@solongate/proxy 0.5.3 → 0.5.5

package/dist/index.js

@@ -524,7 +524,7 @@ var init_config = __esm({
 
 // src/init.ts
 var init_exports = {};
-import { readFileSync as readFileSync3, writeFileSync as writeFileSync2, existsSync as existsSync3, copyFileSync, mkdirSync } from "fs";
+import { readFileSync as readFileSync3, writeFileSync as writeFileSync2, existsSync as existsSync3, mkdirSync } from "fs";
 import { resolve as resolve2, join } from "path";
 import { createInterface } from "readline";
 function findConfigFile(explicitPath, createIfMissing = false) {
@@ -580,7 +580,7 @@ function isAlreadyProtected(server) {
   }
   return false;
 }
-function wrapServer(server, policy) {
+function wrapServer(server) {
   const env = { ...server.env ?? {} };
   env.SOLONGATE_API_KEY = "${SOLONGATE_API_KEY}";
   return {
@@ -589,7 +589,7 @@ function wrapServer(server, policy) {
       "-y",
       "@solongate/proxy",
       "--policy",
-      policy,
+      "restricted",
       "--verbose",
       "--",
       server.command,
@@ -610,44 +610,25 @@ async function prompt(question) {
 function parseInitArgs(argv) {
   const args = argv.slice(2);
   const options = {
-    policy: "restricted",
-    all: false,
-    dryRun: false,
-    restore: false
+    all: false
   };
   for (let i = 0; i < args.length; i++) {
     switch (args[i]) {
       case "--config":
         options.configPath = args[++i];
         break;
-      case "--policy":
-        options.policy = args[++i];
-        break;
       case "--api-key":
         options.apiKey = args[++i];
         break;
       case "--all":
         options.all = true;
         break;
-      case "--dry-run":
-        options.dryRun = true;
-        break;
-      case "--restore":
-        options.restore = true;
-        break;
       case "--help":
       case "-h":
         printHelp();
         process.exit(0);
     }
   }
-  if (!POLICY_PRESETS.includes(options.policy)) {
-    if (!existsSync3(resolve2(options.policy))) {
-      console.log(`Unknown policy: ${options.policy}`);
-      console.log(`Available presets: ${POLICY_PRESETS.join(", ")}`);
-      process.exit(1);
-    }
-  }
   return options;
 }
 function printHelp() {
@@ -655,35 +636,22 @@ function printHelp() {
 SolonGate Init \u2014 Protect your MCP servers in seconds
 
 USAGE
-  solongate-init [options]
+  npx @solongate/proxy init --all
 
 OPTIONS
   --config <path>     Path to MCP config file (default: auto-detect)
-  --policy <preset>   Policy preset or JSON file (default: restricted)
-                      Presets: ${POLICY_PRESETS.join(", ")}
   --api-key <key>     SolonGate API key (sg_live_... or sg_test_...)
   --all               Protect all servers without prompting
-  --dry-run           Preview changes without writing
-  --restore           Restore original config from backup
   -h, --help          Show this help message
 
 EXAMPLES
-  solongate-init --api-key sg_live_xxx    # Setup with API key
-  solongate-init --all                    # Protect everything
-  solongate-init --policy read-only       # Use read-only policy
-  solongate-init --dry-run                # Preview changes
-  solongate-init --restore                # Undo protection
-
-POLICY PRESETS
-  restricted    Block shell/exec/eval, allow reads and writes (recommended)
-  read-only     Only allow read/list/get/search/query operations
-  permissive    Allow everything (monitoring + audit only)
-  deny-all      Block all tool calls
+  npx @solongate/proxy init --all                    # Protect everything
+  npx @solongate/proxy init --api-key sg_live_xxx    # With API key
 `;
   console.log(help);
 }
-function installClaudeCodeHooks(apiKey) {
-  const hooksDir = resolve2(".claude", "hooks");
+function installHooks() {
+  const hooksDir = resolve2(".solongate", "hooks");
   mkdirSync(hooksDir, { recursive: true });
   const guardPath = join(hooksDir, "guard.mjs");
   writeFileSync2(guardPath, GUARD_SCRIPT);
@@ -691,50 +659,15 @@ function installClaudeCodeHooks(apiKey) {
   const auditPath = join(hooksDir, "audit.mjs");
   writeFileSync2(auditPath, AUDIT_SCRIPT);
   console.log(`  Created ${auditPath}`);
-  const settingsPath = resolve2(".claude", "settings.json");
-  let settings = {};
-  if (existsSync3(settingsPath)) {
-    try {
-      settings = JSON.parse(readFileSync3(settingsPath, "utf-8"));
-    } catch {
-    }
-  }
-  settings.hooks = {
-    PreToolUse: [
-      {
-        matcher: ".*",
-        hooks: [
-          {
-            type: "command",
-            command: "node .claude/hooks/guard.mjs",
-            timeout: 5
-          }
-        ]
-      }
-    ],
-    PostToolUse: [
-      {
-        matcher: ".*",
-        hooks: [
-          {
-            type: "command",
-            command: "node .claude/hooks/audit.mjs",
-            timeout: 10,
-            async: true
-          }
-        ]
-      }
-    ]
-  };
-  const envObj = settings.env || {};
-  envObj.SOLONGATE_API_KEY = apiKey;
-  settings.env = envObj;
-  writeFileSync2(settingsPath, JSON.stringify(settings, null, 2) + "\n");
-  console.log(`  Created ${settingsPath}`);
   console.log("");
-  console.log("  Claude Code hooks installed!");
-  console.log("  PreToolUse  \u2192 guard.mjs  (blocks dangerous calls)");
-  console.log("  PostToolUse \u2192 audit.mjs  (logs all calls to dashboard)");
+  console.log("  Hooks installed in .solongate/hooks/");
+  console.log("  guard.mjs  \u2192 blocks dangerous calls (pre-execution)");
+  console.log("  audit.mjs  \u2192 logs all calls to dashboard (post-execution)");
+  console.log("");
+  console.log("  To activate hooks in your MCP client:");
+  console.log("  Claude Code \u2192 .claude/settings.json");
+  console.log("  Cursor      \u2192 .cursor/settings.json");
+  console.log("  Or run: node .solongate/hooks/guard.mjs (stdin: JSON)");
 }
 function ensureEnvFile() {
   const envPath = resolve2(".env");
@@ -811,16 +744,6 @@ async function main() {
   console.log(`  Config: ${configInfo.path}`);
   console.log(`  Type:   ${configInfo.type === "claude-desktop" ? "Claude Desktop" : "MCP JSON"}`);
   console.log("");
-  const backupPath = configInfo.path + ".solongate-backup";
-  if (options.restore) {
-    if (!existsSync3(backupPath)) {
-      console.log("  No backup found. Nothing to restore.");
-      process.exit(1);
-    }
-    copyFileSync(backupPath, configInfo.path);
-    console.log("  Restored original config from backup.");
-    process.exit(0);
-  }
   const config = readConfig(configInfo.path);
   const serverNames = Object.keys(config.mcpServers);
   if (serverNames.length === 0) {
@@ -900,7 +823,7 @@ async function main() {
     process.exit(1);
   }
   await sleep(300);
-  console.log(`  Policy:  ${options.policy}`);
+  console.log(`  Policy:  restricted`);
   await sleep(150);
   console.log(`  API Key: ${apiKey.slice(0, 12)}...${apiKey.slice(-4)}`);
   await sleep(150);
@@ -909,23 +832,12 @@ async function main() {
   const newConfig = { mcpServers: {} };
   for (const name of serverNames) {
     if (toProtect.includes(name)) {
-      newConfig.mcpServers[name] = wrapServer(config.mcpServers[name], options.policy);
+      newConfig.mcpServers[name] = wrapServer(config.mcpServers[name]);
     } else {
       newConfig.mcpServers[name] = config.mcpServers[name];
     }
   }
-  if (options.dryRun) {
-    console.log("  --- DRY RUN (no changes written) ---");
-    console.log("");
-    console.log("  New config:");
-    console.log(JSON.stringify(newConfig, null, 2));
-    process.exit(0);
-  }
   await sleep(400);
-  if (!configInfo.created && !existsSync3(backupPath)) {
-    copyFileSync(configInfo.path, backupPath);
-    console.log(`  Backup: ${backupPath}`);
-  }
   if (configInfo.type === "claude-desktop") {
     const original = JSON.parse(readFileSync3(configInfo.path, "utf-8"));
     original.mcpServers = newConfig.mcpServers;
@@ -937,14 +849,14 @@ async function main() {
   console.log("  Config updated!");
   console.log("");
   await sleep(500);
-  installClaudeCodeHooks(apiKey);
+  installHooks();
   console.log("");
   await sleep(400);
   console.log("  \u2500\u2500 Summary \u2500\u2500");
   console.log("");
   for (const name of toProtect) {
     await sleep(200);
-    console.log(`  \u2713 ${name} \u2014 protected (${options.policy})`);
+    console.log(`  \u2713 ${name} \u2014 protected`);
   }
   for (const name of alreadyProtected) {
     await sleep(200);
@@ -959,21 +871,20 @@ async function main() {
   console.log("  \u250C\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510");
   console.log("  \u2502  Setup complete!                                \u2502");
   console.log("  \u2502                                                 \u2502");
-  console.log("  \u2502  MCP tools \u2192 Proxy audit logging                \u2502");
-  console.log("  \u2502  Built-in tools \u2192 Hook audit logging            \u2502");
+  console.log("  \u2502  MCP servers  \u2192 Protected via proxy             \u2502");
+  console.log("  \u2502  AI tools     \u2192 Guarded via hooks               \u2502");
+  console.log("  \u2502  API key      \u2192 Set in .env                     \u2502");
   console.log("  \u2502                                                 \u2502");
   console.log("  \u2502  View logs: https://dashboard.solongate.com     \u2502");
-  console.log("  \u2502  To undo: solongate-init --restore              \u2502");
   console.log("  \u2502                                                 \u2502");
   console.log("  \u2502  Restart your MCP client to apply changes.      \u2502");
   console.log("  \u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518");
   console.log("");
 }
-var POLICY_PRESETS, SEARCH_PATHS, CLAUDE_DESKTOP_PATHS, sleep, GUARD_SCRIPT, AUDIT_SCRIPT;
+var SEARCH_PATHS, CLAUDE_DESKTOP_PATHS, sleep, GUARD_SCRIPT, AUDIT_SCRIPT;
 var init_init = __esm({
   "src/init.ts"() {
     "use strict";
-    POLICY_PRESETS = ["restricted", "read-only", "permissive", "deny-all"];
     SEARCH_PATHS = [
       ".mcp.json",
       "mcp.json",
@@ -1196,7 +1107,7 @@ process.stdin.on('end', async () => {
 
 // src/inject.ts
 var inject_exports = {};
-import { readFileSync as readFileSync4, writeFileSync as writeFileSync3, existsSync as existsSync4, copyFileSync as copyFileSync2 } from "fs";
+import { readFileSync as readFileSync4, writeFileSync as writeFileSync3, existsSync as existsSync4, copyFileSync } from "fs";
 import { resolve as resolve3 } from "path";
 import { execSync } from "child_process";
 function parseInjectArgs(argv) {
@@ -1488,7 +1399,7 @@ async function main2() {
       log3("  No backup found. Nothing to restore.");
       process.exit(1);
     }
-    copyFileSync2(backupPath, entryFile);
+    copyFileSync(backupPath, entryFile);
     log3(`  Restored original file from backup.`);
     log3(`  Backup: ${backupPath}`);
     process.exit(0);
@@ -1521,7 +1432,7 @@ async function main2() {
     process.exit(0);
   }
   if (!existsSync4(backupPath)) {
-    copyFileSync2(entryFile, backupPath);
+    copyFileSync(entryFile, backupPath);
     log3("");
     log3(`  Backup: ${backupPath}`);
   }

package/dist/init.js

@@ -1,10 +1,9 @@
 #!/usr/bin/env node
 
 // src/init.ts
-import { readFileSync, writeFileSync, existsSync, copyFileSync, mkdirSync } from "fs";
+import { readFileSync, writeFileSync, existsSync, mkdirSync } from "fs";
 import { resolve, join } from "path";
 import { createInterface } from "readline";
-var POLICY_PRESETS = ["restricted", "read-only", "permissive", "deny-all"];
 var SEARCH_PATHS = [
   ".mcp.json",
   "mcp.json",
@@ -65,7 +64,7 @@ function isAlreadyProtected(server) {
   }
   return false;
 }
-function wrapServer(server, policy) {
+function wrapServer(server) {
   const env = { ...server.env ?? {} };
   env.SOLONGATE_API_KEY = "${SOLONGATE_API_KEY}";
   return {
@@ -74,7 +73,7 @@ function wrapServer(server, policy) {
       "-y",
       "@solongate/proxy",
       "--policy",
-      policy,
+      "restricted",
       "--verbose",
       "--",
       server.command,
@@ -95,44 +94,25 @@ async function prompt(question) {
 function parseInitArgs(argv) {
   const args = argv.slice(2);
   const options = {
-    policy: "restricted",
-    all: false,
-    dryRun: false,
-    restore: false
+    all: false
   };
   for (let i = 0; i < args.length; i++) {
     switch (args[i]) {
       case "--config":
         options.configPath = args[++i];
         break;
-      case "--policy":
-        options.policy = args[++i];
-        break;
       case "--api-key":
         options.apiKey = args[++i];
         break;
       case "--all":
         options.all = true;
         break;
-      case "--dry-run":
-        options.dryRun = true;
-        break;
-      case "--restore":
-        options.restore = true;
-        break;
       case "--help":
       case "-h":
         printHelp();
         process.exit(0);
     }
   }
-  if (!POLICY_PRESETS.includes(options.policy)) {
-    if (!existsSync(resolve(options.policy))) {
-      console.log(`Unknown policy: ${options.policy}`);
-      console.log(`Available presets: ${POLICY_PRESETS.join(", ")}`);
-      process.exit(1);
-    }
-  }
   return options;
 }
 function printHelp() {
@@ -140,30 +120,17 @@ function printHelp() {
 SolonGate Init \u2014 Protect your MCP servers in seconds
 
 USAGE
-  solongate-init [options]
+  npx @solongate/proxy init --all
 
 OPTIONS
   --config <path>     Path to MCP config file (default: auto-detect)
-  --policy <preset>   Policy preset or JSON file (default: restricted)
-                      Presets: ${POLICY_PRESETS.join(", ")}
   --api-key <key>     SolonGate API key (sg_live_... or sg_test_...)
   --all               Protect all servers without prompting
-  --dry-run           Preview changes without writing
-  --restore           Restore original config from backup
   -h, --help          Show this help message
 
 EXAMPLES
-  solongate-init --api-key sg_live_xxx    # Setup with API key
-  solongate-init --all                    # Protect everything
-  solongate-init --policy read-only       # Use read-only policy
-  solongate-init --dry-run                # Preview changes
-  solongate-init --restore                # Undo protection
-
-POLICY PRESETS
-  restricted    Block shell/exec/eval, allow reads and writes (recommended)
-  read-only     Only allow read/list/get/search/query operations
-  permissive    Allow everything (monitoring + audit only)
-  deny-all      Block all tool calls
+  npx @solongate/proxy init --all                    # Protect everything
+  npx @solongate/proxy init --api-key sg_live_xxx    # With API key
 `;
   console.log(help);
 }
@@ -373,8 +340,8 @@ process.stdin.on('end', async () => {
   process.exit(0);
 });
 `;
-function installClaudeCodeHooks(apiKey) {
-  const hooksDir = resolve(".claude", "hooks");
+function installHooks() {
+  const hooksDir = resolve(".solongate", "hooks");
   mkdirSync(hooksDir, { recursive: true });
   const guardPath = join(hooksDir, "guard.mjs");
   writeFileSync(guardPath, GUARD_SCRIPT);
@@ -382,50 +349,15 @@ function installClaudeCodeHooks(apiKey) {
   const auditPath = join(hooksDir, "audit.mjs");
   writeFileSync(auditPath, AUDIT_SCRIPT);
   console.log(`  Created ${auditPath}`);
-  const settingsPath = resolve(".claude", "settings.json");
-  let settings = {};
-  if (existsSync(settingsPath)) {
-    try {
-      settings = JSON.parse(readFileSync(settingsPath, "utf-8"));
-    } catch {
-    }
-  }
-  settings.hooks = {
-    PreToolUse: [
-      {
-        matcher: ".*",
-        hooks: [
-          {
-            type: "command",
-            command: "node .claude/hooks/guard.mjs",
-            timeout: 5
-          }
-        ]
-      }
-    ],
-    PostToolUse: [
-      {
-        matcher: ".*",
-        hooks: [
-          {
-            type: "command",
-            command: "node .claude/hooks/audit.mjs",
-            timeout: 10,
-            async: true
-          }
-        ]
-      }
-    ]
-  };
-  const envObj = settings.env || {};
-  envObj.SOLONGATE_API_KEY = apiKey;
-  settings.env = envObj;
-  writeFileSync(settingsPath, JSON.stringify(settings, null, 2) + "\n");
-  console.log(`  Created ${settingsPath}`);
   console.log("");
-  console.log("  Claude Code hooks installed!");
-  console.log("  PreToolUse  \u2192 guard.mjs  (blocks dangerous calls)");
-  console.log("  PostToolUse \u2192 audit.mjs  (logs all calls to dashboard)");
+  console.log("  Hooks installed in .solongate/hooks/");
+  console.log("  guard.mjs  \u2192 blocks dangerous calls (pre-execution)");
+  console.log("  audit.mjs  \u2192 logs all calls to dashboard (post-execution)");
+  console.log("");
+  console.log("  To activate hooks in your MCP client:");
+  console.log("  Claude Code \u2192 .claude/settings.json");
+  console.log("  Cursor      \u2192 .cursor/settings.json");
+  console.log("  Or run: node .solongate/hooks/guard.mjs (stdin: JSON)");
 }
 function ensureEnvFile() {
   const envPath = resolve(".env");
@@ -502,16 +434,6 @@ async function main() {
   console.log(`  Config: ${configInfo.path}`);
   console.log(`  Type:   ${configInfo.type === "claude-desktop" ? "Claude Desktop" : "MCP JSON"}`);
   console.log("");
-  const backupPath = configInfo.path + ".solongate-backup";
-  if (options.restore) {
-    if (!existsSync(backupPath)) {
-      console.log("  No backup found. Nothing to restore.");
-      process.exit(1);
-    }
-    copyFileSync(backupPath, configInfo.path);
-    console.log("  Restored original config from backup.");
-    process.exit(0);
-  }
   const config = readConfig(configInfo.path);
   const serverNames = Object.keys(config.mcpServers);
   if (serverNames.length === 0) {
@@ -591,7 +513,7 @@ async function main() {
     process.exit(1);
   }
   await sleep(300);
-  console.log(`  Policy:  ${options.policy}`);
+  console.log(`  Policy:  restricted`);
   await sleep(150);
   console.log(`  API Key: ${apiKey.slice(0, 12)}...${apiKey.slice(-4)}`);
   await sleep(150);
@@ -600,23 +522,12 @@ async function main() {
   const newConfig = { mcpServers: {} };
   for (const name of serverNames) {
     if (toProtect.includes(name)) {
-      newConfig.mcpServers[name] = wrapServer(config.mcpServers[name], options.policy);
+      newConfig.mcpServers[name] = wrapServer(config.mcpServers[name]);
     } else {
       newConfig.mcpServers[name] = config.mcpServers[name];
     }
   }
-  if (options.dryRun) {
-    console.log("  --- DRY RUN (no changes written) ---");
-    console.log("");
-    console.log("  New config:");
-    console.log(JSON.stringify(newConfig, null, 2));
-    process.exit(0);
-  }
   await sleep(400);
-  if (!configInfo.created && !existsSync(backupPath)) {
-    copyFileSync(configInfo.path, backupPath);
-    console.log(`  Backup: ${backupPath}`);
-  }
   if (configInfo.type === "claude-desktop") {
     const original = JSON.parse(readFileSync(configInfo.path, "utf-8"));
     original.mcpServers = newConfig.mcpServers;
@@ -628,14 +539,14 @@ async function main() {
   console.log("  Config updated!");
   console.log("");
   await sleep(500);
-  installClaudeCodeHooks(apiKey);
+  installHooks();
   console.log("");
   await sleep(400);
   console.log("  \u2500\u2500 Summary \u2500\u2500");
   console.log("");
   for (const name of toProtect) {
     await sleep(200);
-    console.log(`  \u2713 ${name} \u2014 protected (${options.policy})`);
+    console.log(`  \u2713 ${name} \u2014 protected`);
   }
   for (const name of alreadyProtected) {
     await sleep(200);
@@ -650,11 +561,11 @@ async function main() {
   console.log("  \u250C\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510");
   console.log("  \u2502  Setup complete!                                \u2502");
   console.log("  \u2502                                                 \u2502");
-  console.log("  \u2502  MCP tools \u2192 Proxy audit logging                \u2502");
-  console.log("  \u2502  Built-in tools \u2192 Hook audit logging            \u2502");
+  console.log("  \u2502  MCP servers  \u2192 Protected via proxy             \u2502");
+  console.log("  \u2502  AI tools     \u2192 Guarded via hooks               \u2502");
+  console.log("  \u2502  API key      \u2192 Set in .env                     \u2502");
   console.log("  \u2502                                                 \u2502");
   console.log("  \u2502  View logs: https://dashboard.solongate.com     \u2502");
-  console.log("  \u2502  To undo: solongate-init --restore              \u2502");
   console.log("  \u2502                                                 \u2502");
   console.log("  \u2502  Restart your MCP client to apply changes.      \u2502");
   console.log("  \u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518");

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@solongate/proxy",
-  "version": "0.5.3",
+  "version": "0.5.5",
   "description": "MCP security proxy — protect any MCP server with customizable policies, path/command constraints, rate limiting, and audit logging. Zero code changes required.",
   "type": "module",
   "bin": {