@sanctuary-framework/mcp-server 0.4.0 → 0.4.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/dist/cli.cjs +28 -10
  2. package/dist/cli.cjs.map +1 -1
  3. package/dist/cli.js +28 -10
  4. package/dist/cli.js.map +1 -1
  5. package/dist/index.cjs +23 -5
  6. package/dist/index.cjs.map +1 -1
  7. package/dist/index.d.cts +5 -5
  8. package/dist/index.d.ts +5 -5
  9. package/dist/index.js +23 -5
  10. package/dist/index.js.map +1 -1
  11. package/package.json +1 -1
package/dist/index.d.cts CHANGED
@@ -1,10 +1,5 @@
1
1
  import { Server } from '@modelcontextprotocol/sdk/server/index.js';
2
2
 
3
- /**
4
- * Sanctuary MCP Server — Configuration
5
- *
6
- * Loads and validates server configuration from file or environment variables.
7
- */
8
3
  interface SanctuaryConfig {
9
4
  version: string;
10
5
  storage_path: string;
@@ -670,6 +665,11 @@ interface SHRCapabilities {
670
665
  */
671
666
  interface SHRBody {
672
667
  shr_version: "1.0";
668
+ implementation: {
669
+ sanctuary_version: string;
670
+ node_version: string;
671
+ generated_by: string;
672
+ };
673
673
  instance_id: string;
674
674
  generated_at: string;
675
675
  expires_at: string;
package/dist/index.d.ts CHANGED
@@ -1,10 +1,5 @@
1
1
  import { Server } from '@modelcontextprotocol/sdk/server/index.js';
2
2
 
3
- /**
4
- * Sanctuary MCP Server — Configuration
5
- *
6
- * Loads and validates server configuration from file or environment variables.
7
- */
8
3
  interface SanctuaryConfig {
9
4
  version: string;
10
5
  storage_path: string;
@@ -670,6 +665,11 @@ interface SHRCapabilities {
670
665
  */
671
666
  interface SHRBody {
672
667
  shr_version: "1.0";
668
+ implementation: {
669
+ sanctuary_version: string;
670
+ node_version: string;
671
+ generated_by: string;
672
+ };
673
673
  instance_id: string;
674
674
  generated_at: string;
675
675
  expires_at: string;
package/dist/index.js CHANGED
@@ -206,6 +206,7 @@ var init_hashing = __esm({
206
206
  });
207
207
  var require2 = createRequire(import.meta.url);
208
208
  var { version: PKG_VERSION } = require2("../package.json");
209
+ var SANCTUARY_VERSION = PKG_VERSION;
209
210
  function defaultConfig() {
210
211
  return {
211
212
  version: PKG_VERSION,
@@ -3636,7 +3637,12 @@ var DEFAULT_POLICY = {
3636
3637
  "context_gate_filter",
3637
3638
  "context_gate_list_policies",
3638
3639
  "l2_hardening_status",
3639
- "l2_verify_isolation"
3640
+ "l2_verify_isolation",
3641
+ "sovereignty_audit",
3642
+ "shr_gateway_export",
3643
+ "bridge_commit",
3644
+ "bridge_verify",
3645
+ "bridge_attest"
3640
3646
  ],
3641
3647
  approval_channel: DEFAULT_CHANNEL
3642
3648
  };
@@ -3703,6 +3709,10 @@ function parseScalar(value) {
3703
3709
  return value.replace(/^["']|["']$/g, "");
3704
3710
  }
3705
3711
  function validatePolicy(raw) {
3712
+ const userTier3 = raw.tier3_always_allow ?? [];
3713
+ const mergedTier3 = [
3714
+ .../* @__PURE__ */ new Set([...userTier3, ...DEFAULT_POLICY.tier3_always_allow])
3715
+ ];
3706
3716
  return {
3707
3717
  version: raw.version ?? 1,
3708
3718
  tier1_always_approve: raw.tier1_always_approve ?? DEFAULT_POLICY.tier1_always_approve,
@@ -3710,7 +3720,7 @@ function validatePolicy(raw) {
3710
3720
  ...DEFAULT_TIER2,
3711
3721
  ...raw.tier2_anomaly ?? {}
3712
3722
  },
3713
- tier3_always_allow: raw.tier3_always_allow ?? DEFAULT_POLICY.tier3_always_allow,
3723
+ tier3_always_allow: mergedTier3,
3714
3724
  approval_channel: (() => {
3715
3725
  const merged = {
3716
3726
  ...DEFAULT_CHANNEL,
@@ -3795,6 +3805,11 @@ tier3_always_allow:
3795
3805
  - context_gate_recommend
3796
3806
  - context_gate_filter
3797
3807
  - context_gate_list_policies
3808
+ - sovereignty_audit
3809
+ - shr_gateway_export
3810
+ - bridge_commit
3811
+ - bridge_verify
3812
+ - bridge_attest
3798
3813
 
3799
3814
  # \u2500\u2500\u2500 Approval Channel \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500
3800
3815
  # How Sanctuary reaches you when approval is needed.
@@ -4589,8 +4604,6 @@ function generateDashboardHTML(options) {
4589
4604
  }
4590
4605
 
4591
4606
  // src/principal-policy/dashboard.ts
4592
- var require4 = createRequire(import.meta.url);
4593
- var { version: PKG_VERSION3 } = require4("../../package.json");
4594
4607
  var SESSION_TTL_MS = 5 * 60 * 1e3;
4595
4608
  var MAX_SESSIONS = 1e3;
4596
4609
  var RATE_LIMIT_WINDOW_MS = 6e4;
@@ -4619,7 +4632,7 @@ var DashboardApprovalChannel = class {
4619
4632
  this.useTLS = !!(config.tls?.cert_path && config.tls?.key_path);
4620
4633
  this.dashboardHTML = generateDashboardHTML({
4621
4634
  timeoutSeconds: config.timeout_seconds,
4622
- serverVersion: PKG_VERSION3,
4635
+ serverVersion: SANCTUARY_VERSION,
4623
4636
  authToken: this.authToken
4624
4637
  });
4625
4638
  this.sessionCleanupTimer = setInterval(() => this.cleanupSessions(), 6e4);
@@ -5682,6 +5695,11 @@ function generateSHR(identityId, opts) {
5682
5695
  }
5683
5696
  const body = {
5684
5697
  shr_version: "1.0",
5698
+ implementation: {
5699
+ sanctuary_version: config.version,
5700
+ node_version: process.versions.node,
5701
+ generated_by: "sanctuary-mcp-server"
5702
+ },
5685
5703
  instance_id: identity.identity_id,
5686
5704
  generated_at: now.toISOString(),
5687
5705
  expires_at: expiresAt.toISOString(),