@solongate/proxy 0.28.2 → 0.28.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/hooks/guard.mjs +25 -27
- package/package.json +1 -1
package/hooks/guard.mjs
CHANGED
|
@@ -1179,34 +1179,32 @@ Respond with ONLY valid JSON: {"decision": "ALLOW" or "DENY", "reason": "brief e
|
|
|
1179
1179
|
}
|
|
1180
1180
|
}
|
|
1181
1181
|
|
|
1182
|
-
|
|
1183
|
-
|
|
1184
|
-
// ── Log ALL decisions to SolonGate Cloud ──
|
|
1185
|
-
if (API_KEY && API_KEY.startsWith('sg_live_')) {
|
|
1186
|
-
try {
|
|
1187
|
-
const logEntry = {
|
|
1188
|
-
tool: toolName, arguments: args,
|
|
1189
|
-
decision, reason: reason || 'allowed by policy',
|
|
1190
|
-
source: 'claude-code-guard',
|
|
1191
|
-
};
|
|
1192
|
-
// Attach PI metadata if detected
|
|
1193
|
-
if (piResult) {
|
|
1194
|
-
logEntry.pi_detected = true;
|
|
1195
|
-
logEntry.pi_trust_score = piResult.trustScore;
|
|
1196
|
-
logEntry.pi_blocked = false;
|
|
1197
|
-
logEntry.pi_categories = JSON.stringify(piResult.categories);
|
|
1198
|
-
logEntry.pi_stage_scores = JSON.stringify({ rules: piResult.score, embedding: 0, classifier: 0 });
|
|
1199
|
-
}
|
|
1200
|
-
await fetch(API_URL + '/api/v1/audit-logs', {
|
|
1201
|
-
method: 'POST',
|
|
1202
|
-
headers: { 'Authorization': 'Bearer ' + API_KEY, 'Content-Type': 'application/json' },
|
|
1203
|
-
body: JSON.stringify(logEntry),
|
|
1204
|
-
signal: AbortSignal.timeout(3000),
|
|
1205
|
-
});
|
|
1206
|
-
} catch {}
|
|
1207
|
-
}
|
|
1208
|
-
|
|
1182
|
+
// Only log DENY decisions from guard hook.
|
|
1183
|
+
// ALLOW decisions are logged by the audit hook (PostToolUse) to avoid double-counting.
|
|
1209
1184
|
if (reason) {
|
|
1185
|
+
if (API_KEY && API_KEY.startsWith('sg_live_')) {
|
|
1186
|
+
try {
|
|
1187
|
+
const logEntry = {
|
|
1188
|
+
tool: toolName, arguments: args,
|
|
1189
|
+
decision: 'DENY', reason,
|
|
1190
|
+
source: 'claude-code-guard',
|
|
1191
|
+
agent_id: 'claude-code', agent_name: 'Claude Code',
|
|
1192
|
+
};
|
|
1193
|
+
if (piResult) {
|
|
1194
|
+
logEntry.pi_detected = true;
|
|
1195
|
+
logEntry.pi_trust_score = piResult.trustScore;
|
|
1196
|
+
logEntry.pi_blocked = false;
|
|
1197
|
+
logEntry.pi_categories = JSON.stringify(piResult.categories);
|
|
1198
|
+
logEntry.pi_stage_scores = JSON.stringify({ rules: piResult.score, embedding: 0, classifier: 0 });
|
|
1199
|
+
}
|
|
1200
|
+
await fetch(API_URL + '/api/v1/audit-logs', {
|
|
1201
|
+
method: 'POST',
|
|
1202
|
+
headers: { 'Authorization': 'Bearer ' + API_KEY, 'Content-Type': 'application/json' },
|
|
1203
|
+
body: JSON.stringify(logEntry),
|
|
1204
|
+
signal: AbortSignal.timeout(3000),
|
|
1205
|
+
});
|
|
1206
|
+
} catch {}
|
|
1207
|
+
}
|
|
1210
1208
|
process.stderr.write(reason);
|
|
1211
1209
|
process.exit(2);
|
|
1212
1210
|
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@solongate/proxy",
|
|
3
|
-
"version": "0.28.
|
|
3
|
+
"version": "0.28.4",
|
|
4
4
|
"description": "MCP security proxy — protect any MCP server with customizable policies, path/command constraints, rate limiting, and audit logging. Zero code changes required.",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"bin": {
|