@solongate/proxy 0.5.2 → 0.5.4

package/dist/index.js

@@ -128,9 +128,20 @@ function parseArgs(argv) {
         break;
     }
   }
+  if (apiKey && /^\$\{.+\}$/.test(apiKey)) {
+    apiKey = void 0;
+  }
+  if (!apiKey) {
+    const dotenvPath = resolve(".env");
+    if (existsSync(dotenvPath)) {
+      const dotenvContent = readFileSync(dotenvPath, "utf-8");
+      const match = dotenvContent.match(/^SOLONGATE_API_KEY=(sg_(?:live|test)_\w+)/m);
+      if (match) apiKey = match[1];
+    }
+  }
   if (!apiKey) {
     const envKey = process.env.SOLONGATE_API_KEY;
-    if (envKey) {
+    if (envKey && !/^\$\{.+\}$/.test(envKey)) {
       apiKey = envKey;
     } else {
       throw new Error(
@@ -569,9 +580,9 @@ function isAlreadyProtected(server) {
   }
   return false;
 }
-function wrapServer(server, policy, apiKey) {
+function wrapServer(server, policy) {
   const env = { ...server.env ?? {} };
-  env.SOLONGATE_API_KEY = apiKey;
+  env.SOLONGATE_API_KEY = "${SOLONGATE_API_KEY}";
   return {
     command: "npx",
     args: [
@@ -671,8 +682,8 @@ POLICY PRESETS
 `;
   console.log(help);
 }
-function installClaudeCodeHooks(apiKey) {
-  const hooksDir = resolve2(".claude", "hooks");
+function installHooks() {
+  const hooksDir = resolve2(".solongate", "hooks");
   mkdirSync(hooksDir, { recursive: true });
   const guardPath = join(hooksDir, "guard.mjs");
   writeFileSync2(guardPath, GUARD_SCRIPT);
@@ -680,50 +691,15 @@ function installClaudeCodeHooks(apiKey) {
   const auditPath = join(hooksDir, "audit.mjs");
   writeFileSync2(auditPath, AUDIT_SCRIPT);
   console.log(`  Created ${auditPath}`);
-  const settingsPath = resolve2(".claude", "settings.json");
-  let settings = {};
-  if (existsSync3(settingsPath)) {
-    try {
-      settings = JSON.parse(readFileSync3(settingsPath, "utf-8"));
-    } catch {
-    }
-  }
-  settings.hooks = {
-    PreToolUse: [
-      {
-        matcher: ".*",
-        hooks: [
-          {
-            type: "command",
-            command: "node .claude/hooks/guard.mjs",
-            timeout: 5
-          }
-        ]
-      }
-    ],
-    PostToolUse: [
-      {
-        matcher: ".*",
-        hooks: [
-          {
-            type: "command",
-            command: "node .claude/hooks/audit.mjs",
-            timeout: 10,
-            async: true
-          }
-        ]
-      }
-    ]
-  };
-  const envObj = settings.env || {};
-  envObj.SOLONGATE_API_KEY = apiKey;
-  settings.env = envObj;
-  writeFileSync2(settingsPath, JSON.stringify(settings, null, 2) + "\n");
-  console.log(`  Created ${settingsPath}`);
   console.log("");
-  console.log("  Claude Code hooks installed!");
-  console.log("  PreToolUse  \u2192 guard.mjs  (blocks dangerous calls)");
-  console.log("  PostToolUse \u2192 audit.mjs  (logs all calls to dashboard)");
+  console.log("  Hooks installed in .solongate/hooks/");
+  console.log("  guard.mjs  \u2192 blocks dangerous calls (pre-execution)");
+  console.log("  audit.mjs  \u2192 logs all calls to dashboard (post-execution)");
+  console.log("");
+  console.log("  To activate hooks in your MCP client:");
+  console.log("  Claude Code \u2192 .claude/settings.json");
+  console.log("  Cursor      \u2192 .cursor/settings.json");
+  console.log("  Or run: node .solongate/hooks/guard.mjs (stdin: JSON)");
 }
 function ensureEnvFile() {
   const envPath = resolve2(".env");
@@ -898,7 +874,7 @@ async function main() {
   const newConfig = { mcpServers: {} };
   for (const name of serverNames) {
     if (toProtect.includes(name)) {
-      newConfig.mcpServers[name] = wrapServer(config.mcpServers[name], options.policy, apiKey);
+      newConfig.mcpServers[name] = wrapServer(config.mcpServers[name], options.policy);
     } else {
       newConfig.mcpServers[name] = config.mcpServers[name];
     }
@@ -926,7 +902,7 @@ async function main() {
   console.log("  Config updated!");
   console.log("");
   await sleep(500);
-  installClaudeCodeHooks(apiKey);
+  installHooks();
   console.log("");
   await sleep(400);
   console.log("  \u2500\u2500 Summary \u2500\u2500");
@@ -948,11 +924,12 @@ async function main() {
   console.log("  \u250C\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510");
   console.log("  \u2502  Setup complete!                                \u2502");
   console.log("  \u2502                                                 \u2502");
-  console.log("  \u2502  MCP tools \u2192 Proxy audit logging                \u2502");
-  console.log("  \u2502  Built-in tools \u2192 Hook audit logging            \u2502");
+  console.log("  \u2502  MCP servers  \u2192 Protected via proxy             \u2502");
+  console.log("  \u2502  AI tools     \u2192 Guarded via hooks               \u2502");
+  console.log("  \u2502  API key      \u2192 Set in .env                     \u2502");
   console.log("  \u2502                                                 \u2502");
   console.log("  \u2502  View logs: https://dashboard.solongate.com     \u2502");
-  console.log("  \u2502  To undo: solongate-init --restore              \u2502");
+  console.log("  \u2502  To undo:  npx @solongate/proxy init --restore  \u2502");
   console.log("  \u2502                                                 \u2502");
   console.log("  \u2502  Restart your MCP client to apply changes.      \u2502");
   console.log("  \u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518");

package/dist/init.js

@@ -65,9 +65,9 @@ function isAlreadyProtected(server) {
   }
   return false;
 }
-function wrapServer(server, policy, apiKey) {
+function wrapServer(server, policy) {
   const env = { ...server.env ?? {} };
-  env.SOLONGATE_API_KEY = apiKey;
+  env.SOLONGATE_API_KEY = "${SOLONGATE_API_KEY}";
   return {
     command: "npx",
     args: [
@@ -373,8 +373,8 @@ process.stdin.on('end', async () => {
   process.exit(0);
 });
 `;
-function installClaudeCodeHooks(apiKey) {
-  const hooksDir = resolve(".claude", "hooks");
+function installHooks() {
+  const hooksDir = resolve(".solongate", "hooks");
   mkdirSync(hooksDir, { recursive: true });
   const guardPath = join(hooksDir, "guard.mjs");
   writeFileSync(guardPath, GUARD_SCRIPT);
@@ -382,50 +382,15 @@ function installClaudeCodeHooks(apiKey) {
   const auditPath = join(hooksDir, "audit.mjs");
   writeFileSync(auditPath, AUDIT_SCRIPT);
   console.log(`  Created ${auditPath}`);
-  const settingsPath = resolve(".claude", "settings.json");
-  let settings = {};
-  if (existsSync(settingsPath)) {
-    try {
-      settings = JSON.parse(readFileSync(settingsPath, "utf-8"));
-    } catch {
-    }
-  }
-  settings.hooks = {
-    PreToolUse: [
-      {
-        matcher: ".*",
-        hooks: [
-          {
-            type: "command",
-            command: "node .claude/hooks/guard.mjs",
-            timeout: 5
-          }
-        ]
-      }
-    ],
-    PostToolUse: [
-      {
-        matcher: ".*",
-        hooks: [
-          {
-            type: "command",
-            command: "node .claude/hooks/audit.mjs",
-            timeout: 10,
-            async: true
-          }
-        ]
-      }
-    ]
-  };
-  const envObj = settings.env || {};
-  envObj.SOLONGATE_API_KEY = apiKey;
-  settings.env = envObj;
-  writeFileSync(settingsPath, JSON.stringify(settings, null, 2) + "\n");
-  console.log(`  Created ${settingsPath}`);
   console.log("");
-  console.log("  Claude Code hooks installed!");
-  console.log("  PreToolUse  \u2192 guard.mjs  (blocks dangerous calls)");
-  console.log("  PostToolUse \u2192 audit.mjs  (logs all calls to dashboard)");
+  console.log("  Hooks installed in .solongate/hooks/");
+  console.log("  guard.mjs  \u2192 blocks dangerous calls (pre-execution)");
+  console.log("  audit.mjs  \u2192 logs all calls to dashboard (post-execution)");
+  console.log("");
+  console.log("  To activate hooks in your MCP client:");
+  console.log("  Claude Code \u2192 .claude/settings.json");
+  console.log("  Cursor      \u2192 .cursor/settings.json");
+  console.log("  Or run: node .solongate/hooks/guard.mjs (stdin: JSON)");
 }
 function ensureEnvFile() {
   const envPath = resolve(".env");
@@ -600,7 +565,7 @@ async function main() {
   const newConfig = { mcpServers: {} };
   for (const name of serverNames) {
     if (toProtect.includes(name)) {
-      newConfig.mcpServers[name] = wrapServer(config.mcpServers[name], options.policy, apiKey);
+      newConfig.mcpServers[name] = wrapServer(config.mcpServers[name], options.policy);
     } else {
       newConfig.mcpServers[name] = config.mcpServers[name];
     }
@@ -628,7 +593,7 @@ async function main() {
   console.log("  Config updated!");
   console.log("");
   await sleep(500);
-  installClaudeCodeHooks(apiKey);
+  installHooks();
   console.log("");
   await sleep(400);
   console.log("  \u2500\u2500 Summary \u2500\u2500");
@@ -650,11 +615,12 @@ async function main() {
   console.log("  \u250C\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510");
   console.log("  \u2502  Setup complete!                                \u2502");
   console.log("  \u2502                                                 \u2502");
-  console.log("  \u2502  MCP tools \u2192 Proxy audit logging                \u2502");
-  console.log("  \u2502  Built-in tools \u2192 Hook audit logging            \u2502");
+  console.log("  \u2502  MCP servers  \u2192 Protected via proxy             \u2502");
+  console.log("  \u2502  AI tools     \u2192 Guarded via hooks               \u2502");
+  console.log("  \u2502  API key      \u2192 Set in .env                     \u2502");
   console.log("  \u2502                                                 \u2502");
   console.log("  \u2502  View logs: https://dashboard.solongate.com     \u2502");
-  console.log("  \u2502  To undo: solongate-init --restore              \u2502");
+  console.log("  \u2502  To undo:  npx @solongate/proxy init --restore  \u2502");
   console.log("  \u2502                                                 \u2502");
   console.log("  \u2502  Restart your MCP client to apply changes.      \u2502");
   console.log("  \u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518");

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@solongate/proxy",
-  "version": "0.5.2",
+  "version": "0.5.4",
   "description": "MCP security proxy — protect any MCP server with customizable policies, path/command constraints, rate limiting, and audit logging. Zero code changes required.",
   "type": "module",
   "bin": {