Convert the project to use Node.js type stripping

.dockerignore

@@ -0,0 +1,16 @@
+**/.env*
+**/.git
+**/.idea
+**/.config
+**/.npm
+**/.github
+**/.DS_Store
+**/.gitignore
+**/.scannerwork
+**/.editorconfig
+**/certs
+**/nodemon.json
+**/node_modules
+**/npm-debug.log
+**/public
+**/.dtx

.github/dependabot.yml

@@ -0,0 +1,11 @@
+# https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+version: 2
+updates:
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "daily"
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"

.github/workflows/provenance.yml

@@ -1,3 +1,4 @@
+# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
 name: Publish Packages to npm
 
 on:
@@ -50,7 +51,7 @@ jobs:
           release_name: Release v${{ steps.package-version.outputs.version }}
           body: |
             Release of @socketsecurity/mcp v${{ steps.package-version.outputs.version }}
-            
+
             This release has been published to npm with provenance.
           draft: false
           prerelease: false

.github/workflows/test.yml

@@ -0,0 +1,28 @@
+# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
+name: tests
+
+on: [pull_request, push]
+
+env:
+  FORCE_COLOR: 1
+
+jobs:
+  test:
+    runs-on: ${{ matrix.os }}
+
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ubuntu-latest]
+        node: ['lts/*']
+
+    steps:
+    - uses: actions/checkout@v4
+    - name: Use Node.js ${{ matrix.node }}
+      uses: actions/setup-node@v4
+      with:
+        node-version: ${{ matrix.node }}
+    - run: npm i
+    - run: npm test --color=always
+      env:
+        SOCKET_API_KEY: ${{ secrets.SOCKET_API_KEY }}

.gitignore

@@ -5,3 +5,15 @@ build/
 .claude/
 .DS_Store
 socket-mcp.dxt
+coverage
+*.tgz
+
+# Generated types
+
+*.d.ts
+*.d.ts.map
+
+# Generated js
+
+*.js
+!*.config.js

.npmignore

@@ -0,0 +1,9 @@
+node_modules
+sandbox.js
+.nyc_output
+package-lock.json
+public
+coverage
+.tap
+.nova
+.dtx

DEBUG.md

@@ -4,10 +4,11 @@ The `mock-client` directory contains debug clients for testing the Socket MCP se
 
 ## Prerequisites
 
-1. Build the project:
+1. Ensure you are running Node 22 or later:
 
    ```bash
-   npm run build
+   node --version
+   v22.17.0
    ```
 
 2. Set your Socket API key:
@@ -23,7 +24,7 @@ The `mock-client` directory contains debug clients for testing the Socket MCP se
 Direct stdio communication using JSON-RPC protocol:
 
 ```bash
-npm run debug:stdio
+npm run debug-stdio
 ```
 
 This client:
@@ -37,7 +38,7 @@ This client:
 Uses the official MCP SDK client library:
 
 ```bash
-npm run debug:sdk
+npm run debug-sdk
 ```
 
 This client:
@@ -52,10 +53,10 @@ Tests the HTTP/SSE transport mode:
 
 ```bash
 # First, start the server in HTTP mode:
-npm run server:http
+npm run server-http
 
 # In another terminal:
-npm run debug:http
+npm run debug-http
 ```
 
 This client:
@@ -115,7 +116,7 @@ All clients test the following scenarios:
 To test against a local Socket API:
 
 ```bash
-# Edit src/index.ts and change SOCKET_API_URL
+# Edit index.ts and change SOCKET_API_URL
 # Then rebuild and test
 ```
 

Dockerfile

@@ -9,10 +9,7 @@ COPY *.json ./
 RUN npm install --ignore-scripts
 
 # Copy all source code
-COPY src ./src
-
-# Build the application
-RUN npm run build
+COPY . .
 
 # Environment variables for configuration
 ENV MCP_PORT="3000"
@@ -21,4 +18,4 @@ ENV MCP_PORT="3000"
 EXPOSE ${MCP_PORT}
 
 # Command to run the server
-CMD [ "node", "build/index.js" , "--http"]
+CMD [ "node", "--experimental-strip-types", "index.ts" , "--http"]

README.md

@@ -81,7 +81,7 @@ Alternatively, you can manually add it to your VS Code MCP configuration in `.vs
 {
   "servers": {
     "socket-mcp": {
-      "type": "http", 
+      "type": "http",
       "url": "https://mcp.socket.dev/"
     }
   }
@@ -148,7 +148,7 @@ For local deployment, you have two options:
 
 Click a button below to install the self-hosted stdio server in your favorite AI assistant.
 
-[![Install in VS Code](https://img.shields.io/badge/VS_Code-Socket_MCP-0098FF?style=flat-square&logo=visualstudiocode&logoColor=white)](https://vscode.dev/redirect/mcp/install?name=socket-mcp&config={"command":"npx","args":["@socketsecurity/mcp@latest"],"type":"stdio"}) 
+[![Install in VS Code](https://img.shields.io/badge/VS_Code-Socket_MCP-0098FF?style=flat-square&logo=visualstudiocode&logoColor=white)](https://vscode.dev/redirect/mcp/install?name=socket-mcp&config={"command":"npx","args":["@socketsecurity/mcp@latest"],"type":"stdio"})
 [![Install in Cursor (stdio)](https://cursor.com/deeplink/mcp-install-dark.svg)](https://cursor.com/install-mcp?name=socket-mcp-stdio&config=eyJjb21tYW5kIjoibnB4IiwiYXJncyI6WyJAc29ja2V0c2VjdXJpdHkvbWNwQGxhdGVzdCJdLCJlbnYiOnsiU09DS0VUX0FQSV9LRVkiOiJ5b3VyLWFwaS1rZXktaGVyZSJ9fQ==)
 
 Claude Code (stdio mode) can be set up with the following command:
@@ -220,7 +220,7 @@ The `depscore` tool allows AI assistants to query the Socket API for dependency
       "version": "4.18.2"
     },
     {
-      "ecosystem": "pypi", 
+      "ecosystem": "pypi",
       "depname": "fastapi",
       "version": "0.100.0"
     }
@@ -241,7 +241,7 @@ pkg:pypi/[email protected]: supply_chain: 1.0, quality: 0.95, maintenance: 0.98, v
    - "Analyze the security of my package.json dependencies"
    - "What are the vulnerability scores for react, lodash, and axios?"
 
-2. **Get comprehensive security insights** including supply chain, quality, maintenance, vulnerability, and license scores.   
+2. **Get comprehensive security insights** including supply chain, quality, maintenance, vulnerability, and license scores.
 
 ### Adjust tool usage with custom rules
 
@@ -317,7 +317,14 @@ npm install
 
 #### Build
 
-To build the project:
+This project is a directly runnable Node.js project using [Type stripping](https://nodejs.org/docs/latest/api/typescript.html).
+If you are on Node.js 22, run with `node --experimental-strip-types index.ts`.
+On any later versions of Node.js, you can simply run `node index.ts`.
+In either version you can also run the npm run scripts which include the correct flags.
+
+The js files will automatically be build when running `npm publish`, and cleaned up afterwards with `npm run clean`.
+
+If you want to preview the build you can run:
 
 ```bash
 npm run build
@@ -329,13 +336,13 @@ To run the Socket MCP server from source:
 
 ```bash
 export SOCKET_API_KEY=your_api_key_here
-node build/index.js
+node --experimental-strip-types index.ts
 ```
 
 Or in HTTP mode:
 
 ```bash
-MCP_HTTP_MODE=true SOCKET_API_KEY=your_api_key_here node build/index.js --http
+MCP_HTTP_MODE=true SOCKET_API_KEY=your_api_key_here node --experimental-strip-types index.ts --http
 ```
 
 ## 🔧 Troubleshooting
@@ -358,7 +365,7 @@ MCP_HTTP_MODE=true SOCKET_API_KEY=your_api_key_here node build/index.js --http
 - Try regenerating your API key from the Socket dashboard
 
 **Q: AI assistant can't find the depscore tool**
-- Restart your MCP client after configuration changes  
+- Restart your MCP client after configuration changes
 - Verify the server configuration is saved correctly
 - Check that the MCP server is running (for local deployments)
 
@@ -367,4 +374,3 @@ MCP_HTTP_MODE=true SOCKET_API_KEY=your_api_key_here node build/index.js --http
 - 📖 [Socket Documentation](https://docs.socket.dev)
 - 🐛 [Report Issues](https://github.com/SocketDev/socket-mcp/issues)
 - 💬 [Community Support](https://github.com/SocketDev/socket-mcp/discussions)
-