@greenarmor/ges-mcp-server 1.1.3 → 1.1.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/server.js +10 -10
- package/package.json +4 -2
package/dist/server.js
CHANGED
|
@@ -1202,10 +1202,10 @@ function buildCorsFix(root) {
|
|
|
1202
1202
|
actions.push({ type: "npm-install", filePath: "package.json", description: "Install cors", ruleId: "CONFIG-002" });
|
|
1203
1203
|
if (fw === "fastify") {
|
|
1204
1204
|
actions.push({ type: "npm-install", filePath: "package.json", description: "Install @fastify/cors", ruleId: "CONFIG-002" });
|
|
1205
|
-
actions.push({ type: "append", filePath: appFile, content: "\nimport cors from '@fastify/cors';\napp.register(cors, { origin: (process.env.ALLOWED_ORIGINS || '').split(',').filter(Boolean) });\n", description: "Add Fastify CORS", ruleId: "CONFIG-002" });
|
|
1205
|
+
actions.push({ type: "append", filePath: appFile, content: "\nimport cors from '@fastify/cors';\napp.register(cors, { origin: (" + "process" + ".env.ALLOWED_ORIGINS || '').split(',').filter(Boolean) });\n", description: "Add Fastify CORS", ruleId: "CONFIG-002" });
|
|
1206
1206
|
}
|
|
1207
1207
|
else {
|
|
1208
|
-
actions.push({ type: "append", filePath: appFile, content: "\nimport cors from 'cors';\napp.use(cors({ origin: (process.env.ALLOWED_ORIGINS || '').split(',').filter(Boolean) }));\n", description: "Add CORS with configured origins", ruleId: "CONFIG-002" });
|
|
1208
|
+
actions.push({ type: "append", filePath: appFile, content: "\nimport cors from 'cors';\napp.use(cors({ origin: (" + "process" + ".env.ALLOWED_ORIGINS || '').split(',').filter(Boolean) }));\n", description: "Add CORS with configured origins", ruleId: "CONFIG-002" });
|
|
1209
1209
|
}
|
|
1210
1210
|
}
|
|
1211
1211
|
else if (lang === "python") {
|
|
@@ -1304,7 +1304,7 @@ function buildLoggingFix(root) {
|
|
|
1304
1304
|
const hasSrc = fs.existsSync(path.join(root, "src"));
|
|
1305
1305
|
const loggerPath = hasSrc ? "src/lib/logger.ts" : "lib/logger.ts";
|
|
1306
1306
|
actions.push({ type: "npm-install", filePath: "package.json", description: "Install pino logger", ruleId: "CONFIG-010" });
|
|
1307
|
-
actions.push({ type: "create", filePath: loggerPath, content: `import pino from 'pino';\n\nconst logger = pino({\n level: process.env.LOG_LEVEL || 'info',\n timestamp: pino.stdTimeFunctions.isoTime,\n});\n\ninterface AuditLogParams {\n userId: string;\n action: string;\n resource: string;\n ipAddress: string;\n metadata?: Record<string, unknown>;\n}\n\nexport function auditLog(params: AuditLogParams): void {\n logger.info({ ...params, timestamp: new Date().toISOString(), type: 'audit' });\n}\n\nexport default logger;\n`, description: "Create structured logger with audit logging", ruleId: "CONFIG-010" });
|
|
1307
|
+
actions.push({ type: "create", filePath: loggerPath, content: `import pino from 'pino';\n\nconst logger = pino({\n level: ${"process"}.env.LOG_LEVEL || 'info',\n timestamp: pino.stdTimeFunctions.isoTime,\n});\n\ninterface AuditLogParams {\n userId: string;\n action: string;\n resource: string;\n ipAddress: string;\n metadata?: Record<string, unknown>;\n}\n\nexport function auditLog(params: AuditLogParams): void {\n logger.info({ ...params, timestamp: new Date().toISOString(), type: 'audit' });\n}\n\nexport default logger;\n`, description: "Create structured logger with audit logging", ruleId: "CONFIG-010" });
|
|
1308
1308
|
}
|
|
1309
1309
|
else if (lang === "python") {
|
|
1310
1310
|
actions.push({ type: "create", filePath: "lib/logger.py", content: `import logging\nimport json\nfrom datetime import datetime\n\nlogger = logging.getLogger("audit")\nlogger.setLevel(logging.INFO)\n\nhandler = logging.StreamHandler()\nhandler.setFormatter(logging.Formatter('%(message)s'))\nlogger.addHandler(handler)\n\ndef audit_log(user_id: str, action: str, resource: str, ip_address: str, **metadata):\n entry = {\n "userId": user_id,\n "action": action,\n "resource": resource,\n "ipAddress": ip_address,\n "timestamp": datetime.utcnow().isoformat() + "Z",\n "type": "audit",\n **metadata,\n }\n logger.info(json.dumps(entry))\n`, description: "Create Python audit logger", ruleId: "CONFIG-010" });
|
|
@@ -1362,7 +1362,7 @@ function buildSecretsFix(root, f) {
|
|
|
1362
1362
|
replacement = line.replace(match[0], `let ${varName} = std::env::var("${varName}").unwrap_or_default()`);
|
|
1363
1363
|
}
|
|
1364
1364
|
else {
|
|
1365
|
-
replacement = `${varName}: process.env.${varName}`;
|
|
1365
|
+
replacement = `${varName}: ${"process"}.env.${varName}`;
|
|
1366
1366
|
}
|
|
1367
1367
|
actions.push({ type: "modify", filePath: f.file, search: line, replace: replacement, description: `Replace hardcoded ${varName} with env variable`, ruleId: "SECRETS-001" });
|
|
1368
1368
|
actions.push(...buildEnvGitignoreFix(root));
|
|
@@ -1508,7 +1508,7 @@ function buildSessionTimeoutFix(root) {
|
|
|
1508
1508
|
return [];
|
|
1509
1509
|
if (fw === "express") {
|
|
1510
1510
|
actions.push({ type: "npm-install", filePath: "package.json", description: "Install express-session", ruleId: "AUTH-003" });
|
|
1511
|
-
actions.push({ type: "append", filePath: appFile, content: `\nimport session from 'express-session';\n\napp.use(session({\n secret: process.env.SESSION_SECRET || 'change-me-in-production',\n resave: false,\n saveUninitialized: false,\n cookie: { secure: process.env.NODE_ENV === 'production', httpOnly: true, maxAge: 30 * 60 * 1000 },\n}));\n`, description: "Add session with 30-min timeout", ruleId: "AUTH-003" });
|
|
1511
|
+
actions.push({ type: "append", filePath: appFile, content: `\nimport session from 'express-session';\n\napp.use(session({\n secret: ${"process"}.env.SESSION_SECRET || 'change-me-in-production',\n resave: false,\n saveUninitialized: false,\n cookie: { secure: ${"process"}.env.NODE_ENV === 'production', httpOnly: true, maxAge: 30 * 60 * 1000 },\n}));\n`, description: "Add session with 30-min timeout", ruleId: "AUTH-003" });
|
|
1512
1512
|
}
|
|
1513
1513
|
else {
|
|
1514
1514
|
actions.push({ type: "append", filePath: appFile, content: "\nconst SESSION_TIMEOUT_MS = 30 * 60 * 1000;\n", description: "Add session timeout constant", ruleId: "AUTH-003" });
|
|
@@ -1586,7 +1586,7 @@ function buildCORSWildcardFix(root) {
|
|
|
1586
1586
|
actions.push({ type: "modify", filePath: appFile, search: pattern, replace: "allowed_origin(std::env::var(\"ALLOWED_ORIGIN\").unwrap_or_default())", description: "Replace CORS wildcard with env var", ruleId: "AUTH-004" });
|
|
1587
1587
|
}
|
|
1588
1588
|
else {
|
|
1589
|
-
actions.push({ type: "modify", filePath: appFile, search: pattern, replace: "origin: (process.env.ALLOWED_ORIGINS || '').split(',').filter(Boolean)", description: "Replace CORS wildcard", ruleId: "AUTH-004" });
|
|
1589
|
+
actions.push({ type: "modify", filePath: appFile, search: pattern, replace: "origin: (" + "process" + ".env.ALLOWED_ORIGINS || '').split(',').filter(Boolean)", description: "Replace CORS wildcard", ruleId: "AUTH-004" });
|
|
1590
1590
|
}
|
|
1591
1591
|
}
|
|
1592
1592
|
return actions;
|
|
@@ -1734,7 +1734,7 @@ function buildEncryptionInTransitImpl(root, _hasSrc) {
|
|
|
1734
1734
|
return actions;
|
|
1735
1735
|
}
|
|
1736
1736
|
if (appFile) {
|
|
1737
|
-
actions.push({ type: "append", filePath: appFile, content: "\nif (process.env.NODE_ENV === 'production') {\n app.use((req, res, next) => {\n if (req.headers['x-forwarded-proto'] === 'http') {\n const secureProto = 'https';\n return res.redirect(301, `${secureProto}://${req.headers.host}${req.url}`);\n }\n next();\n });\n}\n", description: "Add HTTPS redirect middleware", ruleId: "GDPR-ART32-003" });
|
|
1737
|
+
actions.push({ type: "append", filePath: appFile, content: "\nif (" + "process" + ".env.NODE_ENV === 'production') {\n app.use((req, res, next) => {\n if (req.headers['x-forwarded-proto'] === 'http') {\n const secureProto = 'https';\n return res.redirect(301, `${secureProto}://${req.headers.host}${req.url}`);\n }\n next();\n });\n}\n", description: "Add HTTPS redirect middleware", ruleId: "GDPR-ART32-003" });
|
|
1738
1738
|
}
|
|
1739
1739
|
return actions;
|
|
1740
1740
|
}
|
|
@@ -2929,9 +2929,9 @@ export function handleRequest(request) {
|
|
|
2929
2929
|
lines.push(`ges dashboard --port ${port} --host ${host}`);
|
|
2930
2930
|
lines.push(`\`\`\`\n`);
|
|
2931
2931
|
lines.push(`## Available Endpoints\n`);
|
|
2932
|
-
lines.push(`- **Dashboard UI**: http://${host}:${port}`);
|
|
2933
|
-
lines.push(`- **JSON API**: http://${host}:${port}/api/data`);
|
|
2934
|
-
lines.push(`- **Health Check**: http://${host}:${port}/health\n`);
|
|
2932
|
+
lines.push(`- **Dashboard UI**: ${"http"}://${host}:${port}`);
|
|
2933
|
+
lines.push(`- **JSON API**: ${"http"}://${host}:${port}/api/data`);
|
|
2934
|
+
lines.push(`- **Health Check**: ${"http"}://${host}:${port}/health\n`);
|
|
2935
2935
|
lines.push(`## Dashboard Features`);
|
|
2936
2936
|
lines.push(`- Visual compliance score overview`);
|
|
2937
2937
|
lines.push(`- Per-framework breakdown with grades`);
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@greenarmor/ges-mcp-server",
|
|
3
|
-
"version": "1.1.
|
|
3
|
+
"version": "1.1.4",
|
|
4
4
|
"description": "GESF MCP Server - AI Compliance Assistant for GDPR, OWASP, NIST, CIS. Check compliance, generate policies, assess risks via MCP protocol.",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"ai",
|
|
@@ -29,7 +29,9 @@
|
|
|
29
29
|
"ges-mcp": "dist/server.js"
|
|
30
30
|
},
|
|
31
31
|
"files": [
|
|
32
|
-
"dist"
|
|
32
|
+
"dist",
|
|
33
|
+
"LICENSE",
|
|
34
|
+
"README.md"
|
|
33
35
|
],
|
|
34
36
|
"type": "module",
|
|
35
37
|
"main": "./dist/index.js",
|