tm-mcp 1.2.0__tar.gz

tm_mcp-1.2.0/.gitignore

@@ -0,0 +1,8 @@
+.venv/
+dist/
+build/
+*.egg-info/
+__pycache__/
+*.pyc
+.pytest_cache/
+.DS_Store

tm_mcp-1.2.0/CHANGELOG.md

@@ -0,0 +1,454 @@
+# Changelog
+
+All notable changes to `tm-mcp`. The format is loosely
+[Keep a Changelog](https://keepachangelog.com/en/1.1.0/); versions
+follow [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## 1.2.0 — 2026-05-19
+
+**First PyPI release.** 1.1.0 was never published; this is the
+first version available via `pip install tm-mcp` / `uvx tm-mcp`.
+
+### Required env-var change
+
+`TM_BASE_URL` is now **required at server startup** alongside
+`TM_API_KEY`. Previously the underlying `trafficmorph` SDK had a
+built-in placeholder default that didn't resolve, so a missing
+`TM_BASE_URL` produced silent DNS failures on every tool call.
+The SDK now refuses to construct without an explicit base URL,
+and the MCP server reads `$TM_BASE_URL` at startup and raises
+`ConfigurationError` if it's missing or blank.
+
+If your existing MCP host config already sets `TM_BASE_URL` (as
+the README has recommended since 1.0.0), no action needed. If
+you were relying on the implicit default, add a `TM_BASE_URL`
+entry to the `env` block of your host config — see the Quick
+start section in the README.
+
+### Dependency
+
+- Pin `trafficmorph` widened to `>= 0.3.2, < 0.4.0` (was
+  `>= 0.2.1, < 0.3.0`). The SDK underwent a hardening pass
+  between 0.2.x and 0.3.2 (URL validation, header-byte
+  validation, structural `%2F` preservation in path
+  normalization) — none of those changes affect the
+  `trafficmorph.api.*` / `trafficmorph.models` / `trafficmorph.types`
+  surfaces `tm-mcp` imports.
+
+### Packaging
+
+- Licensed under Apache-2.0 (was "Proprietary"). `LICENSE` file
+  added; ships in both wheel and sdist.
+- Project URLs now point at the standalone source mirror at
+  `github.com/trafficmorph-gif/tm-mcp`.
+- Author contact email added.
+
+## 1.1.0 — 2026-05-17
+
+**Variables-set tools** — 6 new tools closing the last major
+functional gap in the AI-driven workflow. The catalog grows from
+28 to 34 entries (25 tools + 4 prompts + 5 resources).
+
+Variables sets are CSV-style attached data that profiles sample
+per-request to replay traffic with realistic per-request data
+(authenticated tokens, parameterized URLs, distribution-matched
+inputs). The capture-import flow already auto-creates them, but
+until now the AI could only see them indirectly through
+`tm_get_profile`'s attached-set list — couldn't create new ones,
+rename, change mode, or delete from MCP.
+
+### Added (6 tools)
+
+- `tm_list_variables_sets` — list all variables sets for the
+  current user. Plain array of metadata (id, name, mode, macro
+  columns, weight column, row count, timestamps).
+- `tm_get_variables_set(variables_set_id)` — single set's
+  metadata.
+- `tm_create_variables_set(name, csv_content, mode="ROW")` —
+  upload a new set from inline CSV. Three modes accepted: `ROW`
+  (default; weighted per-row sampling, requires a `weight`
+  column), `COLUMN` (per-column independent sampling; shared
+  `weight` and per-column `{col}_weight` are both optional), and
+  `SEQUENTIAL` (rows walked in CSV order; weights ignored). CSV
+  travels as a string in the JSON body, not multipart.
+- `tm_rename_variables_set(variables_set_id, name)` — change the
+  display name only; CSV + mode + attachments preserved.
+- `tm_change_variables_set_mode(variables_set_id, mode)` — switch
+  between any of the three modes (ROW / COLUMN / SEQUENTIAL)
+  without re-uploading. Server re-parses the stored CSV with the
+  new mode and 400s if incompatible (e.g. ROW without a `weight`
+  column).
+- `tm_delete_variables_set(variables_set_id)` — remove a set.
+  Fails fast with a 400 if the set is still attached to any
+  profile; the response names the referencing profile(s) so
+  the caller knows which to detach first. There's no auto-
+  detach by design — the deliberate choice is to make
+  accidental attachment loss visible. Recovery path: detach
+  via `tm_update_profile` on each referencing profile, then
+  retry the delete.
+
+### Server-side changes
+
+- New `ApiVariablesSetController` at `/api/v1/variables-sets/*`
+  mirroring the in-app UI controller's 6 mutation endpoints. The
+  list response drops the UI's quota envelope — public-API
+  callers (CLI / MCP / SDKs) get a plain array. CSV download
+  omitted from the v1 surface (raw `text/csv` doesn't fit
+  cleanly into a uniformly-JSON public API).
+- `ApiVariablesSetControllerTest` — 11 integration tests
+  covering list/get/create/rename/change-mode/delete, multi-user
+  isolation, ownership 400s, unauthenticated 401, ROW-mode
+  weight-column requirement, SEQUENTIAL flips.
+
+### Design notes
+
+- **Inline CSV upload, not multipart.** Matches the in-app
+  controller's pattern. The server's parser size-caps CSVs at
+  `MAX_BYTES`; larger sets need pre-downsampling. Simpler client
+  surface (the AI can construct a CSV string from analysis
+  output without multipart-encoding gymnastics).
+- **Mode validation is client-side string-against-set.** The SDK
+  emits per-endpoint mode enums (`CreateVariablesSetRequestMode`,
+  `ChangeVariablesSetModeRequestMode`) but they share the same
+  three values; expose a single `str` surface to the AI and
+  validate against `("ROW", "COLUMN", "SEQUENTIAL")` with a
+  usable error message before constructing the typed body.
+  Mirrors the server's `VariablesSet.SamplingMode` enum exactly
+  — the lockstep file `wire-contracts/sampling-modes.txt` at
+  the repo root keeps the three locations (server enum,
+  dispatch-agent enum, MCP validator) in sync.
+- **`tm_create_variables_set` is NOT idempotent.** Unlike the
+  capture-import path (which auto-suffixes with `(2)`, `(3)`),
+  the server enforces strict per-user name uniqueness — a second
+  create with an existing name 400s with "A variables set named
+  'X' already exists" (see `VariablesSetService.create` L102-104).
+  The tool's `idempotentHint=False` reflects this. AI hosts
+  should NOT blind-retry on transient failure (the first call
+  may have landed; the retry will 400). Recovery: list first,
+  then rename / delete / pick a new name as appropriate.
+
+- **`trafficmorph` SDK constraint set to `>= 0.2.1, < 0.3.0`**
+  in `sdk-mcp/pyproject.toml`.
+
+  *Lower bound `>= 0.2.1`*: tm-mcp 1.1.0 imports
+  `trafficmorph.api.variables_sets.list_variables_sets` and
+  `trafficmorph.api.domains.list_domains` — the stable filenames
+  produced once the server's explicit operationIds are in place.
+  Those names debuted in `trafficmorph 0.2.1`; the transitional
+  `0.2.0` had `list_` / `list_1` from the auto-disambiguation
+  era. `pip install tm-mcp==1.1.0` against `trafficmorph 0.2.0`
+  would crash with ModuleNotFoundError at import.
+
+  *Upper bound `< 0.3.0`*: no breaking SDK changes are planned,
+  but the cap fences off any future major SDK release that
+  could rename/reshuffle filenames again. The matching tm-mcp
+  release will widen this cap.
+
+  The SDK was bumped in `sdk-python/pyproject.toml`
+  (`0.1.0 → 0.2.0 → 0.2.1`) as part of this release — `0.2.0`
+  was the intermediate state added alongside the new
+  variables-sets API surface, `0.2.1` is the operationId-stable
+  release that tm-mcp 1.1.0 actually depends on. The `0.2.0`
+  build is internal-only; only `0.2.1` should be published.
+
+### Server-side: explicit operationIds on both list endpoints
+
+`ApiDomainController.list` and `ApiVariablesSetController.list`
+now carry explicit `@Operation(operationId = ...)` annotations
+(`"listDomains"` and `"listVariablesSets"` respectively). Without
+explicit IDs, Spring auto-derives bare `list` from the method
+name, both controllers register the same ID, and the OpenAPI
+codegen disambiguates with `list_1` / `list_2` suffixes whose
+assignment depends on iteration order. That made downstream
+client filenames non-deterministic across regens.
+
+**Resolved end-to-end in this release.** The regen pass landed
+together with the operationId Java change, so the SDK ships
+with stable filenames from day one:
+
+  * `trafficmorph.api.domains.list_domains` (was `list_1` in
+    the transitional 0.2.0 build)
+  * `trafficmorph.api.variables_sets.list_variables_sets` (was
+    `list_` in 0.2.0)
+
+`tm-mcp 1.1.0`'s imports use the stable names directly. The
+`trafficmorph` SDK was bumped to `0.2.1` to signal the internal
+rename (HTTP wire surface unchanged; pre-existing `0.2.0`
+direct importers of `list_1` / `list_` will see ImportError on
+upgrade — flagged as a known break and documented in the SDK's
+0.2.1 changelog when it ships). tm-mcp's dependency cap is
+tightened to `>= 0.2.1, < 0.3.0` so `pip` keeps the pair
+correctly aligned.
+
+---
+
+## 1.0.0 — 2026-05-17
+
+First stable release. The catalog is feature-complete for the v1
+surface: **19 tools + 4 prompts + 5 resources** = 28 entries
+covering reads, writes, run control, profile + domain lifecycle,
+slash-command workflow templates, and URI-addressed reference
+data.
+
+See [STABILITY.md](STABILITY.md) for what v1 commits to keeping
+stable across future releases.
+
+This release rolls up phases 0.1.0 → 0.6.0 (see history below)
+with no API surface changes from 0.6.0 — the version bump is
+**signal, not contract change**. If you were on 0.6.0, you can
+upgrade to 1.0.0 with no code or config changes.
+
+---
+
+## 0.6.0 — 2026-05-17
+
+**Phase 0.6.0: URI-addressed resources.**
+
+Resources are the third MCP feature class (after tools and
+prompts) — read-only data the AI host pulls into context by URI
+(@-mentions in Claude Code). Each TrafficMorph resource wraps a
+corresponding read tool 1:1 and returns `application/json`
+payloads.
+
+### Added (5 resources)
+
+- `tm://profiles` (static) — list of all profiles, wraps `tm_list_profiles`.
+- `tm://profiles/{profile_id}` (templated) — single profile detail, wraps `tm_get_profile`.
+- `tm://history/recent` (static) — last 20 runs across all profiles, wraps `tm_list_history` with `size=20, page=0`.
+- `tm://history/{run_id}` (templated) — single run's full metrics, wraps `tm_get_run`.
+- `tm://domains` (static) — registered domains + verification status, wraps `tm_list_domains`.
+
+### Design notes
+
+- All resources are read-only and side-effect-free.
+- Templated resources coerce path segments (`{profile_id}`,
+  `{run_id}`) to `int` and reject non-numeric / zero / negative
+  ids client-side with typed `ToolError` — no wasted roundtrips.
+- Static URI `tm://history/recent` reserves the `recent` segment
+  against the `tm://history/{run_id}` template; FastMCP's router
+  prefers exact-match static URIs. Verified via end-to-end test
+  through `mcp.read_resource()`.
+
+---
+
+## 0.5.0 — 2026-05-17
+
+**Phase 0.5.0: Slash-command prompts.**
+
+Prompts are user-invoked workflow templates surfaced in Claude
+Code's `/commands` menu. Each prompt returns a templated user
+message instructing the AI to execute a specific tool sequence.
+
+### Added (4 prompts)
+
+- `/tm_triage <profile_id>` — find most recent FAIL → diff vs
+  latest PASS → narrate the regression. Chains 4 tools.
+- `/tm_setup_loadtest <target_url> <rps> <duration_seconds>` —
+  domain verification (if needed) + profile creation + optional
+  immediate run. Handles the unverified-domain workflow
+  gracefully (without this, the AI tends to skip domain checks).
+- `/tm_compare_baseline <profile_id>` — quick regression check:
+  most recent run vs most recent PASS.
+- `/tm_import_capture_guided <capture_path>` — split analyse
+  (preview) from import (commit) so the user can review groups
+  before persisting.
+
+### Design notes
+
+- Prompts use **Java-parity normalization** for any host-extraction
+  guidance (`urllib.parse.urlparse(target_url).hostname` instead
+  of substring-between-slashes — robust against ports, query
+  strings, mixed case).
+- Prompt text uses the actual Python tool kwargs (`auto_verdict=`
+  not `autoVerdict=`) so AI hosts following the template literally
+  don't TypeError on the kwarg name mismatch with the response
+  field.
+- Prompts describe what `tm_compare_runs` actually returns
+  (`verdict_change` + specific `deltas` keys); no fictional
+  statistics (Welch's t-test, response-code distribution diffs
+  are server-side `RunComparisonService` features and NOT in the
+  MCP synthetic compare).
+- Numeric timeouts in prompt text are pre-computed
+  (`verdict_timeout_seconds={duration_seconds + 60}`), never
+  emitted as arithmetic expressions the AI has to evaluate.
+
+---
+
+## 0.4.0 — 2026-05-16
+
+**Phase 0.4.0: Domain management write tools.**
+
+Closes the workflow gap from earlier phases: previously the AI
+could create profiles and start runs, but couldn't onboard a
+fresh target domain (which is a prerequisite). After 0.4.0 the
+AI can drive the full new-target workflow end to end.
+
+### Added (4 tools)
+
+- `tm_add_domain(domain)` — register a domain; returns the single
+  `verificationToken` plus pre-formatted `dnsInstruction` /
+  `httpInstruction` strings designed for verbatim user display.
+  Idempotent (repeat calls return the same record).
+- `tm_verify_domain_dns(domain_id)` — runs the TXT-lookup check.
+  Fail-fast: a miss returns HTTP 400 with the expected TXT
+  record + token in the message, NOT a polling-style 200.
+- `tm_verify_domain_http(domain_id)` — same shape, fetches
+  `/.well-known/trafficmorph-verify.txt`. Uses the SAME token as
+  the DNS path (one `verificationToken` per domain, not separate
+  per-method tokens).
+- `tm_delete_domain(domain_id)` — removes a registered domain.
+
+### Design notes
+
+- Per-endpoint tool surface (separate `_dns` and `_http`) rather
+  than a unified `tm_verify_domain(method=...)` — matches the
+  established pattern from run control.
+- Verify-miss error messages preserve the server's remediation
+  text verbatim through the typed-error mapper so the AI can read
+  them back to the user without parsing.
+- `verificationMethod` field uses uppercase tokens (`"DNS"` /
+  `"HTTP"` / `"ADMIN"`) — matches the server's
+  `DomainVerificationService.markVerified` and the JDBC `LOWER()`
+  semantics nothing forces case-folding here.
+
+---
+
+## 0.3.0 — 2026-05-16
+
+**Phase 0.3.0: Profile lifecycle + capture import.**
+
+Adds the write tools for managing profiles + the import-side of
+the capture workflow (analyse from 0.1.0 + import in 0.3.0).
+
+### Added (4 tools)
+
+- `tm_create_profile(name, target_url, duration_seconds, points, ...)`
+  — fails fast on name collision (server's POST is upsert-by-name
+  which would silently nullify scripts / callbacks / alerts the
+  MCP surface doesn't expose; this guard prevents that).
+- `tm_update_profile(profile_id, ...)` — read-modify-write
+  internally so the AI passes only fields to change. Preserves
+  all advanced fields (scripts, callback URL, all four auto-alert
+  fields) verbatim from the GET response on partial updates.
+  Cross-profile rename collision check prevents producing
+  duplicate-named pairs.
+- `tm_delete_profile(profile_id)` — removes a profile.
+- `tm_import_capture(capture_path, selections)` — persists
+  selected groups from a JSONL capture as profiles. Capture-path
+  validation enforces `$TM_MCP_CAPTURE_ROOT` allowlist.
+
+### Server-side change
+
+- `ApiProfileController.updateProfile` now passes the path id on
+  the save request so `TrafficProfileService.save` takes its
+  id-based update branch (rather than the name-based upsert
+  branch that silently mutated the wrong row when body's name
+  matched a different profile). Test:
+  `ApiProfileControllerUpdateRoutingTest`.
+
+### Design notes
+
+- Name normalization on collision checks uses
+  `_java_string_trim(...).lower()` to match Java's
+  `String.trim()` + JDBC `LOWER()` exactly. Both deliberately
+  NOT Python's `str.strip()` + `str.casefold()` (both more
+  aggressive — `str.strip()` removes NBSP, `str.casefold()`
+  expands ß → ss; either would cause false-positive over-
+  rejection).
+- `tm_update_profile` skips the cross-profile collision pre-flight
+  when `name` is omitted or unchanged — saves an HTTP roundtrip
+  on the common case.
+- Points validation (`@Size(min=2, max=5000)`) mirrors the server
+  constraint, with the bound named explicitly in error messages.
+
+---
+
+## 0.2.0 — 2026-05-16
+
+**Phase 0.2.0: Run control.**
+
+### Added (4 tools)
+
+- `tm_start_run(profile_id, wait=False, fail_on_verdict=..., wait_timeout_seconds=..., verdict_timeout_seconds=...)`
+  — with `wait=True`, mirrors the CLI's `tm runs start --wait
+  --fail-on-verdict FAIL,WARN` CI-triage shape. Multi-phase
+  correlation flow: pre-start history snapshot → poll status
+  until terminal → fetch post-run history with exact `runId`
+  correlation (falls back to id-anchor + time-drift heuristic
+  for legacy rows).
+- `tm_stop_run(profile_id)` — idempotent (no-op when no run is
+  active).
+- `tm_pause_run(profile_id)` — idempotent.
+- `tm_resume_run(profile_id)` — NOT idempotent; 400s if no run
+  is paused.
+
+### Server-side change
+
+- `RunHistory.runId` column added (Hibernate auto-migration +
+  `SchemaCompatibilityInitializer` ALTER for legacy DBs). Exposed
+  via `RunHistorySummary.runId` + populated in
+  `RunHistoryService.onRunCompleted`. Enables exact MCP correlation.
+- `RunHistoryRepository.findFiltered` adds `r.id DESC` secondary
+  sort to make pagination deterministic under `createdAt` ties
+  (microsecond ties happen under concurrent inserts because
+  `@PrePersist` sets `createdAt = Instant.now()`). MCP's page-scan
+  short-circuit depends on this.
+
+### Design notes
+
+- All four run-control tools annotated `destructiveHint=True`.
+  Idempotent ones (`tm_stop_run`, `tm_pause_run`) also carry
+  `idempotentHint=True`.
+- Wait-flow correlation handles multiple race windows: race
+  truly fired (mismatched runId), legacy rows (no runId),
+  pagination past page 0 (concurrent burst), verdict pending
+  (row landed but auto-compare async).
+
+---
+
+## 0.1.0 — 2026-05-16
+
+**Phase 0.1.0: Read-only MVP.**
+
+### Added (7 tools)
+
+- `tm_list_profiles` — all profiles owned by the authenticated user.
+- `tm_get_profile(profile_id)` — full config + run status.
+- `tm_list_history(profile_id?, auto_verdict?, region?, ...)` —
+  paginated past runs with filters.
+- `tm_get_run(run_id)` — full metric set + verdict.
+- `tm_list_domains` — registered domains + verification status.
+- `tm_compare_runs(run_id, baseline_run_id)` — synthetic
+  side-by-side diff; client-side computed from two `tm_get_run`
+  calls. Distinct from the server's `RunComparisonService`
+  (which adds Welch's t-test + response-code analysis); the MCP
+  shape is intentionally leaner.
+- `tm_analyse_capture(capture_path)` — per-endpoint analysis of
+  a JSONL capture; read-only (no state persisted; pair with the
+  Phase 0.3.0 `tm_import_capture` to commit).
+
+### Design notes
+
+- Capture-path validation enforces `$TM_MCP_CAPTURE_ROOT` (default
+  `~/.trafficmorph/captures/`), symlink-escape defense, `..`
+  segment rejection, `.jsonl` extension whitelist.
+- Errors map to typed `ToolError` subclasses: `AuthenticationError`
+  (401), `PlanError` (403 with `PLAN_UPGRADE_REQUIRED`),
+  `QuotaError` (429), `RateLimitError`, `PayloadTooLargeError`
+  (413). Generic 4xx → bare `ToolError` with the server's
+  error message preserved verbatim.
+
+---
+
+## Phase trajectory at a glance
+
+| Phase | Tools | Prompts | Resources | Cumulative |
+|---|---|---|---|---|
+| 0.1.0 | 7 | — | — | 7 |
+| 0.2.0 | 4 | — | — | 11 |
+| 0.3.0 | 4 | — | — | 15 |
+| 0.4.0 | 4 | — | — | 19 |
+| 0.5.0 | — | 4 | — | 23 |
+| 0.6.0 | — | — | 5 | 28 |
+| **1.0.0** | **19** | **4** | **5** | **28** |
+| 1.1.0 | +6 (=25) | — | — | 34 |

tm_mcp-1.2.0/LICENSE

@@ -0,0 +1,201 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for describing the origin of the Work and
+      reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may accept and charge a
+      fee for accepting support, warranty, indemnity, or other liability
+      obligations and/or rights consistent with this License. However, in
+      accepting such obligations, You may act only on Your own behalf
+      and on Your sole responsibility, not on behalf of any other
+      Contributor, and only if You agree to indemnify, defend, and hold
+      each Contributor harmless for any liability incurred by, or claims
+      asserted against, such Contributor by reason of your accepting any
+      such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+   implied. See the License for the specific language governing permissions and
+   limitations under the License.