mcp-firewall 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/index.js +31 -0
  2. package/install.js +129 -0
  3. package/package.json +27 -0
package/index.js ADDED
@@ -0,0 +1,31 @@
1
+ #!/usr/bin/env node
2
+
3
+ "use strict";
4
+
5
+ const { execFileSync } = require("child_process");
6
+ const path = require("path");
7
+ const fs = require("fs");
8
+
9
+ const binaryName =
10
+ process.platform === "win32" ? "mcp-firewall.exe" : "mcp-firewall";
11
+ const binaryPath = path.join(__dirname, "bin", binaryName);
12
+
13
+ if (!fs.existsSync(binaryPath)) {
14
+ console.error(
15
+ "mcp-firewall binary not found. Run 'npm install' or 'node install.js' first."
16
+ );
17
+ process.exit(1);
18
+ }
19
+
20
+ try {
21
+ const result = execFileSync(binaryPath, process.argv.slice(2), {
22
+ stdio: "inherit",
23
+ });
24
+ process.exit(0);
25
+ } catch (err) {
26
+ if (err.status !== undefined) {
27
+ process.exit(err.status);
28
+ }
29
+ console.error(err.message);
30
+ process.exit(1);
31
+ }
package/install.js ADDED
@@ -0,0 +1,129 @@
1
+ "use strict";
2
+
3
+ const https = require("https");
4
+ const fs = require("fs");
5
+ const path = require("path");
6
+ const { execSync } = require("child_process");
7
+ const os = require("os");
8
+
9
+ const REPO = "VikingOwl91/mcp-firewall";
10
+
11
+ const PLATFORM_MAP = {
12
+ linux: "linux",
13
+ darwin: "darwin",
14
+ win32: "windows",
15
+ };
16
+
17
+ const ARCH_MAP = {
18
+ x64: "amd64",
19
+ arm64: "arm64",
20
+ };
21
+
22
+ function getVersion() {
23
+ const pkg = JSON.parse(
24
+ fs.readFileSync(path.join(__dirname, "package.json"), "utf8")
25
+ );
26
+ return pkg.version;
27
+ }
28
+
29
+ function getArtifactName(platform, arch) {
30
+ const os = PLATFORM_MAP[platform];
31
+ const cpu = ARCH_MAP[arch];
32
+ if (!os || !cpu) {
33
+ throw new Error(`Unsupported platform: ${platform}-${arch}`);
34
+ }
35
+ const ext = platform === "win32" ? "zip" : "tar.gz";
36
+ return `mcp-firewall_${os}_${cpu}.${ext}`;
37
+ }
38
+
39
+ function download(url) {
40
+ return new Promise((resolve, reject) => {
41
+ const get = (url, redirects) => {
42
+ if (redirects > 5) {
43
+ reject(new Error("Too many redirects"));
44
+ return;
45
+ }
46
+ https
47
+ .get(url, (res) => {
48
+ if (res.statusCode >= 300 && res.statusCode < 400 && res.headers.location) {
49
+ get(res.headers.location, redirects + 1);
50
+ return;
51
+ }
52
+ if (res.statusCode !== 200) {
53
+ reject(new Error(`HTTP ${res.statusCode} downloading ${url}`));
54
+ return;
55
+ }
56
+ const chunks = [];
57
+ res.on("data", (chunk) => chunks.push(chunk));
58
+ res.on("end", () => resolve(Buffer.concat(chunks)));
59
+ res.on("error", reject);
60
+ })
61
+ .on("error", reject);
62
+ };
63
+ get(url, 0);
64
+ });
65
+ }
66
+
67
+ function extractTarGz(buffer, destDir) {
68
+ const tmpFile = path.join(os.tmpdir(), `mcp-firewall-${Date.now()}.tar.gz`);
69
+ fs.writeFileSync(tmpFile, buffer);
70
+ fs.mkdirSync(destDir, { recursive: true });
71
+ try {
72
+ execSync(`tar xzf "${tmpFile}" -C "${destDir}"`, { stdio: "ignore" });
73
+ } finally {
74
+ fs.unlinkSync(tmpFile);
75
+ }
76
+ }
77
+
78
+ function extractZip(buffer, destDir) {
79
+ const tmpFile = path.join(os.tmpdir(), `mcp-firewall-${Date.now()}.zip`);
80
+ fs.writeFileSync(tmpFile, buffer);
81
+ fs.mkdirSync(destDir, { recursive: true });
82
+ try {
83
+ // PowerShell available on all modern Windows
84
+ execSync(
85
+ `powershell -Command "Expand-Archive -Force '${tmpFile}' '${destDir}'"`,
86
+ { stdio: "ignore" }
87
+ );
88
+ } finally {
89
+ fs.unlinkSync(tmpFile);
90
+ }
91
+ }
92
+
93
+ async function main() {
94
+ const version = getVersion();
95
+ if (version === "0.0.0") {
96
+ console.log("Skipping binary download for development version (0.0.0).");
97
+ return;
98
+ }
99
+
100
+ const platform = process.platform;
101
+ const arch = process.arch;
102
+
103
+ const artifact = getArtifactName(platform, arch);
104
+ const url = `https://github.com/${REPO}/releases/download/v${version}/${artifact}`;
105
+ const binDir = path.join(__dirname, "bin");
106
+
107
+ console.log(`Downloading mcp-firewall v${version} for ${platform}-${arch}...`);
108
+
109
+ const buffer = await download(url);
110
+
111
+ if (artifact.endsWith(".zip")) {
112
+ extractZip(buffer, binDir);
113
+ } else {
114
+ extractTarGz(buffer, binDir);
115
+ }
116
+
117
+ // Make binary executable on Unix
118
+ if (platform !== "win32") {
119
+ const binaryPath = path.join(binDir, "mcp-firewall");
120
+ fs.chmodSync(binaryPath, 0o755);
121
+ }
122
+
123
+ console.log("mcp-firewall installed successfully.");
124
+ }
125
+
126
+ main().catch((err) => {
127
+ console.error(`Failed to install mcp-firewall: ${err.message}`);
128
+ process.exit(1);
129
+ });
package/package.json ADDED
@@ -0,0 +1,27 @@
1
+ {
2
+ "name": "mcp-firewall",
3
+ "version": "1.0.0",
4
+ "description": "Security firewall proxy for MCP servers — policy enforcement, redaction, sandboxing, and supply chain controls",
5
+ "bin": {
6
+ "mcp-firewall": "index.js"
7
+ },
8
+ "scripts": {
9
+ "postinstall": "node install.js"
10
+ },
11
+ "keywords": [
12
+ "mcp",
13
+ "firewall",
14
+ "proxy",
15
+ "security",
16
+ "model-context-protocol"
17
+ ],
18
+ "license": "MIT",
19
+ "repository": {
20
+ "type": "git",
21
+ "url": "git+https://github.com/VikingOwl91/mcp-firewall.git"
22
+ },
23
+ "homepage": "https://github.com/VikingOwl91/mcp-firewall",
24
+ "bugs": {
25
+ "url": "https://github.com/VikingOwl91/mcp-firewall/issues"
26
+ }
27
+ }