diff --git a/.claude-plugin/mcp-template.json b/.claude-plugin/mcp-template.json index 047d0f9..f3ee00f 100644 --- a/.claude-plugin/mcp-template.json +++ b/.claude-plugin/mcp-template.json @@ -1,5 +1,5 @@ { - "_comment": "Template for .mcp.json. Copy to repo root as .mcp.json to register the KeiSei MCP server. Requires @keisei/mcp-server published to npm (status: not yet published — see PLUGIN.md).", + "_comment": "Template for .mcp.json. Copy to repo root as .mcp.json to register the KeiSei MCP server. The @keisei/mcp-server package is published to keigit.com (Forgejo npm registry) — one-time ~/.npmrc setup required: '@keisei:registry=https://keigit.com/api/packages/keisei/npm/' + '//keigit.com/:_authToken='. See PLUGIN.md.", "mcpServers": { "keisei": { "command": "npx", diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 4a95db9..cd4ee3d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -290,22 +290,24 @@ jobs: echo "✓ Release $TAG published with all assets" npm-publish: - name: Publish npm packages (optional) + name: Publish npm packages to keigit.com needs: release runs-on: ubuntu-latest - # Graceful skip: if NPM_TOKEN secret is not configured, the first step - # reports "skipped" and exits 0 — Rust-binary release above still succeeds. + # Graceful skip: if KEIGIT_TOKEN secret is not configured, the first + # step reports "skipped" and exits 0 — Rust-binary release above still + # succeeds. Repository secret is keigit PAT with `write:package` scope + # for the keisei user/org on keigit.com. steps: - - name: Check NPM_TOKEN presence + - name: Check KEIGIT_TOKEN presence id: have_token env: - NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + KEIGIT_TOKEN: ${{ secrets.KEIGIT_TOKEN }} run: | - if [ -n "${NPM_TOKEN:-}" ]; then + if [ -n "${KEIGIT_TOKEN:-}" ]; then echo "present=1" >> "$GITHUB_OUTPUT" else echo "present=0" >> "$GITHUB_OUTPUT" - echo "::notice::NPM_TOKEN not set — skipping npm publish gracefully" + echo "::notice::KEIGIT_TOKEN not set — skipping npm publish gracefully (configure repo secret to enable)" fi - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 @@ -315,7 +317,29 @@ jobs: if: steps.have_token.outputs.present == '1' with: node-version: '20' - registry-url: 'https://registry.npmjs.org' + + # Compose .npmrc with keigit auth. The @keisei scope is pinned to + # keigit.com (matches publishConfig.registry in each package.json so + # an accidental `npm publish` cannot route to npm.org). NPM_TOKEN is + # also wired as a fallback for any sibling packages that publish to + # npm.org explicitly via their own publishConfig. + - name: Compose .npmrc (keigit auth) + if: steps.have_token.outputs.present == '1' + working-directory: _ts_packages + env: + KEIGIT_TOKEN: ${{ secrets.KEIGIT_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + run: | + set -euo pipefail + { + echo "@keisei:registry=https://keigit.com/api/packages/keisei/npm/" + echo "//keigit.com/:_authToken=${KEIGIT_TOKEN}" + if [ -n "${NPM_TOKEN:-}" ]; then + echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" + fi + } > .npmrc + # Sanity (no secrets in log — print only registry lines): + grep -v _authToken .npmrc - name: Install deps if: steps.have_token.outputs.present == '1' @@ -330,15 +354,23 @@ jobs: - name: Publish each package if: steps.have_token.outputs.present == '1' working-directory: _ts_packages - env: - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} run: | set -euo pipefail + # publishConfig.registry in each package.json decides destination. + # Currently only @keisei/mcp-server has a publishConfig — the other + # adapters skip publish (no registry pin → npm.org default → no + # token in .npmrc → publish fails → ::warning emitted, job continues). for pkg in packages/*/; do if [ -f "$pkg/package.json" ]; then - echo "::group::publish $pkg" + name=$(node -p "require('./$pkg/package.json').name") + echo "::group::publish $name" ( cd "$pkg" && npm publish --access public ) \ - || echo "::warning::publish failed for $pkg (continuing)" + || echo "::warning::publish failed for $name (no registry pin, missing token, version conflict, or registry error — see log)" echo "::endgroup::" fi done + + - name: Cleanup .npmrc + if: always() + working-directory: _ts_packages + run: rm -f .npmrc diff --git a/.gitignore b/.gitignore index 749b261..c52618d 100644 --- a/.gitignore +++ b/.gitignore @@ -62,3 +62,7 @@ build/ __pycache__/ *.pyc var/ + +# RULE 0.8 — auth tokens; CI temp-creates _ts_packages/.npmrc per-job +_ts_packages/.npmrc +.npmrc diff --git a/PLUGIN.md b/PLUGIN.md index c64d83c..4967b61 100644 --- a/PLUGIN.md +++ b/PLUGIN.md @@ -37,7 +37,7 @@ Paths inside `hooks/hooks.json` use `${CLAUDE_PLUGIN_ROOT}` (expanded by Claude | Agents registered | yes, automatic | yes, copied to `~/.claude/agents/` | | Skills registered | yes, automatic | yes, copied to `~/.claude/skills/` | | Hooks wired | yes, via `hooks/hooks.json` | requires `--activate-hooks` (jq-merge of `settings-snippet.json`) | -| MCP server | yes, via `.mcp.json` (once `@keisei/mcp-server` is published) | same | +| MCP server | yes, via `.mcp.json` (uses `@keisei/mcp-server` from keigit.com — requires `~/.npmrc` setup, see below) | same | | 47 Rust primitives | **no** — plugin ships manifest sources only; no cargo build | yes, `--profile=` builds the selected set | | 13 shell primitives | **no** | yes, copied to `~/.claude/agents/_primitives/` | | Disk footprint | ~2 MB (plugin cache) | ~2 MB minimal up to ~200 MB full | @@ -53,7 +53,15 @@ Paths inside `hooks/hooks.json` use `${CLAUDE_PLUGIN_ROOT}` (expanded by Claude - Network access to `github.com/KeiSei84/KeiSeiKit` on `/plugin marketplace add` **For the MCP server subset:** -- `@keisei/mcp-server` published to npm — **STATUS: not yet published as of v0.16.0.** The `.mcp.json` entry is structurally correct and will activate automatically once the package is published. Until then, the `keisei` MCP server simply won't appear in your tool list — the agents, skills, and hooks all work without it. +- `@keisei/mcp-server` available from **keigit.com** + (`https://keigit.com/api/packages/keisei/npm/`). One-time `~/.npmrc` setup: + ``` + @keisei:registry=https://keigit.com/api/packages/keisei/npm/ + //keigit.com/:_authToken= + ``` + Without the `~/.npmrc` rows, `npx` cannot resolve the scoped + package and the `keisei` MCP server simply won't appear in your + tool list — the agents, skills, and hooks all work without it. - Node.js 18+ (for `npx` to fetch the server on demand) **For the Rust primitives (classic install only):** @@ -62,7 +70,7 @@ Paths inside `hooks/hooks.json` use `${CLAUDE_PLUGIN_ROOT}` (expanded by Claude ## Known limitations 1. **Rust primitives not auto-installed.** The plugin format doesn't currently express "also run `cargo build` at install time". We ship the manifest sources in-repo so that users who want the primitives can run `./install.sh --profile=full` alongside the plugin. A future version may add pre-built release binaries for common platforms (macOS arm64/x86_64, Linux x86_64) into `bin/` so the plugin can ship primitives without a cargo step. -2. **`@keisei/mcp-server` not yet on npm.** The `.mcp.json` entry is the canonical intent, but the package needs publishing first. See `_ts_packages/packages/mcp-server/README.md` for the publish pipeline. +2. **`@keisei/mcp-server` lives on keigit.com, not npm.org.** The `.mcp.json` entry uses `npx -y @keisei/mcp-server` which resolves through the `~/.npmrc` `@keisei:registry` line above. Without that line, `npx` will hit npm.org by default and 404. See `_ts_packages/packages/mcp-server/README.md` for the publish pipeline. 3. **Hooks use `${CLAUDE_PLUGIN_ROOT}`.** This is the official Claude Code plugin variable. Older Claude Code versions (<2.1) that predate plugin support will not expand this variable — stick with classic install on those versions. 4. **No version-pinning yet.** `/plugin install keisei@keisei-marketplace` installs the default branch HEAD. For reproducible team installs, add the `--ref=` flag once it lands in Claude Code (currently in the spec per the extension schema `ref` field). diff --git a/README.md b/README.md index 1c29e02..996d3d1 100644 --- a/README.md +++ b/README.md @@ -23,7 +23,7 @@ production work. |---|---|---| | 24+ Rust primitives | varies (alpha → beta → concept) | Inspect each crate's `Cargo.toml` `package.metadata.keisei.maturity` if declared; otherwise treat as **alpha** unless you've personally exercised it. Most primitives are alpha — they build, type-check, and have unit tests, but have not been hardened against adversarial input or run at scale. | | Cortex daemon (`kei-cortex` HTTP + WS) | alpha | CLI-driven daemon works in author's daily use; HTTP REST + WS endpoints + 8-tool `/chat` agentic loop build clean. **Browser app (`cortex-ui`) and VSCode extension (`@keisei/vscode-cortex`) are concept-level** — scaffolds present, not production paths. | -| MCP server (`@keisei/mcp-server`) | alpha (unpublished) | **Not yet on npm.** Install via local dist build (see Quick start below). | +| MCP server (`@keisei/mcp-server`) | alpha | Published to **keigit.com** (`https://keigit.com/api/packages/keisei/npm/`) — author-operated Forgejo npm registry on a public DNS. Configure your `~/.npmrc` per [`docs/PUBLISHING.md`](./docs/PUBLISHING.md), then `npm install @keisei/mcp-server`. Local dist build still works for development (see Quick start). | | Sleep layer (Phase A / B / C) | alpha | Phase A queue (`/sleep-on-it` → cloud agent) + Phase B markdown morning report work. **Auto-codification of rules from sleep insights is not yet wired** — codification path is manual via `/escalate-recurrence`. Phase C deep-sleep refactor proposals run on a 7-day cadence and write plan-only markdown by default. | | Hooks (35 shipped) | beta | Tested in author's daily use (4–8 parallel Claude Code terminals). Pipeline hooks (`assemble-agents`, `no-hand-edit-agents`) are load-bearing; advisory hooks (RULE 0.12 / 0.13 / 0.14) are non-blocking. | | Skills + manifests + assembler | beta | Structured + `assembler-validate` gate runs on every `git commit` inside `~/.claude`. Schema is locked (see [`docs/AGENT-SCHEMA-LOCKED.md`](./docs/AGENT-SCHEMA-LOCKED.md)). | @@ -123,19 +123,28 @@ outputs are human-readable markdown. You read, you decide what merges. extension (`@keisei/vscode-cortex`) are concept-level only** — scaffolds exist, no production wiring. Treat the daemon + CLI as the supported surface; treat the GUI frontends as roadmap. -- **`@keisei/mcp-server` npm package** — **not yet published to npm.** - Install via the local dist build: +- **`@keisei/mcp-server` npm package** — published to **keigit.com** + (the author-operated Forgejo npm registry, public DNS at + [`keigit.com`](https://keigit.com)). To install from the registry: + ```bash + # ~/.npmrc — one-time setup + echo "@keisei:registry=https://keigit.com/api/packages/keisei/npm/" >> ~/.npmrc + echo "//keigit.com/:_authToken=" >> ~/.npmrc + # PAT scope: read:package (write:package only if you publish) + + npm install @keisei/mcp-server + ``` + For local development without the registry round-trip: ```bash cd _ts_packages - bun install # or: npm install - bun run -r build # or: npm run -r build - # mcp-server output lands in _ts_packages/packages/mcp-server/dist/ + bun install && bun run -r build + # output: _ts_packages/packages/mcp-server/dist/index.js ``` - Then point your MCP-aware client at the local `dist/` entry point. Single-binary builds via `bun build --compile` are documented in [`_ts_packages/packages/mcp-server/BUILD.md`](./_ts_packages/packages/mcp-server/BUILD.md) - (5-target matrix, ~85–95 MB per binary). Do not assume npm-registry - install will work until v1.0. + (5-target matrix, ~85–95 MB per binary). `package.json` has + `publishConfig.registry` pinned to `keigit.com` so an accidental + `npm publish` from this repo cannot route to npm.org. - **Non-Claude clients** integrate via MCP + bridges, not native hooks. PreToolUse / PostToolUse / UserPromptSubmit / Stop semantics are Claude Code primitives. Other clients get capability exposure but diff --git a/_ts_packages/packages/mcp-server/package.json b/_ts_packages/packages/mcp-server/package.json index 78b595b..2c1495b 100644 --- a/_ts_packages/packages/mcp-server/package.json +++ b/_ts_packages/packages/mcp-server/package.json @@ -1,8 +1,7 @@ { "name": "@keisei/mcp-server", "version": "0.14.0", - "private": true, - "description": "MCP server exposing KeiSeiKit Rust primitives as Model Context Protocol tools (not yet published to npm — install via local dist build)", + "description": "MCP server exposing KeiSeiKit Rust primitives as Model Context Protocol tools — published to keigit.com (Forgejo npm registry, public DNS)", "type": "module", "main": "./dist/index.js", "types": "./dist/index.d.ts", @@ -18,6 +17,15 @@ "files": [ "dist" ], + "repository": { + "type": "git", + "url": "git+https://github.com/KeiSei84/KeiSeiKit-1.0.git", + "directory": "_ts_packages/packages/mcp-server" + }, + "publishConfig": { + "registry": "https://keigit.com/api/packages/keisei/npm/", + "access": "public" + }, "scripts": { "build": "tsc -b", "test": "vitest run", @@ -42,5 +50,6 @@ "engines": { "node": ">=18.0.0" }, - "author": "Denis Parfionovich " + "author": "Denis Parfionovich ", + "license": "Apache-2.0" } diff --git a/docs/encyclopedia/substrate-overview.md b/docs/encyclopedia/substrate-overview.md index a84dad4..08bcbea 100644 --- a/docs/encyclopedia/substrate-overview.md +++ b/docs/encyclopedia/substrate-overview.md @@ -398,7 +398,7 @@ These are concatenated in role-declared order, with `\n\n---\n\n` separators bet | Roles (7 roles) | stable | edit-local / read-only / git-ops / etc. locked; no churn | | Assembler (compose logic) | stable | Generates .md from TOML + blocks; keimd integration active | | Cortex stack | beta | kei-cortex (HTTP) + kei-tty (TUI) build clean; browser/VSCode frontends concept | -| MCP Server (@keisei/mcp-server) | stable | Exports Rust atoms as MCP tools; published to keigit.com npm | +| MCP Server (@keisei/mcp-server) | alpha | Exports Rust primitive CLIs as MCP tools; published to keigit.com (Forgejo npm registry, public DNS) under @keisei scope | | Bridges | stable | 11 cross-tool format generators (.cursorrules, .windsurf/rules, GEMINI.md, etc.) | | Sleep Layer (Phase A/B/C) | stable | Incubation (tasks), REM consolidation (reports), NREM deep-sleep (conflicts) | | Foreign-project ingestion | stable | kei-import proof-of-concept via Hermes validation |