/** * MCP (Model Context Protocol) server (v5.4). * * Exposes supply-chain-guard as tools for AI coding agents over the MCP * stdio transport: JSON-RPC 2.0, one UTF-8 JSON message per line, stdout * carries ONLY protocol JSON, all logging goes to stderr. * * Zero dependencies: the protocol layer is hand-rolled on node:readline. * The message handler (handleMcpMessage / handleMcpLine) is a pure function * so tests can exercise the full protocol without child processes. * * Tools: * - ioc_lookup: offline package IOC verdict (threat-intel feed + blocklist) * - scan_directory: full static scan of a local directory * - scan_npm_package: remote scan of an npm package (downloads from registry) */ /** Protocol revisions this server understands, newest first. */ export declare const SUPPORTED_PROTOCOL_VERSIONS: readonly ["2025-06-18", "2025-03-26", "2024-11-05"]; export declare const SERVER_NAME = "supply-chain-guard"; /** * Handle a single parsed JSON-RPC message. Returns the response object to * write to stdout, or null when no response is due (notifications). * * Pure protocol handler: no stdio, fully unit-testable. */ export declare function handleMcpMessage(msg: unknown): Promise; /** * Handle one raw line from the stdio transport. Returns the response object * or null (blank line / notification). Parse failures yield -32700. */ export declare function handleMcpLine(line: string): Promise; /** * Start the MCP server on stdio: newline-delimited JSON-RPC on stdin/stdout. * All diagnostics go to stderr; stdout carries only protocol messages. */ export declare function startMcpServer(): void; //# sourceMappingURL=mcp-server.d.ts.map