@dollhousemcp/mcp-server 2.0.29 → 2.0.31

package/scripts/pretooluse-dollhouse.sh

@@ -17,16 +17,31 @@
 # Set DOLLHOUSE_HOOK_PLATFORM to override the platform sent to the server.
 
 RUN_DIR="$HOME/.dollhouse/run"
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+# shellcheck disable=SC1091 # Resolved at runtime via SCRIPT_DIR.
+source "$SCRIPT_DIR/permission-hook-config.sh"
+# shellcheck disable=SC2034 # Consumed by permission-port-discovery.sh after sourcing.
 PORT_FILE="$RUN_DIR/permission-server.port"
 AUTHORITY_FILE="$RUN_DIR/permission-authority.json"
-AUTHORITY_CACHE_TTL_SECONDS=2
-MAX_RETRIES="${DOLLHOUSE_HOOK_MAX_RETRIES:-2}"
-INITIAL_TIMEOUT="${DOLLHOUSE_HOOK_INITIAL_TIMEOUT:-5}"
 HOOK_PLATFORM="${DOLLHOUSE_HOOK_PLATFORM:-claude_code}"
-SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-
-[[ "$MAX_RETRIES" =~ ^[0-9]+$ ]] || MAX_RETRIES=2
-[[ "$INITIAL_TIMEOUT" =~ ^[0-9]+$ ]] || INITIAL_TIMEOUT=5
+permission_hook_load_runtime_config
+DIAGNOSTICS_LOG="${DOLLHOUSE_HOOK_DIAGNOSTICS_LOG:-$RUN_DIR/permission-hook-diagnostics.jsonl}"
+INVOCATION_ID="$(date +%s)-$$-${RANDOM:-0}"
+
+INPUT=""
+TOOL_NAME=""
+TOOL_INPUT=""
+AUTHORITY_HOST=""
+AUTHORITY_MODE=""
+PAYLOAD=""
+RESPONSE=""
+NORMALIZED_RESPONSE=""
+EMITTED_RESPONSE=""
+PORT=""
+ENDPOINT=""
+LAST_ATTEMPT="0"
+LAST_CURL_EXIT=""
+CURRENT_TIMEOUT="$INITIAL_TIMEOUT"
 
 # Debug logging helper — writes to stderr so it doesn't pollute stdout
 debug() {
@@ -36,6 +51,126 @@ debug() {
   return 0
 }
 
+append_diagnostic_record() {
+  local event="$1"
+  local stage="$2"
+  local outcome="${3:-}"
+  local reason="${4:-}"
+  local diagnostic_json
+
+  mkdir -p "$(dirname "$DIAGNOSTICS_LOG")" 2>/dev/null || return 0
+
+  diagnostic_json=$(
+    jq -cn \
+      --arg timestamp "$(date -u +'%Y-%m-%dT%H:%M:%SZ')" \
+      --arg invocationId "$INVOCATION_ID" \
+      --arg event "$event" \
+      --arg platform "$HOOK_PLATFORM" \
+      --arg stage "$stage" \
+      --arg outcome "$outcome" \
+      --arg reason "$reason" \
+      --arg hookPath "$0" \
+      --arg diagnosticsLogPath "$DIAGNOSTICS_LOG" \
+      --arg sessionId "${DOLLHOUSE_SESSION_ID:-}" \
+      --arg toolName "${TOOL_NAME:-}" \
+      --arg toolInput "${TOOL_INPUT:-}" \
+      --arg rawInput "${INPUT:-}" \
+      --arg authorityHost "${AUTHORITY_HOST:-}" \
+      --arg authorityMode "${AUTHORITY_MODE:-}" \
+      --arg endpoint "${ENDPOINT:-}" \
+      --arg port "${PORT:-}" \
+      --arg payload "${PAYLOAD:-}" \
+      --arg response "${RESPONSE:-}" \
+      --arg normalizedResponse "${NORMALIZED_RESPONSE:-}" \
+      --arg emittedResponse "${EMITTED_RESPONSE:-}" \
+      --arg attempt "${LAST_ATTEMPT:-}" \
+      --arg maxRetries "${MAX_RETRIES:-}" \
+      --arg timeoutSeconds "${CURRENT_TIMEOUT:-}" \
+      --arg curlExit "${LAST_CURL_EXIT:-}" \
+      --argjson rawInputLength "${#INPUT}" \
+      --argjson normalizedResponseLength "${#NORMALIZED_RESPONSE}" \
+      --argjson emittedResponseLength "${#EMITTED_RESPONSE}" \
+      --argjson responseLength "${#RESPONSE}" \
+      '{
+        timestamp: $timestamp,
+        invocationId: $invocationId,
+        event: $event,
+        platform: $platform,
+        stage: $stage,
+        rawInputLength: $rawInputLength,
+        normalizedResponseLength: $normalizedResponseLength,
+        emittedResponseLength: $emittedResponseLength,
+        responseLength: $responseLength
+      }
+      + (if $outcome != "" then { outcome: $outcome } else {} end)
+      + (if $reason != "" then { reason: $reason } else {} end)
+      + (if $hookPath != "" then { hookPath: $hookPath } else {} end)
+      + (if $diagnosticsLogPath != "" then { diagnosticsLogPath: $diagnosticsLogPath } else {} end)
+      + (if $sessionId != "" then { sessionId: $sessionId } else {} end)
+      + (if $toolName != "" then { toolName: $toolName } else {} end)
+      + (if $toolInput != "" then { toolInput: $toolInput } else {} end)
+      + (if $rawInput != "" then { rawInput: $rawInput } else {} end)
+      + (if $authorityHost != "" then { authorityHost: $authorityHost } else {} end)
+      + (if $authorityMode != "" then { authorityMode: $authorityMode } else {} end)
+      + (if $endpoint != "" then { endpoint: $endpoint } else {} end)
+      + (if $port != "" then { port: $port } else {} end)
+      + (if $payload != "" then { payload: $payload } else {} end)
+      + (if $response != "" then { response: $response } else {} end)
+      + (if $normalizedResponse != "" then { normalizedResponse: $normalizedResponse } else {} end)
+      + (if $emittedResponse != "" then { emittedResponse: $emittedResponse } else {} end)
+      + (if $attempt != "" then { attempt: $attempt } else {} end)
+      + (if $maxRetries != "" then { maxRetries: $maxRetries } else {} end)
+      + (if $timeoutSeconds != "" then { timeoutSeconds: $timeoutSeconds } else {} end)
+      + (if $curlExit != "" then { curlExit: $curlExit } else {} end)'
+  ) || return 0
+
+  printf '%s\n' "$diagnostic_json" >> "$DIAGNOSTICS_LOG" 2>/dev/null || true
+  return 0
+}
+
+emit_response() {
+  local response="$1"
+
+  EMITTED_RESPONSE="$response"
+  if [[ -n "$response" ]]; then
+    printf '%s\n' "$response"
+  fi
+
+  return 0
+}
+
+build_allow_response() {
+  case "$HOOK_PLATFORM" in
+    claude_code|vscode)
+      printf '%s' '{"hookSpecificOutput":{"hookEventName":"PreToolUse","permissionDecision":"allow"}}'
+      ;;
+    codex)
+      printf '%s' ''
+      ;;
+    cursor)
+      printf '%s' '{"permission":"allow"}'
+      ;;
+    gemini)
+      printf '%s' '{"decision":"allow"}'
+      ;;
+    *)
+      printf '%s' '{}'
+      ;;
+  esac
+
+  return 0
+}
+
+fail_open() {
+  local stage="$1"
+  local message="$2"
+  debug "$message"
+  EMITTED_RESPONSE=$(build_allow_response)
+  append_diagnostic_record "complete" "$stage" "fail_open" "$message"
+  emit_response "$EMITTED_RESPONSE"
+  return 0
+}
+
 authority_host_for_platform() {
   case "$HOOK_PLATFORM" in
     claude_code) echo "claude-code" ;;
@@ -120,29 +255,28 @@ normalize_response() {
     codex)
       echo "$response" | jq -c '
         if type == "object" and (keys | length) == 0 then
+          empty
+        elif (.hookSpecificOutput.permissionDecision? | type) == "string" and .hookSpecificOutput.permissionDecision == "deny" then
           {
             hookSpecificOutput: {
               hookEventName: "PreToolUse",
-              permissionDecision: "allow",
-              permissionDecisionReason: ""
-            }
-          }
-        elif (.hookSpecificOutput.permissionDecision? | type) == "string" then
-          {
-            hookSpecificOutput: {
-              hookEventName: "PreToolUse",
-              permissionDecision: (if .hookSpecificOutput.permissionDecision == "allow" then "allow" else "deny" end),
+              permissionDecision: "deny",
               permissionDecisionReason: (.hookSpecificOutput.permissionDecisionReason // .hookSpecificOutput.reason // .reason // .message // "")
             }
           }
+        elif (.hookSpecificOutput.permissionDecision? | type) == "string" then
+          empty
         elif (.decision? | type) == "string" and (.decision | IN("allow", "deny", "ask")) then
-          {
-            hookSpecificOutput: {
-              hookEventName: "PreToolUse",
-              permissionDecision: (if .decision == "allow" then "allow" else "deny" end),
-              permissionDecisionReason: (.reason // .message // "")
+          if .decision == "deny"
+            then {
+              hookSpecificOutput: {
+                hookEventName: "PreToolUse",
+                permissionDecision: "deny",
+                permissionDecisionReason: (.reason // .message // "")
+              }
             }
-          }
+            else empty
+          end
         else
           empty
         end
@@ -156,19 +290,12 @@ normalize_response() {
   return 0
 }
 
+# shellcheck disable=SC1091 # Resolved at runtime via SCRIPT_DIR.
 source "$SCRIPT_DIR/permission-port-discovery.sh"
 
-# Discover the port from the shared file or the newest live PID-keyed file
-if ! PORT=$(resolve_permission_port); then
-  debug "No usable permission server port file found — fail open"
-  exit 0
-fi
-
-ENDPOINT="http://127.0.0.1:${PORT}/api/evaluate_permission"
-debug "Endpoint: $ENDPOINT"
-
 # Read the hook input from stdin
 INPUT=$(cat)
+append_diagnostic_record "received_input" "received_input"
 
 # Extract tool_name and tool_input from the hook payload
 TOOL_NAME=$(echo "$INPUT" | jq -r '.tool_name // .toolName // .tool // .name // empty' 2>/dev/null)
@@ -176,10 +303,19 @@ TOOL_INPUT=$(echo "$INPUT" | jq -c '.tool_input // .toolInput // .input // {}' 2
 
 # If we can't parse the input, fail open
 if [[ -z "$TOOL_NAME" ]]; then
-  debug "Could not parse tool_name from input — fail open"
+  fail_open "parse_tool_name_failed" "Could not parse tool_name from input — fail open"
   exit 0
 fi
 
+# Discover the port from the shared file or the newest live PID-keyed file
+if ! PORT=$(resolve_permission_port); then
+  fail_open "port_discovery_failed" "No usable permission server port file found — fail open"
+  exit 0
+fi
+
+ENDPOINT="http://127.0.0.1:${PORT}/api/evaluate_permission"
+debug "Endpoint: $ENDPOINT"
+
 debug "Evaluating: $TOOL_NAME"
 debug "Platform: $HOOK_PLATFORM"
 
@@ -188,7 +324,7 @@ AUTHORITY_MODE=$(resolve_authority_mode "$AUTHORITY_HOST")
 debug "Authority mode for ${AUTHORITY_HOST:-unknown}: $AUTHORITY_MODE"
 
 if [[ "$AUTHORITY_MODE" == "off" ]]; then
-  debug "Authority mode is off — hook no-op"
+  fail_open "authority_off" "Authority mode is off — hook no-op"
   exit 0
 fi
 
@@ -213,23 +349,32 @@ ATTEMPT=0
 TIMEOUT=$INITIAL_TIMEOUT
 
 while [[ $ATTEMPT -le $MAX_RETRIES ]]; do
+  LAST_ATTEMPT="$ATTEMPT"
+  CURRENT_TIMEOUT="$TIMEOUT"
   RESPONSE=$(curl -s --max-time "$TIMEOUT" -X POST "$ENDPOINT" \
     -H "Content-Type: application/json" \
     -d "$PAYLOAD" \
     2>/dev/null)
   CURL_EXIT=$?
+  LAST_CURL_EXIT="$CURL_EXIT"
 
   if [[ $CURL_EXIT -eq 0 ]] && [[ -n "$RESPONSE" ]]; then
     debug "Response (attempt $((ATTEMPT+1))): $RESPONSE"
     if ! echo "$RESPONSE" | jq -e . >/dev/null 2>&1; then
-      debug "Non-JSON response for platform $HOOK_PLATFORM — fail open"
+      fail_open "response_not_json" "Non-JSON response for platform $HOOK_PLATFORM — fail open"
       exit 0
     fi
     NORMALIZED_RESPONSE=$(normalize_response "$RESPONSE")
     if [[ -n "$NORMALIZED_RESPONSE" ]]; then
-      echo "$NORMALIZED_RESPONSE"
+      EMITTED_RESPONSE="$NORMALIZED_RESPONSE"
+      append_diagnostic_record "complete" "response_normalized" "success"
+      emit_response "$NORMALIZED_RESPONSE"
+    elif [[ "$HOOK_PLATFORM" == "codex" ]]; then
+      EMITTED_RESPONSE=""
+      append_diagnostic_record "complete" "response_allowed_without_output" "success"
     else
-      debug "Malformed response for platform $HOOK_PLATFORM — fail open"
+      fail_open "response_malformed" "Malformed response for platform $HOOK_PLATFORM — fail open"
+      exit 0
     fi
     exit 0
   fi
@@ -237,12 +382,14 @@ while [[ $ATTEMPT -le $MAX_RETRIES ]]; do
   ATTEMPT=$((ATTEMPT + 1))
   if [[ $ATTEMPT -le $MAX_RETRIES ]]; then
     BACKOFF=$((TIMEOUT * ATTEMPT))
-    debug "Attempt $ATTEMPT failed (curl exit $CURL_EXIT) — retrying in ${BACKOFF}s (timeout ${TIMEOUT}s → $((TIMEOUT * 2))s)"
+    RETRY_MESSAGE="Attempt $ATTEMPT failed (curl exit $CURL_EXIT) — retrying in ${BACKOFF}s (timeout ${TIMEOUT}s → $((TIMEOUT * 2))s)"
+    debug "$RETRY_MESSAGE"
+    append_diagnostic_record "retry" "curl_retry" "retrying" "$RETRY_MESSAGE"
     sleep "$BACKOFF"
     TIMEOUT=$((TIMEOUT * 2))
   fi
 done
 
 # All retries exhausted — fail open
-debug "All $((MAX_RETRIES + 1)) attempts failed — fail open"
+fail_open "curl_attempts_exhausted" "All $((MAX_RETRIES + 1)) attempts failed — fail open"
 exit 0

package/scripts/pretooluse-vscode.sh

@@ -6,14 +6,13 @@
 # most relevant built-in tool names into Dollhouse's existing permission model.
 
 RUN_DIR="$HOME/.dollhouse/run"
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+# shellcheck disable=SC1091 # Resolved at runtime via SCRIPT_DIR.
+source "$SCRIPT_DIR/permission-hook-config.sh"
+# shellcheck disable=SC2034 # Consumed by permission-port-discovery.sh after sourcing.
 PORT_FILE="$RUN_DIR/permission-server.port"
-MAX_RETRIES="${DOLLHOUSE_HOOK_MAX_RETRIES:-2}"
-INITIAL_TIMEOUT="${DOLLHOUSE_HOOK_INITIAL_TIMEOUT:-5}"
 HOOK_PLATFORM="vscode"
-SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-
-[[ "$MAX_RETRIES" =~ ^[0-9]+$ ]] || MAX_RETRIES=2
-[[ "$INITIAL_TIMEOUT" =~ ^[0-9]+$ ]] || INITIAL_TIMEOUT=5
+permission_hook_load_runtime_config
 
 debug() {
   if [[ "${DOLLHOUSE_HOOK_DEBUG:-0}" == "1" ]]; then
@@ -22,10 +21,23 @@ debug() {
   return 0
 }
 
+emit_allow_response() {
+  printf '%s\n' '{"hookSpecificOutput":{"hookEventName":"PreToolUse","permissionDecision":"allow"}}'
+  return 0
+}
+
+fail_open() {
+  local message="$1"
+  debug "$message"
+  emit_allow_response
+  return 0
+}
+
+# shellcheck disable=SC1091 # Resolved at runtime via SCRIPT_DIR.
 source "$SCRIPT_DIR/permission-port-discovery.sh"
 
 if ! PORT=$(resolve_permission_port); then
-  debug "No usable permission server port file found — fail open"
+  fail_open "No usable permission server port file found — fail open"
   exit 0
 fi
 
@@ -84,7 +96,7 @@ case "$RAW_TOOL_NAME" in
 esac
 
 if [[ -z "$TOOL_NAME" ]]; then
-  debug "Could not parse VS Code tool name — fail open"
+  fail_open "Could not parse VS Code tool name — fail open"
   exit 0
 fi
 
@@ -147,7 +159,8 @@ while [[ $ATTEMPT -le $MAX_RETRIES ]]; do
     if [[ -n "$HOOK_RESPONSE" ]]; then
       echo "$HOOK_RESPONSE"
     else
-      debug "Permission evaluation returned an unrecognized response — fail open"
+      fail_open "Permission evaluation returned an unrecognized response — fail open"
+      exit 0
     fi
     exit 0
   fi
@@ -159,5 +172,5 @@ while [[ $ATTEMPT -le $MAX_RETRIES ]]; do
   fi
 done
 
-debug "Permission evaluation failed — fail open"
+fail_open "Permission evaluation failed — fail open"
 exit 0

package/scripts/pretooluse-windsurf.sh

@@ -6,14 +6,13 @@
 # evaluations and then maps the response back to Windsurf exit codes.
 
 RUN_DIR="$HOME/.dollhouse/run"
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+# shellcheck disable=SC1091 # Resolved at runtime via SCRIPT_DIR.
+source "$SCRIPT_DIR/permission-hook-config.sh"
+# shellcheck disable=SC2034 # Consumed by permission-port-discovery.sh after sourcing.
 PORT_FILE="$RUN_DIR/permission-server.port"
-MAX_RETRIES="${DOLLHOUSE_HOOK_MAX_RETRIES:-2}"
-INITIAL_TIMEOUT="${DOLLHOUSE_HOOK_INITIAL_TIMEOUT:-5}"
 HOOK_PLATFORM="windsurf"
-SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-
-[[ "$MAX_RETRIES" =~ ^[0-9]+$ ]] || MAX_RETRIES=2
-[[ "$INITIAL_TIMEOUT" =~ ^[0-9]+$ ]] || INITIAL_TIMEOUT=5
+permission_hook_load_runtime_config
 
 debug() {
   if [[ "${DOLLHOUSE_HOOK_DEBUG:-0}" == "1" ]]; then
@@ -22,6 +21,7 @@ debug() {
   return 0
 }
 
+# shellcheck disable=SC1091 # Resolved at runtime via SCRIPT_DIR.
 source "$SCRIPT_DIR/permission-port-discovery.sh"
 
 if ! PORT=$(resolve_permission_port); then

package/server.json

@@ -3,7 +3,7 @@
   "name": "io.github.DollhouseMCP/mcp-server",
   "title": "DollhouseMCP",
   "description": "OSS to create Personas, Skills, Templates, Agents, and Memories to customize your AI experience.",
-  "version": "2.0.29",
+  "version": "2.0.31",
   "homepage": "https://dollhousemcp.com",
   "repository": {
     "type": "git",
@@ -29,7 +29,7 @@
     {
       "registryType": "npm",
       "identifier": "@dollhousemcp/mcp-server",
-      "version": "2.0.29",
+      "version": "2.0.31",
       "transport": {
         "type": "stdio"
       }