise<ToolDefinition[]>;
29
+ export declare function buildToolDefinitions(): ToolDefinition[];
18
30
  /**
19
31
  * Builds the gh args array using --flag=value notation throughout.
20
- * This prevents option injection: a value starting with '-' cannot
21
- * be misinterpreted as a separate flag by gh's argument parser.
32
+ * Prevents option injection: a value starting with '-' cannot be
33
+ * misinterpreted as a separate flag by gh's argument parser.
22
34
  */
23
35
  export declare function buildGhArgs(tool: ToolDefinition, args: Record<string, unknown>): string[];
24
36
  //# sourceMappingURL=schema.d.ts.map
package/dist/schema.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../src/schema.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE;QACX,IAAI,EAAE,QAAQ,CAAC;QACf,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE;YAAE,IAAI,EAAE,MAAM,CAAC;YAAC,WAAW,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QAClE,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;KACrB,CAAC;IACF,mDAAmD;IACnD,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,8FAA8F;IAC9F,UAAU,EAAE,MAAM,EAAE,CAAC;CACtB;AAoDD,wBAAsB,oBAAoB,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC,CA8CtE;AAED;;;;GAIG;AACH,wBAAgB,WAAW,CAAC,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,EAAE,CAWzF"}
1
+ {"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../src/schema.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE;QACX,IAAI,EAAE,QAAQ,CAAC;QACf,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE;YAAE,IAAI,EAAE,MAAM,CAAC;YAAC,WAAW,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QAClE,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;KACrB,CAAC;IACF,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,UAAU,EAAE,MAAM,EAAE,CAAC;CACtB;AAiBD,wBAAgB,oBAAoB,IAAI,cAAc,EAAE,CAyCvD;AAED;;;;GAIG;AACH,wBAAgB,WAAW,CAAC,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,EAAE,CAWzF"}
package/dist/schema.js CHANGED
@@ -1,58 +1,32 @@
1
- import { executeCommand } from './executor.js';
2
1
  /**
3
- * Fields requiring only the standard `repo` OAuth scope.
4
- * Explicitly excludes:
5
- * - `id` — requires read:project scope
6
- * - `body` — unbounded text; breaks JSON item-level truncation
2
+ * Schema definitions for exposed gh tools.
3
+ *
4
+ * Field list design:
5
+ * STATIC_FIELDS is the authoritative source of truth.
6
+ * It contains only fields that work with the standard `repo` OAuth scope
7
+ * and have been stable across gh major versions.
8
+ *
9
+ * The probe (detectJsonFields) is NOT called at startup.
10
+ * Rationale: the probe has no reliability guarantee — gh's output format
11
+ * is human-readable and can change with any release. Running an unreliable
12
+ * subprocess at every server start adds latency and timeout risk for zero
13
+ * guaranteed gain. Static fields are the correct default.
7
14
  */
8
- const REPO_SCOPE_SAFE_FIELDS = new Set([
9
- 'number', 'title', 'state', 'labels', 'assignees',
10
- 'author', 'createdAt', 'updatedAt', 'closedAt', 'url',
11
- 'comments', 'milestone', 'isDraft', 'locked',
12
- // PR-specific
13
- 'baseRefName', 'headRefName', 'headRepository', 'mergedAt', 'mergeCommit',
14
- 'reviewDecision', 'additions', 'deletions', 'changedFiles',
15
- ]);
16
- const FALLBACK_FIELDS = {
17
- 'issue list': ['number', 'title', 'state', 'labels', 'assignees', 'createdAt', 'url'],
18
- 'pr list': ['number', 'title', 'state', 'labels', 'assignees', 'createdAt', 'url', 'baseRefName'],
15
+ // Fields verified against `gh issue list --json` and `gh pr list --json` output.
16
+ // Excludes: `id` (requires read:project scope), `body` (unbounded text).
17
+ const STATIC_FIELDS = {
18
+ 'issue list': [
19
+ 'number', 'title', 'state', 'labels', 'assignees',
20
+ 'author', 'createdAt', 'updatedAt', 'closedAt', 'url',
21
+ 'comments', 'milestone',
22
+ ],
23
+ 'pr list': [
24
+ 'number', 'title', 'state', 'labels', 'assignees',
25
+ 'author', 'createdAt', 'updatedAt', 'closedAt', 'url',
26
+ 'baseRefName', 'headRefName', 'isDraft', 'mergedAt', 'reviewDecision',
27
+ ],
19
28
  };
20
- /**
21
- * Detects JSON fields available in the local gh binary by calling
22
- * `gh <subcommand> --json` with no field argument. Recent gh versions
23
- * output the available field list to stderr in this case — no error
24
- * injection needed. Falls back to the static list on any failure.
25
- */
26
- async function detectJsonFields(subcommand) {
27
- const key = subcommand.join(' ');
28
- try {
29
- // `gh issue list --json` with no fields causes gh to list available fields on stderr.
30
- // This is documented behaviour, not error scraping.
31
- const result = await executeCommand('gh', [...subcommand, '--json']);
32
- const text = result.stderr + result.stdout;
33
- // Output format: "Use `--json` with one or more of: field1,field2,..."
34
- // or a newline-separated list after "Available fields:"
35
- const commaMatch = text.match(/--json`?\s+with[^:]*:\s*([a-zA-Z,\s]+)/i);
36
- if (commaMatch) {
37
- const fields = commaMatch[1]
38
- .split(/[,\s]+/)
39
- .map((f) => f.trim())
40
- .filter((f) => /^[a-zA-Z][a-zA-Z0-9]*$/.test(f))
41
- .filter((f) => REPO_SCOPE_SAFE_FIELDS.has(f));
42
- if (fields.length > 0)
43
- return fields;
44
- }
45
- }
46
- catch {
47
- // gh not installed or timed out
48
- }
49
- return FALLBACK_FIELDS[key] ?? [];
50
- }
51
- export async function buildToolDefinitions() {
52
- const [issueFields, prFields] = await Promise.all([
53
- detectJsonFields(['issue', 'list']),
54
- detectJsonFields(['pr', 'list']),
55
- ]);
29
+ export function buildToolDefinitions() {
56
30
  return [
57
31
  {
58
32
  name: 'gh_issue_list',
@@ -60,7 +34,7 @@ export async function buildToolDefinitions() {
60
34
  'Uses the local `gh` CLI and its existing authentication — no API key required. ' +
61
35
  'Read-only. Does not create, edit, or delete issues.',
62
36
  subcommand: ['issue', 'list'],
63
- jsonFields: issueFields,
37
+ jsonFields: STATIC_FIELDS['issue list'],
64
38
  inputSchema: {
65
39
  type: 'object',
66
40
  properties: {
@@ -78,7 +52,7 @@ export async function buildToolDefinitions() {
78
52
  'Uses the local `gh` CLI and its existing authentication — no API key required. ' +
79
53
  'Read-only. Does not create, edit, merge, or close pull requests.',
80
54
  subcommand: ['pr', 'list'],
81
- jsonFields: prFields,
55
+ jsonFields: STATIC_FIELDS['pr list'],
82
56
  inputSchema: {
83
57
  type: 'object',
84
58
  properties: {
@@ -94,8 +68,8 @@ export async function buildToolDefinitions() {
94
68
  }
95
69
  /**
96
70
  * Builds the gh args array using --flag=value notation throughout.
97
- * This prevents option injection: a value starting with '-' cannot
98
- * be misinterpreted as a separate flag by gh's argument parser.
71
+ * Prevents option injection: a value starting with '-' cannot be
72
+ * misinterpreted as a separate flag by gh's argument parser.
99
73
  */
100
74
  export function buildGhArgs(tool, args) {
101
75
  const parts = [...tool.subcommand, `--json=${tool.jsonFields.join(',')}`];
package/dist/schema.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"schema.js","sourceRoot":"","sources":["../src/schema.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAgB/C;;;;;GAKG;AACH,MAAM,sBAAsB,GAAwB,IAAI,GAAG,CAAC;IAC1D,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW;IACjD,QAAQ,EAAE,WAAW,EAAE,WAAW,EAAE,UAAU,EAAE,KAAK;IACrD,UAAU,EAAE,WAAW,EAAE,SAAS,EAAE,QAAQ;IAC5C,cAAc;IACd,aAAa,EAAE,aAAa,EAAE,gBAAgB,EAAE,UAAU,EAAE,aAAa;IACzE,gBAAgB,EAAE,WAAW,EAAE,WAAW,EAAE,cAAc;CAC3D,CAAC,CAAC;AAEH,MAAM,eAAe,GAA6B;IAChD,YAAY,EAAE,CAAC,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,WAAW,EAAE,KAAK,CAAC;IACrF,SAAS,EAAK,CAAC,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,WAAW,EAAE,KAAK,EAAE,aAAa,CAAC;CACrG,CAAC;AAEF;;;;;GAKG;AACH,KAAK,UAAU,gBAAgB,CAAC,UAAoB;IAClD,MAAM,GAAG,GAAG,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACjC,IAAI,CAAC;QACH,sFAAsF;QACtF,oDAAoD;QACpD,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,IAAI,EAAE,CAAC,GAAG,UAAU,EAAE,QAAQ,CAAC,CAAC,CAAC;QACrE,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;QAC3C,uEAAuE;QACvE,wDAAwD;QACxD,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,yCAAyC,CAAC,CAAC;QACzE,IAAI,UAAU,EAAE,CAAC;YACf,MAAM,MAAM,GAAG,UAAU,CAAC,CAAC,CAAC;iBACzB,KAAK,CAAC,QAAQ,CAAC;iBACf,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;iBACpB,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,wBAAwB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;iBAC/C,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;YAChD,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC;gBAAE,OAAO,MAAM,CAAC;QACvC,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,gCAAgC;IAClC,CAAC;IACD,OAAO,eAAe,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;AACpC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,oBAAoB;IACxC,MAAM,CAAC,WAAW,EAAE,QAAQ,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;QAChD,gBAAgB,CAAC,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QACnC,gBAAgB,CAAC,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;KACjC,CAAC,CAAC;IAEH,OAAO;QACL;YACE,IAAI,EAAE,eAAe;YACrB,WAAW,EACT,yCAAyC;gBACzC,iFAAiF;gBACjF,qDAAqD;YACvD,UAAU,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC;YAC7B,UAAU,EAAE,WAAW;YACvB,WAAW,EAAE;gBACX,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,IAAI,EAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,6DAA6D,EAAE;oBACxG,KAAK,EAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,4BAA4B,EAAE;oBACvE,KAAK,EAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,sCAAsC,EAAE;oBACjF,KAAK,EAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,uBAAuB,EAAE;oBAClE,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,2BAA2B,EAAE;iBACvE;aACF;SACF;QACD;YACE,IAAI,EAAE,YAAY;YAClB,WAAW,EACT,gDAAgD;gBAChD,iFAAiF;gBACjF,kEAAkE;YACpE,UAAU,EAAE,CAAC,IAAI,EAAE,MAAM,CAAC;YAC1B,UAAU,EAAE,QAAQ;YACpB,WAAW,EAAE;gBACX,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,IAAI,EAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,6DAA6D,EAAE;oBACxG,KAAK,EAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,4BAA4B,EAAE;oBACvE,KAAK,EAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,yCAAyC,EAAE;oBACpF,IAAI,EAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,wBAAwB,EAAE;oBACnE,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,2BAA2B,EAAE;iBACvE;aACF;SACF;KACF,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,WAAW,CAAC,IAAoB,EAAE,IAA6B;IAC7E,MAAM,KAAK,GAAa,CAAC,GAAG,IAAI,CAAC,UAAU,EAAE,UAAU,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAEpF,IAAI,IAAI,CAAC,MAAM,CAAC,KAAS,SAAS;QAAE,KAAK,CAAC,IAAI,CAAC,UAAU,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC;IACjF,IAAI,IAAI,CAAC,OAAO,CAAC,KAAQ,SAAS;QAAE,KAAK,CAAC,IAAI,CAAC,WAAW,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC;IACnF,IAAI,IAAI,CAAC,OAAO,CAAC,KAAQ,SAAS;QAAE,KAAK,CAAC,IAAI,CAAC,WAAW,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC;IACnF,IAAI,IAAI,CAAC,OAAO,CAAC,KAAQ,SAAS,IAAI,IAAI,CAAC,IAAI,KAAK,eAAe;QAAE,KAAK,CAAC,IAAI,CAAC,WAAW,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC;IACpH,IAAI,IAAI,CAAC,UAAU,CAAC,KAAK,SAAS;QAAE,KAAK,CAAC,IAAI,CAAC,cAAc,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC,CAAC;IACzF,IAAI,IAAI,CAAC,MAAM,CAAC,KAAS,SAAS,IAAI,IAAI,CAAC,IAAI,KAAK,YAAY;QAAK,KAAK,CAAC,IAAI,CAAC,UAAU,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC;IAElH,OAAO,KAAK,CAAC;AACf,CAAC"}
1
+ {"version":3,"file":"schema.js","sourceRoot":"","sources":["../src/schema.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAcH,iFAAiF;AACjF,yEAAyE;AACzE,MAAM,aAAa,GAA6B;IAC9C,YAAY,EAAE;QACZ,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW;QACjD,QAAQ,EAAE,WAAW,EAAE,WAAW,EAAE,UAAU,EAAE,KAAK;QACrD,UAAU,EAAE,WAAW;KACxB;IACD,SAAS,EAAE;QACT,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW;QACjD,QAAQ,EAAE,WAAW,EAAE,WAAW,EAAE,UAAU,EAAE,KAAK;QACrD,aAAa,EAAE,aAAa,EAAE,SAAS,EAAE,UAAU,EAAE,gBAAgB;KACtE;CACF,CAAC;AAEF,MAAM,UAAU,oBAAoB;IAClC,OAAO;QACL;YACE,IAAI,EAAE,eAAe;YACrB,WAAW,EACT,yCAAyC;gBACzC,iFAAiF;gBACjF,qDAAqD;YACvD,UAAU,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC;YAC7B,UAAU,EAAE,aAAa,CAAC,YAAY,CAAC;YACvC,WAAW,EAAE;gBACX,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,IAAI,EAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,6DAA6D,EAAE;oBACxG,KAAK,EAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,4BAA4B,EAAE;oBACvE,KAAK,EAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,sCAAsC,EAAE;oBACjF,KAAK,EAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,uBAAuB,EAAE;oBAClE,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,2BAA2B,EAAE;iBACvE;aACF;SACF;QACD;YACE,IAAI,EAAE,YAAY;YAClB,WAAW,EACT,gDAAgD;gBAChD,iFAAiF;gBACjF,kEAAkE;YACpE,UAAU,EAAE,CAAC,IAAI,EAAE,MAAM,CAAC;YAC1B,UAAU,EAAE,aAAa,CAAC,SAAS,CAAC;YACpC,WAAW,EAAE;gBACX,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,IAAI,EAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,6DAA6D,EAAE;oBACxG,KAAK,EAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,4BAA4B,EAAE;oBACvE,KAAK,EAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,yCAAyC,EAAE;oBACpF,IAAI,EAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,wBAAwB,EAAE;oBACnE,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,2BAA2B,EAAE;iBACvE;aACF;SACF;KACF,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,WAAW,CAAC,IAAoB,EAAE,IAA6B;IAC7E,MAAM,KAAK,GAAa,CAAC,GAAG,IAAI,CAAC,UAAU,EAAE,UAAU,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAEpF,IAAI,IAAI,CAAC,MAAM,CAAC,KAAS,SAAS;QAAE,KAAK,CAAC,IAAI,CAAC,UAAU,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC;IACjF,IAAI,IAAI,CAAC,OAAO,CAAC,KAAQ,SAAS;QAAE,KAAK,CAAC,IAAI,CAAC,WAAW,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC;IACnF,IAAI,IAAI,CAAC,OAAO,CAAC,KAAQ,SAAS;QAAE,KAAK,CAAC,IAAI,CAAC,WAAW,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC;IACnF,IAAI,IAAI,CAAC,OAAO,CAAC,KAAQ,SAAS,IAAI,IAAI,CAAC,IAAI,KAAK,eAAe;QAAE,KAAK,CAAC,IAAI,CAAC,WAAW,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC;IACpH,IAAI,IAAI,CAAC,UAAU,CAAC,KAAK,SAAS;QAAE,KAAK,CAAC,IAAI,CAAC,cAAc,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC,CAAC;IACzF,IAAI,IAAI,CAAC,MAAM,CAAC,KAAS,SAAS,IAAI,IAAI,CAAC,IAAI,KAAK,YAAY;QAAK,KAAK,CAAC,IAAI,CAAC,UAAU,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC;IAElH,OAAO,KAAK,CAAC;AACf,CAAC"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "zero-config-cli-bridge",
3
- "version": "1.3.0",
3
+ "version": "1.5.0",
4
4
  "description": "Zero Setup. Zero API Keys. Expose your local authenticated CLIs as MCP tools.",
5
5
  "type": "module",
6
6
  "main": "dist/index.js",