npm - @sanctuary-framework/mcp-server - Versions diffs - 1.1.1 → 1.1.2 - Mend

@sanctuary-framework/mcp-server 1.1.1 → 1.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/dist/cli.js CHANGED Viewed

@@ -1,6 +1,6 @@
 #!/usr/bin/env node
 import { mkdir, writeFile, readFile, stat, unlink, readdir, rm, chmod, access, constants, appendFile, lstat, copyFile, realpath } from 'fs/promises';
-import { join, dirname, isAbsolute, resolve, basename, sep } from 'path';
+import { join, dirname, resolve, isAbsolute, basename, sep } from 'path';
 import { platform, homedir, userInfo, hostname } from 'os';
 import { createRequire } from 'module';
 import { createHash, randomBytes as randomBytes$1, randomUUID, createHmac } from 'crypto';
@@ -11884,6 +11884,20 @@ async function handleRequest(deps, req, res) {
   const url = new URL(req.url ?? "/", `http://${host}`);
   const method = (req.method ?? "GET").toUpperCase();
   const path = url.pathname;
+  if (deps.v11Bindings) {
+    const handled = await dispatchV11Request(
+      {
+        bindings: deps.v11Bindings,
+        ...deps.authToken !== void 0 ? { authToken: deps.authToken } : {},
+        loopbackAutoAuth: deps.loopbackAutoAuth ?? false
+      },
+      req,
+      res,
+      url,
+      method
+    );
+    if (handled) return true;
+  }
   if (!isAuthorized(deps, req, url)) {
     writeJSON(res, 401, { error: "unauthorized" });
     return true;
@@ -12064,6 +12078,7 @@ var init_api = __esm({
     init_registry();
     init_init();
     init_discovery();
+    init_dispatch();
   }
 });
@@ -13599,6 +13614,53 @@ var init_v1_1 = __esm({
     init_client();
   }
 });
+// src/dashboard/v1_1/dispatch.ts
+async function dispatchV11Request(inputs, req, res, url, method) {
+  const { bindings, authToken, loopbackAutoAuth } = inputs;
+  if (method === "GET" && (url.pathname === "/v1.1" || url.pathname === "/v1.1/")) {
+    return handleDashboardV11Route(
+      {
+        identityId: bindings.identityId,
+        fortressId: bindings.fortressId,
+        ...authToken !== void 0 ? { authToken } : {}
+      },
+      req,
+      res
+    );
+  }
+  if (url.pathname.startsWith("/api/hub/")) {
+    const authConfig = {
+      loopbackAutoAuth,
+      ...authToken !== void 0 ? { authToken } : {}
+    };
+    return handleHubRoute(
+      { authConfig, service: bindings.hubService },
+      req,
+      res
+    );
+  }
+  if (method === "GET" && url.pathname === "/api/identities") {
+    const authConfig = {
+      loopbackAutoAuth,
+      ...authToken !== void 0 ? { authToken } : {}
+    };
+    const aliasReq = Object.create(req);
+    aliasReq.url = "/api/hub/agents" + url.search;
+    return handleHubRoute(
+      { authConfig, service: bindings.hubService },
+      aliasReq,
+      res
+    );
+  }
+  return false;
+}
+var init_dispatch = __esm({
+  "src/dashboard/v1_1/dispatch.ts"() {
+    init_api_router();
+    init_v1_1();
+  }
+});
 function isDashboardViewRoute(method, path) {
   if (method !== "GET") return false;
   return path === "/" || path === "/dashboard" || path === "/fortress" || path === "/events";
@@ -13611,8 +13673,7 @@ var init_dashboard = __esm({
     init_dashboard_html();
     init_fortress_view();
     init_system_prompt_generator();
-    init_api_router();
-    init_v1_1();
+    init_dispatch();
     SESSION_TTL_REMOTE_MS = 5 * 60 * 1e3;
     SESSION_TTL_LOCAL_MS = 24 * 60 * 60 * 1e3;
     MAX_SESSIONS = 1e3;
@@ -13734,45 +13795,17 @@ var init_dashboard = __esm({
        */
       async dispatchV11(req, res, url, method) {
         if (!this.v11Bindings) return false;
-        if (method === "GET" && (url.pathname === "/v1.1" || url.pathname === "/v1.1/")) {
-          const handled = handleDashboardV11Route(
-            {
-              identityId: this.v11Bindings.identityId,
-              fortressId: this.v11Bindings.fortressId,
-              ...this.authToken !== void 0 ? { authToken: this.authToken } : {}
-            },
-            req,
-            res
-          );
-          return handled;
-        }
-        if (url.pathname.startsWith("/api/hub/")) {
-          const authConfig = {
-            loopbackAutoAuth: this._autoAuthLocalhost,
-            ...this.authToken !== void 0 ? { authToken: this.authToken } : {}
-          };
-          const handled = await handleHubRoute(
-            { authConfig, service: this.v11Bindings.hubService },
-            req,
-            res
-          );
-          return handled;
-        }
-        if (method === "GET" && url.pathname === "/api/identities") {
-          const authConfig = {
-            loopbackAutoAuth: this._autoAuthLocalhost,
-            ...this.authToken !== void 0 ? { authToken: this.authToken } : {}
-          };
-          const aliasReq = Object.create(req);
-          aliasReq.url = "/api/hub/agents" + url.search;
-          const handled = await handleHubRoute(
-            { authConfig, service: this.v11Bindings.hubService },
-            aliasReq,
-            res
-          );
-          return handled;
-        }
-        return false;
+        return dispatchV11Request(
+          {
+            bindings: this.v11Bindings,
+            ...this.authToken !== void 0 ? { authToken: this.authToken } : {},
+            loopbackAutoAuth: this._autoAuthLocalhost
+          },
+          req,
+          res,
+          url,
+          method
+        );
       }
       /**
        * v0.10.2: enable (or disable) the loopback auto-auth fast path. See
@@ -30020,14 +30053,18 @@ async function startDashboardServer(options) {
       }
     }
   };
-  const deps = {
-    sources: options.sources,
-    authToken: options.authToken,
-    approvals: options.approvals,
-    onEvent
-  };
+  let v11Bindings = null;
+  let v11LoopbackAutoAuth = false;
   const server = createServer$2(async (req, res) => {
     try {
+      const deps = {
+        sources: options.sources,
+        authToken: options.authToken,
+        approvals: options.approvals,
+        onEvent,
+        v11Bindings,
+        loopbackAutoAuth: v11LoopbackAutoAuth
+      };
       const served = await handleRequest(deps, req, res);
       if (!served) {
         res.writeHead(404, { "Content-Type": "application/json" });
@@ -30065,7 +30102,13 @@ async function startDashboardServer(options) {
     publishActivity: (entry) => publish({ type: "activity", data: entry }),
     publishApproval: (approval) => publish({ type: "approval", data: approval }),
     publishInbox: (item) => publish({ type: "inbox", data: item }),
-    publishAgentStatus: (snapshot) => publish({ type: "agent_status", data: snapshot })
+    publishAgentStatus: (snapshot) => publish({ type: "agent_status", data: snapshot }),
+    setV11Bindings: (bindings) => {
+      v11Bindings = bindings;
+    },
+    setV11LoopbackAutoAuth: (enabled) => {
+      v11LoopbackAutoAuth = enabled;
+    }
   };
 }
 var DEFAULT_PORT, DEFAULT_HOST;
@@ -31329,12 +31372,14 @@ async function runWrap(options, deps = {}) {
   const storagePath = resolveStoragePath();
   let passphraseLocation;
   let passphraseSource;
+  let passphraseValue;
   if (options.passphrase) {
     try {
       const persist = deps.persistPassphrase ?? ((value) => persistUserProvidedPassphrase(value, { storagePath }));
       const persisted = await persist(options.passphrase);
       passphraseLocation = persisted.location;
       passphraseSource = persisted.source;
+      passphraseValue = options.passphrase;
       console.error(
         `
   \u{1F510} Persisted user-supplied passphrase (${persisted.location}).`
@@ -31352,12 +31397,14 @@ async function runWrap(options, deps = {}) {
   } else if (process.env.SANCTUARY_PASSPHRASE) {
     passphraseLocation = "SANCTUARY_PASSPHRASE";
     passphraseSource = "env";
+    passphraseValue = process.env.SANCTUARY_PASSPHRASE;
   } else {
     try {
       const resolve5 = deps.resolvePassphrase ?? (() => getOrCreatePassphrase({ storagePath }));
       const resolved = await resolve5();
       passphraseLocation = resolved.location;
       passphraseSource = resolved.source;
+      passphraseValue = resolved.value;
       if (resolved.source === "generated") {
         console.error(
           `
@@ -31415,6 +31462,13 @@ async function runWrap(options, deps = {}) {
   if (process.env.SANCTUARY_DASHBOARD_ENABLED) {
     sanctuaryEnv.SANCTUARY_DASHBOARD_ENABLED = process.env.SANCTUARY_DASHBOARD_ENABLED;
   }
+  if (options.fortress) {
+    sanctuaryEnv.SANCTUARY_FORTRESS_PATH = resolve(options.fortress);
+  } else if (process.env.SANCTUARY_FORTRESS_PATH) {
+    sanctuaryEnv.SANCTUARY_FORTRESS_PATH = resolve(
+      process.env.SANCTUARY_FORTRESS_PATH
+    );
+  }
   const rewrite = deps.rewriteConfig ?? rewriteConfigForCocoon;
   await rewrite(
     agentConfig,
@@ -31442,6 +31496,40 @@ async function runWrap(options, deps = {}) {
     authToken,
     readPackageVersion()
   );
+  if (passphraseValue !== void 0) {
+    try {
+      const v11Storage = new FilesystemStorage(`${storagePath}/state`);
+      let existingParams;
+      try {
+        const raw = await v11Storage.read("_meta", "key-params");
+        if (raw) {
+          existingParams = JSON.parse(bytesToString(raw));
+        }
+      } catch {
+      }
+      const derived = await deriveMasterKey(passphraseValue, existingParams);
+      if (!existingParams) {
+        await v11Storage.write(
+          "_meta",
+          "key-params",
+          stringToBytes(JSON.stringify(derived.params))
+        );
+      }
+      const wrapAuditLog = new AuditLog(v11Storage, derived.key);
+      dashboard.setV11Bindings(
+        buildV11Bindings({
+          identityId: `fortress:${storagePath}`,
+          fortressId: fortressIdFromStoragePath(storagePath),
+          auditLog: wrapAuditLog
+        })
+      );
+      dashboard.setV11LoopbackAutoAuth(true);
+    } catch (err) {
+      console.error(
+        `  Note: v1.1 dashboard surfaces unavailable on wrap URL (${err.message}). Run \`sanctuary dashboard\` to reach them.`
+      );
+    }
+  }
   const dashboardUrl = `${dashboard.url}?token=${authToken}`;
   const webhookCallbackPortRaw = process.env.SANCTUARY_WEBHOOK_CALLBACK_PORT;
   const webhookCallbackPort = webhookCallbackPortRaw ? parseInt(webhookCallbackPortRaw, 10) : void 0;
@@ -31804,6 +31892,11 @@ var init_cli2 = __esm({
     init_config_reader();
     init_passphrase();
     init_dashboard2();
+    init_wiring();
+    init_filesystem();
+    init_key_derivation();
+    init_encoding();
+    init_audit_log();
     init_config();
     init_paths();
     init_runtime();
@@ -35198,10 +35291,10 @@ __export(dashboard_standalone_exports, {
   renderTenantDiscoveryHint: () => renderTenantDiscoveryHint,
   startStandaloneDashboard: () => startStandaloneDashboard
 });
-async function discoverableSubTenants(currentStoragePath) {
+async function discoverableSubTenants(currentStoragePath, discoveryOptions) {
   let all;
   try {
-    all = await discoverTenants();
+    all = await discoverTenants(discoveryOptions);
   } catch {
     return [];
   }
@@ -35604,6 +35697,9 @@ var { version: PKG_VERSION4 } = require4("../package.json");
 async function main() {
   const args = process.argv.slice(2);
   let passphrase = process.env.SANCTUARY_PASSPHRASE;
+  if (process.env.SANCTUARY_FORTRESS_PATH && !process.env.SANCTUARY_STORAGE_PATH) {
+    process.env.SANCTUARY_STORAGE_PATH = process.env.SANCTUARY_FORTRESS_PATH;
+  }
   if (args[0] === "dashboard") {
     await runStandaloneDashboard(args.slice(1));
     return;