jubnl af10ab1c93 fix: add /mcp to open-CORS pre-middleware ...

External MCP clients (ChatGPT, Claude.ai, MCP Inspector) call /mcp
cross-origin with Bearer tokens. The OPTIONS preflight was hitting the
SPA catch-all because the global cors({ origin: false }) didn't add
Access-Control-Allow-Origin. Without a valid CORS response the browser
blocked the subsequent POST, preventing the 401 WWW-Authenticate header
from being read — ChatGPT reported 'does not implement OAuth'.

2026-05-05 13:57:52 +02:00

..

assets

refactor: move airports.json out of server/data into server/assets

2026-04-18 02:02:09 +02:00

public

chore(CRLF): normalize index.html line endings to LF

2026-04-05 04:35:17 +02:00

scripts

docs: add full wiki with 74 pages, assets, and CI workflow

2026-04-20 10:11:53 +02:00

src

fix: add /mcp to open-CORS pre-middleware

2026-05-05 13:57:52 +02:00

tests

feat: migrate OAuth public endpoints to MCP SDK auth handlers

2026-05-05 13:01:32 +02:00

.env.example

fix: add APP_VERSION fallback and HOST bind address env var (#952 #953) (#955)

2026-05-04 14:21:55 +02:00

package-lock.json

chore: bump version to 3.0.15 [skip ci]

2026-05-04 12:22:15 +00:00

package.json

chore: bump version to 3.0.15 [skip ci]

2026-05-04 12:22:15 +00:00

reset-admin.js

Stabilize core: better-sqlite3, versioned migrations, graceful shutdown

2026-03-22 17:52:24 +01:00

tsconfig.json

feat: migrate OAuth public endpoints to MCP SDK auth handlers

2026-05-05 13:01:32 +02:00

vitest.config.ts

refactor(mcp): replace direct DB access with service layer calls

2026-04-04 18:12:53 +02:00