npm - mcpman - Versions diffs - 0.1.1 → 0.2.0 - Mend

mcpman 0.1.1 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/README.md +4 -2
package/dist/chunk-6X6Q6UZC.js +141 -0
package/dist/index.cjs +1350 -144
package/dist/index.js +1088 -118
package/dist/trust-scorer-LYC6KZCD.js +77 -0
package/dist/vault-service-UTZAV6N6.js +29 -0
package/package.json +1 -1

package/README.md CHANGED Viewed

@@ -1,7 +1,9 @@
 # mcpman
-![npm version](https://img.shields.io/npm/v/mcpman)
-![license](https://img.shields.io/npm/l/mcpman)
+[![npm version](https://img.shields.io/npm/v/mcpman)](https://www.npmjs.com/package/mcpman)
+[![npm downloads](https://img.shields.io/npm/dm/mcpman)](https://www.npmjs.com/package/mcpman)
+[![GitHub stars](https://img.shields.io/github/stars/tranhoangtu-it/mcpman)](https://github.com/tranhoangtu-it/mcpman)
+[![license](https://img.shields.io/npm/l/mcpman)](https://github.com/tranhoangtu-it/mcpman/blob/main/LICENSE)
 ![node](https://img.shields.io/node/v/mcpman)
 **The package manager for MCP servers.**

package/dist/chunk-6X6Q6UZC.js ADDED Viewed

@@ -0,0 +1,141 @@
+#!/usr/bin/env node
+// src/core/vault-service.ts
+import crypto from "crypto";
+import fs from "fs";
+import os from "os";
+import path from "path";
+import * as p from "@clack/prompts";
+var _cachedPassword = null;
+process.on("exit", () => {
+  _cachedPassword = null;
+});
+function getVaultPath() {
+  return path.join(os.homedir(), ".mcpman", "vault.enc");
+}
+function readVault(vaultPath = getVaultPath()) {
+  const empty = { version: 1, servers: {} };
+  try {
+    const raw = fs.readFileSync(vaultPath, "utf-8");
+    const parsed = JSON.parse(raw);
+    if (parsed.version !== 1 || typeof parsed.servers !== "object") return empty;
+    return parsed;
+  } catch {
+    return empty;
+  }
+}
+function writeVault(data, vaultPath = getVaultPath()) {
+  const dir = path.dirname(vaultPath);
+  fs.mkdirSync(dir, { recursive: true });
+  const tmp = `${vaultPath}.tmp`;
+  fs.writeFileSync(tmp, JSON.stringify(data, null, 2), { mode: 384 });
+  if (process.platform !== "win32") {
+    fs.chmodSync(tmp, 384);
+  }
+  fs.renameSync(tmp, vaultPath);
+  if (process.platform !== "win32") {
+    fs.chmodSync(vaultPath, 384);
+  }
+}
+function encrypt(value, password2) {
+  const salt = crypto.randomBytes(16);
+  const key = crypto.pbkdf2Sync(password2, salt, 1e5, 32, "sha256");
+  const iv = crypto.randomBytes(16);
+  const cipher = crypto.createCipheriv("aes-256-cbc", key, iv);
+  const encrypted = Buffer.concat([cipher.update(value, "utf-8"), cipher.final()]);
+  return {
+    salt: salt.toString("hex"),
+    iv: iv.toString("hex"),
+    data: encrypted.toString("hex")
+  };
+}
+function decrypt(entry, password2) {
+  const salt = Buffer.from(entry.salt, "hex");
+  const key = crypto.pbkdf2Sync(password2, salt, 1e5, 32, "sha256");
+  const iv = Buffer.from(entry.iv, "hex");
+  const decipher = crypto.createDecipheriv("aes-256-cbc", key, iv);
+  const decrypted = Buffer.concat([
+    decipher.update(Buffer.from(entry.data, "hex")),
+    decipher.final()
+    // throws ERR_OSSL_BAD_DECRYPT on wrong password
+  ]);
+  return decrypted.toString("utf-8");
+}
+async function getMasterPassword(confirm = false) {
+  if (_cachedPassword) return _cachedPassword;
+  const password2 = await p.password({
+    message: "Enter vault master password:",
+    validate: (v) => v.length < 8 ? "Password must be at least 8 characters" : void 0
+  });
+  if (p.isCancel(password2)) {
+    p.cancel("Vault access cancelled.");
+    process.exit(0);
+  }
+  if (confirm) {
+    const confirm2 = await p.password({ message: "Confirm master password:" });
+    if (p.isCancel(confirm2) || confirm2 !== password2) {
+      p.cancel("Passwords do not match.");
+      process.exit(1);
+    }
+  }
+  _cachedPassword = password2;
+  return _cachedPassword;
+}
+function clearPasswordCache() {
+  _cachedPassword = null;
+}
+function setSecret(server, key, value, password2, vaultPath = getVaultPath()) {
+  const vault = readVault(vaultPath);
+  if (!vault.servers[server]) vault.servers[server] = {};
+  vault.servers[server][key] = encrypt(value, password2);
+  writeVault(vault, vaultPath);
+}
+function getSecret(server, key, password2, vaultPath = getVaultPath()) {
+  const vault = readVault(vaultPath);
+  const entry = vault.servers[server]?.[key];
+  if (!entry) return null;
+  return decrypt(entry, password2);
+}
+function getSecretsForServer(server, password2, vaultPath = getVaultPath()) {
+  const vault = readVault(vaultPath);
+  const entries = vault.servers[server];
+  if (!entries) return {};
+  const result = {};
+  for (const [k, entry] of Object.entries(entries)) {
+    result[k] = decrypt(entry, password2);
+  }
+  return result;
+}
+function removeSecret(server, key, vaultPath = getVaultPath()) {
+  const vault = readVault(vaultPath);
+  if (vault.servers[server]) {
+    delete vault.servers[server][key];
+    if (Object.keys(vault.servers[server]).length === 0) {
+      delete vault.servers[server];
+    }
+    writeVault(vault, vaultPath);
+  }
+}
+function listSecrets(server, vaultPath = getVaultPath()) {
+  const vault = readVault(vaultPath);
+  const entries = server ? vault.servers[server] ? { [server]: vault.servers[server] } : {} : vault.servers;
+  return Object.entries(entries).map(([srv, keys]) => ({
+    server: srv,
+    keys: Object.keys(keys)
+  }));
+}
+export {
+  getVaultPath,
+  readVault,
+  writeVault,
+  encrypt,
+  decrypt,
+  getMasterPassword,
+  clearPasswordCache,
+  setSecret,
+  getSecret,
+  getSecretsForServer,
+  removeSecret,
+  listSecrets
+};