Improved code and project quality

Author: 247arjun

.eslintrc.cjs

@@ -0,0 +1,29 @@
+module.exports = {
+  parser: '@typescript-eslint/parser',
+  extends: [
+    'eslint:recommended'
+  ],
+  plugins: ['@typescript-eslint'],
+  parserOptions: {
+    ecmaVersion: 2022,
+    sourceType: 'module'
+  },
+  env: {
+    node: true,
+    es2022: true
+  },
+  rules: {
+    'no-unused-vars': 'off',
+    '@typescript-eslint/no-unused-vars': 'error',
+    'prefer-const': 'error',
+    'no-var': 'error',
+    'no-console': 'off'
+  },
+  ignorePatterns: [
+    'build/',
+    'dist/',
+    'coverage/',
+    'node_modules/',
+    '*.js'
+  ]
+};

.github/copilot-instructions.md

@@ -0,0 +1,15 @@
+<!-- Use this file to provide workspace-specific custom instructions to Copilot. For more details, visit https://code.visualstudio.com/docs/copilot/copilot-customization#_use-a-githubcopilotinstructionsmd-file -->
+
+This is an MCP (Model Context Protocol) server project that exposes curl functionality to MCP clients.
+
+You can find more info and examples at https://modelcontextprotocol.io/llms-full.txt
+
+## Project Guidelines
+
+- This is a TypeScript project using ES modules
+- The MCP server uses stdio transport for communication with clients
+- All curl operations should be executed safely using the child_process.spawn method
+- Never use console.log() for debugging - use console.error() instead as stdout is reserved for MCP communication
+- The server exposes several tools for common HTTP operations: GET, POST, PUT, DELETE, file downloads, and advanced custom curl commands
+- Security is important: validate and sanitize all user inputs before passing to curl
+- The executeCurl helper function should be used for all curl operations to ensure consistency and safety

.github/workflows/ci.yml

@@ -0,0 +1,64 @@
+name: CI/CD Pipeline
+
+on:
+  push:
+    branches: [ main, develop ]
+  pull_request:
+    branches: [ main ]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    
+    strategy:
+      matrix:
+        node-version: [18.x, 20.x, 22.x]
+    
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+      
+    - name: Setup Node.js ${{ matrix.node-version }}
+      uses: actions/setup-node@v4
+      with:
+        node-version: ${{ matrix.node-version }}
+        cache: 'npm'
+        
+    - name: Install dependencies
+      run: npm ci
+      
+    - name: Run linter
+      run: npm run lint:check
+      
+    - name: Build project
+      run: npm run build
+      
+    - name: Test build artifact
+      run: |
+        chmod +x build/index.js
+        timeout 5s node build/index.js || echo "Build artifact works (expected timeout)"
+        
+    - name: Verify executable permissions
+      run: test -x build/index.js
+
+  security:
+    runs-on: ubuntu-latest
+    
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+      
+    - name: Setup Node.js
+      uses: actions/setup-node@v4
+      with:
+        node-version: '20'
+        cache: 'npm'
+        
+    - name: Install dependencies
+      run: npm ci
+      
+    - name: Run security audit
+      run: npm audit --audit-level=moderate
+      
+    - name: Check for vulnerabilities
+      run: npm audit --production

.gitignore

@@ -4,18 +4,19 @@ npm-debug.log*
 yarn-debug.log*
 yarn-error.log*
 pnpm-debug.log*
+lerna-debug.log*
 
 # Build artifacts
 build/
 dist/
 out/
+lib/
 *.tsbuildinfo
-
-# TypeScript cache
-*.tsbuildinfo
+*.js.map
+tsconfig.tsbuildinfo
 
 # Runtime data
-pids
+pids/
 *.pid
 *.seed
 *.pid.lock
@@ -27,6 +28,9 @@ coverage/
 # nyc test coverage
 .nyc_output
 
+# Jest cache
+.jest/
+
 # Dependency directories
 jspm_packages/
 
@@ -46,20 +50,24 @@ jspm_packages/
 .yarn-integrity
 
 # dotenv environment variables file
-.env
-.env.local
-.env.development.local
-.env.test.local
-.env.production.local
+.env*
+!.env.example
 
 # IDE and editor files
 .vscode/settings.json
 .vscode/launch.json
 .vscode/extensions.json
+.vscode/tasks.json
 .idea/
 *.swp
 *.swo
 *~
+.vim/
+
+# JetBrains IDEs
+*.iml
+*.ipr
+*.iws
 
 # OS generated files
 .DS_Store
@@ -69,43 +77,41 @@ jspm_packages/
 .Trashes
 ehthumbs.db
 Thumbs.db
+Desktop.ini
+
+# Windows specific
+*.lnk
 
 # Logs
-logs
+logs/
 *.log
 
-# Runtime data
-pids
-*.pid
-*.seed
-*.pid.lock
-
-# Optional npm cache directory
-.npm
-
-# ESLint cache
-.eslintcache
-
 # Microbundle cache
 .rpt2_cache/
 .rts2_cache_cjs/
 .rts2_cache_es/
 .rts2_cache_umd/
 
-# Optional REPL history
-.node_repl_history
-
-# Output of 'npm pack'
-*.tgz
-
-# Yarn Integrity file
-.yarn-integrity
-
 # Temporary folders
 tmp/
 temp/
+.tmp/
 
 # MCP specific
 # Keep MCP configuration examples but ignore actual config
 **/mcp-config.json
 !examples/**/mcp-config.json
+
+# Package manager lock files (keep package-lock.json for npm projects)
+# yarn.lock
+# pnpm-lock.yaml
+
+# Compiled binary output
+*.exe
+*.out
+*.app
+
+# Local environment and secrets
+secrets.json
+config.json
+!examples/config.json

.vscode/mcp.json

@@ -0,0 +1,9 @@
+{
+  "servers": {
+    "curl-mcp": {
+      "type": "stdio",
+      "command": "npx",
+      "args": ["curl-mcp"]
+    }
+  }
+}

CHANGELOG.md

@@ -0,0 +1,33 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [1.0.0] - 2025-07-26
+
+### Added
+- Initial release of grep-mcp server
+- Natural language search intent tool (`grep_search_intent`)
+- Direct regex pattern search tool (`grep_regex`)
+- Match counting tool (`grep_count`)
+- File listing tool (`grep_files_with_matches`)
+- Advanced grep tool with custom arguments (`grep_advanced`)
+- Built-in patterns for common searches (emails, URLs, phone numbers, etc.)
+- Security-first design with input validation
+- Comprehensive documentation and examples
+- TypeScript support with full type safety
+- MCP (Model Context Protocol) compliance
+
+### Security
+- Uses `spawn` with `shell: false` to prevent command injection
+- Input validation with Zod schemas
+- Path validation and sanitization
+- Blocked dangerous flags in advanced mode
+
+### Documentation
+- Complete README with usage examples
+- API documentation for all tools
+- Security notes and best practices
+- Development setup instructions

CONTRIBUTING.md

@@ -0,0 +1,107 @@
+# Contributing to grep-mcp
+
+Thank you for your interest in contributing to grep-mcp! This document provides guidelines for contributing to the project.
+
+## Getting Started
+
+1. **Fork the repository** on GitHub
+2. **Clone your fork** locally:
+   ```bash
+   git clone https://github.com/your-username/mcp-grep.git
+   cd mcp-grep
+   ```
+3. **Install dependencies**:
+   ```bash
+   npm install
+   ```
+4. **Build the project**:
+   ```bash
+   npm run build
+   ```
+
+## Development Workflow
+
+1. **Create a feature branch**:
+   ```bash
+   git checkout -b feature/your-feature-name
+   ```
+
+2. **Make your changes** following our coding standards
+
+3. **Build and test**:
+   ```bash
+   npm run build
+   npm test
+   ```
+
+4. **Commit your changes**:
+   ```bash
+   git commit -m "feat: add your feature description"
+   ```
+
+5. **Push to your fork**:
+   ```bash
+   git push origin feature/your-feature-name
+   ```
+
+6. **Create a Pull Request** on GitHub
+
+## Coding Standards
+
+- **TypeScript**: Use TypeScript for all source code
+- **Code Style**: Follow the existing code style and formatting
+- **Error Handling**: Always handle errors appropriately
+- **Security**: Never introduce shell injection vulnerabilities
+- **Documentation**: Update README.md for new features
+- **Validation**: Use Zod schemas for input validation
+
+## Commit Message Convention
+
+We follow conventional commits:
+
+- `feat:` - New features
+- `fix:` - Bug fixes
+- `docs:` - Documentation changes
+- `style:` - Code style changes (formatting, etc.)
+- `refactor:` - Code refactoring
+- `test:` - Adding or updating tests
+- `chore:` - Maintenance tasks
+
+## Testing
+
+- Write tests for new features
+- Ensure all existing tests pass
+- Test with actual MCP clients when possible
+- Include edge cases and error scenarios
+
+## Security Considerations
+
+When contributing:
+
+- Never use `shell: true` in child_process.spawn
+- Always validate user input with Zod schemas
+- Sanitize file paths properly
+- Be cautious with regex patterns that could cause ReDoS
+
+## Pull Request Guidelines
+
+Before submitting a PR:
+
+- ✅ Code builds without errors
+- ✅ All tests pass
+- ✅ Documentation is updated
+- ✅ Commit messages follow convention
+- ✅ No security vulnerabilities introduced
+- ✅ Code follows existing style
+
+## Questions?
+
+Feel free to open an issue for:
+- Bug reports
+- Feature requests
+- Questions about the codebase
+- Clarification on contributing guidelines
+
+## License
+
+By contributing to grep-mcp, you agree that your contributions will be licensed under the MIT License.