We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/vpursuit/swipl-mcp-server'
If you have feedback or need assistance with the MCP directory API, please join our Discord server
name: Publish to NPM
on:
push:
tags:
- 'v*.*.*' # swipl-mcp-server releases (v3.0.0)
- 'v*.*.*-*' # swipl-mcp-server pre-releases
release:
types: [created]
workflow_dispatch:
inputs:
package:
description: 'Package to publish (currently only swipl-mcp-server)'
required: false
default: 'swipl-mcp-server'
type: choice
options:
- swipl-mcp-server
dry_run:
description: 'Run tests without publishing'
required: false
default: true
type: boolean
concurrency:
group: publish-${{ github.ref }}
cancel-in-progress: false
env:
NODE_VERSION: '20'
NPM_REGISTRY_URL: 'https://registry.npmjs.org'
# npm Trusted Publishing notes:
# - We previously saw 404 on PUT to the scoped package and ENEEDAUTH.
# - Causes were token-based auth being injected and an older npm that didn't use OIDC.
# - Fix: rely on OIDC only (permissions.id-token: write + --provenance),
# avoid NODE_AUTH_TOKEN, and upgrade npm before publish. See:
# https://docs.npmjs.com/trusted-publishers
jobs:
security-audit:
name: Security Audit
runs-on: ubuntu-22.04
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
check-latest: true
registry-url: ${{ env.NPM_REGISTRY_URL }}
cache: 'npm'
- name: Upgrade npm for workspace protocol support
run: |
echo "Current npm version:"
npm --version
npm install -g npm@11
echo "Upgraded npm version:"
npm --version
- name: Install dependencies
run: npm ci
- name: Install jq for JSON processing
run: sudo apt-get install -y jq
- name: Run security audit
run: npm run security:audit
- name: Check for high/critical vulnerabilities
run: npm run security:check
- name: Verify npm package signatures
run: npm audit signatures
build-and-test:
name: Build and Test
runs-on: ubuntu-22.04
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
registry-url: ${{ env.NPM_REGISTRY_URL }}
cache: 'npm'
- name: Upgrade npm for workspace protocol support
run: |
echo "Current npm version:"
npm --version
npm install -g npm@11
echo "Upgraded npm version:"
npm --version
- name: Install dependencies
run: npm ci
- name: Install SWI-Prolog
run: |
sudo apt-get update
sudo apt-get install -y swi-prolog
- name: Verify SWI-Prolog installation
run: swipl --version
- name: Run linting (if configured)
run: npm run lint --if-present
continue-on-error: true
- name: Build all packages
run: npm run build
- name: Run tests
run: npm test
- name: Verify package contents
run: |
echo "=== Package verification ==="
# Only verify publishable products
for pkg in products/*; do
if [ -f "$pkg/package.json" ]; then
echo ""
echo "Checking $pkg..."
cd "$pkg"
npm pack --dry-run
cd ../..
fi
done
publish:
name: Publish to NPM
needs: [security-audit, build-and-test]
runs-on: ubuntu-22.04
permissions:
contents: write
id-token: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
registry-url: ${{ env.NPM_REGISTRY_URL }}
cache: 'npm'
- name: Install dependencies
run: npm ci
- name: Generate changelog
run: node scripts/generate-changelog.js
- name: Detect packages to publish
id: detect_packages
run: |
# Determine publish configuration for swipl-mcp-server only
PACKAGE_DIR="products"
PACKAGE_NAME="swipl-mcp-server"
NPM_TAG="latest"
if [[ "${GITHUB_REF}" == refs/tags/* ]]; then
TAG="${GITHUB_REF#refs/tags/}"
echo "Processing tag: $TAG"
if [[ ! "$TAG" =~ ^v[0-9]+\.[0-9]+\.[0-9]+(-[A-Za-z0-9.]+)?$ ]]; then
echo "Tag does not match release pattern 'v*.*.*' or 'v*.*.*-*'. Halting publish."
exit 1
fi
if [[ "$TAG" == *-* ]]; then
NPM_TAG="next"
echo "Detected pre-release tag. Using npm dist-tag '$NPM_TAG'."
fi
fi
if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
PACKAGE_NAME="${{ inputs.package }}"
fi
echo "packages=$PACKAGE_NAME" >> $GITHUB_OUTPUT
echo "package_dir=$PACKAGE_DIR" >> $GITHUB_OUTPUT
echo "npm_tag=$NPM_TAG" >> $GITHUB_OUTPUT
echo "Publishing package: $PACKAGE_NAME from $PACKAGE_DIR/ with dist-tag '$NPM_TAG'"
# Important: Older npm may fail OIDC (ENEEDAUTH). Upgrade explicitly.
- name: Ensure recent npm (for OIDC/provenance)
if: inputs.dry_run != true
run: |
npm --version
npm install -g npm@11
npm --version
# OIDC trusted publish: no tokens, provenance enabled.
- name: Publish packages to NPM
if: inputs.dry_run != true
env:
NPM_CONFIG_PROVENANCE: true
run: |
# Ensure OIDC flow (no token-based auth)
unset NODE_AUTH_TOKEN || true
PACKAGE_DIR="${{ steps.detect_packages.outputs.package_dir }}"
# Publish each detected package
for pkg in ${{ steps.detect_packages.outputs.packages }}; do
echo ""
echo "==================================="
echo "Publishing @vpursuit/$pkg"
echo "==================================="
# Check if version already exists
PACKAGE_NAME="@vpursuit/$pkg"
PACKAGE_VERSION=$(node -p "require('./$PACKAGE_DIR/$pkg/package.json').version")
echo "Checking if $PACKAGE_NAME@$PACKAGE_VERSION already exists..."
if npm view "$PACKAGE_NAME@$PACKAGE_VERSION" version 2>/dev/null; then
echo "⚠️ Version $PACKAGE_VERSION already exists on NPM, skipping"
continue
fi
echo "✅ Version $PACKAGE_VERSION does not exist, publishing..."
# Publish from workspace
NPM_TAG="${{ steps.detect_packages.outputs.npm_tag }}"
npm publish --workspace="$PACKAGE_DIR/$pkg" --access public --provenance --tag "$NPM_TAG"
echo "✅ Successfully published $PACKAGE_NAME@$PACKAGE_VERSION"
done
- name: Dry Run - Show what would be published
if: inputs.dry_run == true
run: |
echo "DRY RUN: Would publish the following packages:"
echo ""
PACKAGE_DIR="${{ steps.detect_packages.outputs.package_dir }}"
for pkg in ${{ steps.detect_packages.outputs.packages }}; do
echo "==================================="
echo "Package: @vpursuit/$pkg"
echo "==================================="
cd "$PACKAGE_DIR/$pkg"
npm pack --dry-run
cd ../..
echo ""
done
- name: Create GitHub Release
if: inputs.dry_run != true && github.event_name == 'push'
run: |
# Create release for the first published package
FIRST_PKG=$(echo "${{ steps.detect_packages.outputs.packages }}" | awk '{print $1}')
PACKAGE_DIR="${{ steps.detect_packages.outputs.package_dir }}"
if [ -n "$FIRST_PKG" ]; then
PACKAGE_NAME="@vpursuit/$FIRST_PKG"
PACKAGE_VERSION=$(node -p "require('./$PACKAGE_DIR/$FIRST_PKG/package.json').version")
TAG="${GITHUB_REF#refs/tags/}"
# Create minimal release notes header
cat > release_notes.md <<EOF
Released to NPM as $PACKAGE_NAME@$PACKAGE_VERSION
## Installation
\`\`\`bash
npm install $PACKAGE_NAME
\`\`\`
## Requirements
- Node.js ≥ 20.0.0
EOF
# Add SWI-Prolog requirement for server package
if [ "$FIRST_PKG" = "swipl-mcp-server" ]; then
echo "- SWI-Prolog installed and available in PATH" >> release_notes.md
fi
# Add changelog link
cat >> release_notes.md <<EOF
## Changes
See [CHANGELOG.md](https://github.com/vpursuit/model-context-lab/blob/main/CHANGELOG.md) for full details.
EOF
# Create release with auto-generated notes
gh release create "$TAG" \
--title "Release $TAG" \
--notes-file release_notes.md \
--generate-notes
fi
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}