@dollhousemcp/mcp-server 2.0.1 → 2.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +26 -0
- package/README.github.md +8 -33
- package/README.md +10 -8
- package/README.md.backup +10 -8
- package/README.npm.md +10 -8
- package/dist/generated/version.d.ts +2 -2
- package/dist/generated/version.js +3 -3
- package/dist/index.d.ts +0 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +7 -6
- package/dist/persona/PersonaManager.d.ts.map +1 -1
- package/dist/persona/PersonaManager.js +1 -2
- package/dist/security/audit/config/suppressions.d.ts.map +1 -1
- package/dist/security/audit/config/suppressions.js +6 -1
- package/dist/security/commandValidator.d.ts.map +1 -1
- package/dist/security/commandValidator.js +15 -3
- package/dist/utils/git.d.ts +0 -6
- package/dist/utils/git.d.ts.map +1 -1
- package/dist/utils/git.js +2 -5
- package/dist/web/public/app.js +29 -10
- package/dist/web/public/setup.js +752 -0
- package/dist/web/routes/setupRoutes.d.ts +18 -0
- package/dist/web/routes/setupRoutes.d.ts.map +1 -0
- package/dist/web/routes/setupRoutes.js +360 -0
- package/dist/web/routes.d.ts.map +1 -1
- package/dist/web/routes.js +7 -5
- package/dist/web/server.d.ts.map +1 -1
- package/dist/web/server.js +11 -1
- package/package.json +4 -3
- package/server.json +2 -2
package/dist/utils/git.d.ts
CHANGED
|
@@ -1,8 +1,6 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* Git-related utility functions
|
|
3
3
|
*/
|
|
4
|
-
import * as child_process from 'child_process';
|
|
5
|
-
declare const exec: typeof child_process.exec.__promisify__;
|
|
6
4
|
/**
|
|
7
5
|
* Execute a command safely using CommandValidator
|
|
8
6
|
*/
|
|
@@ -13,10 +11,6 @@ export declare function safeExec(command: string, args: string[], options?: {
|
|
|
13
11
|
stdout: string;
|
|
14
12
|
stderr: string;
|
|
15
13
|
}>;
|
|
16
|
-
/**
|
|
17
|
-
* Execute a command using exec (use only for trusted input)
|
|
18
|
-
*/
|
|
19
|
-
export { exec };
|
|
20
14
|
/**
|
|
21
15
|
* Get current git branch
|
|
22
16
|
*/
|
package/dist/utils/git.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"git.d.ts","sourceRoot":"","sources":["../../src/utils/git.ts"],"names":[],"mappings":"AAAA;;GAEG;
|
|
1
|
+
{"version":3,"file":"git.d.ts","sourceRoot":"","sources":["../../src/utils/git.ts"],"names":[],"mappings":"AAAA;;GAEG;AAQH;;GAEG;AACH,wBAAsB,QAAQ,CAC5B,OAAO,EAAE,MAAM,EACf,IAAI,EAAE,MAAM,EAAE,EACd,OAAO,GAAE;IAAE,GAAG,CAAC,EAAE,MAAM,CAAC;IAAC,OAAO,CAAC,EAAE,MAAM,CAAA;CAAO,GAC/C,OAAO,CAAC;IAAE,MAAM,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,CAAC,CAa7C;AAID;;GAEG;AACH,wBAAsB,mBAAmB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAOtE;AAED;;GAEG;AACH,wBAAsB,mBAAmB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAOtE;AAED;;GAEG;AACH,wBAAsB,qBAAqB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAOzE"}
|
package/dist/utils/git.js
CHANGED
|
@@ -22,10 +22,7 @@ export async function safeExec(command, args, options = {}) {
|
|
|
22
22
|
throw new Error(errorMessage);
|
|
23
23
|
}
|
|
24
24
|
}
|
|
25
|
-
|
|
26
|
-
* Execute a command using exec (use only for trusted input)
|
|
27
|
-
*/
|
|
28
|
-
export { exec };
|
|
25
|
+
// SEC-02: Raw exec intentionally NOT exported — use safeExec or CommandValidator.secureExec
|
|
29
26
|
/**
|
|
30
27
|
* Get current git branch
|
|
31
28
|
*/
|
|
@@ -62,4 +59,4 @@ export async function hasUncommittedChanges(cwd) {
|
|
|
62
59
|
throw new Error(`Failed to check git status: ${error instanceof Error ? error.message : String(error)}`);
|
|
63
60
|
}
|
|
64
61
|
}
|
|
65
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
62
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZ2l0LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL3V0aWxzL2dpdC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQTs7R0FFRztBQUVILE9BQU8sS0FBSyxhQUFhLE1BQU0sZUFBZSxDQUFDO0FBQy9DLE9BQU8sRUFBRSxTQUFTLEVBQUUsTUFBTSxNQUFNLENBQUM7QUFDakMsT0FBTyxFQUFFLGdCQUFnQixFQUFFLE1BQU0saUNBQWlDLENBQUM7QUFFbkUsTUFBTSxJQUFJLEdBQUcsU0FBUyxDQUFDLGFBQWEsQ0FBQyxJQUFJLENBQUMsQ0FBQztBQUUzQzs7R0FFRztBQUNILE1BQU0sQ0FBQyxLQUFLLFVBQVUsUUFBUSxDQUM1QixPQUFlLEVBQ2YsSUFBYyxFQUNkLFVBQThDLEVBQUU7SUFFaEQsSUFBSSxDQUFDO1FBQ0gsTUFBTSxNQUFNLEdBQUcsTUFBTSxnQkFBZ0IsQ0FBQyxVQUFVLENBQUMsT0FBTyxFQUFFLElBQUksRUFBRTtZQUM5RCxHQUFHLEVBQUUsT0FBTyxDQUFDLEdBQUc7WUFDaEIsT0FBTyxFQUFFLE9BQU8sQ0FBQyxPQUFPLElBQUksS0FBSztTQUNsQyxDQUFDLENBQUM7UUFFSCxPQUFPLEVBQUUsTUFBTSxFQUFFLE1BQU0sRUFBRSxNQUFNLEVBQUUsRUFBRSxFQUFFLENBQUM7SUFDeEMsQ0FBQztJQUFDLE9BQU8sS0FBSyxFQUFFLENBQUM7UUFDZix5Q0FBeUM7UUFDekMsTUFBTSxZQUFZLEdBQUcsS0FBSyxZQUFZLEtBQUssQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxDQUFDO1FBQzVFLE1BQU0sSUFBSSxLQUFLLENBQUMsWUFBWSxDQUFDLENBQUM7SUFDaEMsQ0FBQztBQUNILENBQUM7QUFFRCw0RkFBNEY7QUFFNUY7O0dBRUc7QUFDSCxNQUFNLENBQUMsS0FBSyxVQUFVLG1CQUFtQixDQUFDLEdBQVc7SUFDbkQsSUFBSSxDQUFDO1FBQ0gsTUFBTSxFQUFFLE1BQU0sRUFBRSxHQUFHLE1BQU0sUUFBUSxDQUFDLEtBQUssRUFBRSxDQUFDLFdBQVcsRUFBRSxjQUFjLEVBQUUsTUFBTSxDQUFDLEVBQUUsRUFBRSxHQUFHLEVBQUUsQ0FBQyxDQUFDO1FBQ3pGLE9BQU8sTUFBTSxDQUFDLElBQUksRUFBRSxDQUFDO0lBQ3ZCLENBQUM7SUFBQyxPQUFPLEtBQUssRUFBRSxDQUFDO1FBQ2YsTUFBTSxJQUFJLEtBQUssQ0FBQyxxQ0FBcUMsS0FBSyxZQUFZLEtBQUssQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxFQUFFLENBQUMsQ0FBQztJQUNqSCxDQUFDO0FBQ0gsQ0FBQztBQUVEOztHQUVHO0FBQ0gsTUFBTSxDQUFDLEtBQUssVUFBVSxtQkFBbUIsQ0FBQyxHQUFXO0lBQ25ELElBQUksQ0FBQztRQUNILE1BQU0sRUFBRSxNQUFNLEVBQUUsR0FBRyxNQUFNLFFBQVEsQ0FBQyxLQUFLLEVBQUUsQ0FBQyxXQUFXLEVBQUUsTUFBTSxDQUFDLEVBQUUsRUFBRSxHQUFHLEVBQUUsQ0FBQyxDQUFDO1FBQ3pFLE9BQU8sTUFBTSxDQUFDLElBQUksRUFBRSxDQUFDO0lBQ3ZCLENBQUM7SUFBQyxPQUFPLEtBQUssRUFBRSxDQUFDO1FBQ2YsTUFBTSxJQUFJLEtBQUssQ0FBQyxxQ0FBcUMsS0FBSyxZQUFZLEtBQUssQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxFQUFFLENBQUMsQ0FBQztJQUNqSCxDQUFDO0FBQ0gsQ0FBQztBQUVEOztHQUVHO0FBQ0gsTUFBTSxDQUFDLEtBQUssVUFBVSxxQkFBcUIsQ0FBQyxHQUFXO0lBQ3JELElBQUksQ0FBQztRQUNILE1BQU0sRUFBRSxNQUFNLEVBQUUsR0FBRyxNQUFNLFFBQVEsQ0FBQyxLQUFLLEVBQUUsQ0FBQyxRQUFRLEVBQUUsYUFBYSxDQUFDLEVBQUUsRUFBRSxHQUFHLEVBQUUsQ0FBQyxDQUFDO1FBQzdFLE9BQU8sTUFBTSxDQUFDLElBQUksRUFBRSxDQUFDLE1BQU0sR0FBRyxDQUFDLENBQUM7SUFDbEMsQ0FBQztJQUFDLE9BQU8sS0FBSyxFQUFFLENBQUM7UUFDZixNQUFNLElBQUksS0FBSyxDQUFDLCtCQUErQixLQUFLLFlBQVksS0FBSyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLEVBQUUsQ0FBQyxDQUFDO0lBQzNHLENBQUM7QUFDSCxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiLyoqXG4gKiBHaXQtcmVsYXRlZCB1dGlsaXR5IGZ1bmN0aW9uc1xuICovXG5cbmltcG9ydCAqIGFzIGNoaWxkX3Byb2Nlc3MgZnJvbSAnY2hpbGRfcHJvY2Vzcyc7XG5pbXBvcnQgeyBwcm9taXNpZnkgfSBmcm9tICd1dGlsJztcbmltcG9ydCB7IENvbW1hbmRWYWxpZGF0b3IgfSBmcm9tICcuLi9zZWN1cml0eS9jb21tYW5kVmFsaWRhdG9yLmpzJztcblxuY29uc3QgZXhlYyA9IHByb21pc2lmeShjaGlsZF9wcm9jZXNzLmV4ZWMpO1xuXG4vKipcbiAqIEV4ZWN1dGUgYSBjb21tYW5kIHNhZmVseSB1c2luZyBDb21tYW5kVmFsaWRhdG9yXG4gKi9cbmV4cG9ydCBhc3luYyBmdW5jdGlvbiBzYWZlRXhlYyhcbiAgY29tbWFuZDogc3RyaW5nLCBcbiAgYXJnczogc3RyaW5nW10sIFxuICBvcHRpb25zOiB7IGN3ZD86IHN0cmluZzsgdGltZW91dD86IG51bWJlciB9ID0ge31cbik6IFByb21pc2U8eyBzdGRvdXQ6IHN0cmluZzsgc3RkZXJyOiBzdHJpbmcgfT4ge1xuICB0cnkge1xuICAgIGNvbnN0IHJlc3VsdCA9IGF3YWl0IENvbW1hbmRWYWxpZGF0b3Iuc2VjdXJlRXhlYyhjb21tYW5kLCBhcmdzLCB7XG4gICAgICBjd2Q6IG9wdGlvbnMuY3dkLFxuICAgICAgdGltZW91dDogb3B0aW9ucy50aW1lb3V0IHx8IDMwMDAwXG4gICAgfSk7XG4gICAgXG4gICAgcmV0dXJuIHsgc3Rkb3V0OiByZXN1bHQsIHN0ZGVycjogJycgfTtcbiAgfSBjYXRjaCAoZXJyb3IpIHtcbiAgICAvLyBDb252ZXJ0IHRvIGV4cGVjdGVkIGZvcm1hdCB3aXRoIHN0ZGVyclxuICAgIGNvbnN0IGVycm9yTWVzc2FnZSA9IGVycm9yIGluc3RhbmNlb2YgRXJyb3IgPyBlcnJvci5tZXNzYWdlIDogU3RyaW5nKGVycm9yKTtcbiAgICB0aHJvdyBuZXcgRXJyb3IoZXJyb3JNZXNzYWdlKTtcbiAgfVxufVxuXG4vLyBTRUMtMDI6IFJhdyBleGVjIGludGVudGlvbmFsbHkgTk9UIGV4cG9ydGVkIOKAlCB1c2Ugc2FmZUV4ZWMgb3IgQ29tbWFuZFZhbGlkYXRvci5zZWN1cmVFeGVjXG5cbi8qKlxuICogR2V0IGN1cnJlbnQgZ2l0IGJyYW5jaFxuICovXG5leHBvcnQgYXN5bmMgZnVuY3Rpb24gZ2V0Q3VycmVudEdpdEJyYW5jaChjd2Q6IHN0cmluZyk6IFByb21pc2U8c3RyaW5nPiB7XG4gIHRyeSB7XG4gICAgY29uc3QgeyBzdGRvdXQgfSA9IGF3YWl0IHNhZmVFeGVjKCdnaXQnLCBbJ3Jldi1wYXJzZScsICctLWFiYnJldi1yZWYnLCAnSEVBRCddLCB7IGN3ZCB9KTtcbiAgICByZXR1cm4gc3Rkb3V0LnRyaW0oKTtcbiAgfSBjYXRjaCAoZXJyb3IpIHtcbiAgICB0aHJvdyBuZXcgRXJyb3IoYEZhaWxlZCB0byBnZXQgY3VycmVudCBnaXQgYnJhbmNoOiAke2Vycm9yIGluc3RhbmNlb2YgRXJyb3IgPyBlcnJvci5tZXNzYWdlIDogU3RyaW5nKGVycm9yKX1gKTtcbiAgfVxufVxuXG4vKipcbiAqIEdldCBjdXJyZW50IGdpdCBjb21taXQgaGFzaFxuICovXG5leHBvcnQgYXN5bmMgZnVuY3Rpb24gZ2V0Q3VycmVudEdpdENvbW1pdChjd2Q6IHN0cmluZyk6IFByb21pc2U8c3RyaW5nPiB7XG4gIHRyeSB7XG4gICAgY29uc3QgeyBzdGRvdXQgfSA9IGF3YWl0IHNhZmVFeGVjKCdnaXQnLCBbJ3Jldi1wYXJzZScsICdIRUFEJ10sIHsgY3dkIH0pO1xuICAgIHJldHVybiBzdGRvdXQudHJpbSgpO1xuICB9IGNhdGNoIChlcnJvcikge1xuICAgIHRocm93IG5ldyBFcnJvcihgRmFpbGVkIHRvIGdldCBjdXJyZW50IGdpdCBjb21taXQ6ICR7ZXJyb3IgaW5zdGFuY2VvZiBFcnJvciA/IGVycm9yLm1lc3NhZ2UgOiBTdHJpbmcoZXJyb3IpfWApO1xuICB9XG59XG5cbi8qKlxuICogQ2hlY2sgaWYgZ2l0IHJlcG9zaXRvcnkgaGFzIHVuY29tbWl0dGVkIGNoYW5nZXNcbiAqL1xuZXhwb3J0IGFzeW5jIGZ1bmN0aW9uIGhhc1VuY29tbWl0dGVkQ2hhbmdlcyhjd2Q6IHN0cmluZyk6IFByb21pc2U8Ym9vbGVhbj4ge1xuICB0cnkge1xuICAgIGNvbnN0IHsgc3Rkb3V0IH0gPSBhd2FpdCBzYWZlRXhlYygnZ2l0JywgWydzdGF0dXMnLCAnLS1wb3JjZWxhaW4nXSwgeyBjd2QgfSk7XG4gICAgcmV0dXJuIHN0ZG91dC50cmltKCkubGVuZ3RoID4gMDtcbiAgfSBjYXRjaCAoZXJyb3IpIHtcbiAgICB0aHJvdyBuZXcgRXJyb3IoYEZhaWxlZCB0byBjaGVjayBnaXQgc3RhdHVzOiAke2Vycm9yIGluc3RhbmNlb2YgRXJyb3IgPyBlcnJvci5tZXNzYWdlIDogU3RyaW5nKGVycm9yKX1gKTtcbiAgfVxufSJdfQ==
|
package/dist/web/public/app.js
CHANGED
|
@@ -1922,6 +1922,33 @@ function safeParseYaml(content) {
|
|
|
1922
1922
|
const consoleTabs = document.getElementById('console-tabs');
|
|
1923
1923
|
const tabInits = { logs: false, metrics: false, permissions: false };
|
|
1924
1924
|
|
|
1925
|
+
const TAB_KEY = 'dollhousemcp-active-tab';
|
|
1926
|
+
const SETUP_SEEN_KEY = 'dollhousemcp-setup-seen';
|
|
1927
|
+
|
|
1928
|
+
// Determine which tab to show on load:
|
|
1929
|
+
// 1. Saved tab from last visit (localStorage)
|
|
1930
|
+
// 2. Setup tab on first-ever visit
|
|
1931
|
+
// 3. Portfolio (HTML default)
|
|
1932
|
+
const switchToTab = (tabName) => {
|
|
1933
|
+
if (!consoleTabs) return;
|
|
1934
|
+
const btn = consoleTabs.querySelector(`[data-tab="${tabName}"]`);
|
|
1935
|
+
if (!btn) return;
|
|
1936
|
+
consoleTabs.querySelectorAll('.console-tab').forEach(b => b.classList.remove('active'));
|
|
1937
|
+
btn.classList.add('active');
|
|
1938
|
+
document.querySelectorAll('.tab-panel').forEach(p => {
|
|
1939
|
+
p.hidden = p.id !== 'tab-' + tabName;
|
|
1940
|
+
p.classList.toggle('active', p.id === 'tab-' + tabName);
|
|
1941
|
+
});
|
|
1942
|
+
};
|
|
1943
|
+
|
|
1944
|
+
const savedTab = localStorage.getItem(TAB_KEY);
|
|
1945
|
+
if (savedTab) {
|
|
1946
|
+
switchToTab(savedTab);
|
|
1947
|
+
} else if (!localStorage.getItem(SETUP_SEEN_KEY)) {
|
|
1948
|
+
localStorage.setItem(SETUP_SEEN_KEY, '1');
|
|
1949
|
+
switchToTab('setup');
|
|
1950
|
+
}
|
|
1951
|
+
|
|
1925
1952
|
if (consoleTabs) {
|
|
1926
1953
|
consoleTabs.addEventListener('click', (e) => {
|
|
1927
1954
|
const btn = e.target.closest('.console-tab');
|
|
@@ -1929,16 +1956,8 @@ function safeParseYaml(content) {
|
|
|
1929
1956
|
const tab = btn.dataset.tab;
|
|
1930
1957
|
if (!tab) return;
|
|
1931
1958
|
|
|
1932
|
-
|
|
1933
|
-
|
|
1934
|
-
btn.classList.add('active');
|
|
1935
|
-
|
|
1936
|
-
// Show/hide panels
|
|
1937
|
-
document.querySelectorAll('.tab-panel').forEach(p => {
|
|
1938
|
-
p.hidden = p.id !== 'tab-' + tab;
|
|
1939
|
-
if (p.id === 'tab-' + tab) p.classList.add('active');
|
|
1940
|
-
else p.classList.remove('active');
|
|
1941
|
-
});
|
|
1959
|
+
switchToTab(tab);
|
|
1960
|
+
localStorage.setItem(TAB_KEY, tab);
|
|
1942
1961
|
|
|
1943
1962
|
lazyInitTab(tab, tabInits);
|
|
1944
1963
|
});
|