capgate 0.0.1

package/dist/policy/ir.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ir.d.ts","sourceRoot":"","sources":["../../src/policy/ir.ts"],"names":[],"mappings":"AAgBA,MAAM,MAAM,cAAc,GACtB,IAAI,GACJ,KAAK,GACL,MAAM,GACN,KAAK,GACL,KAAK,GACL,OAAO,GACP,QAAQ,CAAC;AAEb,MAAM,MAAM,QAAQ,GAAG,MAAM,GAAG,OAAO,GAAG,QAAQ,GAAG,QAAQ,CAAC;AAC9D,MAAM,MAAM,SAAS,GAAG,SAAS,CAAC;AAClC,MAAM,MAAM,UAAU,GAAG,OAAO,CAAC;AACjC,MAAM,MAAM,SAAS,GAAG,MAAM,GAAG,QAAQ,CAAC;AAC1C,MAAM,MAAM,SAAS,GAAG,SAAS,CAAC;AAMlC,MAAM,WAAW,OAAO;IACtB,wEAAwE;IACxE,IAAI,EAAE,MAAM,CAAC;IACb,2EAA2E;IAC3E,MAAM,EAAE,OAAO,CAAC;CACjB;AAED,MAAM,WAAW,QAAQ;IACvB,2EAA2E;IAC3E,IAAI,EAAE,MAAM,CAAC;IACb,qCAAqC;IACrC,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,8EAA8E;IAC9E,YAAY,EAAE,OAAO,CAAC;CACvB;AAED,MAAM,WAAW,SAAS;IACxB,kFAAkF;IAClF,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,QAAQ;IACvB,oFAAoF;IACpF,IAAI,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,QAAQ;IACvB,0DAA0D;IAC1D,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,UAAU;IACzB,6EAA6E;IAC7E,MAAM,EAAE,QAAQ,GAAG,QAAQ,CAAC;CAC7B;AAED,MAAM,WAAW,WAAW;IAC1B,oEAAoE;IACpE,EAAE,EAAE,MAAM,CAAC;IACX,6DAA6D;IAC7D,WAAW,EAAE,MAAM,CAAC;CACrB;AAMD,MAAM,MAAM,UAAU,GAClB;IAAE,IAAI,EAAE,IAAI,CAAC;IAAC,OAAO,EAAE,QAAQ,EAAE,CAAC;IAAC,KAAK,EAAE,OAAO,CAAC;IAAC,WAAW,CAAC,EAAE,WAAW,CAAA;CAAE,GAC9E;IAAE,IAAI,EAAE,KAAK,CAAC;IAAC,OAAO,EAAE,SAAS,EAAE,CAAC;IAAC,KAAK,EAAE,QAAQ,CAAC;IAAC,WAAW,CAAC,EAAE,WAAW,CAAA;CAAE,GACjF;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,UAAU,EAAE,CAAC;IAAC,KAAK,EAAE,SAAS,CAAC;IAAC,WAAW,CAAC,EAAE,WAAW,CAAA;CAAE,GACpF;IAAE,IAAI,EAAE,KAAK,CAAC;IAAC,OAAO,EAAE,SAAS,EAAE,CAAC;IAAC,KAAK,EAAE,QAAQ,CAAC;IAAC,WAAW,CAAC,EAAE,WAAW,CAAA;CAAE,GACjF;IAAE,IAAI,EAAE,KAAK,CAAC;IAAC,OAAO,EAAE,SAAS,EAAE,CAAC;IAAC,KAAK,EAAE,QAAQ,CAAC;IAAC,WAAW,CAAC,EAAE,WAAW,CAAA;CAAE,GACjF;IAAE,IAAI,EAAE,OAAO,CAAC;IAAC,OAAO,EAAE,EAAE,CAAC;IAAC,KAAK,EAAE,UAAU,CAAC;IAAC,WAAW,CAAC,EAAE,WAAW,CAAA;CAAE,GAC5E;IAAE,IAAI,EAAE,QAAQ,CAAC;IAAC,OAAO,EAAE,EAAE,CAAC;IAAC,KAAK,EAAE,WAAW,CAAC;IAAC,WAAW,CAAC,EAAE,WAAW,CAAA;CAAE,CAAC;AAEnF,MAAM,WAAW,WAAW;IAC1B,4FAA4F;IAC5F,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,8EAA8E;IAC9E,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC;AAED,wBAAgB,aAAa,CAAC,GAAG,EAAE,UAAU,GAAG,OAAO,CAEtD;AAMD,MAAM,WAAW,YAAY;IAC3B,6CAA6C;IAC7C,IAAI,EAAE,MAAM,CAAC;IACb,8EAA8E;IAC9E,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,yEAAyE;IACzE,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACtC,2EAA2E;IAC3E,YAAY,EAAE,UAAU,EAAE,CAAC;CAC5B;AAED,MAAM,WAAW,cAAc;IAC7B,yEAAyE;IACzE,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,kFAAkF;IAClF,kBAAkB,CAAC,EAAE,UAAU,EAAE,CAAC;IAClC,KAAK,EAAE,YAAY,EAAE,CAAC;CACvB;AAQD,MAAM,WAAW,gBAAgB;IAC/B,oEAAoE;IACpE,MAAM,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC;IAC1C,oDAAoD;IACpD,EAAE,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,QAAQ,EAAE,CAAC;QAAC,MAAM,EAAE,OAAO,CAAA;KAAE,EAAE,CAAC;IAC7D,kEAAkE;IAClE,GAAG,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;QAAC,YAAY,EAAE,OAAO,CAAA;KAAE,EAAE,CAAC;IACpE,iDAAiD;IACjD,IAAI,EAAE;QAAE,MAAM,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;IAC3B,4EAA4E;IAC5E,GAAG,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,SAAS,CAAA;KAAE,EAAE,CAAC;IAC3C,+BAA+B;IAC/B,GAAG,EAAE;QAAE,QAAQ,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;IAC5B,oEAAoE;IACpE,KAAK,EAAE,MAAM,GAAG,QAAQ,GAAG,QAAQ,CAAC;IACpC,+EAA+E;IAC/E,UAAU,EAAE,WAAW,EAAE,CAAC;IAC1B,8EAA8E;IAC9E,aAAa,EAAE,OAAO,CAAC;CACxB;AAMD,qBAAa,gBAAiB,SAAQ,KAAK;IAEhC,IAAI,EAAE,MAAM;IAEZ,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;gBAFjC,IAAI,EAAE,MAAM,EACnB,OAAO,EAAE,MAAM,EACR,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,YAAA;CAK3C"}

package/dist/policy/ir.js

@@ -0,0 +1,28 @@
+// MCP → Sandbox Policy Compiler — Intermediate Representation
+//
+// Design notes (see README.md for rationale):
+// - Capabilities are the unit of authorization. A ToolManifest declares zero or
+//   more Capability values; the compiler lowers them into an adapter-specific
+//   Policy (bwrap argv, egress-proxy rules, Worker resourceLimits, etc).
+// - Capabilities are split into ENFORCEABLE and DECLARED. Enforceable ones are
+//   enforced by some adapter (fs/net/exec/env/ipc). Declared ones are surfaced
+//   as assertions the host or MCP server must honor (e.g. "read-only SQL").
+// - Fail-closed: unknown kinds, malformed scopes, and missing required fields
+//   MUST cause CompilationError. No best-effort. No silent drops.
+export function isEnforceable(cap) {
+    return cap.kind !== 'assert';
+}
+// ---------------------------------------------------------------------------
+// Errors
+// ---------------------------------------------------------------------------
+export class CompilationError extends Error {
+    code;
+    context;
+    constructor(code, message, context) {
+        super(`[${code}] ${message}`);
+        this.code = code;
+        this.context = context;
+        this.name = 'CompilationError';
+    }
+}
+//# sourceMappingURL=ir.js.map

package/dist/policy/ir.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ir.js","sourceRoot":"","sources":["../../src/policy/ir.ts"],"names":[],"mappings":"AAAA,8DAA8D;AAC9D,EAAE;AACF,8CAA8C;AAC9C,gFAAgF;AAChF,8EAA8E;AAC9E,yEAAyE;AACzE,+EAA+E;AAC/E,+EAA+E;AAC/E,4EAA4E;AAC5E,8EAA8E;AAC9E,kEAAkE;AAwFlE,MAAM,UAAU,aAAa,CAAC,GAAe;IAC3C,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ,CAAC;AAC/B,CAAC;AAqDD,8EAA8E;AAC9E,SAAS;AACT,8EAA8E;AAE9E,MAAM,OAAO,gBAAiB,SAAQ,KAAK;IAEhC;IAEA;IAHT,YACS,IAAY,EACnB,OAAe,EACR,OAAiC;QAExC,KAAK,CAAC,IAAI,IAAI,KAAK,OAAO,EAAE,CAAC,CAAC;QAJvB,SAAI,GAAJ,IAAI,CAAQ;QAEZ,YAAO,GAAP,OAAO,CAA0B;QAGxC,IAAI,CAAC,IAAI,GAAG,kBAAkB,CAAC;IACjC,CAAC;CACF"}

package/package.json

@@ -0,0 +1,64 @@
+{
+  "name": "capgate",
+  "version": "0.0.1",
+  "description": "Compile MCP tool manifests into sandbox policies (bwrap, egress rules, and more).",
+  "type": "module",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "bin": {
+    "capgate": "dist/cli.js"
+  },
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js",
+      "default": "./dist/index.js"
+    }
+  },
+  "files": [
+    "dist/",
+    "LICENSE",
+    "README.md"
+  ],
+  "scripts": {
+    "build": "tsc",
+    "clean": "node -e \"import('node:fs').then(fs => fs.rmSync('dist', { recursive: true, force: true }))\"",
+    "prebuild": "npm run clean",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "test:update-goldens": "cross-env UPDATE_GOLDEN=1 vitest run",
+    "prepublishOnly": "npm run build && npm test"
+  },
+  "keywords": [
+    "mcp",
+    "model-context-protocol",
+    "policy",
+    "sandbox",
+    "capability",
+    "bwrap",
+    "bubblewrap",
+    "typescript"
+  ],
+  "author": {
+    "name": "Raju KC",
+    "email": "kc.razu@gmail.com"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/razukc/capgate.git"
+  },
+  "homepage": "https://github.com/razukc/capgate#readme",
+  "bugs": {
+    "url": "https://github.com/razukc/capgate/issues"
+  },
+  "license": "MIT",
+  "engines": {
+    "node": ">=18.0.0"
+  },
+  "devDependencies": {
+    "@types/node": "^20.10.0",
+    "cross-env": "^10.1.0",
+    "typescript": "^5.3.3",
+    "vitest": "^3.2.4"
+  }
+}