Deduplicate server JSON structs between publisher and registry (#318)

<!-- Provide a brief summary of your changes -->

## Motivation and Context
<!-- Why is this change needed? What problem does it solve? -->

The following PR eliminates duplicate struct definitions by migrating
the publisher tool to use canonical types from pkg/model, creating a
single source of truth across the codebase. The publisher tool
previously had its own copies of structs that were duplicated, ie.
ServerJSON, Package, Repository, VersionDetail, EnvironmentVariable,
RuntimeArgument and a few others which was not optimal


**Changes in the PR:**
- Refactored the structs to single canonical types located at pkg/model
- Refactor the implementation to use/build canonical structures directly
  - Remove all duplicate definitions (5 structs eliminated)
- Publisher now uses model.ServerJSON, model.Package, model.Repository,
etc.
- Renamed some of the structs to better reflect their use case, i.e.
ServerJSON instead of ServerDetail
- Fixes an issue where the Remote property was missing from the previous
publisher copy of the Server

**Benefits:**
  - Single source of truth - Schema changes in one place
  - Type safety - Compiler catches mismatches
  - Enhanced validation - Field constraints and bson tags
  - Zero breaking changes - Same CLI interface and JSON output
  - Future-proof - New canonical fields automatically available

Supersedes: #217 and #240

## How Has This Been Tested?
<!-- Have you tested this in a real application? Which scenarios were
tested? -->

Locally

## Breaking Changes
<!-- Will users need to update their code or configurations? -->
No

## Types of changes
<!-- What types of changes does your code introduce? Put an `x` in all
the boxes that apply: -->
- [x] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [ ] Breaking change (fix or feature that would cause existing
functionality to change)
- [ ] Documentation update

## Checklist
<!-- Go over all the following points, and put an `x` in all the boxes
that apply. -->
- [ ] I have read the [MCP
Documentation](https://modelcontextprotocol.io)
- [ ] My code follows the repository's style guidelines
- [ ] New and existing tests pass locally
- [ ] I have added appropriate error handling
- [ ] I have added or updated documentation as needed

## Additional context
<!-- Add any other context, implementation notes, or design decisions
-->

---------

Signed-off-by: Radoslav Dimitrov <[email protected]>

Author: rdimitrov

cmd/registry/main.go

@@ -14,9 +14,9 @@ import (
 	"github.com/modelcontextprotocol/registry/internal/api"
 	"github.com/modelcontextprotocol/registry/internal/config"
 	"github.com/modelcontextprotocol/registry/internal/database"
-	"github.com/modelcontextprotocol/registry/internal/model"
 	"github.com/modelcontextprotocol/registry/internal/service"
 	"github.com/modelcontextprotocol/registry/internal/telemetry"
+	"github.com/modelcontextprotocol/registry/pkg/model"
 )
 
 func main() {
@@ -46,7 +46,7 @@ func main() {
 	// Initialize services based on environment
 	switch cfg.DatabaseType {
 	case config.DatabaseTypeMemory:
-		db = database.NewMemoryDB(map[string]*model.ServerDetail{})
+		db = database.NewMemoryDB(map[string]*model.ServerJSON{})
 		registryService = service.NewRegistryServiceWithDB(db)
 	case config.DatabaseTypePostgreSQL:
 		// Use PostgreSQL for real registry service

internal/api/handlers/v0/auth/dns.go

@@ -16,7 +16,6 @@ import (
 	v0 "github.com/modelcontextprotocol/registry/internal/api/handlers/v0"
 	"github.com/modelcontextprotocol/registry/internal/auth"
 	"github.com/modelcontextprotocol/registry/internal/config"
-	"github.com/modelcontextprotocol/registry/internal/model"
 )
 
 // DNSTokenExchangeInput represents the input for DNS-based authentication
@@ -147,7 +146,7 @@ func (h *DNSAuthHandler) ExchangeToken(ctx context.Context, domain, timestamp, s
 
 	// Create JWT claims
 	jwtClaims := auth.JWTClaims{
-		AuthMethod:        model.AuthMethodDNS,
+		AuthMethod:        auth.MethodDNS,
 		AuthMethodSubject: domain,
 		Permissions:       permissions,
 	}

internal/api/handlers/v0/auth/dns_test.go

@@ -16,7 +16,6 @@ import (
 	"github.com/modelcontextprotocol/registry/internal/api/handlers/v0/auth"
 	intauth "github.com/modelcontextprotocol/registry/internal/auth"
 	"github.com/modelcontextprotocol/registry/internal/config"
-	"github.com/modelcontextprotocol/registry/internal/model"
 )
 
 // MockDNSResolver for testing
@@ -174,7 +173,7 @@ func TestDNSAuthHandler_ExchangeToken(t *testing.T) {
 				claims, err := jwtManager.ValidateToken(context.Background(), result.RegistryToken)
 				require.NoError(t, err)
 
-				assert.Equal(t, model.AuthMethodDNS, claims.AuthMethod)
+				assert.Equal(t, intauth.MethodDNS, claims.AuthMethod)
 				assert.Equal(t, tt.domain, claims.AuthMethodSubject)
 				assert.Len(t, claims.Permissions, 2) // domain and subdomain permissions
 

internal/api/handlers/v0/auth/github_at.go

@@ -12,7 +12,6 @@ import (
 	v0 "github.com/modelcontextprotocol/registry/internal/api/handlers/v0"
 	"github.com/modelcontextprotocol/registry/internal/auth"
 	"github.com/modelcontextprotocol/registry/internal/config"
-	"github.com/modelcontextprotocol/registry/internal/model"
 )
 
 // GitHubTokenExchangeInput represents the input for GitHub token exchange
@@ -86,7 +85,7 @@ func (h *GitHubHandler) ExchangeToken(ctx context.Context, githubToken string) (
 
 	// Create JWT claims with GitHub user info
 	claims := auth.JWTClaims{
-		AuthMethod:        model.AuthMethodGitHubAT,
+		AuthMethod:        auth.MethodGitHubAT,
 		AuthMethodSubject: user.Login,
 		Permissions:       permissions,
 	}

internal/api/handlers/v0/auth/github_at_test.go

@@ -16,7 +16,6 @@ import (
 	v0auth "github.com/modelcontextprotocol/registry/internal/api/handlers/v0/auth"
 	"github.com/modelcontextprotocol/registry/internal/auth"
 	"github.com/modelcontextprotocol/registry/internal/config"
-	"github.com/modelcontextprotocol/registry/internal/model"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
@@ -78,7 +77,7 @@ func TestGitHubHandler_ExchangeToken(t *testing.T) {
 		jwtManager := auth.NewJWTManager(cfg)
 		claims, err := jwtManager.ValidateToken(ctx, response.RegistryToken)
 		require.NoError(t, err)
-		assert.Equal(t, model.AuthMethodGitHubAT, claims.AuthMethod)
+		assert.Equal(t, auth.MethodGitHubAT, claims.AuthMethod)
 		assert.Equal(t, "testuser", claims.AuthMethodSubject)
 		assert.Len(t, claims.Permissions, 1)
 		assert.Equal(t, auth.PermissionActionPublish, claims.Permissions[0].Action)
@@ -333,7 +332,7 @@ func TestJWTTokenValidation(t *testing.T) {
 	t.Run("generate and validate token", func(t *testing.T) {
 		// Create test claims
 		claims := auth.JWTClaims{
-			AuthMethod:        model.AuthMethodGitHubAT,
+			AuthMethod:        auth.MethodGitHubAT,
 			AuthMethodSubject: "testuser",
 			Permissions: []auth.Permission{
 				{
@@ -351,7 +350,7 @@ func TestJWTTokenValidation(t *testing.T) {
 		// Validate token
 		validatedClaims, err := jwtManager.ValidateToken(ctx, tokenResponse.RegistryToken)
 		require.NoError(t, err)
-		assert.Equal(t, model.AuthMethodGitHubAT, validatedClaims.AuthMethod)
+		assert.Equal(t, auth.MethodGitHubAT, validatedClaims.AuthMethod)
 		assert.Equal(t, "testuser", validatedClaims.AuthMethodSubject)
 		assert.Len(t, validatedClaims.Permissions, 1)
 	})
@@ -360,7 +359,7 @@ func TestJWTTokenValidation(t *testing.T) {
 		// Create claims with past expiration
 		pastTime := time.Now().Add(-1 * time.Hour)
 		claims := auth.JWTClaims{
-			AuthMethod:        model.AuthMethodGitHubAT,
+			AuthMethod:        auth.MethodGitHubAT,
 			AuthMethodSubject: "testuser",
 			RegisteredClaims: jwt.RegisteredClaims{
 				ExpiresAt: jwt.NewNumericDate(pastTime),
@@ -381,7 +380,7 @@ func TestJWTTokenValidation(t *testing.T) {
 	t.Run("invalid signature", func(t *testing.T) {
 		// Create test claims
 		claims := auth.JWTClaims{
-			AuthMethod:        model.AuthMethodGitHubAT,
+			AuthMethod:        auth.MethodGitHubAT,
 			AuthMethodSubject: "testuser",
 		}
 

internal/api/handlers/v0/auth/github_oidc.go

@@ -15,7 +15,6 @@ import (
 	v0 "github.com/modelcontextprotocol/registry/internal/api/handlers/v0"
 	"github.com/modelcontextprotocol/registry/internal/auth"
 	"github.com/modelcontextprotocol/registry/internal/config"
-	"github.com/modelcontextprotocol/registry/internal/model"
 )
 
 // GitHubOIDCTokenExchangeInput represents the input for GitHub OIDC token exchange
@@ -263,7 +262,7 @@ func (h *GitHubOIDCHandler) ExchangeToken(ctx context.Context, oidcToken string)
 
 	// Create JWT claims with GitHub OIDC info
 	jwtClaims := auth.JWTClaims{
-		AuthMethod:        model.AuthMethodGitHubOIDC,
+		AuthMethod:        auth.MethodGitHubOIDC,
 		AuthMethodSubject: claims.Subject, // e.g. "repo:octo-org/octo-repo:environment:prod"
 		Permissions:       permissions,
 	}

internal/api/handlers/v0/auth/github_oidc_test.go

@@ -11,7 +11,6 @@ import (
 	"github.com/modelcontextprotocol/registry/internal/api/handlers/v0/auth"
 	internalauth "github.com/modelcontextprotocol/registry/internal/auth"
 	"github.com/modelcontextprotocol/registry/internal/config"
-	"github.com/modelcontextprotocol/registry/internal/model"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
@@ -106,7 +105,7 @@ func TestGitHubOIDCHandler_ExchangeToken(t *testing.T) {
 				claims, err := jwtManager.ValidateToken(context.Background(), response.RegistryToken)
 				require.NoError(t, err)
 
-				assert.Equal(t, model.AuthMethodGitHubOIDC, claims.AuthMethod)
+				assert.Equal(t, internalauth.MethodGitHubOIDC, claims.AuthMethod)
 				assert.Equal(t, tt.expectedSubject, claims.AuthMethodSubject)
 				assert.Len(t, claims.Permissions, tt.expectedPerms)
 

internal/api/handlers/v0/auth/http.go

@@ -16,7 +16,6 @@ import (
 	v0 "github.com/modelcontextprotocol/registry/internal/api/handlers/v0"
 	"github.com/modelcontextprotocol/registry/internal/auth"
 	"github.com/modelcontextprotocol/registry/internal/config"
-	"github.com/modelcontextprotocol/registry/internal/model"
 )
 
 // HTTPTokenExchangeInput represents the input for HTTP-based authentication
@@ -182,7 +181,7 @@ func (h *HTTPAuthHandler) ExchangeToken(ctx context.Context, domain, timestamp,
 
 	// Create JWT claims
 	jwtClaims := auth.JWTClaims{
-		AuthMethod:        model.AuthMethodHTTP,
+		AuthMethod:        auth.MethodHTTP,
 		AuthMethodSubject: domain,
 		Permissions:       permissions,
 	}

internal/api/handlers/v0/auth/http_test.go

@@ -16,7 +16,6 @@ import (
 	"github.com/modelcontextprotocol/registry/internal/api/handlers/v0/auth"
 	intauth "github.com/modelcontextprotocol/registry/internal/auth"
 	"github.com/modelcontextprotocol/registry/internal/config"
-	"github.com/modelcontextprotocol/registry/internal/model"
 )
 
 // MockHTTPKeyFetcher for testing
@@ -210,7 +209,7 @@ func TestHTTPAuthHandler_ExchangeToken(t *testing.T) {
 				claims, err := jwtManager.ValidateToken(context.Background(), result.RegistryToken)
 				require.NoError(t, err)
 
-				assert.Equal(t, model.AuthMethodHTTP, claims.AuthMethod)
+				assert.Equal(t, intauth.MethodHTTP, claims.AuthMethod)
 				assert.Equal(t, tt.domain, claims.AuthMethodSubject)
 				assert.Len(t, claims.Permissions, 1) // domain permissions only
 

internal/api/handlers/v0/auth/none.go

@@ -9,7 +9,6 @@ import (
 	v0 "github.com/modelcontextprotocol/registry/internal/api/handlers/v0"
 	"github.com/modelcontextprotocol/registry/internal/auth"
 	"github.com/modelcontextprotocol/registry/internal/config"
-	"github.com/modelcontextprotocol/registry/internal/model"
 )
 
 // NoneHandler handles anonymous authentication
@@ -66,7 +65,7 @@ func (h *NoneHandler) GetAnonymousToken(ctx context.Context) (*auth.TokenRespons
 
 	// Create JWT claims for anonymous user
 	claims := auth.JWTClaims{
-		AuthMethod:        model.AuthMethodNone,
+		AuthMethod:        auth.MethodNone,
 		AuthMethodSubject: "anonymous",
 		Permissions:       permissions,
 	}