Published tarball includes `CLAUDE.md` (Claude Code project guide)

[morganmaiani-bit]

Summary

@notionhq/notion-mcp-server ships CLAUDE.md (Claude Code project guide) inside the published npm tarball, observable via npx @notionhq/notion-mcp-server.

Repro

npm pack @notionhq/notion-mcp-server@latest
tar tzvf notionhq-notion-mcp-server-*.tgz | grep CLAUDE.md

Why this matters

CLAUDE.md is a maintainer-facing project guide. No runtime purpose for consumers. Two issues:

1. Adds bytes to every install and every npx cache.
2. Claude Code can auto-load CLAUDE.md files from tool-touched directories — if a downstream developer reads files inside the installed package (especially likely for an MCP server that ships with Claude Code workflows), this guide can inject into their session context.

Suggested fix

Add a files allowlist to package.json, or add CLAUDE.md to .npmignore.

Context

Found during a Claude Code permissions audit. Filing individually across several npm packages with the same pattern. Happy to PR if useful.

[spiderocious]

Hey @morganmaiani-bit 👋
looking into this and the impact is actually broader than just CLAUDE.md. The current 2.3.1 tarball ships 47 files / 1.19 MB including the entire src/ source, all tests/, tsconfig.json, Dockerfile, docker-compose.yml, .github/, and docs/images/*.png, none of which are needed at runtime, since bin/cli.mjs is a self-contained esbuild bundle that only reads scripts/notion-openapi.json at runtime.

I've put together a fix that adds a tight "files" allowlist to package.json so the tarball ships only what's actually needed:

Before
Tarball size 1.19 MB
File count 47

After
Tarball size 442.7 KB (−63%)
File count 5

Opening a PR shortly, I will link it when it's opened.