cics-bridge-mcp 0.1.0__tar.gz

cics_bridge_mcp-0.1.0/.github/dependabot.yml

@@ -0,0 +1,8 @@
+version: 2
+updates:
+  - package-ecosystem: pip
+    directory: "/"
+    schedule: { interval: weekly }
+  - package-ecosystem: github-actions
+    directory: "/"
+    schedule: { interval: weekly }

cics_bridge_mcp-0.1.0/.github/workflows/ci.yml

@@ -0,0 +1,12 @@
+name: CI
+on: [push, pull_request]
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+      - run: pip install mcp pydantic pytest
+      - run: pytest -q

cics_bridge_mcp-0.1.0/.github/workflows/codeql.yml

@@ -0,0 +1,14 @@
+name: CodeQL
+on:
+  push: { branches: [main] }
+  pull_request: { branches: [main] }
+  schedule: [{ cron: "30 1 * * 0" }]
+jobs:
+  analyze:
+    runs-on: ubuntu-latest
+    permissions: { security-events: write, actions: read, contents: read }
+    steps:
+      - uses: actions/checkout@v4
+      - uses: github/codeql-action/init@v3
+        with: { languages: python }
+      - uses: github/codeql-action/analyze@v3

cics_bridge_mcp-0.1.0/.github/workflows/scorecard.yml

@@ -0,0 +1,20 @@
+name: Scorecard
+on:
+  branch_protection_rule:
+  schedule: [{ cron: "20 7 * * 1" }]
+  push: { branches: [main] }
+permissions: read-all
+jobs:
+  analysis:
+    runs-on: ubuntu-latest
+    permissions: { security-events: write, id-token: write, contents: read }
+    steps:
+      - uses: actions/checkout@v4
+        with: { persist-credentials: false }
+      - uses: ossf/scorecard-action@v2.4.0
+        with:
+          results_file: results.sarif
+          results_format: sarif
+          publish_results: false
+      - uses: github/codeql-action/upload-sarif@v3
+        with: { sarif_file: results.sarif }

cics_bridge_mcp-0.1.0/.gitignore

@@ -0,0 +1,5 @@
+
+*_sigil.log
+bridge_sigil.log
+scoreboard_sigil.log
+__pycache__/

cics_bridge_mcp-0.1.0/LICENSE

@@ -0,0 +1,5 @@
+MIT License
+
+Copyright (c) 2026 CSOAI-ORG
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction... THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND.

cics_bridge_mcp-0.1.0/PKG-INFO

@@ -0,0 +1,24 @@
+Metadata-Version: 2.4
+Name: cics-bridge-mcp
+Version: 0.1.0
+Summary: Bridge IBM CICS mainframe transactions to ONE OS — parse, map, govern (SOX / PCI-DSS / DORA). CSOAI Layer-0 legacy-bridge family.
+Author: CSOAI-ORG
+License: MIT
+License-File: LICENSE
+Requires-Python: >=3.10
+Requires-Dist: mcp>=1.28.0
+Requires-Dist: pydantic>=2.0.0
+Description-Content-Type: text/markdown
+
+# cics-bridge-mcp
+
+mcp-name: io.github.CSOAI-ORG/cics-bridge-mcp
+
+Part of the **CSOAI Layer-0 legacy-bridge family**. Bridge IBM CICS mainframe transactions to ONE OS — parse, map, govern (SOX / PCI-DSS / DORA).
+
+**Tools:** parse_cics · identify_transactions · map_to_modern · govern_cics
+
+```bash
+pip install -e .
+python server.py
+```

cics_bridge_mcp-0.1.0/README.md

@@ -0,0 +1,12 @@
+# cics-bridge-mcp
+
+mcp-name: io.github.CSOAI-ORG/cics-bridge-mcp
+
+Part of the **CSOAI Layer-0 legacy-bridge family**. Bridge IBM CICS mainframe transactions to ONE OS — parse, map, govern (SOX / PCI-DSS / DORA).
+
+**Tools:** parse_cics · identify_transactions · map_to_modern · govern_cics
+
+```bash
+pip install -e .
+python server.py
+```

cics_bridge_mcp-0.1.0/SECURITY.md

@@ -0,0 +1,10 @@
+# Security Policy
+
+## Reporting a vulnerability
+Email security@csoai.org (or open a private security advisory). We aim to acknowledge within 72 hours.
+
+## Scope
+This MCP parses untrusted legacy/protocol input. It performs read-only parsing + governance classification; it does not execute, write to, or control source systems. SCADA/MQTT/CICS control actions are flagged for human authorisation, never executed.
+
+## Supported versions
+The latest released version on the default branch.

cics_bridge_mcp-0.1.0/llms.txt

@@ -0,0 +1,8 @@
+# cics-bridge-mcp
+# CSOAI Layer-0 legacy-bridge. Bridge IBM CICS mainframe transactions to ONE OS — parse, map, govern (SOX / PCI-DSS / DORA).
+
+## Install
+```bash
+pip install -e .
+python server.py
+```

cics_bridge_mcp-0.1.0/pyproject.toml

@@ -0,0 +1,16 @@
+[project]
+name = "cics-bridge-mcp"
+version = "0.1.0"
+description = "Bridge IBM CICS mainframe transactions to ONE OS — parse, map, govern (SOX / PCI-DSS / DORA). CSOAI Layer-0 legacy-bridge family."
+readme = "README.md"
+requires-python = ">=3.10"
+license = {text = "MIT"}
+authors = [{name = "CSOAI-ORG"}]
+dependencies = ["mcp>=1.28.0", "pydantic>=2.0.0"]
+[project.scripts]
+cics-bridge-mcp = "server:main"
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"
+[tool.hatch.build.targets.wheel]
+only-include = ["server.py"]

cics_bridge_mcp-0.1.0/server.json

@@ -0,0 +1,17 @@
+{
+  "$schema": "https://static.modelcontextprotocol.io/schemas/2025-07-09/server.schema.json",
+  "name": "io.github.CSOAI-ORG/cics-bridge-mcp",
+  "description": "Bridge IBM CICS mainframe transactions to ONE OS \u2014 parse, map, govern (SOX / PCI-DSS / DORA).",
+  "version": "0.1.0",
+  "packages": [
+    {
+      "identifier": "cics-bridge-mcp",
+      "version": "0.1.0",
+      "transport": {
+        "type": "stdio"
+      },
+      "registryType": "pypi",
+      "runtimeHint": "python"
+    }
+  ]
+}

cics_bridge_mcp-0.1.0/server.py

@@ -0,0 +1,99 @@
+#!/usr/bin/env python3
+"""
+CICS (mainframe transaction) Bridge MCP — CSOAI Layer-0 legacy-bridge family.
+Parse CICS programs/transactions, map to modern services, govern. Sibling of cobol-bridge-mcp.
+Tools: parse_cics · identify_transactions · map_to_modern · govern_cics
+"""
+from mcp.server.fastmcp import FastMCP
+from pydantic import BaseModel, Field
+from typing import List, Dict, Any
+import re
+
+mcp = FastMCP("CICS Bridge", instructions="Bridge IBM CICS mainframe transactions to ONE OS — parse, map, govern.")
+
+# ── SIGIL: every governed action → one signed hash-chained hop (SIGIL_LOG unifies all layers) ──
+import hashlib as _hl, time as _t, json as _j, os as _os
+_SIGIL_LOG = _os.environ.get("SIGIL_LOG", _os.path.join(_os.path.dirname(_os.path.abspath(__file__)), "bridge_sigil.log"))
+def _sigil(op, body):
+    try:
+        prev = ""
+        if _os.path.exists(_SIGIL_LOG):
+            with open(_SIGIL_LOG) as f:
+                ls = f.readlines()
+                if ls: prev = _j.loads(ls[-1]).get("digest", "")
+        ts = int(_t.time()); dg = _hl.sha256(f"{op}|{ts}|{prev[:8]}|{body}".encode()).hexdigest()[:16]
+        _os.makedirs(_os.path.dirname(_SIGIL_LOG), exist_ok=True)
+        with open(_SIGIL_LOG, "a") as f: f.write(_j.dumps({"ts": ts, "op": op, "body": body, "prev_digest": prev, "digest": dg}) + "\n")
+        return dg
+    except Exception: return ""
+
+
+class CICSParsed(BaseModel):
+    exec_commands: List[str] = Field(default_factory=list)
+    transactions: List[str] = Field(default_factory=list)
+    programs_called: List[str] = Field(default_factory=list)
+    uses_commarea: bool = False
+    line_count: int = 0
+
+
+class Governance(BaseModel):
+    risk_flags: List[str] = Field(default_factory=list)
+    frameworks: List[str] = Field(default_factory=list)
+    attestable: bool = True
+    note: str = ""
+
+
+@mcp.tool()
+def parse_cics(source_code: str) -> CICSParsed:
+    """Parse a CICS program: EXEC CICS commands, transaction IDs, LINK/XCTL targets, COMMAREA use."""
+    s = source_code
+    cmds = re.findall(r"EXEC\s+CICS\s+([A-Z]+)", s, re.I)
+    txns = re.findall(r"\bTRANSID\s*\(\s*['\"]?(\w+)", s, re.I) + re.findall(r"\bSTART\s+TRANSID\s*\(\s*['\"]?(\w+)", s, re.I)
+    progs = re.findall(r"(?:LINK|XCTL)\s+PROGRAM\s*\(\s*['\"]?(\w+)", s, re.I)
+    return CICSParsed(
+        exec_commands=sorted(set(c.upper() for c in cmds))[:30],
+        transactions=sorted(set(txns))[:30],
+        programs_called=sorted(set(progs))[:30],
+        uses_commarea=bool(re.search(r"COMMAREA", s, re.I)),
+        line_count=len(s.splitlines()),
+    )
+
+
+@mcp.tool()
+def identify_transactions(source_code: str) -> Dict[str, Any]:
+    """List the CICS transactions + programs this code drives (migration scope)."""
+    p = parse_cics(source_code)
+    return {"transactions": p.transactions, "programs": p.programs_called,
+            "commands": p.exec_commands, "note": "Each EXEC CICS verb maps to a modern transaction-context call."}
+
+
+@mcp.tool()
+def map_to_modern(source_code: str) -> Dict[str, Any]:
+    """Map CICS program shape to a modern transactional service skeleton."""
+    p = parse_cics(source_code)
+    return {"source": "IBM CICS", "target": "modern transactional service",
+            "endpoints": p.transactions or ["main"], "calls": p.programs_called,
+            "state": "COMMAREA -> request/session context" if p.uses_commarea else "stateless"}
+
+
+@mcp.tool()
+def govern_cics(source_code: str) -> Governance:
+    """Governance: transaction integrity + access surface (attestable for CSOAI)."""
+    _sigil("G", "cics|govern_cics")
+    p = parse_cics(source_code)
+    flags = []
+    if any(c in p.exec_commands for c in ("SEND", "RECEIVE")) and "RETURN" not in p.exec_commands:
+        flags.append("Terminal I/O without explicit RETURN — review transaction boundaries")
+    if not p.uses_commarea and p.programs_called:
+        flags.append("Inter-program calls without COMMAREA — verify state handling on migration")
+    return Governance(risk_flags=flags,
+                      frameworks=["IBM CICS TS", "SOX (ITGC)", "PCI-DSS (if cardholder)", "DORA"],
+                      note="CSOAI governs the bridge: transaction lineage attestable on the ledger.")
+
+
+def main():
+    mcp.run()
+
+
+if __name__ == "__main__":
+    main()

cics_bridge_mcp-0.1.0/tests/test_server.py

@@ -0,0 +1,9 @@
+import sys,os
+sys.path.insert(0,os.path.dirname(os.path.dirname(os.path.abspath(__file__))))
+import server
+
+SRC="EXEC CICS SEND MAP('M1') END-EXEC. EXEC CICS LINK PROGRAM('PROG2') COMMAREA(WS) END-EXEC. EXEC CICS RETURN TRANSID('TR01') END-EXEC."
+def test_parse():
+    p=server.parse_cics(SRC); assert "SEND" in p.exec_commands; assert p.uses_commarea; assert "PROG2" in p.programs_called
+def test_govern():
+    assert any("SOX" in f for f in server.govern_cics(SRC).frameworks)