metheus-governance-mcp-cli 0.2.43 → 0.2.44

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/cli.mjs +28 -11
  2. package/package.json +1 -1
package/cli.mjs CHANGED
@@ -2755,11 +2755,11 @@ function syncCtxpackToLocalCache({
2755
2755
  ? metaPath
2756
2756
  : path.join(resolvedWorkspaceDir, CTXPACK_META_FILENAME);
2757
2757
 
2758
- if (!workspaceSignalTrusted && !isHomeFallback) {
2758
+ if (!workspaceSignalTrusted) {
2759
2759
  return {
2760
2760
  sync_status: "guarded",
2761
2761
  sync_message:
2762
- "Workspace signal is missing in auto mode. Guardrail blocked ctxpack local write to avoid wrong folder sync.",
2762
+ "Workspace signal is missing in auto mode. Guardrail blocked ctxpack local write.",
2763
2763
  local_path: cacheDir,
2764
2764
  workspace_path: resolvedWorkspaceDir,
2765
2765
  local_file_count: 0,
@@ -3638,6 +3638,15 @@ function shouldUseSafeToolAliasesForClient(initParamsRaw) {
3638
3638
  return name.includes("cursor") || name.includes("antigravity");
3639
3639
  }
3640
3640
 
3641
+ function canTrustProcessCwdForClient(clientNameRaw) {
3642
+ const name = String(clientNameRaw || "").trim().toLowerCase();
3643
+ if (!name) return false;
3644
+ // Codex app-server may not pass workspace signals reliably; never trust bare process.cwd().
3645
+ if (name.includes("codex")) return false;
3646
+ // VS Code forks generally spawn MCP in active workspace folder.
3647
+ return name.includes("cursor") || name.includes("antigravity");
3648
+ }
3649
+
3641
3650
  function displayToolNameForClient(canonicalName, useSafeToolAliases = false) {
3642
3651
  const canonical = String(canonicalName || "").trim();
3643
3652
  if (!canonical) return "";
@@ -4222,6 +4231,7 @@ async function runProxy(flags) {
4222
4231
  let sessionUseSafeToolAliases = false;
4223
4232
  let sessionToolAliasToCanonical = new Map();
4224
4233
  let sessionToolCanonicalToAlias = new Map();
4234
+ let sessionClientName = "";
4225
4235
 
4226
4236
  // Proxy-initiated requests (e.g., roots/list) pending client responses.
4227
4237
  const pendingProxyRequests = new Map(); // id → callback(responseObj)
@@ -4353,8 +4363,13 @@ async function runProxy(flags) {
4353
4363
  return;
4354
4364
  }
4355
4365
 
4356
- if (isJsonRpcMethod(requestObj, "initialize") && shouldUseSafeToolAliasesForClient(requestObj?.params)) {
4357
- sessionUseSafeToolAliases = true;
4366
+ if (isJsonRpcMethod(requestObj, "initialize")) {
4367
+ const initParams = safeObject(requestObj?.params);
4368
+ const initClientInfo = safeObject(initParams.clientInfo);
4369
+ sessionClientName = String(initClientInfo.name || "").trim().toLowerCase();
4370
+ if (shouldUseSafeToolAliasesForClient(initParams)) {
4371
+ sessionUseSafeToolAliases = true;
4372
+ }
4358
4373
  }
4359
4374
  if (sessionUseSafeToolAliases) {
4360
4375
  requestObj = rewriteAliasedToolCallToCanonical(requestObj, sessionToolAliasToCanonical);
@@ -4380,10 +4395,13 @@ async function runProxy(flags) {
4380
4395
  }
4381
4396
  if (!sessionWorkspaceDir) {
4382
4397
  const currentCwdCandidate = sanitizeWorkspaceCandidate(process.cwd());
4383
- if (currentCwdCandidate && !isHomeWorkspaceRoot(currentCwdCandidate)) {
4398
+ if (
4399
+ currentCwdCandidate &&
4400
+ !isHomeWorkspaceRoot(currentCwdCandidate) &&
4401
+ canTrustProcessCwdForClient(sessionClientName)
4402
+ ) {
4384
4403
  sessionWorkspaceDir = currentCwdCandidate;
4385
- // VS Code forks (Antigravity, Cursor) set cwd to workspace folder
4386
- // when spawning MCP server processes, so treat plausible cwd as trusted.
4404
+ // For selected clients, process cwd is a valid workspace signal.
4387
4405
  sessionWorkspaceTrusted = true;
4388
4406
  }
4389
4407
  }
@@ -4394,9 +4412,12 @@ async function runProxy(flags) {
4394
4412
  }
4395
4413
  }
4396
4414
  }
4415
+ const hasWeakRequestWorkspaceSignal =
4416
+ Boolean(weakRequestWorkspaceCandidate) && !isHomeWorkspaceRoot(weakRequestWorkspaceCandidate);
4397
4417
  const workspaceSignalTrusted =
4398
4418
  args.explicitPinnedWorkspace ||
4399
4419
  sessionWorkspaceTrusted ||
4420
+ hasWeakRequestWorkspaceSignal ||
4400
4421
  Boolean(strongRequestWorkspaceCandidate || strongEnvWorkspaceCandidate);
4401
4422
  const requestWorkspaceDir = args.explicitPinnedWorkspace
4402
4423
  ? resolveWorkspaceDir(args.workspaceDir || process.cwd())
@@ -5155,13 +5176,9 @@ function runSetupInternal(flags, options = {}) {
5155
5176
  const transport = getRegisteredTransport(cliBin, context.serverName);
5156
5177
  if (transport) {
5157
5178
  const existingWorkspaceDir = extractWorkspaceDirArg(transport.args);
5158
- const existingEnv = safeObject(transport.env);
5159
- const existingWorkspaceEnv = String(existingEnv.METHEUS_WORKSPACE_DIR || "").trim();
5160
5179
  if (existingWorkspaceDir && !isAutoWorkspaceMode(existingWorkspaceDir)) {
5161
5180
  proxyArgsForRegister = withWorkspaceDirArg(proxyArgsForRegister, existingWorkspaceDir);
5162
5181
  workspaceEnvForRegister = "";
5163
- } else if (!workspaceEnvForRegister && existingWorkspaceEnv) {
5164
- workspaceEnvForRegister = resolveWorkspaceDir(existingWorkspaceEnv);
5165
5182
  }
5166
5183
  }
5167
5184
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "metheus-governance-mcp-cli",
3
- "version": "0.2.43",
3
+ "version": "0.2.44",
4
4
  "description": "Metheus Governance MCP CLI (setup + stdio proxy)",
5
5
  "type": "module",
6
6
  "files": [