@solongate/proxy 0.31.0 → 0.32.0

package/dist/index.js

@@ -459,8 +459,8 @@ var init_cli_utils = __esm({
 
 // src/init.ts
 var init_exports = {};
-import { readFileSync as readFileSync4, writeFileSync as writeFileSync2, existsSync as existsSync4, mkdirSync as mkdirSync2 } from "fs";
-import { resolve as resolve3, join, dirname as dirname2 } from "path";
+import { readFileSync as readFileSync4, writeFileSync as writeFileSync2, existsSync as existsSync4, mkdirSync as mkdirSync3 } from "fs";
+import { resolve as resolve3, join as join2, dirname as dirname2 } from "path";
 import { homedir } from "os";
 import { fileURLToPath } from "url";
 import { execFileSync } from "child_process";
@@ -636,7 +636,7 @@ EXAMPLES
   console.log(help);
 }
 function readHookScript(filename) {
-  return readFileSync4(join(HOOKS_DIR, filename), "utf-8");
+  return readFileSync4(join2(HOOKS_DIR, filename), "utf-8");
 }
 function unlockProtectedDirs() {
   const dirs = [".solongate", ".claude", ".cursor", ".gemini", ".antigravity", ".openclaw", ".perplexity"];
@@ -691,12 +691,12 @@ function unlockProtectedDirs() {
 function installHooks(selectedTools = [], wrappedMcpConfig) {
   unlockProtectedDirs();
   const hooksDir = resolve3(".solongate", "hooks");
-  mkdirSync2(hooksDir, { recursive: true });
+  mkdirSync3(hooksDir, { recursive: true });
   const hookFiles = ["guard.mjs", "audit.mjs", "stop.mjs"];
   let hooksUpdated = 0;
   let hooksSkipped = 0;
   for (const filename of hookFiles) {
-    const hookPath = join(hooksDir, filename);
+    const hookPath = join2(hooksDir, filename);
     const latest = readHookScript(filename);
     let needsWrite = true;
     if (existsSync4(hookPath)) {
@@ -728,7 +728,7 @@ function installHooks(selectedTools = [], wrappedMcpConfig) {
   const skippedNames = [];
   for (const client of clients) {
     const clientDir = resolve3(client.dir);
-    mkdirSync2(clientDir, { recursive: true });
+    mkdirSync3(clientDir, { recursive: true });
     const guardCmd = `node .solongate/hooks/guard.mjs ${client.agentId} "${client.agentName}"`;
     const auditCmd = `node .solongate/hooks/audit.mjs ${client.agentId} "${client.agentName}"`;
     const stopCmd = `node .solongate/hooks/stop.mjs ${client.agentId} "${client.agentName}"`;
@@ -763,7 +763,7 @@ function installHooks(selectedTools = [], wrappedMcpConfig) {
   }
 }
 function installStandardHookConfig(clientDir, clientName, guardCmd, auditCmd, stopCmd) {
-  const settingsPath = join(clientDir, "settings.json");
+  const settingsPath = join2(clientDir, "settings.json");
   const hookSettings = {
     PreToolUse: [
       { matcher: "", hooks: [{ type: "command", command: guardCmd }] }
@@ -796,12 +796,30 @@ function installCursorConfig(clientDir, guardCmd, auditCmd, _stopCmd, wrappedMcp
     ],
     postToolUse: [
       { matcher: "", command: auditCmd }
+    ],
+    beforeShellExecution: [
+      { matcher: "", command: guardCmd, failClosed: true }
+    ],
+    afterShellExecution: [
+      { matcher: "", command: auditCmd }
+    ],
+    beforeReadFile: [
+      { matcher: "", command: guardCmd, failClosed: true }
+    ],
+    afterFileEdit: [
+      { matcher: "", command: auditCmd }
+    ],
+    beforeMCPExecution: [
+      { matcher: "", command: guardCmd, failClosed: true }
+    ],
+    afterMCPExecution: [
+      { matcher: "", command: auditCmd }
     ]
   };
   const hooksContent = JSON.stringify({ version: 1, hooks: hookConfig }, null, 2) + "\n";
-  const userCursorDir = join(homedir(), ".cursor");
+  const userCursorDir = join2(homedir(), ".cursor");
   if (existsSync4(userCursorDir)) {
-    const userHooksPath = join(userCursorDir, "hooks.json");
+    const userHooksPath = join2(userCursorDir, "hooks.json");
     const existingUserHooks = existsSync4(userHooksPath) ? readFileSync4(userHooksPath, "utf-8") : "";
     if (hooksContent !== existingUserHooks) {
       writeFileSync2(userHooksPath, hooksContent);
@@ -809,7 +827,7 @@ function installCursorConfig(clientDir, guardCmd, auditCmd, _stopCmd, wrappedMcp
       changed = true;
     }
   }
-  const hooksPath = join(clientDir, "hooks.json");
+  const hooksPath = join2(clientDir, "hooks.json");
   const existingHooks = existsSync4(hooksPath) ? readFileSync4(hooksPath, "utf-8") : "";
   if (hooksContent !== existingHooks) {
     writeFileSync2(hooksPath, hooksContent);
@@ -831,7 +849,7 @@ function installCursorConfig(clientDir, guardCmd, auditCmd, _stopCmd, wrappedMcp
       }
       cursorMcpConfig.mcpServers[name] = { ...server, args };
     }
-    const mcpPath = join(clientDir, "mcp.json");
+    const mcpPath = join2(clientDir, "mcp.json");
     const mcpStr = JSON.stringify(cursorMcpConfig, null, 2) + "\n";
     const existingMcp = existsSync4(mcpPath) ? readFileSync4(mcpPath, "utf-8") : "";
     if (mcpStr !== existingMcp) {
@@ -840,7 +858,7 @@ function installCursorConfig(clientDir, guardCmd, auditCmd, _stopCmd, wrappedMcp
       changed = true;
     }
   }
-  const staleSettings = join(clientDir, "settings.json");
+  const staleSettings = join2(clientDir, "settings.json");
   if (existsSync4(staleSettings)) {
     try {
       const content = JSON.parse(readFileSync4(staleSettings, "utf-8"));
@@ -855,7 +873,7 @@ function installCursorConfig(clientDir, guardCmd, auditCmd, _stopCmd, wrappedMcp
   return changed ? "installed" : "skipped";
 }
 function installGeminiConfig(clientDir, guardCmd, auditCmd, _stopCmd, wrappedMcpConfig) {
-  const settingsPath = join(clientDir, "settings.json");
+  const settingsPath = join2(clientDir, "settings.json");
   let existing = {};
   try {
     existing = JSON.parse(readFileSync4(settingsPath, "utf-8"));
@@ -1209,7 +1227,7 @@ var init_init = __esm({
       "mcp.json",
       ".claude/mcp.json"
     ];
-    CLAUDE_DESKTOP_PATHS = process.platform === "win32" ? [join(process.env["APPDATA"] ?? "", "Claude", "claude_desktop_config.json")] : process.platform === "darwin" ? [join(process.env["HOME"] ?? "", "Library", "Application Support", "Claude", "claude_desktop_config.json")] : [join(process.env["HOME"] ?? "", ".config", "claude", "claude_desktop_config.json")];
+    CLAUDE_DESKTOP_PATHS = process.platform === "win32" ? [join2(process.env["APPDATA"] ?? "", "Claude", "claude_desktop_config.json")] : process.platform === "darwin" ? [join2(process.env["HOME"] ?? "", "Library", "Application Support", "Claude", "claude_desktop_config.json")] : [join2(process.env["HOME"] ?? "", ".config", "claude", "claude_desktop_config.json")];
     sleep = (ms) => new Promise((r) => setTimeout(r, ms));
     SPINNER_FRAMES = ["\u280B", "\u2819", "\u2839", "\u2838", "\u283C", "\u2834", "\u2826", "\u2827", "\u2807", "\u280F"];
     spinnerInterval = null;
@@ -1562,8 +1580,8 @@ var init_inject = __esm({
 
 // src/create.ts
 var create_exports = {};
-import { mkdirSync as mkdirSync3, writeFileSync as writeFileSync4, existsSync as existsSync6 } from "fs";
-import { resolve as resolve5, join as join2 } from "path";
+import { mkdirSync as mkdirSync4, writeFileSync as writeFileSync4, existsSync as existsSync6 } from "fs";
+import { resolve as resolve5, join as join3 } from "path";
 import { execSync as execSync2 } from "child_process";
 function withSpinner(message, fn) {
   const frames = ["\u28FE", "\u28FD", "\u28FB", "\u28BF", "\u287F", "\u28DF", "\u28EF", "\u28F7"];
@@ -1643,7 +1661,7 @@ EXAMPLES
 }
 function createProject(dir, name, _policy) {
   writeFileSync4(
-    join2(dir, "package.json"),
+    join3(dir, "package.json"),
     JSON.stringify(
       {
         name,
@@ -1673,7 +1691,7 @@ function createProject(dir, name, _policy) {
     ) + "\n"
   );
   writeFileSync4(
-    join2(dir, "tsconfig.json"),
+    join3(dir, "tsconfig.json"),
     JSON.stringify(
       {
         compilerOptions: {
@@ -1693,9 +1711,9 @@ function createProject(dir, name, _policy) {
       2
     ) + "\n"
   );
-  mkdirSync3(join2(dir, "src"), { recursive: true });
+  mkdirSync4(join3(dir, "src"), { recursive: true });
   writeFileSync4(
-    join2(dir, "src", "index.ts"),
+    join3(dir, "src", "index.ts"),
     `#!/usr/bin/env node
 
 console.log = (...args: unknown[]) => {
@@ -1740,7 +1758,7 @@ console.log('Press Ctrl+C to stop.');
 `
   );
   writeFileSync4(
-    join2(dir, ".mcp.json"),
+    join3(dir, ".mcp.json"),
     JSON.stringify(
       {
         mcpServers: {
@@ -1758,12 +1776,12 @@ console.log('Press Ctrl+C to stop.');
     ) + "\n"
   );
   writeFileSync4(
-    join2(dir, ".env"),
+    join3(dir, ".env"),
     `SOLONGATE_API_KEY=sg_live_YOUR_KEY_HERE
 `
   );
   writeFileSync4(
-    join2(dir, ".gitignore"),
+    join3(dir, ".gitignore"),
     `node_modules/
 dist/
 *.solongate-backup
@@ -1782,7 +1800,7 @@ async function main3() {
     process.exit(1);
   }
   withSpinner(`Setting up ${opts.name}...`, () => {
-    mkdirSync3(dir, { recursive: true });
+    mkdirSync4(dir, { recursive: true });
     createProject(dir, opts.name, opts.policy);
   });
   if (!opts.noInstall) {
@@ -2193,8 +2211,8 @@ import {
   ListResourceTemplatesRequestSchema
 } from "@modelcontextprotocol/sdk/types.js";
 import { createServer as createHttpServer } from "http";
-import { resolve as resolve2 } from "path";
-import { existsSync as existsSync3, readFileSync as readFileSync3 } from "fs";
+import { resolve as resolve2, join } from "path";
+import { existsSync as existsSync3, readFileSync as readFileSync3, mkdirSync as mkdirSync2, appendFileSync } from "fs";
 
 // ../core/dist/index.js
 import { z } from "zod";
@@ -6249,6 +6267,20 @@ var SolonGateProxy = class {
       if (this.server) {
         const clientVersion = this.server.getClientVersion();
         log2(`MCP clientInfo raw: ${JSON.stringify(clientVersion)}`);
+        try {
+          const debugInfo = {
+            timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+            clientInfo: clientVersion,
+            agentNameFlag: this.config.agentName ?? null,
+            resolvedAgentId: this.agentId,
+            resolvedAgentName: this.agentName,
+            pid: process.pid
+          };
+          const debugDir = resolve2(".solongate");
+          mkdirSync2(debugDir, { recursive: true });
+          appendFileSync(join(debugDir, ".debug-proxy"), JSON.stringify(debugInfo) + "\n");
+        } catch {
+        }
         if (clientVersion?.name && !this.config.agentName) {
           const normalized = this.normalizeAgentName(clientVersion.name);
           this.agentId = normalized.id;

package/dist/init.js

@@ -382,6 +382,24 @@ function installCursorConfig(clientDir, guardCmd, auditCmd, _stopCmd, wrappedMcp
     ],
     postToolUse: [
       { matcher: "", command: auditCmd }
+    ],
+    beforeShellExecution: [
+      { matcher: "", command: guardCmd, failClosed: true }
+    ],
+    afterShellExecution: [
+      { matcher: "", command: auditCmd }
+    ],
+    beforeReadFile: [
+      { matcher: "", command: guardCmd, failClosed: true }
+    ],
+    afterFileEdit: [
+      { matcher: "", command: auditCmd }
+    ],
+    beforeMCPExecution: [
+      { matcher: "", command: guardCmd, failClosed: true }
+    ],
+    afterMCPExecution: [
+      { matcher: "", command: auditCmd }
     ]
   };
   const hooksContent = JSON.stringify({ version: 1, hooks: hookConfig }, null, 2) + "\n";

package/dist/lib.js

@@ -3612,8 +3612,8 @@ import {
   ListResourceTemplatesRequestSchema
 } from "@modelcontextprotocol/sdk/types.js";
 import { createServer as createHttpServer } from "http";
-import { resolve as resolve2 } from "path";
-import { existsSync as existsSync3, readFileSync as readFileSync3 } from "fs";
+import { resolve as resolve2, join } from "path";
+import { existsSync as existsSync3, readFileSync as readFileSync3, mkdirSync as mkdirSync2, appendFileSync } from "fs";
 
 // src/config.ts
 import { readFileSync, existsSync } from "fs";
@@ -4460,6 +4460,20 @@ var SolonGateProxy = class {
       if (this.server) {
         const clientVersion = this.server.getClientVersion();
         log2(`MCP clientInfo raw: ${JSON.stringify(clientVersion)}`);
+        try {
+          const debugInfo = {
+            timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+            clientInfo: clientVersion,
+            agentNameFlag: this.config.agentName ?? null,
+            resolvedAgentId: this.agentId,
+            resolvedAgentName: this.agentName,
+            pid: process.pid
+          };
+          const debugDir = resolve2(".solongate");
+          mkdirSync2(debugDir, { recursive: true });
+          appendFileSync(join(debugDir, ".debug-proxy"), JSON.stringify(debugInfo) + "\n");
+        } catch {
+        }
         if (clientVersion?.name && !this.config.agentName) {
           const normalized = this.normalizeAgentName(clientVersion.name);
           this.agentId = normalized.id;

package/hooks/audit.mjs

@@ -38,8 +38,12 @@ process.stdin.on('end', async () => {
   try {
     const data = JSON.parse(input);
 
-    // Debug: dump raw stdin to file for agent detection troubleshooting
-    try { writeFileSync(resolve('.solongate', '.debug-stdin'), JSON.stringify(data, null, 2)); } catch {}
+    // Debug: append raw stdin to file for agent detection troubleshooting
+    try {
+      const debugLine = JSON.stringify({ ts: new Date().toISOString(), argv: process.argv.slice(2), cursor_version: data.cursor_version || null, tool_name: data.tool_name || data.toolName, agent_id: AGENT_ID, hook_event_name: data.hook_event_name || null }) + '\n';
+      const { appendFileSync: afs } = await import('node:fs');
+      afs(resolve('.solongate', '.debug-audit-log'), debugLine);
+    } catch {}
 
     // Auto-detect agent from stdin data (overrides CLI args if detected)
     if (data.cursor_version) {
@@ -50,9 +54,35 @@ process.stdin.on('end', async () => {
       AGENT_NAME = 'Gemini CLI';
     }
 
-    // Normalize field names across tools (Claude: tool_name, others may use toolName)
-    const toolName = data.tool_name || data.toolName || 'unknown';
-    const toolInput = data.tool_input || data.toolInput || data.params || {};
+    const hookEvent = data.hook_event_name || '';
+
+    // Map Cursor-specific hook events to standard tool_name/tool_input
+    let toolName = data.tool_name || data.toolName || '';
+    let toolInput = data.tool_input || data.toolInput || data.params || {};
+
+    if (!toolName && hookEvent) {
+      switch (hookEvent) {
+        case 'afterShellExecution':
+          toolName = 'Shell';
+          toolInput = { command: data.command || '' };
+          break;
+        case 'afterFileEdit':
+          toolName = 'Edit';
+          toolInput = { file_path: data.file_path || '' };
+          break;
+        case 'afterMCPExecution':
+          toolName = data.tool_name || data.toolName || `mcp:${data.server_name || 'unknown'}`;
+          toolInput = data.arguments || {};
+          break;
+        case 'postToolUse':
+        case 'postToolUseFailure':
+          toolName = data.tool_name || data.toolName || 'unknown';
+          break;
+        default:
+          break;
+      }
+    }
+    if (!toolName) toolName = 'unknown';
 
     if (toolName === 'Bash' && JSON.stringify(toolInput).includes('audit-logs')) {
       process.exit(0);
@@ -71,14 +101,16 @@ process.stdin.on('end', async () => {
       }
     } catch {}
 
-    // Cursor uses result_json, Claude uses tool_response
+    // Cursor uses tool_output, Claude uses tool_response
     const toolResponse = data.tool_response || data.toolResponse || {};
+    const toolOutput = data.tool_output || data.toolOutput || '';
     const resultJson = data.result_json ? (typeof data.result_json === 'string' ? data.result_json : JSON.stringify(data.result_json)) : '';
 
     const hasError = guardDenied ||
       toolResponse.error ||
       toolResponse.exitCode > 0 ||
       toolResponse.isError ||
+      (toolOutput && typeof toolOutput === 'string' && toolOutput.includes('"error"')) ||
       (resultJson && resultJson.includes('"error"'));
 
     const argsSummary = {};

package/hooks/guard.mjs

@@ -46,17 +46,33 @@ let AGENT_ID = process.argv[2] || 'claude-code';
 let AGENT_NAME = process.argv[3] || 'Claude Code';
 
 // ── Per-tool block/allow output ──
-// Claude Code: exit 2 + stderr = BLOCK, exit 0 = ALLOW
-// Cursor: JSON stdout {"permission": "deny", "user_message": "..."} = BLOCK
-// Gemini CLI: JSON stdout {"decision": "deny", "reason": "..."} = BLOCK
+// Response format depends on BOTH the agent AND the hook event type:
+// Claude Code:  exit 2 + stderr = BLOCK, exit 0 = ALLOW
+// Cursor preToolUse: {"permission": "deny/allow", "user_message": "..."}
+// Cursor before*:    {"continue": false/true, "userMessage": "..."}
+// Gemini CLI:   {"decision": "deny/allow", "reason": "..."}
+let HOOK_EVENT = ''; // set from stdin hook_event_name
+const CURSOR_BEFORE_EVENTS = new Set([
+  'beforeShellExecution', 'beforeReadFile', 'beforeMCPExecution',
+]);
+
 function blockTool(reason) {
   if (AGENT_ID === 'cursor') {
-    // Cursor: JSON stdout with permission: "deny", exit 0
-    process.stdout.write(JSON.stringify({
-      permission: 'deny',
-      user_message: `[SolonGate] ${reason}`,
-      agent_message: `BLOCKED by SolonGate security policy: ${reason}`,
-    }));
+    if (CURSOR_BEFORE_EVENTS.has(HOOK_EVENT)) {
+      // Cursor before* events use continue: false
+      process.stdout.write(JSON.stringify({
+        continue: false,
+        userMessage: `[SolonGate] ${reason}`,
+        agentMessage: `BLOCKED by SolonGate security policy: ${reason}`,
+      }));
+    } else {
+      // Cursor preToolUse uses permission: deny
+      process.stdout.write(JSON.stringify({
+        permission: 'deny',
+        user_message: `[SolonGate] ${reason}`,
+        agent_message: `BLOCKED by SolonGate security policy: ${reason}`,
+      }));
+    }
     process.exit(0);
   } else if (AGENT_ID === 'gemini-cli') {
     process.stdout.write(JSON.stringify({
@@ -73,7 +89,11 @@ function blockTool(reason) {
 
 function allowTool() {
   if (AGENT_ID === 'cursor') {
-    process.stdout.write(JSON.stringify({ permission: 'allow' }));
+    if (CURSOR_BEFORE_EVENTS.has(HOOK_EVENT)) {
+      process.stdout.write(JSON.stringify({ continue: true }));
+    } else {
+      process.stdout.write(JSON.stringify({ permission: 'allow' }));
+    }
   } else if (AGENT_ID === 'gemini-cli') {
     process.stdout.write(JSON.stringify({ decision: 'allow' }));
   }
@@ -384,14 +404,62 @@ process.stdin.on('end', async () => {
       AGENT_NAME = 'Gemini CLI';
     }
 
-    // Normalize field names across tools (Claude: tool_name/tool_input, others may use toolName/toolInput/params)
+    // Track hook event name for response format selection
+    HOOK_EVENT = raw.hook_event_name || '';
+
+    // Debug: append guard invocation to debug log
+    try {
+      const { appendFileSync: afs, mkdirSync: mds } = await import('node:fs');
+      mds(resolve('.solongate'), { recursive: true });
+      const debugLine = JSON.stringify({ ts: new Date().toISOString(), hook: 'guard', argv: process.argv.slice(2), cursor_version: raw.cursor_version || null, tool_name: raw.tool_name || raw.toolName || raw.command, agent_id: AGENT_ID, hook_event_name: HOOK_EVENT }) + '\n';
+      afs(resolve('.solongate', '.debug-guard-log'), debugLine);
+    } catch {}
+
+    // Map Cursor-specific hook events to standard tool_name/tool_input format
+    // beforeShellExecution: {command, cwd} → tool_name=Shell, tool_input={command}
+    // beforeReadFile: {file_path} → tool_name=Read, tool_input={file_path}
+    // afterFileEdit: {file_path, new_content} → tool_name=Edit, tool_input={file_path}
+    // beforeMCPExecution: {server_name, tool_name, arguments} → tool_name=<mcp_tool>, tool_input=arguments
+    let mappedToolName = raw.tool_name || raw.toolName || '';
+    let mappedToolInput = raw.tool_input || raw.toolInput || raw.params || {};
+
+    if (!mappedToolName && HOOK_EVENT) {
+      switch (HOOK_EVENT) {
+        case 'beforeShellExecution':
+          mappedToolName = 'Shell';
+          mappedToolInput = { command: raw.command || '', cwd: raw.cwd || '' };
+          break;
+        case 'afterShellExecution':
+          mappedToolName = 'Shell';
+          mappedToolInput = { command: raw.command || '', cwd: raw.cwd || '' };
+          break;
+        case 'beforeReadFile':
+          mappedToolName = 'Read';
+          mappedToolInput = { file_path: raw.file_path || '' };
+          break;
+        case 'afterFileEdit':
+          mappedToolName = 'Edit';
+          mappedToolInput = { file_path: raw.file_path || '', new_content: raw.new_content || '' };
+          break;
+        case 'beforeMCPExecution':
+          mappedToolName = raw.tool_name || raw.toolName || `mcp:${raw.server_name || 'unknown'}`;
+          mappedToolInput = raw.arguments || raw.tool_input || {};
+          break;
+        case 'afterMCPExecution':
+          mappedToolName = raw.tool_name || raw.toolName || `mcp:${raw.server_name || 'unknown'}`;
+          mappedToolInput = raw.arguments || raw.tool_input || {};
+          break;
+      }
+    }
+
+    // Normalize field names across tools
     const data = {
       ...raw,
-      tool_name: raw.tool_name || raw.toolName || '',
-      tool_input: raw.tool_input || raw.toolInput || raw.params || {},
+      tool_name: mappedToolName,
+      tool_input: mappedToolInput,
       tool_response: raw.tool_response || raw.toolResponse || {},
       cwd: raw.cwd || process.cwd(),
-      session_id: raw.session_id || raw.sessionId || '',
+      session_id: raw.session_id || raw.sessionId || raw.conversation_id || '',
     };
     const args = data.tool_input;
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@solongate/proxy",
-  "version": "0.31.0",
+  "version": "0.32.0",
   "description": "AI tool security proxy — protect any AI tool server with customizable policies, path/command constraints, rate limiting, and audit logging. Zero code changes required.",
   "type": "module",
   "bin": {