Allows executing DQL queries against Ditto databases using Docker containers as an alternative runtime environment for the MCP server
Ditto MCP Server — Secure DQL for Ditto
📚 Table of Contents
Overview
An open‑source Model Context Protocol server that executes Ditto DQL over HTTPS with capability gating and safety checks. Designed for Cursor, Claude Code, VS Code Copilot Chat (MCP), Windsurf, Zed, and more.
Features
Ping health tool,
execute_dqltool, andditto://configresourceStatement guardrails: single statement, operation allow‑list, optional query pattern allow‑list
Config via env, CLI, or client config
Native ESM, strict TypeScript, zero runtime deps beyond MCP SDK
Requirements
Node.js >= 18.17
A Ditto app base URL, e.g.
https://MY_APP.cloud.ditto.liveA Ditto API key with access to that app
Quick Start (Local)
Defaults to stdio transport. Provide env vars (recommended):
Install in Clients
Below are minimal JSON snippets. See each client’s docs for full syntax and options.
Cursor
Add to ~/.cursor/mcp.json or project .cursor/mcp.json:
Claude Code CLI
VS Code Copilot Chat (Insiders)
Windsurf
Add to Windsurf MCP config (see their docs for exact path):
Zed
Add to ~/.config/zed/settings.json:
Roo Code / Cline
Add in settings under MCP servers or marketplace manual JSON:
JetBrains AI Assistant
Settings → Tools → AI Assistant → MCP → Add → As JSON:
LM Studio
Program → Install → Edit mcp.json:
Warp
Settings → AI → Manage MCP servers:
Amazon Q Developer CLI
~/.aws/q/developer/cli/config.json:
Gemini CLI
~/.gemini/settings.json:
Tools & Resources
ping– returnspongfor connectivity checkexecute_dql– run a parameterized DQL against Dittostatement(string, required) – single statement, no trailing;args(object, optional) – named parameterstransactionId(number, optional) – X‑DITTO‑TXN‑IDapiKey(string, optional) – override key; prefer envbaseUrl(string, optional) – override base URLtimeoutMs(number, optional, <= 60000)
Resource:
ditto://config– redacted runtime config
Example: SELECT with named args
Returns a JSON envelope with items, queryType, warnings, and optional error.
Configuration
You can configure via env, CLI, or client configs. Env is preferred for secrets.
Environment variables:
DITTO_BASE_URL– e.g.https://MY_APP.cloud.ditto.liveDITTO_API_KEY– Ditto API keyMCP_DITTO_ALLOWED–READ,ALL, or a comma list likeSELECT,INSERTMCP_DITTO_QUERY_ALLOW_PATTERNS– comma/semicolon‑separated regex allow‑listDITTO_TIMEOUT_MS– default per‑call timeout (ms)DITTO_API_KEY_ENV– env var name to read API key from (defaultDITTO_API_KEY)MCP_SERVER_NAME– server display nameMCP_SERVER_VERSION– overrides the reported server version (default: package.json version; fallback:0.0.0-dev)LOG_LEVEL– controls logging verbosity:debug|info|warn|error|silent(default:info)
Configuration precedence: CLI flags > environment variables. Reported version precedence: MCP_SERVER_VERSION > package.json > 0.0.0-dev.
CLI flags (subset):
Transport argument defaults to stdio. This package currently exposes stdio only.
MCP Client One‑click Patterns
Cursor deeplink button above for instant install into
~/.cursor/mcp.json.
Security Notes
Prefer environment variables for secrets; avoid CLI args containing secrets
Allowed operation gating and optional regex allow‑list help constrain queries
Logs redact tokens and obvious secret patterns
Development
Linting is TypeScript‑strict by design. The prepack script builds automatically before npm publish.
Test with MCP Inspector
Alternative Runtimes
Windows PowerShell example:
Docker
Build the image:
Run with env vars:
You can also configure Docker as a local MCP command in clients that support running a container for stdio transport. Example:
Troubleshooting
If tools don’t appear, refresh/toggle the server in your client
Ensure
DITTO_BASE_URLandDITTO_API_KEYare setIn Windows, provide full
nodeanddist/index.jspaths if needed
If your client has trouble auto-installing via npx, try bunx -y ditto-mcp-server.
Versioning & Changelog
See CHANGELOG.md.
License
MIT © EVT Engineering and contributors
This project is not affiliated with Ditto. “Ditto” is a respective trademark of its owner.
remote-capable server
The server can be hosted and run remotely because it primarily relies on remote services or has no dependency on the local environment.
Tools
Enables secure execution of Ditto DQL (Data Query Language) queries over HTTPS with safety checks and capability gating. Supports parameterized queries, health checks, and configuration management for Ditto database operations.