@saiteja1123/mcp-server 1.1.3 → 1.1.5

package/src/index.js

@@ -1,6 +1,6 @@
-/**
- * Re-exports the Vibesecur rule engine for MCP servers, Cursor hooks, or other tooling.
- * Implement MCP protocol handlers in a separate file that imports from here or from
- * `@vibesecur/rule-engine` directly.
- */
-export * from '@vibesecur/rule-engine';
+/**
+ * Re-export bundled local rule engine for MCP tooling.
+ * This keeps the MCP package self-contained at runtime.
+ */
+export * from './rule-engine/index.js';
+export * from './deep-scan/index.js';

package/src/lock.mjs

@@ -11,6 +11,23 @@ export function randomToken() {
   return crypto.randomBytes(32).toString('hex');
 }
 
+export function normalizeLockedRoot(rawPath = '') {
+  if (typeof rawPath !== 'string') return '';
+  const trimmed = rawPath.trim();
+  if (!trimmed) return '';
+  const slashed = trimmed.replace(/\\/g, '/').replace(/\/{2,}/g, '/');
+  const withoutTrailing = slashed.replace(/\/+$/, '');
+  return withoutTrailing.toLowerCase();
+}
+
+export function buildLockedRootHash(lockedRootPath) {
+  return sha256Hex(`vibesecur:mcp:root:${normalizeLockedRoot(lockedRootPath)}`);
+}
+
+export function isRuntimeCompatibleLock(lock) {
+  return lock?.source === 'server';
+}
+
 export function deriveLockDir(rootPath) {
   return path.join(path.resolve(rootPath), '.vibesecur');
 }
@@ -34,17 +51,19 @@ export async function writeLock(rootPath, lockData) {
   await fs.writeFile(deriveLockFile(rootPath), JSON.stringify(lockData, null, 2), 'utf8');
 }
 
-export async function createLock({ rootPath, account }) {
+export async function createLock({ rootPath, account, installToken, lockedRootHash, source = 'local' }) {
   const resolved = path.resolve(rootPath);
-  const rootHash = sha256Hex(`vibesecur:lock:${resolved}`);
-  const installToken = randomToken();
+  const finalInstallToken = installToken || randomToken();
+  const finalLockedRootHash = lockedRootHash || buildLockedRootHash(resolved);
   const lock = {
-    installToken,
-    rootHash,
+    installToken: finalInstallToken,
+    rootHash: finalLockedRootHash,
+    lockedRootHash: finalLockedRootHash,
     boundRoot: resolved,
     createdAt: new Date().toISOString(),
     account: account || 'anonymous',
-    version: 1,
+    source,
+    version: 2,
   };
   await writeLock(resolved, lock);
   return lock;
@@ -66,10 +85,23 @@ export async function validateScanPath(requestedPath, installToken) {
     };
   }
 
-  if (installToken && lock.installToken !== installToken) {
+  if (!/^[a-f0-9]{64}$/i.test(String(installToken || ''))) {
+    return {
+      ok: false,
+      code: 'TOKEN_MISSING',
+      httpStatus: 403,
+      message:
+        'Missing or invalid install token. ' +
+        'Use a server-issued binding via "vibesecur-mcp bind <folder>" and update MCP env.',
+      rebindHint: `vibesecur-mcp rebind ${lock.boundRoot}`,
+    };
+  }
+
+  if (lock.installToken !== installToken) {
     return {
       ok: false,
       code: 'TOKEN_MISMATCH',
+      httpStatus: 403,
       message:
         'Install token does not match the lock for this folder. ' +
         'Run "vibesecur-mcp rebind" to get a new token.',
@@ -91,17 +123,19 @@ export async function validateScanPath(requestedPath, installToken) {
     };
   }
 
-  const expectedHash = sha256Hex(`vibesecur:lock:${boundRoot}`);
-  if (lock.rootHash !== expectedHash) {
+  const expectedHash = buildLockedRootHash(boundRoot);
+  const storedHash = lock.lockedRootHash || lock.rootHash || '';
+  if (storedHash !== expectedHash) {
     return {
       ok: false,
       code: 'HASH_MISMATCH',
+      httpStatus: 403,
       message: 'Lock rootHash does not match bound folder. The lock file may be corrupted. Rebind.',
       rebindHint: `vibesecur-mcp rebind ${boundRoot}`,
     };
   }
 
-  return { ok: true, lock, boundRoot };
+  return { ok: true, lock, boundRoot, lockedRootHash: expectedHash };
 }
 
 export async function findLockForPath(startPath) {
@@ -127,16 +161,17 @@ export async function findLockForPath(startPath) {
   return null;
 }
 
-export async function rebindLock({ rootPath, account }) {
+export async function rebindLock({ rootPath, account, source = 'local' }) {
   const resolved = path.resolve(rootPath);
   const oldLock = await readLock(resolved);
-  const newLock = await createLock({ rootPath: resolved, account });
+  const newLock = await createLock({ rootPath: resolved, account, source });
 
   return {
     previousToken: oldLock?.installToken || null,
     newToken: newLock.installToken,
     boundRoot: newLock.boundRoot,
     rootHash: newLock.rootHash,
+    source: newLock.source,
     message: 'Lock rebound. Previous token is now invalid. Copy your new install token.',
   };
 }
@@ -154,22 +189,28 @@ export async function diagnosticLock(rootPath) {
     };
   }
 
-  const expectedHash = sha256Hex(`vibesecur:lock:${path.resolve(lock.boundRoot)}`);
-  const hashOk = lock.rootHash === expectedHash;
+  const expectedHash = buildLockedRootHash(path.resolve(lock.boundRoot));
+  const storedHash = lock.lockedRootHash || lock.rootHash || '';
+  const hashOk = storedHash === expectedHash;
   const boundRoot = path.resolve(lock.boundRoot);
   const inFolder = resolved.startsWith(boundRoot + path.sep) || resolved === boundRoot;
 
   return {
     healthy: hashOk && inFolder,
+    runtimeCompatible: hashOk && inFolder && isRuntimeCompatibleLock(lock),
     lockFile: deriveLockFile(lock.boundRoot),
     boundRoot: lock.boundRoot,
     account: lock.account,
     createdAt: lock.createdAt,
+    source: lock.source || 'unknown',
     rootHash: { expected: expectedHash, stored: lock.rootHash, ok: hashOk },
     pathInBoundFolder: inFolder,
     issues: [
       !hashOk ? 'rootHash mismatch - lock may be corrupted' : null,
       !inFolder ? `requested path ${resolved} is outside bound folder ${boundRoot}` : null,
+      !isRuntimeCompatibleLock(lock)
+        ? 'lock is local diagnostic-only; run vibesecur-mcp bind <folder> with a backend auth token'
+        : null,
     ].filter(Boolean),
   };
 }

package/src/middleware/governance.js

@@ -0,0 +1,135 @@
+/**
+ * src/middleware/governance.js
+ *
+ * Dynamic Context Governance middleware interface.
+ *
+ * ── Phase 1 behaviour ────────────────────────────────────────────────────────
+ * This module is a transparent pass-through. Every request is allowed.
+ * No governance policies exist yet. No blocking occurs.
+ * No hardcoded permissions. No simulated enforcement.
+ *
+ * ── Why this exists now ──────────────────────────────────────────────────────
+ * Inserting this seam now means future governance features (rate limiting,
+ * quota enforcement, context-aware scan policies, tier restrictions) can be
+ * added here without touching any tool handler, scan orchestrator, or MCP
+ * server bootstrap code. The interface is locked; the implementation evolves.
+ *
+ * ── Future phases will add inside evaluateGovernance() ──────────────────────
+ *   Phase 2: fetch live governance context from VIBESECUR_API_BASE/mcp/governance
+ *   Phase 3: evaluate local policy rules against GovernanceContext
+ *   Phase 4: propagate GovernanceDecision.annotations into scan results
+ *
+ * ── What this module does NOT own ────────────────────────────────────────────
+ *   - Path guard / binding validation  (orchestrator caller's responsibility)
+ *   - Scan execution                   (runScan.js)
+ *   - Response formatting              (tool handler)
+ *   - Authentication                   (lock.mjs + api-scan.mjs)
+ *
+ * IMPORTS: only from api-scan.mjs — never from server.js or runScan.js.
+ */
+
+import { getMcpSessionId } from '../api-scan.mjs';
+
+// ── Type definitions ──────────────────────────────────────────────────────────
+
+/**
+ * Context object passed to the governance middleware.
+ * Built by the scan orchestrator from validated guard + caller inputs.
+ *
+ * @typedef {Object} GovernanceContext
+ * @property {string}  toolName         MCP tool being invoked ('localScan' | 'scanFile' | …)
+ * @property {string}  requestedPath    Resolved, normalised project root (from guard.resolvedRoot)
+ * @property {string}  installToken     Opaque install token — do not log raw value
+ * @property {string}  lockedRootHash   SHA-256 of the bound root — safe to log
+ * @property {string}  sessionId        Process-stable session identifier
+ * @property {GovernanceScanMetadata} scanMetadata  Scan-specific metadata
+ * @property {string}  executionMode    Caller hint: 'unknown' before scan executes
+ */
+
+/**
+ * @typedef {Object} GovernanceScanMetadata
+ * @property {string}           lang      Resolved language ('js'|'ts'|'py'|'json'|'auto')
+ * @property {number}           codeSize  Length of the code string in characters
+ * @property {number|undefined} maxFiles  File cap for repo tools; undefined for code-string tools
+ */
+
+/**
+ * Decision returned by the governance middleware to the scan orchestrator.
+ *
+ * @typedef {Object} GovernanceDecision
+ * @property {boolean}           allowed     Whether the request is permitted to proceed
+ * @property {string}            reason      Human-readable explanation (logged, not returned to IDE)
+ * @property {Record<string,*>}  annotations Metadata to attach to the scan result (currently empty)
+ * @property {Record<string,*>}  metadata    Governance system metadata (tier, policy id, etc.)
+ */
+
+// ── Helpers ───────────────────────────────────────────────────────────────────
+
+/**
+ * Build a GovernanceContext from the parameters available at scan-time.
+ * The caller (runScan) passes these directly from its own validated inputs.
+ *
+ * @param {Object} params
+ * @param {string} params.toolName
+ * @param {string} params.requestedPath
+ * @param {string} params.installToken
+ * @param {string} params.lockedRootHash
+ * @param {string} params.lang
+ * @param {number} params.codeSize
+ * @param {number|undefined} params.maxFiles
+ * @returns {GovernanceContext}
+ */
+export function buildGovernanceContext({
+  toolName,
+  requestedPath,
+  installToken,
+  lockedRootHash,
+  lang,
+  codeSize,
+  maxFiles,
+}) {
+  return {
+    toolName,
+    requestedPath,
+    installToken,    // caller must not log this field
+    lockedRootHash,  // SHA-256 — safe to log
+    sessionId: getMcpSessionId(),
+    scanMetadata: {
+      lang,
+      codeSize,
+      maxFiles,
+    },
+    executionMode: 'unknown',  // resolved after scan returns
+  };
+}
+
+// ── Core middleware ───────────────────────────────────────────────────────────
+
+/**
+ * Evaluate governance policy for the given execution context.
+ *
+ * Phase 1: transparent pass-through. Always returns allowed=true.
+ * No network calls. No blocking. No policy evaluation. Zero latency overhead.
+ *
+ * Contract for future phases:
+ *   - Must never throw — errors must be caught and result in fail-open (allowed=true)
+ *     during Phase 1. Future phases may choose fail-closed after explicit opt-in.
+ *   - Must return a GovernanceDecision synchronously or asynchronously.
+ *   - Must not mutate the GovernanceContext object.
+ *   - Must not perform authentication — that is the path guard's responsibility.
+ *   - Must not read or write lock files.
+ *
+ * @param {GovernanceContext} ctx
+ * @returns {Promise<GovernanceDecision>}
+ */
+export async function evaluateGovernance(ctx) {  // eslint-disable-line no-unused-vars
+  // ── Phase 1: pass-through ─────────────────────────────────────────────────
+  // ctx is accepted but intentionally not evaluated.
+  // The parameter is kept to lock the function signature for future phases.
+  return {
+    allowed: true,
+    reason: 'pass-through',
+    annotations: {},
+    metadata: {},
+  };
+}

package/src/orchestrator/runScan.js

@@ -0,0 +1,211 @@
+/**
+ * src/orchestrator/runScan.js
+ *
+ * Central scan execution pipeline.
+ *
+ * Owns ONLY the remote→local decision tree:
+ *   1. Attempt remote scan via /api/v1/scan/local
+ *   2. On 402 → surface upgrade requirement (checked first; never fall back)
+ *   3. On remote unavailable/skipped/error → surface hard error (no silent fallback)
+ *   4. On remote success → return remote result with quota metadata
+ *   5. On remote ok-but-no-data → fall back to local rule engine
+ *
+ * DOES NOT OWN:
+ *   - Path guard / binding validation  (caller's responsibility)
+ *   - File I/O / realpath              (caller's responsibility)
+ *   - Language inference from filename (caller resolves before passing)
+ *   - MCP response formatting          (caller's responsibility)
+ *
+ * This function is the future insertion point for Dynamic Context Governance.
+ * A governance middleware call will be added between the guard result and the
+ * postRemoteLocalScan() call — no other files need to change at that time.
+ *
+ * IMPORTS: only from api-scan.mjs and rule-engine — never from server.js.
+ */
+
+import { postRemoteLocalScan, postScanLog } from '../api-scan.mjs';
+import { localScan } from '../rule-engine/index.js';
+import { buildGovernanceContext, evaluateGovernance } from '../middleware/governance.js';
+
+const UPGRADE_URL = 'https://vibesecur.com/#pricing';
+
+/**
+ * @typedef {Object} ScanOutcomeError
+ * @property {false} ok
+ * @property {'REMOTE_VERIFICATION_REQUIRED'|'UPGRADE_REQUIRED'|'GOVERNANCE_BLOCKED'} errorCode
+ * @property {Object} errorPayload  - Shape ready for JSON serialisation in error response
+ */
+
+/**
+ * @typedef {Object} ScanOutcomeSuccess
+ * @property {true} ok
+ * @property {'remote'|'offline'} mode
+ * @property {Object} result          - Raw scan result (findings, score, grade, verdict, checklist…)
+ * @property {Object|undefined} quota - Remote quota metadata; undefined when mode='offline'
+ * @property {string} engineVersion   - mcpPkg.version passed in by caller
+ */
+
+/** @typedef {ScanOutcomeError|ScanOutcomeSuccess} ScanOutcome */
+
+/**
+ * Execute a single-code-string security scan.
+ *
+ * Callers must resolve 'auto' language before passing when the exact language
+ * is known (e.g. via inferLang). Passing 'auto' is safe — both
+ * postRemoteLocalScan and localScan handle it.
+ *
+ * @param {Object} params
+ * @param {string} params.code             Source code to scan
+ * @param {string} params.lang             Language: 'js'|'ts'|'py'|'json'|'auto'
+ * @param {string} params.projectRoot      Resolved root path (from guard.resolvedRoot)
+ * @param {string} params.installToken     VIBESECUR_INSTALL_TOKEN value
+ * @param {string} [params.lockedRootHash] From guard.lock?.lockedRootHash || guard.lock?.rootHash
+ * @param {string} params.engineVersion    Package version string for result annotation
+ * @returns {Promise<ScanOutcome>}
+ */
+export async function runScan({
+  code,
+  lang,
+  projectRoot,
+  installToken,
+  lockedRootHash,
+  engineVersion,
+}) {
+  // ── Governance middleware ─────────────────────────────────────────────────
+  // Phase 1: always passes through (evaluateGovernance returns allowed:true).
+  // Future phases: evaluateGovernance may return allowed:false to block the
+  // scan before any compute or network cost is incurred.
+  //
+  // Fail-open policy: if governance itself throws, we log and allow.
+  // This keeps Phase 1 safe — governance bugs never silently break scans.
+  // Future phases that want fail-closed must handle errors inside
+  // evaluateGovernance() before returning a GovernanceDecision.
+  let govDecision;
+  try {
+    const govCtx = buildGovernanceContext({
+      toolName:      'scan',         // refined callers may pass this explicitly in Phase 2
+      requestedPath: projectRoot,
+      installToken,
+      lockedRootHash: lockedRootHash || '',
+      lang,
+      codeSize:      code.length,
+      maxFiles:      undefined,      // code-string scan; repo tools will pass maxFiles in Phase 2
+    });
+    govDecision = await evaluateGovernance(govCtx);
+  } catch (govErr) {
+    // Governance error — fail-open in Phase 1, surface to stderr for observability
+    process.stderr.write(
+      `[vibesecur] governance middleware error (fail-open): ${govErr.message}\n`,
+    );
+    govDecision = { allowed: true, reason: 'error-fail-open', annotations: {}, metadata: {} };
+  }
+
+  if (!govDecision.allowed) {
+    // Phase 1: this branch is unreachable (allowed is always true).
+    // Present now so Phase 2 only needs to set allowed:false inside
+    // evaluateGovernance() — no changes to this file or any tool handler.
+    return {
+      ok: false,
+      errorCode: 'GOVERNANCE_BLOCKED',
+      errorPayload: {
+        error: 'GOVERNANCE_BLOCKED',
+        message: govDecision.reason || 'Request blocked by governance policy.',
+      },
+    };
+  }
+
+  // ── Remote scan attempt ───────────────────────────────────────────────────
+  const remote = await postRemoteLocalScan({
+    code,
+    lang,
+    projectRoot,
+    platform: 'mcp',
+    installToken,
+    lockedRootHash,
+  });
+
+  // ── Case 1: Payment required (402) ───────────────────────────────────────
+  // MUST be checked before the generic !remote.ok guard. Fetch API sets
+  // Response.ok = false for all non-2xx statuses including 402, so without
+  // this early check the generic guard would intercept quota-exceeded
+  // responses and surface REMOTE_VERIFICATION_REQUIRED instead.
+  // upgradeUrl is always included so both callers (localScan tool, scanFile
+  // tool) get a consistent, actionable error shape.
+  if (remote.status === 402) {
+    return {
+      ok: false,
+      errorCode: 'UPGRADE_REQUIRED',
+      errorPayload: {
+        ...remote.json,
+        upgradeUrl: UPGRADE_URL,
+      },
+    };
+  }
+
+  // ── Case 2: Remote unavailable or network/auth failure ───────────────────
+  // This covers: VIBESECUR_API_BASE not set (skipped:true), fetch error,
+  // non-2xx response (ok:false). We surface a hard error — there is no silent
+  // local fallback for this case. The caller must have a verified server
+  // binding before a scan is meaningful.
+  if (remote.skipped || !remote.ok) {
+    return {
+      ok: false,
+      errorCode: 'REMOTE_VERIFICATION_REQUIRED',
+      errorPayload: {
+        error: 'REMOTE_VERIFICATION_REQUIRED',
+        message:
+          remote.error
+          || remote.reason
+          || `Remote scan failed with status ${remote.status || 'unknown'}`,
+      },
+    };
+  }
+
+  // ── Case 3: Remote success ────────────────────────────────────────────────
+  if (remote.ok && remote.json?.success && remote.json?.data) {
+    const result = remote.json.data;
+
+    // Persist scan metadata so the Projects dashboard reflects this scan.
+    // Best-effort and metadata-only: a logging failure must never fail the
+    // scan the user already paid quota for. Reuses codeHash + scanReceipt so
+    // the backend does not double-count quota.
+    let logged = { ok: false };
+    try {
+      const logRes = await postScanLog({
+        result,
+        lang,
+        projectRoot,
+        platform: 'mcp',
+        installToken,
+        lockedRootHash,
+      });
+      logged = logRes?.ok
+        ? { ok: true, scanId: logRes.json?.data?.scanId || null }
+        : { ok: false, reason: logRes?.reason || logRes?.error || `status ${logRes?.status || 'unknown'}` };
+    } catch (logErr) {
+      process.stderr.write(`[vibesecur] scan log failed (non-fatal): ${logErr.message}\n`);
+      logged = { ok: false, reason: logErr.message };
+    }
+
+    return {
+      ok: true,
+      mode: 'remote',
+      result,
+      quota: remote.json.quota,
+      engineVersion,
+      logged,
+    };
+  }
+
+  // ── Case 4: Remote returned 2xx but no usable data ────────────────────────
+  // Edge case: API responded OK but body lacks success/data (e.g. partial
+  // degradation). Fall back to the local rule engine so the scan still runs.
+  const result = localScan(code, lang);
+  return {
+    ok: true,
+    mode: 'offline',
+    result,
+    quota: undefined,
+    engineVersion,
+  };
+}