npm - just-bash-mcp - Versions diffs - 2.9.3 → 2.9.4 - Mend

just-bash-mcp 2.9.3 → 2.9.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/README.md +12 -14
package/package.json +3 -4
package/src/config/index.ts +6 -4
package/src/index.ts +1 -1
package/src/tools/bash-instance.ts +1 -1
package/src/tools/index.ts +1 -1
package/src/tools/sandbox-tools.ts +8 -35

package/README.md CHANGED Viewed

@@ -7,16 +7,14 @@ An MCP (Model Context Protocol) server that provides a sandboxed bash environmen
 Execute bash commands in a secure, isolated environment with an in-memory virtual filesystem.
-Built on top of [`just-bash`](https://github.com/vercel-labs/just-bash) v2.10.2.
+Built on top of [`just-bash`](https://github.com/vercel-labs/just-bash) v2.12.5.
-## What's New in v2.9.2
+## What's New in v2.9.4
-- **Expanded Vercel Sandbox API coverage** - `bash_sandbox_run` now supports optional `includeOutput` and `includeLogs`
-- **Sandbox domain support** - New `bash_sandbox_domain` tool returns the current sandbox domain/identifier
-- **Synced with upstream `just-bash` v2.10.2** - Full upstream commands, APIs, and type exports
+- **Synced with upstream `just-bash` v2.12.5** - Full upstream commands, APIs, and type exports
+- **Persistent sandbox tools** - `bash_sandbox_*` tools remain available for higher-level isolated workflows
 - **Defense-in-depth mode** - Opt-in monkey-patching of dangerous JS globals (`JUST_BASH_DEFENSE_IN_DEPTH=true`)
-- **Python support** - Python3 via Pyodide (`JUST_BASH_ENABLE_PYTHON=true`)
-- **Vercel Sandbox API tools** - Compatible `bash_sandbox_*` tools for isolated execution
+- **Python support** - Python3 via the upstream emscripten CPython runtime (`JUST_BASH_ENABLE_PYTHON=true`)
 - **MountableFS + ReadWriteFS** - Real directory mounts with overlay/read-write options
 - **Configurable execution limits** - Fine-grained control over loops, strings, arrays, heredocs, and substitutions
@@ -123,7 +121,7 @@ Add to your MCP settings:
 | `JUST_BASH_MAX_CALL_DEPTH` | Maximum function recursion depth | `100` |
 | `JUST_BASH_MAX_COMMAND_COUNT` | Maximum total commands per execution | `10000` |
 | `JUST_BASH_MAX_LOOP_ITERATIONS` | Maximum iterations per loop | `10000` |
-| `JUST_BASH_ENABLE_PYTHON` | Enable Python3 via Pyodide (`true`/`false`) | `false` |
+| `JUST_BASH_ENABLE_PYTHON` | Enable Python3 via emscripten CPython (`true`/`false`) | `false` |
 | `JUST_BASH_DEFENSE_IN_DEPTH` | Enable defense-in-depth mode (`true`/`false`) | `false` |
 | `JUST_BASH_DEFENSE_IN_DEPTH_AUDIT` | Audit mode: log violations but don't block | `false` |
 | `JUST_BASH_DEFENSE_IN_DEPTH_LOG` | Log violations to console | `false` |
@@ -174,16 +172,16 @@ Get information about the bash environment configuration, including defense-in-d
 Get current working directory or environment variables.
-### Vercel Sandbox API
+### `bash_sandbox_*`
-Compatible with the Vercel Sandbox API:
+Persistent isolated-environment helpers:
-- `bash_sandbox_run` - Run a command in the sandbox (optionally include structured output/logs)
-- `bash_sandbox_domain` - Get the sandbox domain/identifier
+- `bash_sandbox_run` - Run a command with optional structured output/logs
+- `bash_sandbox_domain` - Get the current sandbox domain/identifier
 - `bash_sandbox_write_files` - Write multiple files at once
 - `bash_sandbox_read_file` - Read a file (supports base64 encoding)
 - `bash_sandbox_mkdir` - Create a directory
-- `bash_sandbox_stop` - Stop and clean up the sandbox
+- `bash_sandbox_stop` - Stop and clean up the sandbox state
 - `bash_sandbox_reset` - Reset the sandbox state
 ## Supported Commands
@@ -274,7 +272,7 @@ Compatible with the Vercel Sandbox API:
 ## Upstream API Coverage
-This wrapper integrates the full public API surface of `just-bash` v2.10.2:
+This wrapper integrates the full public API surface of `just-bash` v2.12.5:
 | Category | Exports Used |
 |----------|-------------|

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
 	"name": "just-bash-mcp",
-	"version": "2.9.3",
+	"version": "2.9.4",
 	"description": "MCP server providing a sandboxed bash environment using just-bash",
 	"type": "module",
 	"main": "./src/index.ts",
@@ -42,8 +42,7 @@
 		"cline",
 		"roo-code",
 		"windsurf",
-		"just-bash",
-		"vercel"
+		"just-bash"
 	],
 	"author": "dalist1",
 	"license": "Apache-2.0",
@@ -61,7 +60,7 @@
 	"packageManager": "bun@1.3.8",
 	"dependencies": {
 		"@modelcontextprotocol/sdk": "^1.27.0",
-		"just-bash": "^2.10.2",
+		"just-bash": "^2.12.5",
 		"zod": "^4.3.6"
 	},
 	"devDependencies": {

package/src/config/index.ts CHANGED Viewed

@@ -372,7 +372,8 @@ export const ENVIRONMENT_VARIABLES = {
 		"Max file read size in bytes for OverlayFs/ReadWriteFs (default: 10MB)",
 	JUST_BASH_ENABLE_LOGGING: "Enable debug logging (default: false)",
 	JUST_BASH_ENABLE_TRACING: "Enable performance tracing (default: false)",
-	JUST_BASH_ENABLE_PYTHON: "Enable python3/python commands via Pyodide (default: false)",
+	JUST_BASH_ENABLE_PYTHON:
+		"Enable python3/python commands via the upstream emscripten CPython runtime (default: false)",
 	JUST_BASH_DEFENSE_IN_DEPTH:
 		"Enable defense-in-depth mode that patches dangerous JS globals (default: false)",
 	JUST_BASH_DEFENSE_IN_DEPTH_AUDIT:
@@ -390,7 +391,7 @@ export const COMMAND_CATEGORIES = {
 	textProcessing:
 		"awk, base64, column, comm, cut, diff, expand, fold, grep (egrep, fgrep), head, join, md5sum, nl, od, paste, printf, rev, rg (ripgrep), sed, sha1sum, sha256sum, sort, strings, tac, tail, tr, unexpand, uniq, wc, xargs",
 	dataProcessing:
-		"jq (JSON), python3/python (Python via Pyodide), sqlite3 (SQLite), xan (CSV), yq (YAML/XML/TOML/CSV)",
+		"jq (JSON), python3/python (Python via emscripten CPython), sqlite3 (SQLite), xan (CSV), yq (YAML/XML/TOML/CSV)",
 	compression: "gzip (gunzip, zcat), tar",
 	navigation:
 		"basename, cd, dirname, du, echo, env, export, find, hostname, printenv, pwd, tee, whoami",
@@ -411,8 +412,9 @@ export const FEATURES = {
 	trace: "Performance profiling via TraceCallback (upstream type)",
 	commandFilter: "Restrict available commands via JUST_BASH_ALLOWED_COMMANDS env var",
 	sandboxApi:
-		"Vercel Sandbox compatible API via bash_sandbox_* tools (run, write, read, mkdir, stop, reset)",
-	python: "Python support via Pyodide (opt-in via JUST_BASH_ENABLE_PYTHON=true)",
+		"Additional persistent sandbox tools via bash_sandbox_* (run, write, read, mkdir, stop, reset)",
+	python:
+		"Python support via the upstream emscripten CPython runtime (opt-in via JUST_BASH_ENABLE_PYTHON=true)",
 	defenseInDepth:
 		"Defense-in-depth with SecurityViolationLogger, audit mode, and console logging (opt-in via JUST_BASH_DEFENSE_IN_DEPTH=true)",
 	overlayReadOnly:

package/src/index.ts CHANGED Viewed

@@ -4,7 +4,7 @@
  * just-bash-mcp - MCP Server for sandboxed bash execution
  *
  * A Model Context Protocol (MCP) server that provides AI agents with a
- * secure, sandboxed bash environment powered by just-bash from Vercel Labs.
+ * secure, sandboxed bash environment powered by just-bash.
  *
  * @see https://github.com/vercel-labs/just-bash
  * @see https://modelcontextprotocol.io

package/src/tools/bash-instance.ts CHANGED Viewed

@@ -3,7 +3,7 @@
  * Handles creation and lifecycle of Bash instances
  *
  * Uses all upstream just-bash APIs:
- * - Bash, Sandbox, SandboxCommand for execution
+ * - Bash and Sandbox for execution
  * - DefenseInDepthBox with SecurityViolationLogger for security monitoring
  * - defineCommand for custom command registration
  * - All filesystem variants (InMemoryFs, MountableFs, OverlayFs, ReadWriteFs)

package/src/tools/index.ts CHANGED Viewed

@@ -37,7 +37,7 @@ export function registerAllTools(server: McpServer): void {
 	// File operation tools
 	registerFileTools(server);
-	// Vercel Sandbox compatible tools
+	// Additional persistent sandbox tools
 	registerSandboxTools(server);
 	// Information and state tools

package/src/tools/sandbox-tools.ts CHANGED Viewed

@@ -1,6 +1,6 @@
 /**
  * Sandbox API tools
- * Vercel Sandbox compatible tools for execution in an isolated environment
+ * Tools for execution in a persistent isolated environment
  *
  * Uses upstream Sandbox/SandboxCommand APIs:
  * - Sandbox.create(), runCommand(), writeFiles(), readFile(), mkDir(), stop()
@@ -27,9 +27,6 @@ import {
 } from "../utils/index.ts";
 import { getPersistentSandbox, resetPersistentSandbox } from "./bash-instance.ts";
-/**
- * Classify errors from just-bash into user-friendly messages.
- */
 function classifyError(error: unknown, prefix: string) {
 	if (error instanceof NetworkAccessDeniedError) {
 		return createErrorResponse(error, `${prefix} [Network Access Denied]`);
@@ -46,18 +43,12 @@ function classifyError(error: unknown, prefix: string) {
 	return createErrorResponse(error, prefix);
 }
-/**
- * Register Vercel Sandbox compatible tools with the MCP server
- */
 export function registerSandboxTools(server: McpServer): void {
-	// ========================================================================
-	// bash_sandbox_run - Run command in sandbox
-	// ========================================================================
 	server.registerTool(
 		"bash_sandbox_run",
 		{
 			description:
-				"Run a command in a Vercel Sandbox compatible environment. The sandbox persists across calls.",
+				"Run a command in a persistent isolated environment with optional structured output and logs.",
 			inputSchema: {
 				command: z.string().describe("The command to execute"),
 				cwd: z.string().optional().describe("Working directory for the command"),
@@ -122,13 +113,10 @@ export function registerSandboxTools(server: McpServer): void {
 		},
 	);
-	// ========================================================================
-	// bash_sandbox_domain - Get sandbox domain
-	// ========================================================================
 	server.registerTool(
 		"bash_sandbox_domain",
 		{
-			description: "Get the current sandbox domain/identifier.",
+			description: "Get the current sandbox domain or identifier.",
 			inputSchema: {},
 		},
 		async () => {
@@ -141,13 +129,10 @@ export function registerSandboxTools(server: McpServer): void {
 		},
 	);
-	// ========================================================================
-	// bash_sandbox_write_files - Write multiple files
-	// ========================================================================
 	server.registerTool(
 		"bash_sandbox_write_files",
 		{
-			description: "Write multiple files to the sandbox environment at once.",
+			description: "Write multiple files to the persistent isolated environment at once.",
 			inputSchema: {
 				files: z.record(z.string(), z.string()).describe("Files to write (path -> content)"),
 			},
@@ -166,13 +151,10 @@ export function registerSandboxTools(server: McpServer): void {
 		},
 	);
-	// ========================================================================
-	// bash_sandbox_read_file - Read file from sandbox
-	// ========================================================================
 	server.registerTool(
 		"bash_sandbox_read_file",
 		{
-			description: "Read a file from the sandbox environment.",
+			description: "Read a file from the persistent isolated environment.",
 			inputSchema: {
 				path: z.string().describe("The file path to read"),
 				encoding: z.enum(["utf-8", "base64"]).optional().describe("File encoding (default: utf-8)"),
@@ -197,13 +179,10 @@ export function registerSandboxTools(server: McpServer): void {
 		},
 	);
-	// ========================================================================
-	// bash_sandbox_mkdir - Create directory in sandbox
-	// ========================================================================
 	server.registerTool(
 		"bash_sandbox_mkdir",
 		{
-			description: "Create a directory in the sandbox environment.",
+			description: "Create a directory in the persistent isolated environment.",
 			inputSchema: {
 				path: z.string().describe("The directory path to create"),
 				recursive: z
@@ -224,14 +203,11 @@ export function registerSandboxTools(server: McpServer): void {
 		},
 	);
-	// ========================================================================
-	// bash_sandbox_stop - Stop and clean up sandbox
-	// ========================================================================
 	server.registerTool(
 		"bash_sandbox_stop",
 		{
 			description:
-				"Stop and clean up the sandbox environment, releasing all resources. Use bash_sandbox_reset to just clear state.",
+				"Stop and clean up the persistent isolated environment, releasing all resources. Use bash_sandbox_reset to just clear state.",
 			inputSchema: {},
 		},
 		async () => {
@@ -244,13 +220,10 @@ export function registerSandboxTools(server: McpServer): void {
 		},
 	);
-	// ========================================================================
-	// bash_sandbox_reset - Reset sandbox
-	// ========================================================================
 	server.registerTool(
 		"bash_sandbox_reset",
 		{
-			description: "Reset the sandbox environment, clearing all files and state.",
+			description: "Reset the persistent isolated environment, clearing all files and state.",
 			inputSchema: {},
 		},
 		async () => {