UNPKG

@jupiterone/jupiterone-mcp

Version:

Model Context Protocol server for JupiterOne account rules and rule details

37 lines 1.9 kB
import { GraphQLClient } from 'graphql-request'; /** * Error surfaced to callers in place of graphql-request's `ClientError`. * * `ClientError.message` embeds `JSON.stringify({ response, request })` — i.e. the full * GraphQL query, its variables, and the response status/headers/body. Surfacing that into * model context or stderr leaks internal API structure and (via variables) potentially * sensitive values. This type exposes only the upstream error message and status code. */ export declare class JupiterOneApiError extends Error { readonly statusCode?: number; /** * The first GraphQL error's `extensions.code` (e.g. `FORBIDDEN`, `UNAUTHENTICATED`) when the * upstream delivered the failure as a GraphQL error inside an HTTP 200. Authorization rejections * arrive this way, so preserving the code lets the error layer frame them as access-denied even * though the transport status is 200. */ readonly code?: string; constructor(message: string, statusCode?: number, code?: string); } /** * Convert any thrown value into a sanitized error safe for model context and logs. * * For a `ClientError`, keeps only the upstream GraphQL error message (which the J1QL * validator pattern-matches on) and the status code; drops the query, variables, headers, * and raw response body. Other errors are reduced to their message with no object dumping. */ export declare function sanitizeGraphQLError(error: unknown): JupiterOneApiError; /** * GraphQLClient that routes every thrown error through {@link sanitizeGraphQLError}. Fixing * the leak at the single shared client means downstream services and tool handlers never * see the raw `ClientError`, without editing every call site. */ export declare class SanitizingGraphQLClient extends GraphQLClient { request(...args: any[]): Promise<any>; } //# sourceMappingURL=sanitize-error.d.ts.map