Lines 8-48javascript
8 * local `publish_extension`.
10 * The TOOLS themselves live in `tools.ts` (transport-agnostic) so the sibling
11 * remote OAuth server (`@extenshi/mcp-server`) reuses the exact same registry.
12 * This file is just the stdio wiring: it injects deps that resolve identity
13 * from the environment (one `ek_…` key) and enables ALL capabilities.
15 * Auth: an `ek_…` API key is REQUIRED. Over stdio there are no request headers,
16 * so the key comes from the environment (EXTENSHI_API_KEY) / `~/.extenshi`
17 * config — see config.ts. The backend independently enforces the key, so this
18 * is defense in depth, not the only gate.
20 * NB: stdout is the MCP protocol channel — never write to it (use stderr).
22import { createRequire } from 'node:module';
23import { FastMCP, UserError } from 'fastmcp';
24import { makeBff } from './bff.js';
25import { loadConfig } from './config.js';
26import { flushTelemetry, initTelemetry } from './telemetry.js';
27import { MISSING_KEY_MESSAGE, registerTools, SERVER_INSTRUCTIONS, SERVER_NAME, } from './tools.js';
28import { checkForUpdate } from './update-check.js';
29const require = createRequire(import.meta.url);
30const pkg = require('../package.json');
MediumDynamic Require
Package source references dynamic require/import behavior.
dist/index.jsView on unpkg · L28 31initTelemetry({ surface: 'mcp', version: pkg.version });
32const cfg = loadConfig();
33/** Return the configured key or refuse with an actionable instruction. */
34function requireKey() {
36 throw new UserError(MISSING_KEY_MESSAGE);
39/** Build a BFF client bound to the developer's env key (verifies key presence). */
41 return makeBff(cfg.bffUrl, requireKey());
43const server = new FastMCP({
45 // FastMCP types `version` as a semver template literal; package.json gives a plain string.
47 instructions: SERVER_INSTRUCTIONS,