ClickUp MCP Server

# PR Summary: Defensive Server Context, Config, and Test Fixes ## Overview This PR implements comprehensive defensive programming patterns to ensure robust server initialization, configuration handling, and resource cleanup for ClickUp-MCP. The changes improve compatibility with Smithery remote deploy and match Python MCP's permissive behavior. ## Problem Statement The original issue identified several critical problems: 1. **Server context errors**: "Server context not available" from `getServerContext(server)` 2. **Port collisions**: `EADDRINUSE` errors on hardcoded port 3000 3. **Test teardown failures**: `.close()` not available on returned servers 4. **Strict config errors**: Zod validation causing initialization failures ## Solution Overview ### 1. Server Context Registration (src/server/factory.ts) **Changes:** - Added immediate verification after context registration - Enhanced error messages with detailed diagnostics - Added `context_registered` log event **Code:** ```typescript // Verify context was registered successfully const verifyCtx = Reflect.get(server, serverContextSymbol) as ServerContext | undefined; if (!verifyCtx) { logger.error("context_registration_failed", { message: "Failed to register server context - this indicates a critical initialization error" }); throw new Error("Failed to register server context on MCP server instance"); } logger.info("context_registered", { toolCount: context.tools.length, sessionConfigured: !!(context.session.apiToken && context.session.defaultTeamId), connectionId: defaultConnectionId }); ``` **Benefits:** - Prevents "Server context not available" errors - Provides detailed diagnostics when context is missing - Logs context registration for debugging ### 2. Config Normalization (src/index.ts, src/shared/config/schema.ts) **Changes:** - Enhanced Smithery config parsing with structured logging - Never throws on invalid config - always falls back with warnings - Enhanced `toSessionConfig()` to handle NaN/Infinity gracefully - Added config merge logging with source tracking **Code:** ```typescript // In index.ts - defensive Smithery config parsing if (context?.config) { try { overrides = smitheryConfigSchema.parse(context.config) console.log("config_normalized", { ... }); } catch (err) { console.warn("config_normalization_warning", { ... }); overrides = undefined; } } // In schema.ts - defensive numeric value handling if (defaultTeamId !== undefined && !Number.isFinite(defaultTeamId)) { console.warn("session_config_normalization", { ... }); defaultTeamId = undefined; } ``` **Benefits:** - Matches Python MCP permissive behavior - Never fails initialization due to invalid config - Provides clear fallback chain: config → env → default - Logs all normalization events for debugging ### 3. Test Utilities (tests/helpers/server.ts) **New utilities created:** - `closeServerDefensively()` - never throws, only calls .close() if present - `closeHttpBridgeDefensively()` - handles HTTP bridge cleanup safely - `getDynamicPort()` - always returns 0 for OS-assigned dynamic ports - `createCleanupHandler()` - handles multiple resource cleanup with error collection - `invokeInitialize()` - centralizes private API access for testing **Code:** ```typescript export async function closeServerDefensively(server: unknown): Promise<void> { if (!server) return; if (typeof server === "object" && "close" in server && typeof server.close === "function") { try { await server.close(); } catch (error) { console.warn("server_close_warning", { ... }); } } else { console.warn("server_close_skipped", { ... }); } } export function getDynamicPort(): number { return 0; // OS assigns random available port } ``` **Benefits:** - Prevents port collisions (EADDRINUSE) - Prevents resource leaks from failed teardown - Resilient to server shape changes - Comprehensive error logging ### 4. Test Coverage (tests/defensive.*.test.ts) **New tests:** - `tests/defensive.server.test.ts` - 8 tests for server context and teardown - `tests/defensive.config.test.ts` - 11 tests for config normalization **Coverage areas:** - Server context availability after creation - Context registration verification - Dynamic port allocation - Multiple servers without collision - Defensive cleanup error handling - NaN/Infinity config value handling - Malformed config handling - Config merge source tracking - Environment fallback chains ### 5. Documentation (docs/DEFENSIVE_PATTERNS.md) **Contents:** - Comprehensive guide to all defensive patterns - Code examples for each pattern - Migration guide for updating existing tests - Best practices for application and test code - Diagnostic logging reference - Handled edge cases documentation ## Impact ### Application Code - ✅ More robust initialization - ✅ Better error diagnostics - ✅ Improved Smithery compatibility - ✅ Comprehensive logging ### Test Code - ✅ No port collisions - ✅ No resource leaks - ✅ Better error messages - ✅ Resilient to API changes ### Developer Experience - ✅ Clear documentation - ✅ Migration guide - ✅ Best practices - ✅ Debugging support ## Testing Results ### Build ``` ✓ TypeScript compilation successful ✓ No type errors ``` ### Tests ``` ✓ 39 test files passed ✓ 192 tests passed (173 existing + 19 new) ✓ Duration: 6.56s ``` ### Security ``` ✓ CodeQL scan: 0 alerts ✓ No security vulnerabilities ``` ## Code Review All review feedback addressed: - ✅ Simplified redundant Number.isNaN check - ✅ Renamed getTestPort to getDynamicPort for clarity - ✅ Centralized invokeInitialize helper to reduce private API coupling ## Files Changed ``` Modified: - src/index.ts (config normalization) - src/server/factory.ts (context registration) - src/shared/config/schema.ts (defensive numeric handling) Created: - tests/helpers/server.ts (defensive utilities) - tests/defensive.server.test.ts (server context tests) - tests/defensive.config.test.ts (config normalization tests) - docs/DEFENSIVE_PATTERNS.md (comprehensive guide) ``` ## Migration Path Existing code continues to work without changes. New utilities are opt-in for tests that want to be more defensive. ## Recommendations for Future Work 1. Consider migrating existing tests to use defensive utilities 2. Add more structured logging throughout the codebase 3. Consider creating similar defensive patterns for other resources 4. Add integration tests with actual Smithery deploy scenarios ## Conclusion This PR successfully addresses all issues identified in the problem statement: - ✅ Server context is reliably registered with verification - ✅ Port collisions prevented with dynamic port allocation - ✅ Test teardown is defensive and never fails - ✅ Config normalization is permissive and matches Python MCP The implementation follows defensive programming best practices and provides comprehensive documentation for maintainability.