memory-journal-mcp 7.4.0 → 7.6.0

package/dist/cli.js

@@ -1,26 +1,31 @@
-import { VERSION, createServer } from './chunk-5ZA77VUW.js';
-import { DEFAULT_AUDIT_LOG_MAX_SIZE_BYTES } from './chunk-P5V2VY6N.js';
-import './chunk-OKOVZ5QE.js';
-import { logger } from './chunk-WXDEVIFL.js';
+import { VERSION, DEFAULT_AUDIT_LOG_MAX_SIZE_BYTES, createServer } from './chunk-NSEHC6MZ.js';
+import { logger } from './chunk-SV3CKPMF.js';
 import { Command } from 'commander';
+import * as path from 'path';
 import * as fs from 'fs';
+import { z } from 'zod';
 
-function resolveDbPath(envPath, defaultName, testName) {
+function parseConfigIntRequired(value, name, min, max) {
+  const parsed = parseInt(value, 10);
+  if (Number.isNaN(parsed)) {
+    throw new Error(`Invalid required numeric configuration for ${name}: ${value}`);
+  }
+  if (min !== void 0 && parsed < min) {
+    throw new Error(`Configuration ${name} must be at least ${min}`);
+  }
+  if (max !== void 0 && parsed > max) {
+    throw new Error(`Configuration ${name} must be at most ${max}`);
+  }
+  return parsed;
+}
+function resolveDbPath(envPath, defaultName) {
   if (envPath) return envPath;
-  const rootPath = `./${defaultName}`;
-  const testPath = `./test-server/${testName}`;
-  if (fs.existsSync(rootPath)) return rootPath;
-  if (fs.existsSync(testPath)) return testPath;
-  return rootPath;
+  return `./${defaultName}`;
 }
-var defaultDbPath = resolveDbPath(
-  process.env["DB_PATH"],
-  "memory_journal.db",
-  "test-memory-journal.db"
-);
+var defaultDbPath = resolveDbPath(process.env["DB_PATH"], "memory_journal.db");
 var defaultTeamDbPath = process.env["TEAM_DB_PATH"] ? process.env["TEAM_DB_PATH"] : void 0;
 var program = new Command();
-program.name("memory-journal-mcp").description("Project context management for AI-assisted development").version(VERSION).option("--transport <type>", "Transport type: stdio or http", "stdio").option("--port <number>", "HTTP port (for http transport)", "3000").option("--server-host <host>", "Server bind host for HTTP transport (default: localhost)").option("--stateless", "Use stateless HTTP mode (no session management)").option("--db <path>", "Database path (env: DB_PATH)", defaultDbPath).option("--team-db <path>", "Team database path (env: TEAM_DB_PATH)", defaultTeamDbPath).option("--tool-filter <filter>", 'Tool filter string (e.g., "starter", "core,search")').option("--default-project <number>", "Default GitHub Project number").option("--auto-rebuild-index", "Rebuild vector index on server startup").option("--cors-origin <origin>", "CORS allowed origin for HTTP transport (default: *)").option("--enable-hsts", "Enable HSTS header for HTTP transport (use when behind HTTPS)").option(
+program.name("memory-journal-mcp").description("Project context management for AI-assisted development").version(VERSION).option("--transport <type>", "Transport type: stdio or http", "stdio").option("--port <number>", "HTTP port (for http transport)", "3000").option("--server-host <host>", "Server bind host for HTTP transport (default: localhost)").option("--stateless", "Use stateless HTTP mode (no session management)").option("--db <path>", "Database path (env: DB_PATH)", defaultDbPath).option("--team-db <path>", "Team database path (env: TEAM_DB_PATH)", defaultTeamDbPath).option("--tool-filter <filter>", 'Tool filter string (e.g., "starter", "core,search")').option("--default-project <number>", "Default GitHub Project number").option("--auto-rebuild-index", "Rebuild vector index on server startup").option("--cors-origin <origin>", "CORS allowed origin for HTTP transport (default: none)").option("--enable-hsts", "Enable HSTS header for HTTP transport (use when behind HTTPS)").option(
   "--auth-token <token>",
   "Bearer token for HTTP transport authentication (env: MCP_AUTH_TOKEN)"
 ).option("--log-level <level>", "Log level: debug, info, warning, error", "info").option(
@@ -39,10 +44,6 @@ program.name("memory-journal-mcp").description("Project context management for A
   "--digest-interval <minutes>",
   "Analytics digest interval in minutes, HTTP only (0 = disabled; recommended: 1440 for daily)",
   "0"
-).option(
-  "--sandbox-mode <mode>",
-  'Code Mode sandbox: "worker" (production, default) or "vm" (lightweight)',
-  "worker"
 ).option(
   "--codemode-max-result-size <bytes>",
   "Maximum Code Mode result size in bytes (default: 102400 / 100KB, env: CODE_MODE_MAX_RESULT_SIZE)"
@@ -50,10 +51,19 @@ program.name("memory-journal-mcp").description("Project context management for A
   "--oauth-clock-tolerance <seconds>",
   "OAuth clock tolerance in seconds (default: 60)",
   "60"
+).option(
+  "--oauth-allow-plaintext-loopback",
+  "Allow plaintext loopback OAuth issuer (env: OAUTH_ALLOW_PLAINTEXT_LOOPBACK)"
+).option("--trust-proxy", "Trust reverse proxy headers (e.g. X-Forwarded-For env: TRUST_PROXY)").option(
+  "--public-origin <url>",
+  "Public origin URL for webhook verification and OAuth redirects (env: PUBLIC_ORIGIN)"
 ).option(
   "--audit-log <path>",
   'Enable audit logging to the specified JSONL file path, or "stderr" for container mode (env: AUDIT_LOG_PATH)'
-).option("--audit-redact", "Redact tool arguments from audit entries (env: AUDIT_REDACT)").option(
+).option(
+  "--no-audit-redact",
+  "Disable redaction of tool arguments from audit entries (env: AUDIT_REDACT=false)"
+).option(
   "--audit-reads",
   "Enable audit logging for read-scoped tool calls (default: off, env: AUDIT_READS)"
 ).option(
@@ -64,6 +74,12 @@ program.name("memory-journal-mcp").description("Project context management for A
   "--instruction-level <level>",
   "Briefing depth: essential, standard, full (env: INSTRUCTION_LEVEL)",
   "standard"
+).option(
+  "--allowed-io-roots <paths>",
+  "Comma-separated absolute paths or JSON array of paths for strict filesystem jailing (env: ALLOWED_IO_ROOTS)"
+).option(
+  "--codemode-internal-full-access",
+  "Bypass tool filter constraints within the Code Mode sandbox (env: CODEMODE_INTERNAL_FULL_ACCESS)"
 ).option(
   "--briefing-entries <count>",
   "Number of journal entries in briefing (env: BRIEFING_ENTRY_COUNT)",
@@ -109,9 +125,27 @@ program.name("memory-journal-mcp").description("Project context management for A
 ).option(
   "--workflow-summary <text>",
   "Workflow summary for memory://workflows resource (env: MEMORY_JOURNAL_WORKFLOW_SUMMARY)"
+).option(
+  "--flag-vocabulary <terms>",
+  "Comma-separated flag vocabulary for Hush Protocol (env: FLAG_VOCABULARY, default: blocker,needs_review,help_requested,fyi)"
 ).action(
   async (options) => {
     logger.setLevel(options.logLevel);
+    const sensitiveEnvVars = [
+      "GITHUB_TOKEN",
+      "MCP_AUTH_TOKEN",
+      "OAUTH_ISSUER",
+      "OAUTH_JWKS_URI"
+    ];
+    for (const envVar of sensitiveEnvVars) {
+      if (process.env[envVar]?.startsWith("CHANGEME_")) {
+        logger.error(
+          `FATAL: Insecure configuration detected. ${envVar} contains default placeholder value. Please update your environment variables.`,
+          { module: "CLI" }
+        );
+        process.exit(1);
+      }
+    }
     const host = options.serverHost ?? process.env["MCP_HOST"] ?? process.env["HOST"] ?? void 0;
     logger.info("Starting Memory Journal MCP Server", {
       module: "CLI",
@@ -130,94 +164,244 @@ program.name("memory-journal-mcp").description("Project context management for A
       const auditConfig = auditLogPath ? {
         enabled: true,
         logPath: auditLogPath,
-        redact: options.auditRedact ?? process.env["AUDIT_REDACT"] === "true",
+        redact: options.auditRedact ?? (process.env["AUDIT_REDACT"] ? process.env["AUDIT_REDACT"] === "true" : true),
         auditReads: options.auditReads ?? process.env["AUDIT_READS"] === "true",
-        maxSizeBytes: parseInt(
+        maxSizeBytes: parseConfigIntRequired(
           process.env["AUDIT_LOG_MAX_SIZE"] ?? options.auditLogMaxSize,
-          10
+          "audit-log-max-size",
+          1024
         )
       } : void 0;
       await createServer({
         transport: options.transport,
-        port: parseInt(options.port, 10),
+        port: parseConfigIntRequired(options.port, "port", 1, 65535),
         host,
         statelessHttp: options.stateless === true,
         dbPath: options.db,
         teamDbPath: options.teamDb,
         toolFilter: options.toolFilter,
-        defaultProjectNumber: options.defaultProject ? parseInt(options.defaultProject, 10) : process.env["DEFAULT_PROJECT_NUMBER"] ? parseInt(process.env["DEFAULT_PROJECT_NUMBER"], 10) : void 0,
+        defaultProjectNumber: options.defaultProject ? parseConfigIntRequired(options.defaultProject, "default-project", 1) : process.env["DEFAULT_PROJECT_NUMBER"] ? parseConfigIntRequired(
+          process.env["DEFAULT_PROJECT_NUMBER"],
+          "DEFAULT_PROJECT_NUMBER",
+          1
+        ) : void 0,
         autoRebuildIndex: options.autoRebuildIndex ?? process.env["AUTO_REBUILD_INDEX"] === "true",
         corsOrigins: options.corsOrigin ? options.corsOrigin.split(",").map((s) => s.trim()) : void 0,
         enableHSTS: options.enableHsts ?? process.env["MCP_ENABLE_HSTS"] === "true",
         authToken: options.authToken,
         scheduler: {
-          backupIntervalMinutes: parseInt(options.backupInterval, 10),
-          keepBackups: parseInt(options.keepBackups, 10),
-          vacuumIntervalMinutes: parseInt(options.vacuumInterval, 10),
-          rebuildIndexIntervalMinutes: parseInt(options.rebuildIndexInterval, 10),
-          digestIntervalMinutes: parseInt(options.digestInterval, 10)
+          backupIntervalMinutes: parseConfigIntRequired(
+            options.backupInterval,
+            "backup-interval",
+            0
+          ),
+          keepBackups: parseConfigIntRequired(
+            options.keepBackups,
+            "keep-backups",
+            1,
+            100
+          ),
+          vacuumIntervalMinutes: parseConfigIntRequired(
+            options.vacuumInterval,
+            "vacuum-interval",
+            0
+          ),
+          rebuildIndexIntervalMinutes: parseConfigIntRequired(
+            options.rebuildIndexInterval,
+            "rebuild-index-interval",
+            0
+          ),
+          digestIntervalMinutes: parseConfigIntRequired(
+            options.digestInterval,
+            "digest-interval",
+            0
+          )
         },
-        sandboxMode: options.sandboxMode,
         // OAuth 2.1
         oauthEnabled: options.oauthEnabled ?? process.env["OAUTH_ENABLED"] === "true",
         oauthIssuer: options.oauthIssuer ?? process.env["OAUTH_ISSUER"],
         oauthAudience: options.oauthAudience ?? process.env["OAUTH_AUDIENCE"],
         oauthJwksUri: options.oauthJwksUri ?? process.env["OAUTH_JWKS_URI"],
-        oauthClockTolerance: parseInt(
+        oauthClockTolerance: parseConfigIntRequired(
           process.env["OAUTH_CLOCK_TOLERANCE"] ?? options.oauthClockTolerance,
-          10
+          "oauth-clock-tolerance",
+          0,
+          3600
         ),
+        allowPlaintextLoopbackOAuth: options.oauthAllowPlaintextLoopback ?? process.env["OAUTH_ALLOW_PLAINTEXT_LOOPBACK"] === "true",
+        trustProxy: options.trustProxy ?? process.env["TRUST_PROXY"] === "true",
+        publicOrigin: options.publicOrigin ?? process.env["PUBLIC_ORIGIN"],
+        codemodeInternalFullAccess: options.codemodeInternalFullAccess ?? process.env["CODEMODE_INTERNAL_FULL_ACCESS"] === "true",
         // Project Registry
         projectRegistry: (() => {
           const raw = process.env["PROJECT_REGISTRY"];
           if (!raw) return void 0;
+          if (raw.length > 51200) {
+            throw new Error(
+              "PROJECT_REGISTRY environment variable exceeds size limit (50KB)"
+            );
+          }
           try {
-            return JSON.parse(raw);
+            const registrySchema = z.record(
+              z.string(),
+              z.object({
+                path: z.string().min(1),
+                project_number: z.number().nullable().optional()
+              }).strict()
+            );
+            const parsed = JSON.parse(raw);
+            const deepClean = (obj) => {
+              if (obj === null || typeof obj !== "object") return obj;
+              if (Array.isArray(obj)) return obj.map(deepClean);
+              const out = {};
+              for (const key of Object.keys(obj)) {
+                if (key === "__proto__" || key === "constructor" || key === "prototype")
+                  continue;
+                out[key] = deepClean(obj[key]);
+              }
+              return out;
+            };
+            const safeParsed = deepClean(parsed);
+            const validated = registrySchema.parse(safeParsed);
+            for (const key of Object.keys(validated)) {
+              const entry = validated[key];
+              if (!entry?.path) continue;
+              if (!path.isAbsolute(entry.path)) {
+                throw new Error(
+                  `Project registry path must be an absolute path: ${entry.path}`
+                );
+              }
+              const resolvedPath = path.resolve(entry.path);
+              try {
+                const stat = fs.lstatSync(resolvedPath);
+                if (stat.isSymbolicLink()) {
+                  throw new Error(
+                    `Project registry path cannot be a symlink (symlink traversal protection): ${resolvedPath}`
+                  );
+                }
+                if (!stat.isDirectory()) {
+                  throw new Error(
+                    `Project registry path is not a directory: ${resolvedPath}`
+                  );
+                }
+              } catch (e) {
+                const errMsg = e instanceof Error ? e.message : String(e);
+                throw new Error(
+                  `Project registry path does not exist or cannot be accessed: ${resolvedPath} (${errMsg})`,
+                  { cause: e }
+                );
+              }
+              entry.path = resolvedPath;
+            }
+            return validated;
           } catch (e) {
             const errName = e instanceof Error ? e.message : String(e);
             throw new Error(
-              `Failed to parse PROJECT_REGISTRY environment variable. Must be valid JSON: ${errName}`,
+              `Failed to parse PROJECT_REGISTRY environment variable. Must be valid JSON and safe paths: ${errName}`,
               { cause: e }
             );
           }
         })(),
+        // Allowed IO Roots
+        allowedIoRoots: (() => {
+          const raw = options.allowedIoRoots ?? process.env["ALLOWED_IO_ROOTS"];
+          if (!raw) return void 0;
+          if (raw.length > 51200) {
+            throw new Error(
+              "ALLOWED_IO_ROOTS configuration exceeds size limit (50KB)"
+            );
+          }
+          try {
+            if (raw.trim().startsWith("[")) {
+              const parsed = JSON.parse(raw);
+              if (Array.isArray(parsed) && parsed.every((p) => typeof p === "string" && path.isAbsolute(p))) {
+                const result = parsed;
+                for (const p of result) {
+                  try {
+                    if (!fs.existsSync(p)) {
+                      console.warn(
+                        `
+[WARN] ALLOWED_IO_ROOTS path does not exist: ${p}
+`
+                      );
+                    }
+                  } catch {
+                  }
+                }
+                return result;
+              }
+              throw new Error("Must be an array of absolute paths");
+            }
+            const parts = raw.split(",").map((s) => s.trim()).filter(Boolean);
+            if (parts.some((p) => !path.isAbsolute(p))) {
+              throw new Error("All paths must be absolute");
+            }
+            for (const p of parts) {
+              try {
+                if (!fs.existsSync(p)) {
+                  console.warn(
+                    `
+[WARN] ALLOWED_IO_ROOTS path does not exist: ${p}
+`
+                  );
+                }
+              } catch {
+              }
+            }
+            return parts;
+          } catch (e) {
+            const errName = e instanceof Error ? e.message : String(e);
+            throw new Error(`Invalid ALLOWED_IO_ROOTS configuration: ${errName}`, {
+              cause: e
+            });
+          }
+        })(),
         // Briefing configuration
         briefingConfig: {
-          entryCount: parseInt(
+          entryCount: parseConfigIntRequired(
             process.env["BRIEFING_ENTRY_COUNT"] ?? options.briefingEntries,
-            10
+            "briefing-entries"
           ),
-          summaryCount: parseInt(
+          summaryCount: parseConfigIntRequired(
             process.env["BRIEFING_SUMMARY_COUNT"] ?? options.briefingSummaries,
-            10
+            "briefing-summaries"
           ),
           includeTeam: options.briefingIncludeTeam ?? process.env["BRIEFING_INCLUDE_TEAM"] === "true",
-          issueCount: parseInt(
+          issueCount: parseConfigIntRequired(
             process.env["BRIEFING_ISSUE_COUNT"] ?? options.briefingIssues,
-            10
+            "briefing-issues"
           ),
-          prCount: parseInt(
+          prCount: parseConfigIntRequired(
             process.env["BRIEFING_PR_COUNT"] ?? options.briefingPrs,
-            10
+            "briefing-prs"
           ),
           prStatusBreakdown: options.briefingPrStatus ?? process.env["BRIEFING_PR_STATUS"] === "true",
-          milestoneCount: parseInt(
+          milestoneCount: parseConfigIntRequired(
             process.env["BRIEFING_MILESTONE_COUNT"] ?? options.briefingMilestones,
-            10
+            "briefing-milestones"
           ),
-          rulesFilePath: options.rulesFile ?? process.env["RULES_FILE_PATH"] ?? void 0,
-          skillsDirPath: options.skillsDir ?? process.env["SKILLS_DIR_PATH"] ?? void 0,
-          workflowCount: parseInt(
+          rulesFilePath: options.rulesFile ? path.resolve(process.cwd(), options.rulesFile) : process.env["RULES_FILE_PATH"] ? path.resolve(process.cwd(), process.env["RULES_FILE_PATH"]) : void 0,
+          skillsDirPath: options.skillsDir ? path.resolve(process.cwd(), options.skillsDir) : process.env["SKILLS_DIR_PATH"] ? path.resolve(process.cwd(), process.env["SKILLS_DIR_PATH"]) : void 0,
+          workflowCount: parseConfigIntRequired(
             process.env["BRIEFING_WORKFLOW_COUNT"] ?? options.briefingWorkflows,
-            10
+            "briefing-workflows"
           ),
           workflowStatusBreakdown: options.briefingWorkflowStatus ?? process.env["BRIEFING_WORKFLOW_STATUS"] === "true",
           copilotReviews: options.briefingCopilot ?? process.env["BRIEFING_COPILOT_REVIEWS"] === "true",
           workflowSummary: options.workflowSummary ?? process.env["MEMORY_JOURNAL_WORKFLOW_SUMMARY"] ?? void 0,
-          defaultProjectNumber: options.defaultProject ? parseInt(options.defaultProject, 10) : process.env["DEFAULT_PROJECT_NUMBER"] ? parseInt(process.env["DEFAULT_PROJECT_NUMBER"], 10) : void 0
+          defaultProjectNumber: options.defaultProject ? parseConfigIntRequired(options.defaultProject, "default-project", 1) : process.env["DEFAULT_PROJECT_NUMBER"] ? parseConfigIntRequired(
+            process.env["DEFAULT_PROJECT_NUMBER"],
+            "DEFAULT_PROJECT_NUMBER",
+            1
+          ) : void 0
         },
         instructionLevel: options.instructionLevel !== "standard" ? options.instructionLevel : process.env["INSTRUCTION_LEVEL"] ?? "standard",
-        auditConfig
+        auditConfig,
+        flagVocabulary: (() => {
+          const raw = options.flagVocabulary ?? process.env["FLAG_VOCABULARY"];
+          if (!raw) return void 0;
+          return raw.split(",").map((s) => s.trim().toLowerCase()).filter(Boolean);
+        })()
       });
     } catch (error) {
       logger.error("Failed to start server", {