@solongate/proxy 0.6.5 → 0.6.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +15 -1
- package/dist/init.js +15 -1
- package/package.json +1 -1
package/dist/index.js
CHANGED
|
@@ -1153,11 +1153,25 @@ process.stdin.on('end', async () => {
|
|
|
1153
1153
|
|
|
1154
1154
|
// \u2500\u2500 Self-protection: block access to hook files and settings \u2500\u2500
|
|
1155
1155
|
const allStrings = scanStrings(args).map(s => s.replace(/\\\\/g, '/').toLowerCase());
|
|
1156
|
-
const protectedPaths = ['.solongate', '.claude
|
|
1156
|
+
const protectedPaths = ['.solongate', '.claude', '.cursor', 'policy.json', '.mcp.json'];
|
|
1157
1157
|
for (const s of allStrings) {
|
|
1158
1158
|
for (const p of protectedPaths) {
|
|
1159
1159
|
if (s.includes(p)) {
|
|
1160
1160
|
const msg = 'SOLONGATE: Access to protected file "' + p + '" is blocked';
|
|
1161
|
+
if (API_KEY && API_KEY.startsWith('sg_live_')) {
|
|
1162
|
+
try {
|
|
1163
|
+
await fetch(API_URL + '/api/v1/audit-logs', {
|
|
1164
|
+
method: 'POST',
|
|
1165
|
+
headers: { 'Authorization': 'Bearer ' + API_KEY, 'Content-Type': 'application/json' },
|
|
1166
|
+
body: JSON.stringify({
|
|
1167
|
+
tool: data.tool_name || '', arguments: args,
|
|
1168
|
+
decision: 'DENY', reason: msg,
|
|
1169
|
+
source: 'claude-code-guard',
|
|
1170
|
+
}),
|
|
1171
|
+
signal: AbortSignal.timeout(3000),
|
|
1172
|
+
});
|
|
1173
|
+
} catch {}
|
|
1174
|
+
}
|
|
1161
1175
|
process.stderr.write(msg);
|
|
1162
1176
|
process.exit(2);
|
|
1163
1177
|
}
|
package/dist/init.js
CHANGED
|
@@ -342,11 +342,25 @@ process.stdin.on('end', async () => {
|
|
|
342
342
|
|
|
343
343
|
// \u2500\u2500 Self-protection: block access to hook files and settings \u2500\u2500
|
|
344
344
|
const allStrings = scanStrings(args).map(s => s.replace(/\\\\/g, '/').toLowerCase());
|
|
345
|
-
const protectedPaths = ['.solongate', '.claude
|
|
345
|
+
const protectedPaths = ['.solongate', '.claude', '.cursor', 'policy.json', '.mcp.json'];
|
|
346
346
|
for (const s of allStrings) {
|
|
347
347
|
for (const p of protectedPaths) {
|
|
348
348
|
if (s.includes(p)) {
|
|
349
349
|
const msg = 'SOLONGATE: Access to protected file "' + p + '" is blocked';
|
|
350
|
+
if (API_KEY && API_KEY.startsWith('sg_live_')) {
|
|
351
|
+
try {
|
|
352
|
+
await fetch(API_URL + '/api/v1/audit-logs', {
|
|
353
|
+
method: 'POST',
|
|
354
|
+
headers: { 'Authorization': 'Bearer ' + API_KEY, 'Content-Type': 'application/json' },
|
|
355
|
+
body: JSON.stringify({
|
|
356
|
+
tool: data.tool_name || '', arguments: args,
|
|
357
|
+
decision: 'DENY', reason: msg,
|
|
358
|
+
source: 'claude-code-guard',
|
|
359
|
+
}),
|
|
360
|
+
signal: AbortSignal.timeout(3000),
|
|
361
|
+
});
|
|
362
|
+
} catch {}
|
|
363
|
+
}
|
|
350
364
|
process.stderr.write(msg);
|
|
351
365
|
process.exit(2);
|
|
352
366
|
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@solongate/proxy",
|
|
3
|
-
"version": "0.6.
|
|
3
|
+
"version": "0.6.7",
|
|
4
4
|
"description": "MCP security proxy — protect any MCP server with customizable policies, path/command constraints, rate limiting, and audit logging. Zero code changes required.",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"bin": {
|