You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: CLAUDE.md
+6-6Lines changed: 6 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -4,13 +4,13 @@ Guidance for Claude Code when working with this repository.
4
4
5
5
## Project Overview
6
6
7
-
**CyberChef MCP Server** (v1.8.0) - Fork of GCHQ CyberChef wrapping the Node.js API into an MCP server. Exposes 300+ operations (encryption, encoding, compression, forensics) as AI assistant tools.
7
+
**CyberChef MCP Server** (v1.9.0) - Fork of GCHQ CyberChef wrapping the Node.js API into an MCP server. Exposes 300+ operations (encryption, encoding, compression, forensics) as AI assistant tools.
8
8
9
9
| Metric | Value |
10
10
|--------|-------|
11
-
| MCP Version | 1.8.0 |
12
-
| Tests |563 (100% passing) |
13
-
| Coverage |74.97% lines, 90.39% functions |
11
+
| MCP Version | 1.9.0 |
12
+
| Tests |689 (100% passing) |
13
+
| Coverage |75.64% lines, 91.5% functions |
14
14
15
15
**Focus:** MCP server (`src/node/mcp-server.mjs`), not the web app.
16
16
@@ -38,7 +38,7 @@ npm start # Dev server with hot reload
38
38
npm run build # Production build
39
39
npm run lint # ESLint (zero errors required)
40
40
npm test# Core unit tests
41
-
npm run test:mcp # MCP server tests (563 tests)
41
+
npm run test:mcp # MCP server tests (689 tests)
42
42
npm run test:coverage # Coverage report (thresholds: 70% lines/functions)
43
43
npm run testnodeconsumer # Test CJS/ESM consumers
44
44
```
@@ -131,5 +131,5 @@ git tag -a v1.x.x -F docs/releases/v1.x.x.md && git push origin v1.x.x
Copy file name to clipboardExpand all lines: README.md
+50-14Lines changed: 50 additions & 14 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -4,7 +4,7 @@ This project provides a **Model Context Protocol (MCP)** server interface for **
4
4
5
5
By running this server, you enable AI assistants (like Claude, Cursor AI, and others) to natively utilize CyberChef's extensive library of 463 data manipulation operations—including encryption, encoding, compression, and forensic analysis—as executable tools.
@@ -64,19 +64,25 @@ The server exposes CyberChef operations as MCP tools:
64
64
- Shows deprecation warnings triggered in current session
65
65
- Reports session duration, suppression status, and v2 compatibility mode
66
66
- Lists all 8 deprecation codes (DEP001-DEP008) with details
67
+
***Worker Thread Pool** (v1.9.0): CPU-intensive operations offloaded to worker threads
68
+
*`cyberchef_worker_stats` - Monitor worker pool utilization, active/completed tasks, and pool configuration
69
+
* Enable with `ENABLE_WORKERS=true` environment variable
70
+
* Configurable pool size, idle timeout, and minimum input size for worker routing
67
71
68
72
### Technical Highlights
69
73
***Dockerized**: Runs as a lightweight, self-contained Docker container based on Chainguard distroless Node.js 22 (~90MB compressed, 70% smaller attack surface than traditional images).
70
74
***Dual-Registry Publishing**: Images published to both Docker Hub and GitHub Container Registry (GHCR) for maximum accessibility and Docker Scout health score optimization.
71
75
***Supply Chain Attestations**: SBOM and provenance attestations attached to Docker Hub images for enhanced security transparency and compliance (SLSA Build Level 3).
72
-
***Stdio Transport**: Communicates via standard input/output, making it easy to integrate with CLI-based MCP clients.
76
+
***Dual Transport** (v1.9.0): Stdio (default) or Streamable HTTP via `CYBERCHEF_TRANSPORT=http` for browser and remote clients.
77
+
***MCP Streaming with Progress** (v1.9.0): Operations send `notifications/progress` via the MCP SDK progress token mechanism for real-time status updates during long-running tasks.
78
+
***Worker Thread Pool** (v1.9.0): Piscina-based worker threads offload CPU-intensive operations (AES, Blowfish, bcrypt, scrypt, PBKDF2, etc.) to prevent event loop blocking. Configurable pool size and routing thresholds.
73
79
***Schema Validation**: All inputs are validated against schemas derived from CyberChef's internal type system using `zod`.
74
80
***Modern Node.js**: Fully compatible with Node.js v22+ with automated compatibility patches.
75
81
***Recipe Management** (v1.6.0): Save and reuse multi-operation workflows with full CRUD operations, import/export in multiple formats (JSON/YAML/URL/CyberChef), recipe composition with nesting support, and curated library of 25+ production-ready recipes across 5 categories. See [Recipe Management Guide](docs/guides/recipe_management.md) for details.
76
82
***Advanced Features** (v1.7.0): Enterprise-grade capabilities with batch processing (parallel/sequential execution of up to 100 operations), privacy-first telemetry collection (disabled by default, no input/output data captured), sliding window rate limiting for resource protection, enhanced caching with inspection tools, and resource quota tracking (concurrent operations, data sizes). All features are configurable via environment variables with secure defaults. See [Release Notes](docs/releases/v1.7.0.md) for details.
77
83
***Enhanced Observability** (v1.5.0): Structured JSON logging with Pino for production monitoring, comprehensive error handling with actionable recovery suggestions, automatic retry logic with exponential backoff, request correlation with UUID tracking, circuit breaker pattern for cascading failure prevention, and streaming infrastructure for progressive results on large operations. See [Release Notes](docs/releases/v1.5.0.md) for details.
78
84
***Performance Optimized** (v1.4.0): LRU cache for operation results (100MB default), automatic streaming for large inputs (10MB+ threshold), configurable resource limits (100MB max input, 30s timeout), memory monitoring, and comprehensive benchmark suite. See [Performance Tuning Guide](docs/architecture/performance-tuning.md) for configuration options.
79
-
***Upstream Sync Automation** (v1.3.0): Automated monitoring of upstream CyberChef releases every 6 hours, one-click synchronization workflow, comprehensive validation test suite with 563 tests, and emergency rollback mechanism.
85
+
***Upstream Sync Automation** (v1.3.0): Automated monitoring of upstream CyberChef releases every 6 hours, one-click synchronization workflow, comprehensive validation test suite with 689 tests, and emergency rollback mechanism.
80
86
***Security Hardened** (v1.4.5+): Chainguard distroless base image with zero-CVE baseline, non-root execution (UID 65532), automated Trivy vulnerability scanning with build-fail thresholds, dual SBOM strategy (Docker Scout attestations + CycloneDX), read-only filesystem support, SLSA Build Level 3 provenance, and 7-day SLA for critical CVE patches. Fixed 11 of 12 code scanning vulnerabilities including critical cryptographic randomness weakness and 7 ReDoS vulnerabilities. See [Security Policy](SECURITY.md) and [Security Fixes Report](docs/security/SECURITY_FIX_REPORT.md) for details.
81
87
***Production Ready**: Comprehensive CI/CD with CodeQL v4, automated testing, and dual-registry container publishing (Docker Hub + GHCR) with complete supply chain attestations.
82
88
@@ -109,17 +115,17 @@ For environments without direct GHCR access, download the pre-built Docker image
109
115
1.**Download the tarball** (approximately 90MB compressed):
0 commit comments