coding-tools-mcp 0.1.4__tar.gz → 0.1.6__tar.gz

{coding_tools_mcp-0.1.4 → coding_tools_mcp-0.1.6}/PKG-INFO

@@ -1,9 +1,46 @@
-Metadata-Version: 2.4
+Metadata-Version: 2.2
 Name: coding-tools-mcp
-Version: 0.1.4
+Version: 0.1.6
 Summary: Workspace-confined coding tools exposed as an MCP server.
 Author: Coding Tools MCP Contributors
-License-Expression: LicenseRef-Coding-Tools-MCP-Source-Available
+License: Coding Tools MCP Source-Available License v1.0
+        
+        Copyright (c) 2026 Coding Tools MCP Contributors.
+        All rights reserved except as expressly granted below.
+        
+        1. Permitted Use
+        
+        You may view, clone, build, run, and modify the Software solely for internal
+        evaluation, development, testing, and security review.
+        
+        2. Restrictions
+        
+        Without prior written permission from the copyright holders, you may not:
+        
+        - distribute, publish, sublicense, sell, lease, or otherwise transfer the
+          Software or modified versions of the Software;
+        - provide the Software or modified versions as a hosted, managed, or
+          software-as-a-service offering for third parties;
+        - use the Software or modified versions for production commercial purposes;
+        - remove or alter copyright, license, or attribution notices;
+        - use the project name, trademarks, or branding to imply endorsement.
+        
+        3. Contributions
+        
+        Unless a separate written agreement says otherwise, any contribution submitted
+        to this project may be used by the copyright holders under this license and
+        under any future license chosen by the copyright holders.
+        
+        4. No Warranty
+        
+        THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+        IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+        FITNESS FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+        AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES, OR OTHER
+        LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT, OR OTHERWISE, ARISING FROM,
+        OUT OF, OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+        SOFTWARE.
+        
 Project-URL: Homepage, https://github.com/xyTom/coding-tools-mcp
 Project-URL: Documentation, https://github.com/xyTom/coding-tools-mcp/tree/main/docs
 Project-URL: Source, https://github.com/xyTom/coding-tools-mcp
@@ -11,13 +48,13 @@ Project-URL: Issues, https://github.com/xyTom/coding-tools-mcp/issues
 Requires-Python: >=3.11
 Description-Content-Type: text/markdown
 License-File: LICENSE
+Requires-Dist: PyJWT>=2.8
 Provides-Extra: dev
 Requires-Dist: mypy<2.2,>=2.1; extra == "dev"
 Requires-Dist: ruff<0.16,>=0.15; extra == "dev"
 Requires-Dist: typing_extensions>=4.12; extra == "dev"
 Provides-Extra: image
 Requires-Dist: Pillow>=10.0; extra == "image"
-Dynamic: license-file
 
 # Coding Tools MCP
 
@@ -183,7 +220,7 @@ scripts/tunnel.sh ngrok /path/to/repo
 scripts/tunnel.sh devtunnel /path/to/repo
 ```
 
-For clients that support custom headers, use bearer-token auth with `Authorization: Bearer <token>`. Clients that cannot send custom bearer headers should use anonymous `read-only` mode only for local/testing tunnels, or be placed behind an external auth proxy for production use.
+For clients that support custom headers, use bearer-token auth with `Authorization: Bearer <token>`. For MCP clients that speak OAuth 2.1 Authorization Code + PKCE, use `CODING_TOOLS_MCP_AUTH_MODE=oauth` with `scripts/tunnel.sh` (or `scripts/install.sh --auth-mode oauth`). The server can infer its OAuth issuer from the tunnel request URL, so one-shot tunnels like cloudflared work without setting `CODING_TOOLS_MCP_SERVER_URL` before startup; set it only when you want to pin a stable issuer. The script prints a generated OAuth password, accepts any non-empty client_id by default, and lets you opt into `CODING_TOOLS_MCP_OAUTH_CLIENT_ID`/`CODING_TOOLS_MCP_OAUTH_CLIENT_SECRET` only when you need to lock down a confidential client. Clients that cannot send custom bearer headers and do not speak OAuth should use anonymous `read-only` mode only for local/testing tunnels, or be placed behind an external auth proxy for production use.
 
 See [docs/remote-mcp.md](docs/remote-mcp.md) for the exact modes and security notes.
 

{coding_tools_mcp-0.1.4 → coding_tools_mcp-0.1.6}/README.md

@@ -162,7 +162,7 @@ scripts/tunnel.sh ngrok /path/to/repo
 scripts/tunnel.sh devtunnel /path/to/repo
 ```
 
-For clients that support custom headers, use bearer-token auth with `Authorization: Bearer <token>`. Clients that cannot send custom bearer headers should use anonymous `read-only` mode only for local/testing tunnels, or be placed behind an external auth proxy for production use.
+For clients that support custom headers, use bearer-token auth with `Authorization: Bearer <token>`. For MCP clients that speak OAuth 2.1 Authorization Code + PKCE, use `CODING_TOOLS_MCP_AUTH_MODE=oauth` with `scripts/tunnel.sh` (or `scripts/install.sh --auth-mode oauth`). The server can infer its OAuth issuer from the tunnel request URL, so one-shot tunnels like cloudflared work without setting `CODING_TOOLS_MCP_SERVER_URL` before startup; set it only when you want to pin a stable issuer. The script prints a generated OAuth password, accepts any non-empty client_id by default, and lets you opt into `CODING_TOOLS_MCP_OAUTH_CLIENT_ID`/`CODING_TOOLS_MCP_OAUTH_CLIENT_SECRET` only when you need to lock down a confidential client. Clients that cannot send custom bearer headers and do not speak OAuth should use anonymous `read-only` mode only for local/testing tunnels, or be placed behind an external auth proxy for production use.
 
 See [docs/remote-mcp.md](docs/remote-mcp.md) for the exact modes and security notes.
 

{coding_tools_mcp-0.1.4 → coding_tools_mcp-0.1.6}/coding_tools_mcp/__init__.py

@@ -1,3 +1,3 @@
 """Coding Tools MCP server package."""
 
-__version__ = "0.1.4"
+__version__ = "0.1.6"