structured-world
diff --git a/‎.github/workflows/ci-cd.yml‎
Lines changed: 3 additions & 0 deletions b/‎.github/workflows/ci-cd.yml‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎.github/workflows/npm-publish.yml‎
Lines changed: 17 additions & 2 deletions b/‎.github/workflows/npm-publish.yml‎
Lines changed: 17 additions & 2 deletions
diff --git a/‎.github/workflows/pr-test.yml‎
Lines changed: 86 additions & 71 deletions b/‎.github/workflows/pr-test.yml‎
Lines changed: 86 additions & 71 deletions
diff --git a/‎.gitignore‎
Lines changed: 3 additions & 0 deletions b/‎.gitignore‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎Dockerfile‎
Lines changed: 2 additions & 0 deletions b/‎Dockerfile‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 19 additions & 4 deletions b/‎README.md‎
Lines changed: 19 additions & 4 deletions
@@ -52,6 +52,9 @@ jobs:
       - name: Install dependencies
         run: yarn install --frozen-lockfile
 
+      - name: Generate Prisma client
+        run: yarn prisma generate
+
       - name: Run linting
         run: yarn lint
 
 
@@ -10,13 +10,28 @@ jobs:
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
+
       - name: Setup Node.js
         uses: actions/setup-node@v4
         with:
-          node-version: '20'
+          node-version: '22'
           registry-url: 'https://registry.npmjs.org/'
+
+      - name: Enable Corepack
+        run: corepack enable
+
+      - name: Install Yarn
+        run: corepack prepare [email protected] --activate
+
       - name: Install dependencies
-        run: npm ci
+        run: yarn install --frozen-lockfile
+
+      - name: Generate Prisma client
+        run: yarn prisma generate
+
+      - name: Build project
+        run: yarn build
+
       - name: Publish to npm
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
 
@@ -8,159 +8,174 @@ on:
 jobs:
   test:
     runs-on: ubuntu-latest
-    
+
     strategy:
       matrix:
-        node-version: [18.x, 20.x, 22.x]
-    
+        node-version: [20.x, 22.x, 24.x]
+
     steps:
     - name: Checkout code
       uses: actions/checkout@v4
-    
+
     - name: Setup Node.js ${{ matrix.node-version }}
       uses: actions/setup-node@v4
       with:
         node-version: ${{ matrix.node-version }}
-        cache: 'npm'
-    
+
+    - name: Enable Corepack
+      run: corepack enable
+
+    - name: Install Yarn
+      run: corepack prepare [email protected] --activate
+
     - name: Install dependencies
-      run: npm ci
-    
+      run: yarn install --frozen-lockfile
+
+    - name: Generate Prisma client
+      run: yarn prisma generate
+
     - name: Build project
-      run: npm run build
-    
+      run: yarn build
+
     - name: Run tests
-      run: npm test
+      run: yarn test
       env:
         GITLAB_API_URL: ${{ secrets.GITLAB_API_URL }}
         GITLAB_TOKEN: ${{ secrets.GITLAB_TOKEN_TEST }}
         GITLAB_PERSONAL_ACCESS_TOKEN: ${{ secrets.GITLAB_PERSONAL_ACCESS_TOKEN }}
         TEST_PROJECT_ID: ${{ secrets.TEST_PROJECT_ID }}
-    
+
     - name: Type check
-      run: npx tsc --noEmit
-    
+      run: yarn tsc --noEmit
+
     - name: Lint check
-      run: npm run lint || echo "No lint script found"
-    
+      run: yarn lint
+
     - name: Check package size
       run: |
-        npm pack --dry-run
+        yarn pack --dry-run
         echo "Package created successfully"
-    
-    - name: Security audit
-      run: npm audit --production || echo "Some vulnerabilities found"
-      continue-on-error: true
-    
-    - name: Test MCP server startup
-      run: |
-        echo "MCP server startup test temporarily disabled for debugging"
-        echo "GITLAB_PERSONAL_ACCESS_TOKEN is: ${GITLAB_PERSONAL_ACCESS_TOKEN:0:10}..."
-      env:
-        GITLAB_API_URL: ${{ secrets.GITLAB_API_URL }}
-        GITLAB_TOKEN: ${{ secrets.GITLAB_TOKEN_TEST }}
-        GITLAB_PERSONAL_ACCESS_TOKEN: ${{ secrets.GITLAB_PERSONAL_ACCESS_TOKEN }}
-        TEST_PROJECT_ID: ${{ secrets.TEST_PROJECT_ID }}
 
   integration-test:
     runs-on: ubuntu-latest
     needs: test
     if: github.event.pull_request.draft == false
-    
+
     steps:
     - name: Checkout code
       uses: actions/checkout@v4
-    
+
     - name: Setup Node.js
       uses: actions/setup-node@v4
       with:
-        node-version: '20.x'
-        cache: 'npm'
-    
+        node-version: '22.x'
+
+    - name: Enable Corepack
+      run: corepack enable
+
+    - name: Install Yarn
+      run: corepack prepare [email protected] --activate
+
     - name: Install dependencies
-      run: npm ci
-    
+      run: yarn install --frozen-lockfile
+
+    - name: Generate Prisma client
+      run: yarn prisma generate
+
     - name: Build project
-      run: npm run build
-    
+      run: yarn build
+
     - name: Run integration tests
       if: ${{ github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository }}
       run: |
         echo "Running integration tests with real GitLab API..."
-        npm run test:integration || echo "No integration test script found"
+        yarn test:integration || echo "No integration test script found"
       env:
         GITLAB_API_URL: ${{ secrets.GITLAB_API_URL }}
         GITLAB_TOKEN: ${{ secrets.GITLAB_TOKEN_TEST }}
         GITLAB_PERSONAL_ACCESS_TOKEN: ${{ secrets.GITLAB_PERSONAL_ACCESS_TOKEN }}
         PROJECT_ID: ${{ secrets.TEST_PROJECT_ID }}
-    
+
     - name: Test Docker build
       run: |
         docker build -t mcp-gitlab-test .
-        docker run --rm mcp-gitlab-test node build/index.js --version || echo "Version check passed"
+        docker run --rm mcp-gitlab-test node dist/src/main.js --version || echo "Version check passed"
 
   code-quality:
     runs-on: ubuntu-latest
-    
+
     steps:
     - name: Checkout code
       uses: actions/checkout@v4
       with:
         fetch-depth: 0
-    
+
     - name: Setup Node.js
       uses: actions/setup-node@v4
       with:
-        node-version: '20.x'
-        cache: 'npm'
-    
+        node-version: '22.x'
+
+    - name: Enable Corepack
+      run: corepack enable
+
+    - name: Install Yarn
+      run: corepack prepare [email protected] --activate
+
     - name: Install dependencies
-      run: npm ci
-    
+      run: yarn install --frozen-lockfile
+
     - name: Check code formatting
       run: |
-        npx prettier --check "**/*.{js,ts,json,md}" || echo "Some files need formatting"
-    
+        yarn prettier --check "**/*.{js,ts,json,md}" || echo "Some files need formatting"
+
     - name: Check for console.log statements
       run: |
-        if grep -r "console\.log" --include="*.ts" --exclude-dir=node_modules --exclude-dir=build --exclude="test*.ts" .; then
-          echo "⚠️ Found console.log statements in source code"
+        if grep -r "console\.log" --include="*.ts" --exclude-dir=node_modules --exclude-dir=dist --exclude="test*.ts" .; then
+          echo "Warning: Found console.log statements in source code"
         else
-          echo "✅ No console.log statements found"
+          echo "No console.log statements found"
         fi
-    
+
     - name: Check for TODO comments
       run: |
-        if grep -r "TODO\|FIXME\|XXX" --include="*.ts" --exclude-dir=node_modules --exclude-dir=build .; then
-          echo "⚠️ Found TODO/FIXME comments"
+        if grep -r "TODO\|FIXME\|XXX" --include="*.ts" --exclude-dir=node_modules --exclude-dir=dist .; then
+          echo "Warning: Found TODO/FIXME comments"
         else
-          echo "✅ No TODO/FIXME comments found"
+          echo "No TODO/FIXME comments found"
         fi
 
   coverage:
     runs-on: ubuntu-latest
     if: github.event.pull_request.draft == false
-    
+
     steps:
     - name: Checkout code
       uses: actions/checkout@v4
-    
+
     - name: Setup Node.js
       uses: actions/setup-node@v4
       with:
-        node-version: '20.x'
-        cache: 'npm'
-    
+        node-version: '22.x'
+
+    - name: Enable Corepack
+      run: corepack enable
+
+    - name: Install Yarn
+      run: corepack prepare [email protected] --activate
+
     - name: Install dependencies
-      run: npm ci
-    
+      run: yarn install --frozen-lockfile
+
+    - name: Generate Prisma client
+      run: yarn prisma generate
+
     - name: Build project
-      run: npm run build
-    
-    - name: Run tests
-      run: npm test
+      run: yarn build
+
+    - name: Run tests with coverage
+      run: yarn test:cov
       env:
         GITLAB_API_URL: ${{ secrets.GITLAB_API_URL }}
         GITLAB_TOKEN: ${{ secrets.GITLAB_TOKEN_TEST }}
         GITLAB_PERSONAL_ACCESS_TOKEN: ${{ secrets.GITLAB_PERSONAL_ACCESS_TOKEN }}
-        TEST_PROJECT_ID: ${{ secrets.TEST_PROJECT_ID }}
+        TEST_PROJECT_ID: ${{ secrets.TEST_PROJECT_ID }}
@@ -25,6 +25,9 @@ coverage/
 scripts/
 !scripts/cleanup-test-groups.js
 !scripts/test_mcp.sh
+!scripts/deploy.sh
 
 # Keep assets
 !assets/
+
+/generated/prisma
@@ -42,6 +42,8 @@ COPY --from=dependencies /app/.yarn ./.yarn
 # Copy source code and config files
 COPY tsconfig*.json ./
 COPY src ./src
+COPY prisma ./prisma
+COPY prisma.config.ts ./
 
 # Build the application
 RUN yarn build
 
@@ -259,11 +259,13 @@ GitLab MCP Server supports OAuth 2.1 authentication for use as a **Claude Custom
 1. In GitLab, navigate to **User Settings > Applications** (or **Admin > Applications** for instance-wide)
 2. Create a new application:
    - **Name**: `GitLab MCP Server`
-   - **Redirect URI**: `https://your-mcp-server.com/oauth/callback`
-   - **Confidential**: `No` (required for device flow)
+   - **Redirect URI**: `https://your-mcp-server.com/oauth/callback` (required for Authorization Code Flow)
+   - **Confidential**: `No` (PKCE provides security without client secret)
    - **Scopes**: Select `api` and `read_user`
 3. Save and copy the **Application ID**
 
+> **Note**: The redirect URI is used by Claude.ai Custom Connectors (Authorization Code Flow). CLI clients use Device Flow which doesn't require redirect URI.
+
 #### Step 2: Configure gitlab-mcp Server
 
 ```bash
@@ -399,15 +401,28 @@ For GitLab instances on private networks (not internet-accessible):
 | Security | Token in config | No tokens in config |
 | Best for | Personal use, CI/CD | Teams, shared access |
 
+### OAuth Flows
+
+The server supports two OAuth flows automatically:
+
+| Flow | Trigger | Used By | How It Works |
+|------|---------|---------|--------------|
+| **Authorization Code Flow** | `redirect_uri` present | Claude.ai Custom Connectors | Redirects to GitLab OAuth, then back to client |
+| **Device Flow** | No `redirect_uri` | CLI clients, Claude Desktop | Shows device code page for manual entry |
+
+The flow is selected automatically based on the presence of `redirect_uri` in the authorization request.
+
 ### OAuth Endpoints
 
 When OAuth is enabled, the following endpoints are available:
 
 | Endpoint | Method | Description |
 |----------|--------|-------------|
 | `/.well-known/oauth-authorization-server` | GET | OAuth metadata discovery |
-| `/authorize` | GET | Start authorization (device flow) |
-| `/oauth/poll` | GET | Poll for authorization completion |
+| `/.well-known/oauth-protected-resource` | GET | Protected resource metadata (RFC 9470) |
+| `/authorize` | GET | Start authorization (auto-selects flow) |
+| `/oauth/callback` | GET | GitLab callback (Auth Code Flow only) |
+| `/oauth/poll` | GET | Poll for completion (Device Flow only) |
 | `/token` | POST | Exchange code for tokens |
 | `/health` | GET | Health check endpoint |