@toolplex/client 0.1.10 → 0.1.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. package/dist/mcp-server/toolHandlers/callToolHandler.js +5 -2
  2. package/dist/mcp-server/toolHandlers/getServerConfigHandler.js +5 -2
  3. package/dist/mcp-server/toolHandlers/installServerHandler.js +5 -2
  4. package/dist/mcp-server/toolHandlers/listToolsHandler.js +5 -2
  5. package/dist/mcp-server/toolHandlers/uninstallServerHandler.js +7 -1
  6. package/dist/mcp-server/utils/serverIdValidator.d.ts +15 -0
  7. package/dist/mcp-server/utils/serverIdValidator.js +25 -0
  8. package/dist/version.d.ts +1 -1
  9. package/dist/version.js +1 -1
  10. package/package.json +1 -1
package/dist/mcp-server/toolHandlers/callToolHandler.js CHANGED
@@ -1,6 +1,7 @@
1
1
  import { findServerManagerClient } from "./serverManagerUtils.js";
2
2
  import { CallToolResultSchema } from "../../shared/serverManagerTypes.js";
3
3
  import { FileLogger } from "../../shared/fileLogger.js";
4
+ import { sanitizeServerIdForLogging, validateServerIdOrThrow, } from "../utils/serverIdValidator.js";
4
5
  import Registry from "../registry.js";
5
6
  const logger = FileLogger;
6
7
  function safeLength(obj) {
@@ -22,6 +23,8 @@ export async function handleCallTool(params) {
22
23
  const policyEnforcer = Registry.getPolicyEnforcer();
23
24
  const callToolObserver = policyEnforcer.getCallToolObserver();
24
25
  try {
26
+ // Validate server ID format
27
+ validateServerIdOrThrow(params.server_id);
25
28
  // Enforce call tool policy
26
29
  policyEnforcer.enforceCallToolPolicy(params.server_id);
27
30
  const client = await findServerManagerClient(params.server_id, serverManagerClients);
@@ -48,7 +51,7 @@ export async function handleCallTool(params) {
48
51
  await telemetryLogger.log("client_call_tool", {
49
52
  success: true,
50
53
  log_context: {
51
- server_id: params.server_id,
54
+ server_id: sanitizeServerIdForLogging(params.server_id),
52
55
  tool_name: params.tool_name,
53
56
  input_length: safeLength(params),
54
57
  response_length: safeLength(content),
@@ -67,7 +70,7 @@ export async function handleCallTool(params) {
67
70
  await telemetryLogger.log("client_call_tool", {
68
71
  success: false,
69
72
  log_context: {
70
- server_id: params.server_id,
73
+ server_id: sanitizeServerIdForLogging(params.server_id),
71
74
  tool_name: params.tool_name,
72
75
  },
73
76
  pii_sanitized_error_message: errorMessage,
package/dist/mcp-server/toolHandlers/getServerConfigHandler.js CHANGED
@@ -1,5 +1,6 @@
1
1
  import { FileLogger } from "../../shared/fileLogger.js";
2
2
  import { findServerManagerClient } from "./serverManagerUtils.js";
3
+ import { sanitizeServerIdForLogging, validateServerIdOrThrow, } from "../utils/serverIdValidator.js";
3
4
  import Registry from "../registry.js";
4
5
  const logger = FileLogger;
5
6
  export async function handleGetServerConfig(params) {
@@ -13,6 +14,8 @@ export async function handleGetServerConfig(params) {
13
14
  if (!server_id) {
14
15
  throw new Error("Missing server_id");
15
16
  }
17
+ // Validate server ID format
18
+ validateServerIdOrThrow(server_id);
16
19
  // Check if server is blocked using policy enforcer
17
20
  policyEnforcer.enforceUseServerPolicy(server_id);
18
21
  await logger.debug(`Getting config for server: ${server_id}`);
@@ -29,7 +32,7 @@ export async function handleGetServerConfig(params) {
29
32
  await telemetryLogger.log("client_get_server_config", {
30
33
  success: true,
31
34
  log_context: {
32
- server_id,
35
+ server_id: sanitizeServerIdForLogging(server_id),
33
36
  },
34
37
  latency_ms: Date.now() - startTime,
35
38
  });
@@ -54,7 +57,7 @@ export async function handleGetServerConfig(params) {
54
57
  await telemetryLogger.log("client_get_server_config", {
55
58
  success: false,
56
59
  log_context: {
57
- server_id: params.server_id,
60
+ server_id: sanitizeServerIdForLogging(params.server_id || ""),
58
61
  },
59
62
  pii_sanitized_error_message: errorMessage,
60
63
  latency_ms: Date.now() - startTime,
package/dist/mcp-server/toolHandlers/installServerHandler.js CHANGED
@@ -2,6 +2,7 @@ import { FileLogger } from "../../shared/fileLogger.js";
2
2
  import { ServerInstallResultSchema, ListToolsResultSchema, } from "../../shared/serverManagerTypes.js";
3
3
  import Registry from "../registry.js";
4
4
  import { RuntimeCheck } from "../utils/runtimeCheck.js";
5
+ import { sanitizeServerIdForLogging, validateServerIdOrThrow, } from "../utils/serverIdValidator.js";
5
6
  import { isAbsolute, parse } from "path";
6
7
  const logger = FileLogger;
7
8
  /**
@@ -114,6 +115,8 @@ export async function handleInstallServer(params) {
114
115
  if (!config || !server_id || !server_name) {
115
116
  throw new Error("Missing required install parameters");
116
117
  }
118
+ // Validate server ID format
119
+ validateServerIdOrThrow(server_id);
117
120
  // Validate command is installed before proceeding
118
121
  if (config.command) {
119
122
  await RuntimeCheck.validateCommandOrThrow(config.command);
@@ -154,7 +157,7 @@ export async function handleInstallServer(params) {
154
157
  await telemetryLogger.log("client_install", {
155
158
  success: true,
156
159
  log_context: {
157
- server_id: installResult.server_id,
160
+ server_id: sanitizeServerIdForLogging(installResult.server_id),
158
161
  sanitized_config: sanitizeServerConfig(config),
159
162
  },
160
163
  latency_ms: Date.now() - startTime,
@@ -188,7 +191,7 @@ export async function handleInstallServer(params) {
188
191
  await telemetryLogger.log("client_install", {
189
192
  success: false,
190
193
  log_context: {
191
- server_id: params.server_id,
194
+ server_id: sanitizeServerIdForLogging(params.server_id),
192
195
  },
193
196
  pii_sanitized_error_message: errorMessage,
194
197
  latency_ms: Date.now() - startTime,
package/dist/mcp-server/toolHandlers/listToolsHandler.js CHANGED
@@ -1,6 +1,7 @@
1
1
  import { FileLogger } from "../../shared/fileLogger.js";
2
2
  import { findServerManagerClient } from "./serverManagerUtils.js";
3
3
  import { ListToolsResultSchema, ListAllToolsResultSchema, } from "../../shared/serverManagerTypes.js";
4
+ import { sanitizeServerIdForLogging, validateServerIdOrThrow, } from "../utils/serverIdValidator.js";
4
5
  import Registry from "../registry.js";
5
6
  const logger = FileLogger;
6
7
  export async function handleListTools(params) {
@@ -13,6 +14,8 @@ export async function handleListTools(params) {
13
14
  const server_id = params.server_id;
14
15
  const content = [];
15
16
  if (server_id) {
17
+ // Validate server ID format
18
+ validateServerIdOrThrow(server_id);
16
19
  // Check if server is blocked using policy enforcer
17
20
  policyEnforcer.enforceUseServerPolicy(server_id);
18
21
  await logger.debug(`Listing tools for specific server: ${server_id}`);
@@ -105,7 +108,7 @@ export async function handleListTools(params) {
105
108
  await telemetryLogger.log("client_list_tools", {
106
109
  success: true,
107
110
  log_context: {
108
- server_id: params.server_id,
111
+ server_id: sanitizeServerIdForLogging(params.server_id || ""),
109
112
  },
110
113
  latency_ms: Date.now() - startTime,
111
114
  });
@@ -121,7 +124,7 @@ export async function handleListTools(params) {
121
124
  await telemetryLogger.log("client_list_tools", {
122
125
  success: false,
123
126
  log_context: {
124
- server_id: params.server_id,
127
+ server_id: sanitizeServerIdForLogging(params.server_id || ""),
125
128
  },
126
129
  pii_sanitized_error_message: errorMessage,
127
130
  latency_ms: Date.now() - startTime,
package/dist/mcp-server/toolHandlers/uninstallServerHandler.js CHANGED
@@ -1,6 +1,7 @@
1
1
  import { findServerManagerClient } from "./serverManagerUtils.js";
2
2
  import { ServerUninstallResultSchema } from "../../shared/serverManagerTypes.js";
3
3
  import { FileLogger } from "../../shared/fileLogger.js";
4
+ import { sanitizeServerIdForLogging, validateServerIdOrThrow, } from "../utils/serverIdValidator.js";
4
5
  import Registry from "../registry.js";
5
6
  const logger = FileLogger;
6
7
  export async function handleUninstallServer(params) {
@@ -19,6 +20,8 @@ export async function handleUninstallServer(params) {
19
20
  throw new Error("Uninstall functionality is disabled in restricted mode.");
20
21
  }
21
22
  const server_id = params.server_id;
23
+ // Validate server ID format
24
+ validateServerIdOrThrow(server_id);
22
25
  await logger.info(`Handling uninstall request for server ${server_id}`);
23
26
  const client = await findServerManagerClient(server_id, serverManagerClients);
24
27
  const response = await client.sendRequest("uninstall", { server_id });
@@ -36,7 +39,7 @@ export async function handleUninstallServer(params) {
36
39
  await telemetryLogger.log("client_uninstall", {
37
40
  success: true,
38
41
  log_context: {
39
- server_id: parsed.data.server_id,
42
+ server_id: sanitizeServerIdForLogging(parsed.data.server_id),
40
43
  },
41
44
  latency_ms: Date.now() - startTime,
42
45
  });
@@ -62,6 +65,9 @@ export async function handleUninstallServer(params) {
62
65
  await logger.error(`Failed to uninstall server: ${errorMessage}`);
63
66
  await telemetryLogger.log("client_uninstall", {
64
67
  success: false,
68
+ log_context: {
69
+ server_id: sanitizeServerIdForLogging(params.server_id),
70
+ },
65
71
  pii_sanitized_error_message: errorMessage,
66
72
  latency_ms: Date.now() - startTime,
67
73
  });
package/dist/mcp-server/utils/serverIdValidator.d.ts ADDED
@@ -0,0 +1,15 @@
1
+ /**
2
+ * Server ID validation utilities
3
+ */
4
+ /**
5
+ * Validates if a server ID matches the expected format
6
+ */
7
+ export declare function isValidServerId(serverId: string): boolean;
8
+ /**
9
+ * Validates a server ID and throws an error if invalid
10
+ */
11
+ export declare function validateServerIdOrThrow(serverId: string): void;
12
+ /**
13
+ * Sanitizes a server ID for logging - returns the ID if valid, otherwise returns "invalid_format"
14
+ */
15
+ export declare function sanitizeServerIdForLogging(serverId: string): string;
package/dist/mcp-server/utils/serverIdValidator.js ADDED
@@ -0,0 +1,25 @@
1
+ /**
2
+ * Server ID validation utilities
3
+ */
4
+ // Server ID format: sv_[12 hex chars]
5
+ const SERVER_ID_REGEX = /^sv_[a-f0-9]{12}$/;
6
+ /**
7
+ * Validates if a server ID matches the expected format
8
+ */
9
+ export function isValidServerId(serverId) {
10
+ return SERVER_ID_REGEX.test(serverId);
11
+ }
12
+ /**
13
+ * Validates a server ID and throws an error if invalid
14
+ */
15
+ export function validateServerIdOrThrow(serverId) {
16
+ if (!isValidServerId(serverId)) {
17
+ throw new Error(`Invalid server ID format: ${serverId}. Expected format: sv_[12 hex chars]`);
18
+ }
19
+ }
20
+ /**
21
+ * Sanitizes a server ID for logging - returns the ID if valid, otherwise returns "invalid_format"
22
+ */
23
+ export function sanitizeServerIdForLogging(serverId) {
24
+ return isValidServerId(serverId) ? serverId : "invalid_format";
25
+ }
package/dist/version.d.ts CHANGED
@@ -1 +1 @@
1
- export declare const version = "0.1.10";
1
+ export declare const version = "0.1.11";
package/dist/version.js CHANGED
@@ -1 +1 @@
1
- export const version = '0.1.10';
1
+ export const version = '0.1.11';
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@toolplex/client",
3
- "version": "0.1.10",
3
+ "version": "0.1.11",
4
4
  "author": "ToolPlex LLC",
5
5
  "license": "SEE LICENSE IN LICENSE",
6
6
  "description": "The official ToolPlex client for AI agent tool discovery and execution",