chaim/israel-law-mcp
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
41 Commits 1 Branch 0 Tags
438f63ecc3b4912f0ff23d78945f80ac0f663fe4
Commit Graph

41 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jeffrey von Rotz
438f63ecc3 feat: add _citation metadata for deterministic citation pipeline (#17) 
* feat: add citation metadata utility

* feat: add _citation metadata to get-provision response

* fix: add _citation to ToolResponse interface
 2026-04-07 16:37:31 +02:00
Jeffrey von Rotz
6f3daf0f6e ci: add GHCR build workflow (replaces ACR) 2026-04-07 07:55:09 +03:00
Ansvar Fleet Bot
a5dfbd2988 ci: add GHCR build workflow for public package distribution 2026-04-03 14:18:07 +00:00
Mortalus
ad7db3d203 docs: update remote endpoint to mcp.ansvar.eu 
Replace Vercel endpoint URL with self-hosted Hetzner endpoint.
Old: https://israel-law-mcp.vercel.app/mcp
New: https://mcp.ansvar.eu/law-israel-law-mcp/mcp
 2026-03-26 05:17:49 +01:00
Jeffrey von Rotz
b3140321c8 Merge pull request #14 from Ansvar-Systems/dev 
fix: merge Hono security fixes to main
 2026-03-08 06:39:50 +01:00
Jeffrey von Rotz
7cea2b795d Merge pull request #13 from Ansvar-Systems/fix/npm-audit-2026-03-08 
fix: resolve Hono security vulnerabilities
 2026-03-08 06:16:03 +01:00
Mortalus
2da0164e8b fix: resolve npm audit vulnerabilities (Hono CVEs) 
Fixes high-severity Hono framework CVEs:
- GHSA-q5qw-h33p-qvwr (arbitrary file access via serveStatic)
- GHSA-5pq2-9x2x-5p6w (cookie attribute injection)
- GHSA-p6xx-57qc-3wxr (SSE control field injection)
 2026-03-08 05:49:42 +01:00
Jeffrey von Rotz
c2fcb7d900 Merge pull request #11 from Ansvar-Systems/dev 
fix: fleet-wide bug fixes — dedup, wildcard, doc-id, fallback, metadata
 2026-03-06 09:14:35 +01:00
Jeffrey von Rotz
d730245538 fix: apply 5 fleet-wide bug fixes (dedup, wildcard, doc-id, fallback, metadata) (#10) 
- Add deduplicateResults() to search-legislation and build-legal-stance
- Upgrade fts-query with stemming, boolean passthrough, LIKE fallback, OR tier
- Use resolveDocumentId() for document_id parameter in search tools
- Disclose query_strategy and note in metadata on broadened/failed queries
- Add note and query_strategy optional fields to ResponseMetadata interface

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-06 09:14:17 +01:00
Mortalus
20897c74b5 Merge remote-tracking branch 'origin/main' into dev 2026-03-06 08:12:25 +00:00
Jeffrey von Rotz
e5b8a78f92 fix: remove unused imports from about.ts (CI fix) 2026-03-04 10:27:54 +00:00
Jeffrey von Rotz
c52737faa7 Merge pull request #7 from Ansvar-Systems/fix/about-golden-standard 
fix: align about.ts to golden standard Section 4.9
 2026-03-04 11:11:45 +01:00
Jeffrey von Rotz
fac8992038 fix: align about.ts to golden standard Section 4.9 2026-03-04 09:49:24 +00:00
Jeffrey von Rotz
86f610be05 feat: security fix + golden-standard README 
* fix: Dockerfile CMD path and chown for Docker proxy support

* chore: remove legacy codeql.yml (ADR-011 GHAS migration)

* chore: remove legacy gitleaks.yml (ADR-011 GHAS migration)

* docs: add TOOLS.md with tool documentation

* fix(security): update lock file — hono 4.12.3 + SDK 1.27.1 (#4)

Updated transitive deps to patched versions:
- @modelcontextprotocol/sdk: 1.26.0 -> 1.27.1
  (cross-client data leak via shared transport, affects 1.10.0-1.25.3,
  patched in 1.26.0)
- hono: 4.12.0 -> 4.12.3
  (authentication bypass via IP spoofing, patched in 4.12.3)

No package.json change needed — existing semver ranges already allow
the patched versions.

* docs: golden-standard README (#5)

Brings README to production golden standard following the Ansvar Law MCP template.
 2026-03-02 20:25:22 +00:00
Jeffrey von Rotz
68a627d1d0 docs: golden-standard README (#5) 
Brings README to production golden standard following the Ansvar Law MCP template.
 2026-03-02 21:04:30 +01:00
Jeffrey von Rotz
de2982ea41 fix(security): update lock file — hono 4.12.3 + SDK 1.27.1 (#4) 
Updated transitive deps to patched versions:
- @modelcontextprotocol/sdk: 1.26.0 -> 1.27.1
  (cross-client data leak via shared transport, affects 1.10.0-1.25.3,
  patched in 1.26.0)
- hono: 4.12.0 -> 4.12.3
  (authentication bypass via IP spoofing, patched in 4.12.3)

No package.json change needed — existing semver ranges already allow
the patched versions.
 2026-03-02 21:04:26 +01:00
Jeffrey von Rotz
000e6bf796 chore: fleet audit — security, governance, and quality fixes (#1) 
* fix: Dockerfile CMD path and chown for Docker proxy support

* chore: remove legacy codeql.yml (ADR-011 GHAS migration)

* chore: remove legacy gitleaks.yml (ADR-011 GHAS migration)

* docs: add TOOLS.md with tool documentation
 2026-03-02 15:24:15 +01:00
Jeffrey von Rotz
ed706096bf docs: add TOOLS.md with tool documentation 2026-03-02 11:58:47 +00:00
Jeffrey von Rotz
320b7e492f chore: remove legacy gitleaks.yml (ADR-011 GHAS migration) 2026-03-02 11:17:45 +00:00
Jeffrey von Rotz
614e9ef7b7 chore: remove legacy codeql.yml (ADR-011 GHAS migration) 2026-03-02 11:17:44 +00:00
Mortalus
f0bd5acf80 fix: Dockerfile CMD path and chown for Docker proxy support 2026-03-01 05:53:12 +01:00
Mortalus
a15fe54367 feat: add HTTP transport for Docker proxy support 
Adds src/http-server.ts for Streamable HTTP transport, enabling the
law-mcp-proxy to route requests to this MCP via Docker network.

Endpoints: GET /health, POST /mcp, GET /mcp, DELETE /mcp

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-28 08:44:56 +01:00
Mortalus
cf6044b8e3 chore: remove AI tooling artifacts (CLAUDE.md, .claude/, .serena/) 2026-02-28 05:44:23 +01:00
Mortalus
2d38e78d02 feat: expand from 10 to 66 laws — 537 provisions, 10 Basic Law PDFs parsed 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-27 09:09:50 +01:00
Mortalus
8145605d0f ci: add weekly data freshness check workflow 2026-02-22 20:43:10 +01:00
Mortalus
6c9c600f64 docs: add legal disclaimer and privacy notice for professional use 2026-02-22 19:57:03 +01:00
Mortalus
2476300c7e feat: golden-ify Israel Law MCP — census, skipIf tests, dual transport 
Add data/census.json (10 laws, 135 provisions, jurisdiction IL) generated
from database.db. Rewrite golden.test.ts to golden standard pattern with
describe.skipIf guards so tests skip gracefully in CI without DB artifacts.
Update server.json to packages format with streamable-http Vercel endpoint.
Bump version to 1.1.0.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-22 17:30:45 +01:00
Mortalus
b4fee903d5 docs: restore key legislation, deployment tier, and database estimates 2026-02-21 05:43:12 +01:00
Mortalus
3cfa5ac1f9 fix: correct tool name and gitleaks config 2026-02-21 05:37:17 +01:00
Mortalus
392e863f5c chore: add CODEOWNERS 2026-02-21 05:29:02 +01:00
Mortalus
38d1ca339a ci: add CodeQL, Semgrep, Gitleaks, Trivy security scanning 2026-02-21 05:24:54 +01:00
Jeffrey von Rotz
a1deee92cc docs: expand README to gold standard 2026-02-21 05:05:54 +01:00
Jeffrey von Rotz
98cc623b73 chore: add legal disclaimer 2026-02-20 20:56:36 +01:00
Jeffrey von Rotz
5f76b581b2 chore: add contributing guide 2026-02-20 20:56:34 +01:00
Jeffrey von Rotz
0e59a05538 chore: add security policy 2026-02-20 20:56:33 +01:00
Jeffrey von Rotz
9cb830a2f3 fix: remove .vercelignore (excluded tsconfig.json and src, breaking Vercel builds) 2026-02-20 14:43:36 +01:00
Jeffrey von Rotz
2cd3c63936 fix: standardize vercel.json with outputDirectory, rewrites, and health includeFiles 2026-02-20 14:43:35 +01:00
Mortalus
c9b7ecc346 feat: commit built database for reliable deployment 
Database is a build artifact but committed for repos with
rate-limited or hard-to-extract data sources. Rebuild with:
npm run build:db

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-20 08:27:01 +01:00
Mortalus
2c73695c7d chore: track seed data in git for portable DB rebuilds 
Seed JSON files (parsed legislation) are now committed so that
npm run build:db works on any machine without re-ingestion.
Raw source HTML and .db files remain gitignored.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-19 20:46:04 +01:00
Mortalus
1e28f8a6b1 feat: production MCP server with Israeli legislation (multi-source) 
Complete production implementation with shell+adapter architecture,
13 MCP tools, SQLite FTS5 search, and multi-source ingestion pipeline.

Ingestion fetches from UCI mirror, UNODC SHERLOC PDFs, and Knesset
mobile PDFs (135 provisions, 33 definitions). 3 acts with full text,
7 acts metadata-only due to gov.il/nevo.co.il access restrictions.
Knesset OData API used for metadata enrichment.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-19 20:40:01 +01:00
Mortalus
21aa81d2b0 chore: initial MCP preparation package 
14-file blueprint including:
- sources.yml with data source provenance
- 12 golden contract tests with native-language search terms
- 5-6 drift detection anchors
- MCP Registry + npm package configs
- Vercel deployment config (SMALL tier)
- Security policies and issue templates

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-19 13:39:14 +01:00