MCP/mcaxl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
mcaxl/CHANGELOG.md
Ryan Malloy 87d697f461 Pre-publish PII scrub per python.md rule 
Six surgical scrubs to clear cluster-fingerprint references before the
PyPI release. Per `~/.claude/rules/python.md`'s pre-publish PII audit
section: specific build strings (`15.0.1.12900-234`-style maintenance
release IDs) and cluster role descriptors ("production") narrow the
fingerprint of which deployment the developer tested against. Replaced
with the more accurate Cisco user-facing version ("CUCM 15.0(1)" or
"CUCM 15") and operational descriptor ("live cluster" — same trust
signal without the prod disclosure).

Files:
  README.md
    "Tested against CUCM 15.0.1.12900" → "Tested against CUCM 15.0(1)"
    placeholder host hardened to "cucm-pub.example.com" (RFC-reserved
    `.example` TLD per the rule's documented convention)

  CHANGELOG.md
    "production CUCM 15.0.1.12900 cluster" → "live CUCM 15 cluster"

  src/mcaxl/risport.py
    Comment: "verified against CUCM 15.0.1.12900 documentation" →
            "verified against CUCM 15 RisPort70 docs"

  src/mcaxl/route_plan.py
    Comment: "the typepatternusage table in CUCM 15.0.1.12900" →
            "the typepatternusage table in CUCM 15"

  .env.example
    Normalized to RFC-reserved values:
      cucm-pub        → cucm-pub.example.com
      AxlUser         → axl-readonly  (descriptive function, not
                                       a real-account-shape name)
      TopSecret...    → replace-with-your-password (clearly a placeholder)

Audit verification:
  grep -rnE '15\.0\.1\.12900|bingham|SupportedSystems|CCX-AXL|CER-AXL|
             CUC-AXL|TabSync|variphy|production|10\.[0-9]+\.[0-9]+\.[0-9]+|
             172\.(1[6-9]|2[0-9]|3[01])\.[0-9]+\.[0-9]+|192\.168\.[0-9]+\.[0-9]+'
       src/ pyproject.toml README.md CHANGELOG.md .env.example
  → returns empty (verified)

Sdist verification:
  tar -tzf dist/mcaxl-2026.4.27.tar.gz | grep -iE 'CLAUDE|axlsqltoolkit|
                                                     bingham|tests/'
  → returns empty (verified)

  Tests directory IS excluded from sdist via
  `[tool.hatch.build.targets.sdist] exclude = ["tests/"]` — important
  because test fixtures contain real cluster hostnames in mock SOAP
  responses (test_risport.py SAMPLE_RESPONSE). Tests stay in the source
  repo for development; they don't ship to PyPI.

Tests still pass: 155/155.

Ready for `uv publish --token …`.
2026-04-27 13:00:35 -06:00

2.7 KiB
Raw Blame History

Changelog

This project uses CalVer — version numbers encode the date the package was tested against the upstream Cisco APIs and published. Format: YYYY.MM.DD with optional .N post-release suffix for same-day fixes.

2026.04.27 — initial public release

First public release on PyPI as mcaxl. Renamed from the internal working name mcp-cucm-axl to fit the operator's mc<interface> naming convention.

Tools (19 total)

Foundational: axl_version, axl_sql, axl_list_tables, axl_describe_table, cache_stats, cache_clear, health.

Route plan: route_partitions, route_calling_search_spaces, route_patterns, route_inspect_pattern, route_lists_and_groups, route_translation_chain, route_digit_discard_instructions, route_device_pool_route_groups, route_devices_using_css, route_filters.

Real-time registration (RisPort70): device_registration_status, device_registration_summary.

Prompts (10 total)

Schema-grounded conversation seeds: route_plan_overview, investigate_pattern, audit_routing, cucm_sql_help, sip_trunk_report, phone_inventory_report, user_audit, inbound_did_audit, hunt_pilot_audit, whoami.

Engineering rigor

  • Read-only by structural guarantee: no AXL write methods are registered; the SQL validator rejects non-SELECT/WITH queries as defense-in-depth.
  • Hamilton-style review closed: 7 findings (2 Critical, 3 Major, 2 Minor) addressed during pre-release hardening, each with a regression test.
  • Live-cluster verified: every tool path verified against a live CUCM 15 cluster before release.
  • 155 unit tests, schema drift guard for all 71 known fkcallingsearchspace_* columns (via test_complete_schema_coverage_against_known_columns).

Known limitations

  • route_translation_chain evaluates CUCM wildcards (X, !, [0-9], @, \\+) but does not model route-filter constraints on @ patterns — use as guidance, not authoritative.
  • AXL WSDL must be supplied externally (Cisco-licensed; not bundled). See README.md for bootstrap instructions.
  • RisPort state_info cursor pagination is implemented but not yet stress-tested on clusters with > 1000 devices in a single class.

Acknowledgments

Borrowed two ideas from @calltelemetry/cisco-cucm-mcp (MIT licensed): the RisPort70 SOAP envelope shape and the exponential-backoff retry policy on HTTP 503. Their tool covers operational debugging (logs, perfmon, packet capture) — install both side-by-side for compound questions like "audit found CSS X unreferenced AND RisPort confirms zero phones registered against it."