npm - @aiwerk/mcp-bridge - Versions diffs - 2.6.5 → 2.6.7 - Mend

@aiwerk/mcp-bridge 2.6.5 → 2.6.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/bin/mcp-bridge.js +8 -6
package/dist/src/security.js +20 -9
package/dist/src/standalone-server.js +8 -0
package/dist/src/transport-base.js +2 -0
package/dist/src/transport-stdio.js +4 -1
package/package.json +1 -1

package/dist/bin/mcp-bridge.js CHANGED Viewed

@@ -19,22 +19,23 @@ function createLogger(level) {
     const levels = { error: 0, warn: 1, info: 2, debug: 3 };
     const threshold = levels[level];
     const ts = () => new Date().toISOString().replace("T", " ").replace("Z", "");
+    const fmt = (a) => a instanceof Error ? (a.stack || a.message) : String(a);
     return {
         error: (...args) => {
             if (threshold >= 0)
-                process.stderr.write(`[${ts()}] [ERROR] ${args.map(String).join(" ")}\n`);
+                process.stderr.write(`[${ts()}] [ERROR] ${args.map(fmt).join(" ")}\n`);
         },
         warn: (...args) => {
             if (threshold >= 1)
-                process.stderr.write(`[${ts()}] [WARN] ${args.map(String).join(" ")}\n`);
+                process.stderr.write(`[${ts()}] [WARN] ${args.map(fmt).join(" ")}\n`);
         },
         info: (...args) => {
             if (threshold >= 2)
-                process.stderr.write(`[${ts()}] [INFO] ${args.map(String).join(" ")}\n`);
+                process.stderr.write(`[${ts()}] [INFO] ${args.map(fmt).join(" ")}\n`);
         },
         debug: (...args) => {
             if (threshold >= 3)
-                process.stderr.write(`[${ts()}] [DEBUG] ${args.map(String).join(" ")}\n`);
+                process.stderr.write(`[${ts()}] [DEBUG] ${args.map(fmt).join(" ")}\n`);
         },
     };
 }
@@ -176,7 +177,7 @@ function cmdCatalog(logger) {
         process.exit(1);
     }
     const catalog = JSON.parse(readFileSync(catalogPath, "utf-8"));
-    const servers = catalog.servers || {};
+    const servers = catalog.recipes || catalog.servers || {};
     process.stdout.write("\nAvailable servers:\n\n");
     process.stdout.write("  Server          Transport    Description\n");
     process.stdout.write("  " + "─".repeat(60) + "\n");
@@ -218,7 +219,7 @@ function cmdSearch(query, logger) {
         process.exit(1);
     }
     const catalog = JSON.parse(readFileSync(catalogPath, "utf-8"));
-    const servers = catalog.servers || {};
+    const servers = catalog.recipes || catalog.servers || {};
     const lowerQuery = query.toLowerCase();
     const matches = Object.entries(servers).filter(([name, info]) => {
         return name.toLowerCase().includes(lowerQuery) ||
@@ -255,6 +256,7 @@ function cmdInstall(serverName, logger) {
         }
     }
     catch (err) {
+        logger.error("Install failed:", err instanceof Error ? err.message : String(err));
         process.exit(1);
     }
 }

package/dist/src/security.js CHANGED Viewed

@@ -155,6 +155,18 @@ function truncateJsonAware(value, limit) {
     return null;
 }
 function truncateArray(arr, limit) {
+    // For very large arrays, skip binary search (too many JSON.stringify calls)
+    // and use progressive halving instead
+    if (arr.length > 1000) {
+        let count = arr.length;
+        while (count > 1) {
+            count = Math.ceil(count / 2);
+            if (JSON.stringify(arr.slice(0, count)).length <= limit) {
+                return arr.slice(0, count);
+            }
+        }
+        return arr.slice(0, 1);
+    }
     // Binary search for the number of elements that fit
     let lo = 0;
     let hi = arr.length;
@@ -213,20 +225,19 @@ export function processResult(result, serverName, serverConfig, clientConfig) {
     const wasTruncated = processed !== null && typeof processed === "object" && processed._truncated === true;
     // Sanitize step (only for trust=sanitize, handled inside applyTrustLevel)
     processed = applyTrustLevel(processed, serverName, serverConfig);
-    // If both truncated and untrusted/sanitize, flatten the metadata to top level
-    // to avoid double-wrapping ({ _trust, result: { _truncated, result: actual } })
+    // If both truncated and untrusted, flatten the metadata to top level
+    // to avoid double-wrapping ({ _trust, result: { _truncated, result: actual } }).
+    // Note: sanitize mode does NOT wrap — it sanitizes in-place, so the truncation
+    // markers (_truncated, _originalLength) are already at the right level.
     const trust = serverConfig.trust ?? "trusted";
-    if (wasTruncated && (trust === "untrusted" || trust === "sanitize")) {
-        const flat = {
+    if (wasTruncated && trust === "untrusted") {
+        return {
+            _trust: "untrusted",
+            _server: serverName,
             _truncated: true,
             _originalLength: processed.result?._originalLength,
             result: processed.result?.result,
         };
-        if (trust === "untrusted") {
-            flat._trust = "untrusted";
-            flat._server = serverName;
-        }
-        return flat;
     }
     return processed;
 }

package/dist/src/standalone-server.js CHANGED Viewed

@@ -30,6 +30,14 @@ export class StandaloneServer {
         if (this.isRouterMode()) {
             this.router = new McpRouter(config.servers ?? {}, config, logger);
         }
+        else {
+            // Warn if security config is used in direct mode where processResult() doesn't run
+            const hasSecurityConfig = Object.values(config.servers ?? {}).some(s => s.trust && s.trust !== "trusted" || s.maxResultChars || s.toolFilter);
+            if (hasSecurityConfig || config.maxResultChars) {
+                logger.warn("[mcp-bridge] Security config (trust/maxResultChars/toolFilter) detected in direct mode. " +
+                    "These settings only apply in router mode. Consider switching to mode: \"router\".");
+            }
+        }
     }
     isRouterMode() {
         return (this.config.mode ?? "router") === "router";

package/dist/src/transport-base.js CHANGED Viewed

@@ -106,6 +106,8 @@ export class BaseTransport {
                 this.scheduleReconnect();
             }
         }, reconnectInterval);
+        // Allow Node.js process to exit gracefully even if reconnect is pending
+        this.reconnectTimer.unref();
     }
     /** Cancel any scheduled reconnection timer. */
     cleanupReconnectTimer() {

package/dist/src/transport-stdio.js CHANGED Viewed

@@ -103,7 +103,10 @@ export class StdioTransport extends BaseTransport {
             let settled = false;
             let timeout;
             const cleanup = () => {
-                this.process?.stdout?.off("data", onFirstData);
+                // Note: we don't remove onFirstData from stdout because it may have
+                // been re-registered via once("data") and the Node.js internal wrapper
+                // differs from the original reference. The settled flag ensures
+                // onFirstData is a no-op after cleanup.
                 this.process?.off("error", onProcessError);
                 this.process?.off("exit", onProcessExit);
                 clearTimeout(timeout);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@aiwerk/mcp-bridge",
-  "version": "2.6.5",
+  "version": "2.6.7",
   "description": "Standalone MCP server that multiplexes multiple MCP servers into one interface",
   "type": "module",
   "main": "./dist/src/index.js",