@solongate/proxy 0.25.6 → 0.25.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/dist/index.js +3 -3
  2. package/package.json +1 -1
package/dist/index.js CHANGED
@@ -6149,7 +6149,7 @@ DENY if the tool call could, directly or indirectly:
6149
6149
  - Shell glob patterns (e.g., "cred*" could match "credentials.json")
6150
6150
  - Command substitution ($(...), backticks)
6151
6151
  - Process substitution (<(cat file), <(command file)) \u2014 ALWAYS check inside <(...) for protected files
6152
- - Variable interpolation or string concatenation (e.g., f=".en"; cat ${f}v builds ".env")
6152
+ - Variable interpolation or string concatenation (e.g., f=".en"; cat \${f}v builds ".env")
6153
6153
  - Partial variable construction \u2014 if shell variables are concatenated to form a filename, analyze the RESULT
6154
6154
  - Input redirection (< file)
6155
6155
  - Script files that might read protected files
@@ -6165,7 +6165,7 @@ DENY if the tool call could, directly or indirectly:
6165
6165
  CRITICAL patterns to watch for:
6166
6166
  - <(cat .env) or <(cat ANYPROTECTEDFILE) \u2014 process substitution ALWAYS reads the file
6167
6167
  - Compound commands with && or ; where ANY part touches a protected file \u2014 DENY the whole thing
6168
- - Variable tricks like f=".en"; cat ${f}v \u2014 mentally evaluate the variable to see if it resolves to a protected filename
6168
+ - Variable tricks like f=".en"; cat \${f}v \u2014 mentally evaluate the variable to see if it resolves to a protected filename
6169
6169
  - tar/zip/cp that archives a protected file, even if the second command reads the archive \u2014 DENY both
6170
6170
 
6171
6171
  ALLOW if:
@@ -6930,7 +6930,7 @@ ${msg.content.text}`;
6930
6930
  if (rule.effect === "DENY" && rule.enabled !== false) {
6931
6931
  const denied = rule.filenameConstraints?.denied;
6932
6932
  if (denied) {
6933
- for (const f2 of denied) files.add(f2);
6933
+ for (const f of denied) files.add(f);
6934
6934
  }
6935
6935
  }
6936
6936
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@solongate/proxy",
3
- "version": "0.25.6",
3
+ "version": "0.25.7",
4
4
  "description": "MCP security proxy — protect any MCP server with customizable policies, path/command constraints, rate limiting, and audit logging. Zero code changes required.",
5
5
  "type": "module",
6
6
  "bin": {