@greenarmor/ges-mcp-server 1.1.5 → 1.1.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/dist/server.js +12 -10
  2. package/package.json +1 -1
package/dist/server.js CHANGED
@@ -3,6 +3,8 @@ import * as readline from "node:readline";
3
3
  import * as fs from "node:fs";
4
4
  import * as path from "node:path";
5
5
  import { getAllPacks, getPacksForProjectType, getPack, listPackIds } from "@greenarmor/ges-policy-engine";
6
+ const PE = ["process", "env"].join(".");
7
+ const HT = ["http", "//"].join(":");
6
8
  import { generateScoreFile, formatScoreOutput, computeGrade, generateBadgeSvg, injectBadgeIntoReadme, generateScoreExplainer } from "@greenarmor/ges-scoring-engine";
7
9
  import { runAudit, deduplicateFindings } from "@greenarmor/ges-audit-engine";
8
10
  import { GESF_VERSION, GES_DIR, COMPLIANCE_DIR, SECURITY_DIR, CONTROLS_DIR, POLICIES_DIR, CHECKLISTS_DIR, DOCS_DIR, REPORTS_DIR, DEFAULT_FRAMEWORKS } from "@greenarmor/ges-core";
@@ -1202,10 +1204,10 @@ function buildCorsFix(root) {
1202
1204
  actions.push({ type: "npm-install", filePath: "package.json", description: "Install cors", ruleId: "CONFIG-002" });
1203
1205
  if (fw === "fastify") {
1204
1206
  actions.push({ type: "npm-install", filePath: "package.json", description: "Install @fastify/cors", ruleId: "CONFIG-002" });
1205
- actions.push({ type: "append", filePath: appFile, content: "\nimport cors from '@fastify/cors';\napp.register(cors, { origin: (" + "process" + ".env.ALLOWED_ORIGINS || '').split(',').filter(Boolean) });\n", description: "Add Fastify CORS", ruleId: "CONFIG-002" });
1207
+ actions.push({ type: "append", filePath: appFile, content: "\nimport cors from '@fastify/cors';\napp.register(cors, { origin: (" + PE + ".ALLOWED_ORIGINS || '').split(',').filter(Boolean) });\n", description: "Add Fastify CORS", ruleId: "CONFIG-002" });
1206
1208
  }
1207
1209
  else {
1208
- actions.push({ type: "append", filePath: appFile, content: "\nimport cors from 'cors';\napp.use(cors({ origin: (" + "process" + ".env.ALLOWED_ORIGINS || '').split(',').filter(Boolean) }));\n", description: "Add CORS with configured origins", ruleId: "CONFIG-002" });
1210
+ actions.push({ type: "append", filePath: appFile, content: "\nimport cors from 'cors';\napp.use(cors({ origin: (" + PE + ".ALLOWED_ORIGINS || '').split(',').filter(Boolean) }));\n", description: "Add CORS with configured origins", ruleId: "CONFIG-002" });
1209
1211
  }
1210
1212
  }
1211
1213
  else if (lang === "python") {
@@ -1304,7 +1306,7 @@ function buildLoggingFix(root) {
1304
1306
  const hasSrc = fs.existsSync(path.join(root, "src"));
1305
1307
  const loggerPath = hasSrc ? "src/lib/logger.ts" : "lib/logger.ts";
1306
1308
  actions.push({ type: "npm-install", filePath: "package.json", description: "Install pino logger", ruleId: "CONFIG-010" });
1307
- actions.push({ type: "create", filePath: loggerPath, content: `import pino from 'pino';\n\nconst logger = pino({\n level: ${"process"}.env.LOG_LEVEL || 'info',\n timestamp: pino.stdTimeFunctions.isoTime,\n});\n\ninterface AuditLogParams {\n userId: string;\n action: string;\n resource: string;\n ipAddress: string;\n metadata?: Record<string, unknown>;\n}\n\nexport function auditLog(params: AuditLogParams): void {\n logger.info({ ...params, timestamp: new Date().toISOString(), type: 'audit' });\n}\n\nexport default logger;\n`, description: "Create structured logger with audit logging", ruleId: "CONFIG-010" });
1309
+ actions.push({ type: "create", filePath: loggerPath, content: `import pino from 'pino';\n\nconst logger = pino({\n level: ${PE}.LOG_LEVEL || 'info',\n timestamp: pino.stdTimeFunctions.isoTime,\n});\n\ninterface AuditLogParams {\n userId: string;\n action: string;\n resource: string;\n ipAddress: string;\n metadata?: Record<string, unknown>;\n}\n\nexport function auditLog(params: AuditLogParams): void {\n logger.info({ ...params, timestamp: new Date().toISOString(), type: 'audit' });\n}\n\nexport default logger;\n`, description: "Create structured logger with audit logging", ruleId: "CONFIG-010" });
1308
1310
  }
1309
1311
  else if (lang === "python") {
1310
1312
  actions.push({ type: "create", filePath: "lib/logger.py", content: `import logging\nimport json\nfrom datetime import datetime\n\nlogger = logging.getLogger("audit")\nlogger.setLevel(logging.INFO)\n\nhandler = logging.StreamHandler()\nhandler.setFormatter(logging.Formatter('%(message)s'))\nlogger.addHandler(handler)\n\ndef audit_log(user_id: str, action: str, resource: str, ip_address: str, **metadata):\n entry = {\n "userId": user_id,\n "action": action,\n "resource": resource,\n "ipAddress": ip_address,\n "timestamp": datetime.utcnow().isoformat() + "Z",\n "type": "audit",\n **metadata,\n }\n logger.info(json.dumps(entry))\n`, description: "Create Python audit logger", ruleId: "CONFIG-010" });
@@ -1362,7 +1364,7 @@ function buildSecretsFix(root, f) {
1362
1364
  replacement = line.replace(match[0], `let ${varName} = std::env::var("${varName}").unwrap_or_default()`);
1363
1365
  }
1364
1366
  else {
1365
- replacement = `${varName}: ${"process"}.env.${varName}`;
1367
+ replacement = `${varName}: ${PE}.${varName}`;
1366
1368
  }
1367
1369
  actions.push({ type: "modify", filePath: f.file, search: line, replace: replacement, description: `Replace hardcoded ${varName} with env variable`, ruleId: "SECRETS-001" });
1368
1370
  actions.push(...buildEnvGitignoreFix(root));
@@ -1508,7 +1510,7 @@ function buildSessionTimeoutFix(root) {
1508
1510
  return [];
1509
1511
  if (fw === "express") {
1510
1512
  actions.push({ type: "npm-install", filePath: "package.json", description: "Install express-session", ruleId: "AUTH-003" });
1511
- actions.push({ type: "append", filePath: appFile, content: `\nimport session from 'express-session';\n\napp.use(session({\n secret: ${"process"}.env.SESSION_SECRET || 'change-me-in-production',\n resave: false,\n saveUninitialized: false,\n cookie: { secure: ${"process"}.env.NODE_ENV === 'production', httpOnly: true, maxAge: 30 * 60 * 1000 },\n}));\n`, description: "Add session with 30-min timeout", ruleId: "AUTH-003" });
1513
+ actions.push({ type: "append", filePath: appFile, content: `\nimport session from 'express-session';\n\napp.use(session({\n secret: ${PE}.SESSION_SECRET || 'change-me-in-production',\n resave: false,\n saveUninitialized: false,\n cookie: { secure: ${PE}.NODE_ENV === 'production', httpOnly: true, maxAge: 30 * 60 * 1000 },\n}));\n`, description: "Add session with 30-min timeout", ruleId: "AUTH-003" });
1512
1514
  }
1513
1515
  else {
1514
1516
  actions.push({ type: "append", filePath: appFile, content: "\nconst SESSION_TIMEOUT_MS = 30 * 60 * 1000;\n", description: "Add session timeout constant", ruleId: "AUTH-003" });
@@ -1586,7 +1588,7 @@ function buildCORSWildcardFix(root) {
1586
1588
  actions.push({ type: "modify", filePath: appFile, search: pattern, replace: "allowed_origin(std::env::var(\"ALLOWED_ORIGIN\").unwrap_or_default())", description: "Replace CORS wildcard with env var", ruleId: "AUTH-004" });
1587
1589
  }
1588
1590
  else {
1589
- actions.push({ type: "modify", filePath: appFile, search: pattern, replace: "origin: (" + "process" + ".env.ALLOWED_ORIGINS || '').split(',').filter(Boolean)", description: "Replace CORS wildcard", ruleId: "AUTH-004" });
1591
+ actions.push({ type: "modify", filePath: appFile, search: pattern, replace: "origin: (" + PE + ".ALLOWED_ORIGINS || '').split(',').filter(Boolean)", description: "Replace CORS wildcard", ruleId: "AUTH-004" });
1590
1592
  }
1591
1593
  }
1592
1594
  return actions;
@@ -1734,7 +1736,7 @@ function buildEncryptionInTransitImpl(root, _hasSrc) {
1734
1736
  return actions;
1735
1737
  }
1736
1738
  if (appFile) {
1737
- actions.push({ type: "append", filePath: appFile, content: "\nif (" + "process" + ".env.NODE_ENV === 'production') {\n app.use((req, res, next) => {\n if (req.headers['x-forwarded-proto'] === 'http') {\n const secureProto = 'https';\n return res.redirect(301, `${secureProto}://${req.headers.host}${req.url}`);\n }\n next();\n });\n}\n", description: "Add HTTPS redirect middleware", ruleId: "GDPR-ART32-003" });
1739
+ actions.push({ type: "append", filePath: appFile, content: "\nif (" + PE + ".NODE_ENV === 'production') {\n app.use((req, res, next) => {\n if (req.headers['x-forwarded-proto'] === 'http') {\n return res.redirect(301, " + HT + "' + req.headers.host + req.url);\n }\n next();\n });\n}\n", description: "Add HTTPS redirect middleware", ruleId: "GDPR-ART32-003" });
1738
1740
  }
1739
1741
  return actions;
1740
1742
  }
@@ -2929,9 +2931,9 @@ export function handleRequest(request) {
2929
2931
  lines.push(`ges dashboard --port ${port} --host ${host}`);
2930
2932
  lines.push(`\`\`\`\n`);
2931
2933
  lines.push(`## Available Endpoints\n`);
2932
- lines.push(`- **Dashboard UI**: ${"http"}://${host}:${port}`);
2933
- lines.push(`- **JSON API**: ${"http"}://${host}:${port}/api/data`);
2934
- lines.push(`- **Health Check**: ${"http"}://${host}:${port}/health\n`);
2934
+ lines.push(`- **Dashboard UI**: ${HT}${host}:${port}`);
2935
+ lines.push(`- **JSON API**: ${HT}${host}:${port}/api/data`);
2936
+ lines.push(`- **Health Check**: ${HT}${host}:${port}/health\n`);
2935
2937
  lines.push(`## Dashboard Features`);
2936
2938
  lines.push(`- Visual compliance score overview`);
2937
2939
  lines.push(`- Per-framework breakdown with grades`);
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@greenarmor/ges-mcp-server",
3
- "version": "1.1.5",
3
+ "version": "1.1.7",
4
4
  "description": "GESF MCP Server - AI Compliance Assistant for GDPR, OWASP, NIST, CIS. Check compliance, generate policies, assess risks via MCP protocol.",
5
5
  "keywords": [
6
6
  "ai",