@ship-safe/mcp 0.2.0 → 0.3.0

package/README.md

@@ -11,6 +11,9 @@ It runs ShipSafe's fast local pattern scan for free (secrets, injection, broken
 | `shipsafe_scan` | Scan a directory; returns plain‑English findings with the exact fix for each, plus structured output (see below). | Free (local). AI analysis needs Growth/Shield. |
 | `shipsafe_fix_prompt` | Scan, then return one paste‑ready prompt that fixes everything, tailored to the detected AI builder. | Growth / Shield |
 | `shipsafe_status` | Show login state, plan, and remaining AI scan quota. | — |
+| `shipsafe_login` | Log in from the editor: call once for a browser URL + code, then again with the returned `device_code` to finish. | — |
+
+Secrets that show up in findings are masked (`[REDACTED]`) before anything is echoed back to the agent, so a model can't quote a real credential into its transcript.
 
 ### `shipsafe_scan` inputs
 
@@ -21,6 +24,7 @@ It runs ShipSafe's fast local pattern scan for free (secrets, injection, broken
 | `ai` | boolean | Run AI deep analysis (needs Growth/Shield). On by default for paid users. |
 | `paths` | string[] | Scan only these files/dirs (inside the project) — e.g. the files you just edited. Fast inner loop. |
 | `changedOnly` | boolean | Scan only files changed vs git HEAD + new untracked files. Falls back to a full scan if not a git repo. |
+| `upload` | boolean | Save the scan to your ShipSafe dashboard (needs login) and return a shareable `dashboardUrl`. Off by default. |
 
 ### Structured output
 
@@ -35,13 +39,12 @@ Failures (no source files, generation errors, not logged in) are returned with `
 
 ## Login (for AI analysis)
 
-The server reuses the ShipSafe CLI's session. Once, in a terminal:
+The free local + dependency scan works with no login. To unlock AI deep analysis and fix prompts, log in either way:
 
-```bash
-npx @ship-safe/cli login
-```
+- **From the editor:** ask your agent to log in — it calls the `shipsafe_login` tool, which gives you a browser URL + code and finishes once you authorize.
+- **From a terminal:** `npx @ship-safe/cli login`.
 
-That writes `~/.shipsafe/token.json`, which this MCP server reads. The free local scan works without it.
+Both write `~/.shipsafe/token.json`, which this MCP server reads, so a single login covers the CLI and the MCP.
 
 ## Setup
 

package/dist/index.js

@@ -4003,10 +4003,11 @@ function collectDependencyFiles(rootDir) {
 }
 
 // src/lib/config.ts
-import { readFileSync as readFileSync2, existsSync as existsSync2 } from "fs";
+import { readFileSync as readFileSync2, writeFileSync, mkdirSync, existsSync as existsSync2 } from "fs";
 import { homedir } from "os";
 import { join } from "path";
-var TOKEN_FILE = join(homedir(), ".shipsafe", "token.json");
+var CONFIG_DIR = join(homedir(), ".shipsafe");
+var TOKEN_FILE = join(CONFIG_DIR, "token.json");
 function getStoredToken() {
   try {
     if (!existsSync2(TOKEN_FILE)) return null;
@@ -4017,6 +4018,10 @@ function getStoredToken() {
     return null;
   }
 }
+function storeToken(data) {
+  if (!existsSync2(CONFIG_DIR)) mkdirSync(CONFIG_DIR, { recursive: true, mode: 448 });
+  writeFileSync(TOKEN_FILE, JSON.stringify(data, null, 2), { mode: 384 });
+}
 function apiUrl() {
   return (process.env.SHIPSAFE_API_URL || "https://ship-safe.co").replace(/\/+$/, "");
 }
@@ -4096,6 +4101,48 @@ async function getProfile(token) {
     return null;
   }
 }
+async function uploadScan(token, payload) {
+  try {
+    const res = await fetch(`${apiUrl()}/api/cli/scan`, {
+      method: "POST",
+      headers: { "Content-Type": "application/json", Authorization: `Bearer ${token}` },
+      body: JSON.stringify(payload),
+      signal: AbortSignal.timeout(6e4)
+    });
+    if (!res.ok) return { error: await errorMessage(res) };
+    const data = await res.json();
+    return { dashboardUrl: data.dashboardUrl };
+  } catch (e) {
+    return { error: e instanceof Error ? e.message : "upload failed" };
+  }
+}
+async function requestDeviceCode() {
+  try {
+    const res = await fetch(`${apiUrl()}/api/cli/device-code`, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      signal: AbortSignal.timeout(3e4)
+    });
+    if (!res.ok) return { error: await errorMessage(res) };
+    return await res.json();
+  } catch (e) {
+    return { error: e instanceof Error ? e.message : "could not reach ShipSafe" };
+  }
+}
+async function pollDeviceToken(deviceCode) {
+  try {
+    const res = await fetch(`${apiUrl()}/api/cli/device-token`, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({ deviceCode }),
+      signal: AbortSignal.timeout(3e4)
+    });
+    if (!res.ok) return { error: await errorMessage(res) };
+    return await res.json();
+  } catch (e) {
+    return { error: e instanceof Error ? e.message : "poll failed" };
+  }
+}
 
 // src/lib/format.ts
 var SEVERITY_RANK = { critical: 0, high: 1, medium: 2, low: 3, info: 4 };
@@ -4183,6 +4230,75 @@ function toStructuredFindings(findings) {
     fixSuggestion: f.fixSuggestion
   }));
 }
+var SECRET_PATTERNS = [
+  /-----BEGIN [A-Z ]*PRIVATE KEY-----[\s\S]{0,8192}?-----END [A-Z ]*PRIVATE KEY-----/g,
+  /\beyJ[A-Za-z0-9_-]{8,1024}\.[A-Za-z0-9_-]{8,2048}\.[A-Za-z0-9_-]{8,2048}\b/g,
+  // JWT
+  /\b(?:sk|pk|rk)[-_](?:live|test|proj)?[-_]?[A-Za-z0-9]{16,256}\b/g,
+  // Stripe / OpenAI-style
+  /\bgithub_pat_[A-Za-z0-9_]{20,256}\b/g,
+  // GitHub fine-grained PAT
+  /\bgh[posru]_[A-Za-z0-9]{20,256}\b/g,
+  // GitHub classic tokens
+  /\bglpat-[A-Za-z0-9_-]{16,256}\b/g,
+  // GitLab PAT
+  /\bxox[baprs]-[A-Za-z0-9-]{10,256}\b/g,
+  // Slack
+  /\b(?:AKIA|ASIA)[0-9A-Z]{16}\b/g,
+  // AWS access key id
+  /\bSG\.[A-Za-z0-9_-]{16,128}\.[A-Za-z0-9_-]{16,128}\b/g,
+  // SendGrid
+  /\b(?:AC|SK)[0-9a-f]{32}\b/g,
+  // Twilio SIDs
+  /\bAIza[0-9A-Za-z_-]{35}\b/g,
+  // Google API key
+  /\bya29\.[0-9A-Za-z_-]{20,512}/g,
+  // Google OAuth
+  /\bBearer\s+[A-Za-z0-9._~+/=-]{16,512}/gi,
+  // bearer / authorization tokens
+  // AWS secret access key: 40-char base64 with mixed case + a digit (distinguishes
+  // it from a hex SHA, which is lowercase-only and would over-redact commit hashes).
+  /\b(?=[A-Za-z0-9/+]{40}(?![A-Za-z0-9/+]))(?=[A-Za-z0-9/+]*[A-Z])(?=[A-Za-z0-9/+]*[a-z])(?=[A-Za-z0-9/+]*[0-9])[A-Za-z0-9/+]{40}\b/g
+];
+var URL_CREDENTIALS = /(:\/\/[^:@/\s]{1,128}:)([^@/\s]{3,256})(@)/g;
+var SECRET_ASSIGNMENT = /(\b[A-Za-z0-9_.-]{0,40}(?:secret|token|password|passwd|api[_-]?key|apikey|access[_-]?key|private[_-]?key|client[_-]?secret|auth[_-]?token)[A-Za-z0-9_.-]{0,40}\s*[:=]\s*["'`]?)([^\s"'`]{5,256})/gi;
+var MAX_REDACT_LEN = 2e4;
+function redactSecrets(text2) {
+  if (!text2) return text2;
+  let out = text2.length > MAX_REDACT_LEN ? `${text2.slice(0, MAX_REDACT_LEN)}\u2026 [truncated]` : text2;
+  for (const re of SECRET_PATTERNS) out = out.replace(re, "[REDACTED]");
+  out = out.replace(URL_CREDENTIALS, (_m, prefix, _pw, at) => `${prefix}[REDACTED]${at}`);
+  out = out.replace(SECRET_ASSIGNMENT, (_m, prefix) => `${prefix}[REDACTED]`);
+  return out;
+}
+function redactFinding(f) {
+  return {
+    ...f,
+    title: redactSecrets(f.title),
+    plainEnglish: redactSecrets(f.plainEnglish),
+    description: redactSecrets(f.description),
+    fixDescription: redactSecrets(f.fixDescription),
+    fixSuggestion: redactSecrets(f.fixSuggestion),
+    snippet: redactSecrets(f.snippet)
+  };
+}
+function toUploadFindings(findings) {
+  return findings.map((f) => ({
+    title: f.title,
+    description: f.description,
+    plainEnglish: f.plainEnglish || f.description,
+    severity: f.severity,
+    confidence: f.confidence,
+    source: f.source,
+    filePath: f.file,
+    lineNumber: f.line,
+    codeSnippet: f.snippet || void 0,
+    fixDescription: f.fixDescription || void 0,
+    fixSuggestion: f.fixSuggestion || void 0,
+    cwe: f.cwe || void 0,
+    owasp: f.owasp || void 0
+  }));
+}
 function toFixPromptPayload(findings) {
   return findings.map((f) => ({
     title: f.title,
@@ -4232,7 +4348,7 @@ function formatFindings(findings, opts) {
 }
 
 // src/lib/history.ts
-import { mkdirSync, readFileSync as readFileSync3, writeFileSync } from "fs";
+import { mkdirSync as mkdirSync2, readFileSync as readFileSync3, writeFileSync as writeFileSync2 } from "fs";
 import { homedir as homedir2 } from "os";
 import { join as join2, resolve } from "path";
 import { createHash as createHash2 } from "crypto";
@@ -4252,8 +4368,8 @@ function loadSnapshot(dir) {
 }
 function saveSnapshot(dir, keys, now) {
   try {
-    mkdirSync(HISTORY_DIR, { recursive: true });
-    writeFileSync(snapshotPath(dir), JSON.stringify({ keys, at: now }));
+    mkdirSync2(HISTORY_DIR, { recursive: true });
+    writeFileSync2(snapshotPath(dir), JSON.stringify({ keys, at: now }));
   } catch {
   }
 }
@@ -4269,7 +4385,11 @@ function diffSnapshots(previous, current) {
 }
 
 // src/index.ts
-var VERSION = "0.2.0";
+var VERSION = "0.3.0";
+var THIRTY_DAYS_MS = 30 * 24 * 60 * 60 * 1e3;
+function sleep(ms) {
+  return new Promise((r) => setTimeout(r, ms));
+}
 function text(t) {
   return { content: [{ type: "text", text: t }] };
 }
@@ -4356,7 +4476,8 @@ server.registerTool(
       severity: z2.enum(["critical", "high", "medium", "low"]).optional().describe("Only return findings at or above this severity."),
       ai: z2.boolean().optional().describe("Run AI deep analysis (needs a Growth/Shield login via `shipsafe login`). Defaults on for paid users, off otherwise."),
       paths: z2.array(z2.string()).optional().describe("Scan only these files/dirs (relative to path, inside the project) \u2014 e.g. the files you just edited. Faster than a full scan."),
-      changedOnly: z2.boolean().optional().describe("Scan only files changed vs git HEAD plus new untracked files. Falls back to a full scan if the directory isn't a git repo.")
+      changedOnly: z2.boolean().optional().describe("Scan only files changed vs git HEAD plus new untracked files. Falls back to a full scan if the directory isn't a git repo."),
+      upload: z2.boolean().optional().describe("Save this scan to the user's ShipSafe dashboard (needs login) and return a shareable dashboardUrl. Off by default.")
     },
     outputSchema: {
       clean: z2.boolean().describe("True when no findings were returned at the requested severity."),
@@ -4397,10 +4518,11 @@ server.registerTool(
           fixSuggestion: z2.string().optional()
         })
       ),
-      notes: z2.array(z2.string())
+      notes: z2.array(z2.string()),
+      dashboardUrl: z2.string().optional().describe("Set when upload:true succeeded \u2014 a shareable link to this scan in the dashboard.")
     }
   },
-  async ({ path: path3, severity, ai, paths, changedOnly }) => {
+  async ({ path: path3, severity, ai, paths, changedOnly, upload }) => {
     const dir = path3 ?? process.cwd();
     const r = await runScan(dir, { ai, paths, changedOnly });
     if (!r.ok) return errorResult(r.error);
@@ -4412,8 +4534,35 @@ server.registerTool(
       saveSnapshot(dir, r.localKeys, Date.now());
     }
     const notes = [r.scope.gitNote, r.aiNote, r.depWarning].filter((n) => Boolean(n));
+    let dashboardUrl;
+    let uploadNote;
+    if (upload) {
+      const token = getStoredToken();
+      if (!token) {
+        uploadNote = "Couldn't save to the dashboard: not logged in. Run shipsafe_login first.";
+      } else {
+        const res = await uploadScan(token.token, {
+          findings: toUploadFindings(r.findings),
+          summary: {
+            total: r.findings.length,
+            filesScanned: r.scope.sourceFiles,
+            linesScanned: 0,
+            bySeverity: buildScanVerdict(r.findings).counts
+          },
+          repoPath: dir
+        });
+        if ("error" in res) {
+          uploadNote = `Dashboard upload failed: ${res.error}.`;
+        } else {
+          dashboardUrl = res.dashboardUrl;
+          uploadNote = res.dashboardUrl ? `Saved to your dashboard: ${res.dashboardUrl}` : "Saved to your dashboard.";
+        }
+      }
+      if (uploadNote) notes.push(uploadNote);
+    }
+    const display = filtered.map(redactFinding);
     const reportParts = [
-      formatFindings(filtered, {
+      formatFindings(display, {
         dir,
         fileCount: r.scope.sourceFiles,
         depFileCount: r.scope.depFiles,
@@ -4434,6 +4583,10 @@ ${r.scope.gitNote}`);
 Pattern-scan diff vs your last scan of this directory: ${diff.resolved} resolved, ${diff.stillOpen} still open, ${diff.introduced} new.`
       );
     }
+    if (uploadNote) {
+      reportParts.push(`
+${uploadNote}`);
+    }
     return {
       content: [{ type: "text", text: reportParts.join("\n") }],
       structuredContent: {
@@ -4442,8 +4595,9 @@ Pattern-scan diff vs your last scan of this directory: ${diff.resolved} resolved
         counts: verdict.counts,
         scanned: { mode: r.scope.mode, sourceFiles: r.scope.sourceFiles, dependencyFiles: r.scope.depFiles },
         diff,
-        findings: toStructuredFindings(filtered),
-        notes
+        findings: toStructuredFindings(display),
+        notes,
+        ...dashboardUrl ? { dashboardUrl } : {}
       }
     };
   }
@@ -4466,12 +4620,13 @@ server.registerTool(
     const r = await runScan(dir, { ai: true });
     if (!r.ok) return errorResult(r.error);
     if (r.findings.length === 0) return text(`Nothing to fix \u2014 no issues found in ${r.scope.sourceFiles} file(s).`);
-    const res = await generateFixPrompt(token.token, toFixPromptPayload(sortBySeverity(r.findings)), r.platform ?? "manual");
+    const safeFindings = sortBySeverity(r.findings).map(redactFinding);
+    const res = await generateFixPrompt(token.token, toFixPromptPayload(safeFindings), r.platform ?? "manual");
     if ("error" in res) return errorResult(`Couldn't generate the fix prompt: ${res.error}`);
     const target = res.platform === "manual" ? "your AI assistant" : res.platform;
     return text(`Paste this into ${target} to fix all ${r.findings.length} issue(s):
 
-${res.prompt}`);
+${redactSecrets(res.prompt)}`);
   }
 );
 server.registerTool(
@@ -4484,7 +4639,7 @@ server.registerTool(
   async () => {
     const token = getStoredToken();
     if (!token) {
-      return text("Not logged in. Run `shipsafe login` in your terminal to enable AI deep analysis (Growth or Shield plan).");
+      return text("Not logged in. Use the shipsafe_login tool (or run `shipsafe login` in a terminal) to enable AI deep analysis (Growth or Shield plan).");
     }
     const profile = await getProfile(token.token);
     if (!profile) {
@@ -4497,6 +4652,58 @@ Plan: ${plan}
 AI scans: ${q.used}/${q.limit} used this month (${q.remaining} left)`);
   }
 );
+var LOGIN_POLL_WINDOW_MS = 25e3;
+var LOGIN_POLL_INTERVAL_MS = 2e3;
+server.registerTool(
+  "shipsafe_login",
+  {
+    title: "Log in to ShipSafe from your editor",
+    description: "Log in to ShipSafe without leaving the editor, to unlock AI deep analysis and fix prompts. Two steps: call with NO arguments to start \u2014 you'll get a URL and a code to authorize in the browser. After authorizing, call again with the returned `device_code` to finish. The free local + dependency scan works without logging in.",
+    inputSchema: {
+      device_code: z2.string().optional().describe("The device_code returned by the first (no-argument) call. Pass it on the second call, after authorizing in the browser, to complete login.")
+    }
+  },
+  async ({ device_code }) => {
+    if (!device_code) {
+      const dc = await requestDeviceCode();
+      if ("error" in dc) return errorResult(`Couldn't start login: ${dc.error}`);
+      return text(
+        `To log in, open this URL in your browser and enter the code:
+
+  ${dc.verificationUrl}
+  Code: ${dc.userCode}
+
+After you authorize it, call shipsafe_login again with device_code: "${dc.deviceCode}" to finish.`
+      );
+    }
+    const deadline = Date.now() + LOGIN_POLL_WINDOW_MS;
+    while (Date.now() < deadline) {
+      const poll = await pollDeviceToken(device_code);
+      if (!("error" in poll)) {
+        if (poll.status === "complete" && poll.token) {
+          const tokenData = {
+            token: poll.token,
+            email: poll.email ?? "",
+            expiresAt: Date.now() + THIRTY_DAYS_MS
+          };
+          const profile = await getProfile(poll.token);
+          if (profile) {
+            tokenData.tier = profile.tier;
+            tokenData.aiQuota = profile.aiQuota;
+          }
+          storeToken(tokenData);
+          const plan = profile?.tier && profile.tier !== "free" ? ` (${profile.tier})` : "";
+          return text(`Logged in as ${tokenData.email || "your account"}${plan}. AI deep analysis is now available \u2014 re-run shipsafe_scan to use it.`);
+        }
+        if (poll.status === "expired") {
+          return errorResult("That login link expired. Call shipsafe_login with no arguments to start again.");
+        }
+      }
+      await sleep(LOGIN_POLL_INTERVAL_MS);
+    }
+    return text("Still waiting for authorization. Finish in the browser, then call shipsafe_login again with the same device_code.");
+  }
+);
 async function main() {
   const transport = new StdioServerTransport();
   await server.connect(transport);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ship-safe/mcp",
-  "version": "0.2.0",
+  "version": "0.3.0",
   "description": "ShipSafe MCP server — let your AI coding agent scan the code it writes for security vulnerabilities, in-loop",
   "type": "module",
   "license": "MIT",
@@ -45,8 +45,8 @@
     "@types/node": "^22",
     "tsup": "^8",
     "typescript": "^5.7",
-    "@shipsafe/scanner": "0.1.0",
-    "@shipsafe/shared": "0.1.0"
+    "@shipsafe/shared": "0.1.0",
+    "@shipsafe/scanner": "0.1.0"
   },
   "scripts": {
     "build": "tsup",