feat: add controlled client-side logging that respects NODE_ENV

ashwin-ant · ashwin-ant · commit a2ad1d6a8e2e · 2025-06-19T10:43:55.000-07:00
- Add logging utility that suppresses output when NODE_ENV=production
- Replace all console usage in client code with logger
- Add ESLint no-console rule for client code (except logging.ts)

This prevents unwanted console output in production environments
like Claude Code while still allowing debugging in development.
diff --git a/eslint.config.mjs b/eslint.config.mjs
@@ -15,5 +15,12 @@ export default tseslint.config(
                 { "argsIgnorePattern": "^_" }
             ]
         }
+    },
+    {
+        files: ["src/client/**/*.ts"],
+        ignores: ["src/client/logging.ts"],
+        rules: {
+            "no-console": "error"
+        }
     }
 );
diff --git a/src/client/auth.ts b/src/client/auth.ts
@@ -3,6 +3,7 @@ import { LATEST_PROTOCOL_VERSION } from "../types.js";
 import type { OAuthClientMetadata, OAuthClientInformation, OAuthTokens, OAuthMetadata, OAuthClientInformationFull, OAuthProtectedResourceMetadata } from "../shared/auth.js";
 import { OAuthClientInformationFullSchema, OAuthMetadataSchema, OAuthProtectedResourceMetadataSchema, OAuthTokensSchema } from "../shared/auth.js";
 import { resourceUrlFromServerUrl } from "../shared/auth-utils.js";
+import { logger } from "./logging.js";
 
 /**
  * Implements an end-to-end OAuth client to be used with one MCP server.
@@ -117,7 +118,7 @@ export async function auth(
       authorizationServerUrl = resourceMetadata.authorization_servers[0];
     }
   } catch (error) {
-    console.warn("Could not load OAuth Protected Resource metadata, falling back to /.well-known/oauth-authorization-server", error)
+    logger.warn("Could not load OAuth Protected Resource metadata, falling back to /.well-known/oauth-authorization-server", error)
   }
 
   const resource: URL | undefined = await selectResourceURL(serverUrl, provider, resourceMetadata);
@@ -176,7 +177,7 @@ export async function auth(
       await provider.saveTokens(newTokens);
       return "AUTHORIZED";
     } catch (error) {
-      console.error("Could not refresh OAuth tokens:", error);
+      logger.error("Could not refresh OAuth tokens:", error);
     }
   }
 
@@ -222,7 +223,7 @@ export function extractResourceMetadataUrl(res: Response): URL | undefined {
 
   const [type, scheme] = authenticateHeader.split(' ');
   if (type.toLowerCase() !== 'bearer' || !scheme) {
-    console.log("Invalid WWW-Authenticate header format, expected 'Bearer'");
+    logger.log("Invalid WWW-Authenticate header format, expected 'Bearer'");
     return undefined;
   }
   const regex = /resource_metadata="([^"]*)"/;
@@ -235,7 +236,7 @@ export function extractResourceMetadataUrl(res: Response): URL | undefined {
   try {
     return new URL(match[1]);
   } catch {
-    console.log("Invalid resource metadata url: ", match[1]);
+    logger.log("Invalid resource metadata url: ", match[1]);
     return undefined;
   }
 }
diff --git a/src/client/index.ts b/src/client/index.ts
@@ -45,6 +45,7 @@ import {
 } from "../types.js";
 import Ajv from "ajv";
 import type { ValidateFunction } from "ajv";
+import { logger } from "./logging.js";
 
 export type ClientOptions = ProtocolOptions & {
   /**
@@ -487,7 +488,7 @@ export class Client<
           const validator = this._ajv.compile(tool.outputSchema);
           this._cachedToolOutputValidators.set(tool.name, validator);
         } catch (error) {
-          console.warn(`Failed to compile output schema for tool ${tool.name}: ${error}`);
+          logger.warn(`Failed to compile output schema for tool ${tool.name}: ${error}`);
         }
       }
     }
diff --git a/src/client/logging.ts b/src/client/logging.ts
@@ -0,0 +1,41 @@
+/**
+ * Client-side logging utility that suppresses console output in production environments.
+ * Logs are shown when NODE_ENV is not set to 'production'.
+ */
+
+const isDebugEnabled = (): boolean => {
+  // Allow logging unless explicitly in production
+  if (typeof process !== "undefined" && process.env) {
+    return process.env.NODE_ENV !== "production";
+  }
+  // If process.env is not available, default to allowing logs
+  return true;
+};
+
+const debugEnabled = isDebugEnabled();
+
+export const logger = {
+  log: (...args: unknown[]): void => {
+    if (debugEnabled) {
+      console.log(...args);
+    }
+  },
+
+  warn: (...args: unknown[]): void => {
+    if (debugEnabled) {
+      console.warn(...args);
+    }
+  },
+
+  error: (...args: unknown[]): void => {
+    if (debugEnabled) {
+      console.error(...args);
+    }
+  },
+
+  debug: (...args: unknown[]): void => {
+    if (debugEnabled) {
+      console.debug(...args);
+    }
+  },
+};

Original file line number	Diff line number	Diff line change
`@@ -15,5 +15,12 @@ export default tseslint.config(`
`15`	`15`	`{ "argsIgnorePattern": "^_" }`
`16`	`16`	`]`
`17`	`17`	`}`
	`18`	`+ },`
	`19`	`+ {`
	`20`	`+ files: ["src/client/*/.ts"],`
	`21`	`+ ignores: ["src/client/logging.ts"],`
	`22`	`+ rules: {`
	`23`	`+ "no-console": "error"`
	`24`	`+ }`
`18`	`25`	`}`
`19`	`26`	`);`
Original file line number	Diff line number	Diff line change
`@@ -3,6 +3,7 @@ import { LATEST_PROTOCOL_VERSION } from "../types.js";`
`3`	`3`	`import type { OAuthClientMetadata, OAuthClientInformation, OAuthTokens, OAuthMetadata, OAuthClientInformationFull, OAuthProtectedResourceMetadata } from "../shared/auth.js";`
`4`	`4`	`import { OAuthClientInformationFullSchema, OAuthMetadataSchema, OAuthProtectedResourceMetadataSchema, OAuthTokensSchema } from "../shared/auth.js";`
`5`	`5`	`import { resourceUrlFromServerUrl } from "../shared/auth-utils.js";`
	`6`	`+import { logger } from "./logging.js";`
`6`	`7`
`7`	`8`	`/**`
`8`	`9`	`* Implements an end-to-end OAuth client to be used with one MCP server.`
`@@ -117,7 +118,7 @@ export async function auth(`
`117`	`118`	`authorizationServerUrl = resourceMetadata.authorization_servers[0];`
`118`	`119`	`}`
`119`	`120`	`} catch (error) {`
`120`		`- console.warn("Could not load OAuth Protected Resource metadata, falling back to /.well-known/oauth-authorization-server", error)`
	`121`	`+ logger.warn("Could not load OAuth Protected Resource metadata, falling back to /.well-known/oauth-authorization-server", error)`
`121`	`122`	`}`
`122`	`123`
`123`	`124`	`const resource: URL \| undefined = await selectResourceURL(serverUrl, provider, resourceMetadata);`
`@@ -176,7 +177,7 @@ export async function auth(`
`176`	`177`	`await provider.saveTokens(newTokens);`
`177`	`178`	`return "AUTHORIZED";`
`178`	`179`	`} catch (error) {`
`179`		`- console.error("Could not refresh OAuth tokens:", error);`
	`180`	`+ logger.error("Could not refresh OAuth tokens:", error);`
`180`	`181`	`}`
`181`	`182`	`}`
`182`	`183`
`@@ -222,7 +223,7 @@ export function extractResourceMetadataUrl(res: Response): URL \| undefined {`
`222`	`223`
`223`	`224`	`const [type, scheme] = authenticateHeader.split(' ');`
`224`	`225`	`if (type.toLowerCase() !== 'bearer' \|\| !scheme) {`
`225`		`- console.log("Invalid WWW-Authenticate header format, expected 'Bearer'");`
	`226`	`+ logger.log("Invalid WWW-Authenticate header format, expected 'Bearer'");`
`226`	`227`	`return undefined;`
`227`	`228`	`}`
`228`	`229`	`const regex = /resource_metadata="([^"]*)"/;`
`@@ -235,7 +236,7 @@ export function extractResourceMetadataUrl(res: Response): URL \| undefined {`
`235`	`236`	`try {`
`236`	`237`	`return new URL(match[1]);`
`237`	`238`	`} catch {`
`238`		`- console.log("Invalid resource metadata url: ", match[1]);`
	`239`	`+ logger.log("Invalid resource metadata url: ", match[1]);`
`239`	`240`	`return undefined;`
`240`	`241`	`}`
`241`	`242`	`}`
Original file line number	Diff line number	Diff line change
`@@ -45,6 +45,7 @@ import {`
`45`	`45`	`} from "../types.js";`
`46`	`46`	`import Ajv from "ajv";`
`47`	`47`	`import type { ValidateFunction } from "ajv";`
	`48`	`+import { logger } from "./logging.js";`
`48`	`49`
`49`	`50`	`export type ClientOptions = ProtocolOptions & {`
`50`	`51`	`/**`
`@@ -487,7 +488,7 @@ export class Client<`
`487`	`488`	`const validator = this._ajv.compile(tool.outputSchema);`
`488`	`489`	`this._cachedToolOutputValidators.set(tool.name, validator);`
`489`	`490`	`} catch (error) {`
`490`		- console.warn(`Failed to compile output schema for tool ${tool.name}: ${error}`);
	`491`	+ logger.warn(`Failed to compile output schema for tool ${tool.name}: ${error}`);
`491`	`492`	`}`
`492`	`493`	`}`
`493`	`494`	`}`