cedar-mcp 1.0.0__tar.gz

cedar_mcp-1.0.0/.env.example

@@ -0,0 +1,8 @@
+# CEDAR API Configuration
+# Copy this file to .env and add your actual API key
+
+# CEDAR API Key for accessing CEDAR metadata repository
+CEDAR_API_KEY=your-cedar-api-key-here
+
+# BioPortal API Key for fetching vocabulary terms
+BIOPORTAL_API_KEY=your-bioportal-api-key-here

cedar_mcp-1.0.0/.github/DEPLOYMENT.md

@@ -0,0 +1,112 @@
+# CI/CD Deployment Guide
+
+This repository is configured with a comprehensive CI/CD pipeline using GitHub Actions.
+
+## 🚀 Quick Setup
+
+### 1. Configure Repository Secrets
+Go to **Settings → Secrets and variables → Actions** and add:
+
+**Optional for Integration Tests:**
+- `CEDAR_API_KEY` - CEDAR repository API key
+- `BIOPORTAL_API_KEY` - BioPortal API key
+
+### 2. Enable Branch Protection
+Go to **Settings → Branches** and add rules for `main`:
+- ✅ Require status checks to pass before merging
+- ✅ Require branches to be up to date before merging
+- ✅ Include administrators
+
+### 3. Enable Security Features
+Go to **Settings → Code security and analysis**:
+- ✅ Dependency graph
+- ✅ Dependabot alerts
+- ✅ Dependabot security updates
+- ✅ Code scanning (CodeQL)
+- ✅ Secret scanning
+
+## 📋 Workflows Overview
+
+| Workflow | Triggers | Purpose |
+|----------|----------|---------|
+| **CI** | Push/PR to `main`/`develop` | Code quality, testing, security |
+| **Release** | Git tags (`v*`) | Build package and create GitHub release |
+| **CodeQL** | Push/PR + weekly | Advanced security scanning |
+| **Dependabot** | Weekly | Automated dependency updates |
+
+## 🔄 CI Pipeline
+
+### On Pull Request / Push
+1. **Code Quality**: ruff linting, mypy type checking
+2. **Testing**: Unit tests on Python 3.10, 3.11, 3.12
+3. **Integration Tests**: Run if API keys available
+4. **Security**: Dependency and code security scanning
+5. **Build**: Package verification
+
+### On Release Tag
+1. **Build**: Create distribution packages
+2. **Verify**: Check package integrity
+3. **Release**: Create GitHub release with distribution artifacts
+
+## 📦 Creating a Release
+
+1. Update version in `pyproject.toml`
+2. Commit and push changes
+3. Create and push a tag:
+   ```bash
+   git tag v0.1.1
+   git push origin v0.1.1
+   ```
+4. GitHub Actions will automatically:
+   - Build the package
+   - Create a GitHub release with installation instructions
+
+## 🧪 Local Testing
+
+Simulate CI checks locally:
+```bash
+# Code quality
+ruff check .
+ruff format --check .
+mypy src/
+
+# Testing
+python run_tests.py --unit
+python run_tests.py --integration  # if API keys configured
+
+# CLI verification
+python -m cedar_mcp.server --help
+```
+
+## 🔧 Troubleshooting
+
+### Integration Tests Skip
+If integration tests are skipped, ensure API keys are configured in repository secrets.
+
+### Release Creation Fails
+1. Ensure version number in `pyproject.toml` is incremented
+2. Check that the git tag follows the `v*` pattern (e.g., v0.1.0)
+3. Verify package builds successfully locally
+
+### Code Quality Failures
+Run locally to reproduce:
+```bash
+ruff check .              # Fix linting issues
+ruff format .             # Auto-format code
+mypy src/                 # Fix type hints
+```
+
+## 📊 Monitoring
+
+- **GitHub Actions**: Monitor workflow runs in Actions tab
+- **Security**: Review security advisories and Dependabot PRs
+- **Coverage**: Check coverage reports from CI runs
+- **GitHub Releases**: Monitor release downloads and user feedback
+
+## 🎯 Success Indicators
+
+- ✅ All CI workflows passing
+- ✅ Automated releases working
+- ✅ Security scanning active
+- ✅ Dependencies automatically updated
+- ✅ Package successfully installable from source via uvx

cedar_mcp-1.0.0/.github/dependabot.yml

@@ -0,0 +1,33 @@
+version: 2
+updates:
+  # Python dependencies
+  - package-ecosystem: "pip"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      day: "monday"
+      time: "09:00"
+    open-pull-requests-limit: 10
+    reviewers:
+      - "musen-lab/maintainers"
+    assignees:
+      - "musen-lab/maintainers"
+    commit-message:
+      prefix: "deps"
+      include: "scope"
+    
+  # GitHub Actions dependencies
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      day: "monday"
+      time: "09:00"
+    open-pull-requests-limit: 5
+    reviewers:
+      - "musen-lab/maintainers"
+    assignees:
+      - "musen-lab/maintainers"
+    commit-message:
+      prefix: "ci"
+      include: "scope"

cedar_mcp-1.0.0/.github/workflows/ci.yml

@@ -0,0 +1,140 @@
+name: CI
+
+on:
+  push:
+    branches: [ main, develop ]
+  pull_request:
+    branches: [ main, develop ]
+
+jobs:
+  code-quality:
+    runs-on: ubuntu-latest
+    name: Code Quality
+    
+    steps:
+    - uses: actions/checkout@v6
+    
+    - name: Set up Python
+      uses: actions/setup-python@v6
+      with:
+        python-version: '3.10'
+    
+    - name: Install dependencies
+      run: |
+        python -m pip install --upgrade pip
+        pip install -r requirements-dev.txt
+    
+    - name: Lint with ruff
+      run: ruff check .
+    
+    - name: Format check with ruff
+      run: ruff format --check .
+    
+    - name: Type check with mypy
+      run: mypy src/
+  
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: ['3.10', '3.11', '3.12']
+    
+    name: Test Python ${{ matrix.python-version }}
+    
+    steps:
+    - uses: actions/checkout@v6
+    
+    - name: Set up Python ${{ matrix.python-version }}
+      uses: actions/setup-python@v6
+      with:
+        python-version: ${{ matrix.python-version }}
+    
+    - name: Install dependencies
+      run: |
+        python -m pip install --upgrade pip
+        pip install -r requirements-dev.txt
+        pip install -e .
+    
+    - name: Run unit tests
+      run: python run_tests.py --unit --coverage --no-warnings
+    
+    - name: Run integration tests (if API keys available)
+      env:
+        CEDAR_API_KEY: ${{ secrets.CEDAR_API_KEY }}
+        BIOPORTAL_API_KEY: ${{ secrets.BIOPORTAL_API_KEY }}
+      run: |
+        if [ -n "$CEDAR_API_KEY" ] && [ -n "$BIOPORTAL_API_KEY" ]; then
+          echo "CEDAR_API_KEY=${CEDAR_API_KEY}" > .env.test
+          echo "BIOPORTAL_API_KEY=${BIOPORTAL_API_KEY}" >> .env.test
+          python run_tests.py --integration
+        else
+          echo "Skipping integration tests - API keys not available"
+        fi
+    
+    - name: Upload coverage reports to Codecov
+      if: matrix.python-version == '3.10'
+      uses: codecov/codecov-action@v5
+      with:
+        file: ./coverage.xml
+        fail_ci_if_error: false
+  
+  build:
+    runs-on: ubuntu-latest
+    name: Build Package
+    
+    steps:
+    - uses: actions/checkout@v6
+    
+    - name: Set up Python
+      uses: actions/setup-python@v6
+      with:
+        python-version: '3.10'
+    
+    - name: Install build dependencies
+      run: |
+        python -m pip install --upgrade pip
+        pip install build
+    
+    - name: Build package
+      run: python -m build
+    
+    - name: Verify package
+      run: |
+        pip install twine
+        twine check dist/*
+    
+    - name: Test installation
+      run: |
+        pip install dist/*.whl
+        cedar-mcp --help
+  
+  security:
+    runs-on: ubuntu-latest
+    name: Security Scan
+    
+    steps:
+    - uses: actions/checkout@v6
+    
+    - name: Set up Python
+      uses: actions/setup-python@v6
+      with:
+        python-version: '3.10'
+    
+    - name: Install dependencies
+      run: |
+        python -m pip install --upgrade pip
+        pip install -r requirements-dev.txt
+        pip install safety bandit[toml]
+    
+    - name: Run safety check
+      run: safety check
+    
+    - name: Run bandit security scan
+      run: bandit -r src/ -f json -o bandit-report.json || true
+    
+    - name: Upload bandit report
+      uses: actions/upload-artifact@v6
+      if: always()
+      with:
+        name: bandit-report
+        path: bandit-report.json

cedar_mcp-1.0.0/.github/workflows/codeql.yml

@@ -0,0 +1,48 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ main, develop ]
+  pull_request:
+    branches: [ main, develop ]
+  schedule:
+    - cron: '32 6 * * 1'  # Run weekly on Mondays at 6:32 AM UTC
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'python' ]
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v6
+
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v4
+      with:
+        languages: ${{ matrix.language }}
+        queries: security-extended,security-and-quality
+
+    - name: Set up Python
+      uses: actions/setup-python@v6
+      with:
+        python-version: '3.10'
+
+    - name: Install dependencies
+      run: |
+        python -m pip install --upgrade pip
+        pip install -r requirements.txt
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v4
+      with:
+        category: "/language:${{matrix.language}}"

cedar_mcp-1.0.0/.github/workflows/release.yml

@@ -0,0 +1,105 @@
+name: Release
+
+on:
+  push:
+    tags:
+      - 'v*'  # Trigger on version tags like v0.1.0, v1.0.0, etc.
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    name: Build Package
+
+    steps:
+    - uses: actions/checkout@v6
+
+    - name: Set up Python
+      uses: actions/setup-python@v6
+      with:
+        python-version: '3.10'
+
+    - name: Install build dependencies
+      run: |
+        python -m pip install --upgrade pip
+        pip install build twine
+
+    - name: Build package
+      run: python -m build
+
+    - name: Verify package
+      run: twine check dist/*
+
+    - name: Upload build artifacts
+      uses: actions/upload-artifact@v6
+      with:
+        name: dist-packages
+        path: dist/
+
+  create-github-release:
+    runs-on: ubuntu-latest
+    name: Create GitHub Release
+    needs: build
+
+    steps:
+    - uses: actions/checkout@v6
+
+    - name: Download build artifacts
+      uses: actions/download-artifact@v7
+      with:
+        name: dist-packages
+        path: dist/
+
+    - name: Get tag name
+      id: tag
+      run: echo "tag=${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT
+
+    - name: Create GitHub Release
+      id: create-release
+      uses: actions/create-release@v1
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      with:
+        tag_name: ${{ steps.tag.outputs.tag }}
+        release_name: Release ${{ steps.tag.outputs.tag }}
+        body: |
+          ## Changes in ${{ steps.tag.outputs.tag }}
+
+          ### Installation
+
+          Install from PyPI:
+          ```bash
+          pip install cedar-mcp
+          ```
+
+          Or with uvx:
+          ```bash
+          uvx cedar-mcp
+          ```
+
+          ### Usage
+
+          See the [README](https://github.com/${{ github.repository }}/blob/${{ steps.tag.outputs.tag }}/README.md) for usage instructions.
+
+          ### What's New
+
+          Please see the commit history for detailed changes in this release.
+        draft: false
+        prerelease: false
+
+  publish:
+    runs-on: ubuntu-latest
+    name: Publish to PyPI
+    needs: build
+    environment: pypi
+    permissions:
+      id-token: write
+
+    steps:
+    - name: Download build artifacts
+      uses: actions/download-artifact@v7
+      with:
+        name: dist-packages
+        path: dist/
+
+    - name: Publish to PyPI
+      uses: pypa/gh-action-pypi-publish@release/v1

cedar_mcp-1.0.0/.gitignore

@@ -0,0 +1,64 @@
+# Python
+__pycache__/
+*.py[cod]
+*$py.class
+*.so
+.Python
+env/
+venv/
+ENV/
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+
+# Virtual Environment
+.venv/
+venv/
+
+# IDE
+.vscode/
+.idea/
+*.swp
+*.swo
+*~
+
+# OS
+.DS_Store
+Thumbs.db
+
+# Project specific
+*.log
+.env
+.env.test
+.env.local
+.env.development
+.env.staging
+.env.production
+.claude
+.obsidian
+.serena
+
+# Test artifacts
+.pytest_cache/
+.coverage
+htmlcov/
+.tox/
+.nox/
+coverage.xml
+*.cover
+
+# Temporary files
+*.tmp
+*.temp

cedar_mcp-1.0.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Stanford Division of Computational Medicine
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.