npm - @mobilenext/mobile-mcp - Versions diffs - 0.0.49 → 0.0.51 - Mend

@mobilenext/mobile-mcp 0.0.49 → 0.0.51

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/README.md CHANGED Viewed

@@ -7,24 +7,15 @@ This server allows Agents and LLMs to interact with native iOS/Android applicati
   <a href="https://github.com/mobile-next/mobile-mcp">
     <img src="https://img.shields.io/github/stars/mobile-next/mobile-mcp" alt="Mobile Next Stars" />
   </a>
-  <a href="https://github.com/mobile-next/mobile-mcp">
-    <img src="https://img.shields.io/github/contributors/mobile-next/mobile-mcp?color=green" alt="Mobile Next Downloads" />
-  </a>
   <a href="https://www.npmjs.com/package/@mobilenext/mobile-mcp">
     <img src="https://img.shields.io/npm/dm/@mobilenext/mobile-mcp?logo=npm&style=flat&color=red" alt="npm" />
   </a>
   <a href="https://github.com/mobile-next/mobile-mcp/releases">
     <img src="https://img.shields.io/github/release/mobile-next/mobile-mcp" />
   </a>
-  <a href="https://github.com/mobile-next/mobile-mcp/blob/main/LICENSE">
-    <img src="https://img.shields.io/badge/license-Apache 2.0-blue.svg" alt="Mobile MCP is released under the Apache-2.0 License" />
-  </a>
   <a href="https://insiders.vscode.dev/redirect?url=vscode%3Amcp%2Finstall%3F%7B%22name%22%3A%22mobile-mcp%22%2C%22command%22%3A%22npx%22%2C%22args%22%3A%5B%22-y%22%2C%22%40mobilenext%2Fmobile-mcp%40latest%22%5D%7D">
     <img src="https://img.shields.io/badge/VS_Code-VS_Code?style=flat-square&label=Install%20Server&color=0098FF" alt="Install in VS Code" />
   </a>
-</h4>
-<h4 align="center">
   <a href="https://github.com/mobile-next/mobile-mcp/wiki">
     <img src="https://img.shields.io/badge/documentation-wiki-blue" alt="wiki" />
   </a>
@@ -359,6 +350,31 @@ Or add the standard config under `mcpServers` in your settings as shown above.
 [Read more in our wiki](https://github.com/mobile-next/mobile-mcp/wiki)! 🚀
+### SSE Server Mode
+By default, Mobile MCP runs over stdio. To start an SSE server instead, use the `--listen` flag:
+```bash
+npx @mobilenext/mobile-mcp@latest --listen 3000
+```
+This binds to `localhost:3000`. To bind to a specific interface:
+```bash
+npx @mobilenext/mobile-mcp@latest --listen 0.0.0.0:3000
+```
+Then configure your MCP client to connect to `http://<host>:3000/mcp`.
+#### Authorization
+To require Bearer token authorization on the SSE server, set the `MOBILEMCP_AUTH` environment variable:
+```bash
+MOBILEMCP_AUTH=my-secret-token npx @mobilenext/mobile-mcp@latest --listen 3000
+```
+When set, all requests must include the header `Authorization: Bearer my-secret-token`.
 ### 🛠️ How to Use 📝
@@ -444,6 +460,30 @@ When launched, Mobile MCP can connect to:
 Make sure you have your mobile platform SDKs (Xcode, Android SDK) installed and configured properly before running Mobile Next Mobile MCP.
+### Telemetry
+Mobile MCP collects anonymous usage telemetry via PostHog. To disable it, set the `MOBILEMCP_DISABLE_TELEMETRY` environment variable:
+```bash
+MOBILEMCP_DISABLE_TELEMETRY=1 npx @mobilenext/mobile-mcp@latest
+```
+For json configurations:
+```json
+{
+  "mcpServers": {
+    "mobile-mcp": {
+      "command": "npx",
+      "args": ["-y", "@mobilenext/mobile-mcp@latest"],
+      "env": {
+        "MOBILEMCP_DISABLE_TELEMETRY": "1"
+      }
+    }
+  }
+}
+```
 ### Running in "headless" mode on Simulators/Emulators
 When you do not have a real device connected to your machine, you can run Mobile MCP with an emulator or simulator in the background.

package/lib/index.js CHANGED Viewed

@@ -10,9 +10,19 @@ const server_1 = require("./server");
 const logger_1 = require("./logger");
 const express_1 = __importDefault(require("express"));
 const commander_1 = require("commander");
-const startSseServer = async (port) => {
+const startSseServer = async (host, port) => {
     const app = (0, express_1.default)();
     const server = (0, server_1.createMcpServer)();
+    const authToken = process.env.MOBILEMCP_AUTH;
+    if (authToken) {
+        app.use((req, res, next) => {
+            if (req.headers.authorization !== `Bearer ${authToken}`) {
+                res.status(401).json({ error: "Unauthorized" });
+                return;
+            }
+            next();
+        });
+    }
     let transport = null;
     app.post("/mcp", (req, res) => {
         if (transport) {
@@ -26,8 +36,8 @@ const startSseServer = async (port) => {
         transport = new sse_js_1.SSEServerTransport("/mcp", res);
         server.connect(transport);
     });
-    app.listen(port, () => {
-        (0, logger_1.error)(`mobile-mcp ${(0, server_1.getAgentVersion)()} sse server listening on http://localhost:${port}/mcp`);
+    app.listen(port, host, () => {
+        (0, logger_1.error)(`mobile-mcp ${(0, server_1.getAgentVersion)()} sse server listening on http://${host}:${port}/mcp`);
     });
 };
 const startStdioServer = async () => {
@@ -46,12 +56,28 @@ const startStdioServer = async () => {
 const main = async () => {
     commander_1.program
         .version((0, server_1.getAgentVersion)())
-        .option("--port <port>", "Start SSE server on this port")
+        .option("--listen <listen>", "Start SSE server on [host:]port")
         .option("--stdio", "Start stdio server (default)")
         .parse(process.argv);
     const options = commander_1.program.opts();
-    if (options.port) {
-        await startSseServer(+options.port);
+    if (options.listen) {
+        const listen = options.listen.trim();
+        const lastColon = listen.lastIndexOf(":");
+        let host = "localhost";
+        let rawPort;
+        if (lastColon > 0) {
+            host = listen.substring(0, lastColon);
+            rawPort = listen.substring(lastColon + 1);
+        }
+        else {
+            rawPort = listen;
+        }
+        const port = Number.parseInt(rawPort, 10);
+        if (!host || !rawPort || !Number.isInteger(port) || port < 1 || port > 65535) {
+            (0, logger_1.error)(`Invalid --listen value "${listen}". Expected [host:]port with port 1-65535.`);
+            process.exit(1);
+        }
+        await startSseServer(host, port);
     }
     else {
         await startStdioServer();

package/lib/server.js CHANGED Viewed

@@ -78,6 +78,9 @@ const createMcpServer = () => {
         }));
     };
     const posthog = async (event, properties) => {
+        if (process.env.MOBILEMCP_DISABLE_TELEMETRY) {
+            return;
+        }
         try {
             const url = "https://us.i.posthog.com/i/v0/e/";
             const api_key = "phc_KHRTZmkDsU7A8EbydEK8s4lJpPoTDyyBhSlwer694cS";
@@ -351,6 +354,10 @@ const createMcpServer = () => {
         device: zod_1.z.string().describe("The device identifier to use. Use mobile_list_available_devices to find which devices are available to you."),
         url: zod_1.z.string().describe("The URL to open"),
     }, { destructiveHint: true }, async ({ device, url }) => {
+        const allowUnsafeUrls = process.env.MOBILEMCP_ALLOW_UNSAFE_URLS === "1";
+        if (!allowUnsafeUrls && !url.startsWith("http://") && !url.startsWith("https://")) {
+            throw new robot_1.ActionableError("Only http:// and https:// URLs are allowed. Set MOBILEMCP_ALLOW_UNSAFE_URLS=1 to allow other URL schemes.");
+        }
         const robot = getRobotFromDevice(device);
         await robot.openUrl(url);
         return `Opened URL: ${url}`;

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "@mobilenext/mobile-mcp",
   "mcpName": "io.github.mobile-next/mobile-mcp",
-  "version": "0.0.49",
+  "version": "0.0.51",
   "description": "Mobile MCP",
   "repository": {
     "type": "git",