@solongate/proxy 0.6.1 → 0.6.3

package/dist/index.js

@@ -664,10 +664,7 @@ function installHooks() {
   const auditPath = join(hooksDir, "audit.mjs");
   writeFileSync2(auditPath, AUDIT_SCRIPT);
   console.log(`  Created ${auditPath}`);
-  const claudeDir = resolve2(".claude");
-  mkdirSync(claudeDir, { recursive: true });
-  const settingsPath = join(claudeDir, "settings.json");
-  const settings = {
+  const hookSettings = {
     hooks: {
       PreToolUse: [
         {
@@ -687,19 +684,28 @@ function installHooks() {
       ]
     }
   };
-  let existing = {};
-  try {
-    existing = JSON.parse(readFileSync3(settingsPath, "utf-8"));
-  } catch {
+  const clients = [
+    { name: "Claude Code", dir: ".claude" },
+    { name: "Cursor", dir: ".cursor" }
+  ];
+  for (const client of clients) {
+    const clientDir = resolve2(client.dir);
+    mkdirSync(clientDir, { recursive: true });
+    const settingsPath = join(clientDir, "settings.json");
+    let existing = {};
+    try {
+      existing = JSON.parse(readFileSync3(settingsPath, "utf-8"));
+    } catch {
+    }
+    const merged = { ...existing, hooks: hookSettings.hooks };
+    writeFileSync2(settingsPath, JSON.stringify(merged, null, 2) + "\n");
+    console.log(`  Created ${settingsPath}`);
   }
-  const merged = { ...existing, hooks: settings.hooks };
-  writeFileSync2(settingsPath, JSON.stringify(merged, null, 2) + "\n");
-  console.log(`  Created ${settingsPath}`);
   console.log("");
   console.log("  Hooks installed:");
   console.log("  guard.mjs  \u2192 blocks policy-violating calls (pre-execution)");
   console.log("  audit.mjs  \u2192 logs all calls to dashboard (post-execution)");
-  console.log("  .claude/settings.json \u2192 hooks activated for Claude Code");
+  console.log("  Activated for: Claude Code, Cursor");
 }
 function ensureEnvFile() {
   const envPath = resolve2(".env");
@@ -979,17 +985,13 @@ function matchGlob(str, pattern) {
 
 // \u2500\u2500 Path Glob (supports **) \u2500\u2500
 function matchPathGlob(path, pattern) {
-  const p = path.replace(/\\\\\\\\/g, '/').toLowerCase();
-  const g = pattern.replace(/\\\\\\\\/g, '/').toLowerCase();
+  const p = path.replace(/\\\\/g, '/').toLowerCase();
+  const g = pattern.replace(/\\\\/g, '/').toLowerCase();
   if (p === g) return true;
   if (g.includes('**')) {
-    const parts = g.split('**');
-    if (parts.length === 2) {
-      const [pre, suf] = parts;
-      const matchPre = !pre || p.startsWith(pre) || p.includes(pre);
-      const matchSuf = !suf || p.endsWith(suf) || p.includes(suf.slice(1));
-      return matchPre && matchSuf;
-    }
+    const parts = g.split('**').filter(s => s.length > 0);
+    if (parts.length === 0) return true; // just ** or ****
+    return parts.every(segment => p.includes(segment));
   }
   return matchGlob(p, g);
 }
@@ -1018,14 +1020,14 @@ function extractFilenames(args) {
   for (const s of scanStrings(args)) {
     if (/^https?:\\/\\//i.test(s)) continue;
     if (s.includes('/') || s.includes('\\\\')) {
-      const base = s.replace(/\\\\\\\\/g, '/').split('/').pop();
+      const base = s.replace(/\\\\/g, '/').split('/').pop();
       if (base) names.add(base);
       continue;
     }
     if (s.includes(' ')) {
       for (const tok of s.split(/\\s+/)) {
         if (tok.includes('/') || tok.includes('\\\\')) {
-          const b = tok.replace(/\\\\\\\\/g, '/').split('/').pop();
+          const b = tok.replace(/\\\\/g, '/').split('/').pop();
           if (b && looksLikeFilename(b)) names.add(b);
         } else if (looksLikeFilename(tok)) names.add(tok);
       }
@@ -1126,8 +1128,8 @@ process.stdin.on('end', async () => {
     const args = data.tool_input || {};
 
     // \u2500\u2500 Self-protection: block access to hook files and settings \u2500\u2500
-    const allStrings = scanStrings(args).map(s => s.replace(/\\\\\\\\/g, '/').toLowerCase());
-    const protectedPaths = ['.solongate', '.claude/settings.json', 'policy.json'];
+    const allStrings = scanStrings(args).map(s => s.replace(/\\\\/g, '/').toLowerCase());
+    const protectedPaths = ['.solongate', '.claude/settings.json', '.cursor/settings.json', 'policy.json'];
     for (const s of allStrings) {
       for (const p of protectedPaths) {
         if (s.includes(p)) {
@@ -1138,10 +1140,12 @@ process.stdin.on('end', async () => {
       }
     }
 
-    // Load policy
+    // Load policy (use cwd from hook data if available)
+    const hookCwd = data.cwd || process.cwd();
     let policy;
     try {
-      policy = JSON.parse(readFileSync(resolve('policy.json'), 'utf-8'));
+      const policyPath = resolve(hookCwd, 'policy.json');
+      policy = JSON.parse(readFileSync(policyPath, 'utf-8'));
     } catch {
       process.exit(0); // No policy = allow all
     }

package/dist/init.js

@@ -174,17 +174,13 @@ function matchGlob(str, pattern) {
 
 // \u2500\u2500 Path Glob (supports **) \u2500\u2500
 function matchPathGlob(path, pattern) {
-  const p = path.replace(/\\\\\\\\/g, '/').toLowerCase();
-  const g = pattern.replace(/\\\\\\\\/g, '/').toLowerCase();
+  const p = path.replace(/\\\\/g, '/').toLowerCase();
+  const g = pattern.replace(/\\\\/g, '/').toLowerCase();
   if (p === g) return true;
   if (g.includes('**')) {
-    const parts = g.split('**');
-    if (parts.length === 2) {
-      const [pre, suf] = parts;
-      const matchPre = !pre || p.startsWith(pre) || p.includes(pre);
-      const matchSuf = !suf || p.endsWith(suf) || p.includes(suf.slice(1));
-      return matchPre && matchSuf;
-    }
+    const parts = g.split('**').filter(s => s.length > 0);
+    if (parts.length === 0) return true; // just ** or ****
+    return parts.every(segment => p.includes(segment));
   }
   return matchGlob(p, g);
 }
@@ -213,14 +209,14 @@ function extractFilenames(args) {
   for (const s of scanStrings(args)) {
     if (/^https?:\\/\\//i.test(s)) continue;
     if (s.includes('/') || s.includes('\\\\')) {
-      const base = s.replace(/\\\\\\\\/g, '/').split('/').pop();
+      const base = s.replace(/\\\\/g, '/').split('/').pop();
       if (base) names.add(base);
       continue;
     }
     if (s.includes(' ')) {
       for (const tok of s.split(/\\s+/)) {
         if (tok.includes('/') || tok.includes('\\\\')) {
-          const b = tok.replace(/\\\\\\\\/g, '/').split('/').pop();
+          const b = tok.replace(/\\\\/g, '/').split('/').pop();
           if (b && looksLikeFilename(b)) names.add(b);
         } else if (looksLikeFilename(tok)) names.add(tok);
       }
@@ -321,8 +317,8 @@ process.stdin.on('end', async () => {
     const args = data.tool_input || {};
 
     // \u2500\u2500 Self-protection: block access to hook files and settings \u2500\u2500
-    const allStrings = scanStrings(args).map(s => s.replace(/\\\\\\\\/g, '/').toLowerCase());
-    const protectedPaths = ['.solongate', '.claude/settings.json', 'policy.json'];
+    const allStrings = scanStrings(args).map(s => s.replace(/\\\\/g, '/').toLowerCase());
+    const protectedPaths = ['.solongate', '.claude/settings.json', '.cursor/settings.json', 'policy.json'];
     for (const s of allStrings) {
       for (const p of protectedPaths) {
         if (s.includes(p)) {
@@ -333,10 +329,12 @@ process.stdin.on('end', async () => {
       }
     }
 
-    // Load policy
+    // Load policy (use cwd from hook data if available)
+    const hookCwd = data.cwd || process.cwd();
     let policy;
     try {
-      policy = JSON.parse(readFileSync(resolve('policy.json'), 'utf-8'));
+      const policyPath = resolve(hookCwd, 'policy.json');
+      policy = JSON.parse(readFileSync(policyPath, 'utf-8'));
     } catch {
       process.exit(0); // No policy = allow all
     }
@@ -430,10 +428,7 @@ function installHooks() {
   const auditPath = join(hooksDir, "audit.mjs");
   writeFileSync(auditPath, AUDIT_SCRIPT);
   console.log(`  Created ${auditPath}`);
-  const claudeDir = resolve(".claude");
-  mkdirSync(claudeDir, { recursive: true });
-  const settingsPath = join(claudeDir, "settings.json");
-  const settings = {
+  const hookSettings = {
     hooks: {
       PreToolUse: [
         {
@@ -453,19 +448,28 @@ function installHooks() {
       ]
     }
   };
-  let existing = {};
-  try {
-    existing = JSON.parse(readFileSync(settingsPath, "utf-8"));
-  } catch {
+  const clients = [
+    { name: "Claude Code", dir: ".claude" },
+    { name: "Cursor", dir: ".cursor" }
+  ];
+  for (const client of clients) {
+    const clientDir = resolve(client.dir);
+    mkdirSync(clientDir, { recursive: true });
+    const settingsPath = join(clientDir, "settings.json");
+    let existing = {};
+    try {
+      existing = JSON.parse(readFileSync(settingsPath, "utf-8"));
+    } catch {
+    }
+    const merged = { ...existing, hooks: hookSettings.hooks };
+    writeFileSync(settingsPath, JSON.stringify(merged, null, 2) + "\n");
+    console.log(`  Created ${settingsPath}`);
   }
-  const merged = { ...existing, hooks: settings.hooks };
-  writeFileSync(settingsPath, JSON.stringify(merged, null, 2) + "\n");
-  console.log(`  Created ${settingsPath}`);
   console.log("");
   console.log("  Hooks installed:");
   console.log("  guard.mjs  \u2192 blocks policy-violating calls (pre-execution)");
   console.log("  audit.mjs  \u2192 logs all calls to dashboard (post-execution)");
-  console.log("  .claude/settings.json \u2192 hooks activated for Claude Code");
+  console.log("  Activated for: Claude Code, Cursor");
 }
 function ensureEnvFile() {
   const envPath = resolve(".env");

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@solongate/proxy",
-  "version": "0.6.1",
+  "version": "0.6.3",
   "description": "MCP security proxy — protect any MCP server with customizable policies, path/command constraints, rate limiting, and audit logging. Zero code changes required.",
   "type": "module",
   "bin": {