PyPI - open-edison - Versions diffs - 0.1.11__py3-none-any.whl → 0.1.15__py3-none-any.whl - Mend

open-edison 0.1.11py3-none-any.whl → 0.1.15py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

{open_edison-0.1.11.dist-info → open_edison-0.1.15.dist-info}/METADATA +2 -2
open_edison-0.1.15.dist-info/RECORD +18 -0
src/frontend_dist/assets/index-_NTxjOfh.js +51 -0
src/frontend_dist/assets/index-h6k8aL6h.css +1 -0
src/frontend_dist/index.html +2 -2
src/middleware/data_access_tracker.py +217 -133
src/middleware/session_tracking.py +7 -0
src/server.py +188 -7
src/telemetry.py +23 -1
open_edison-0.1.11.dist-info/RECORD +0 -18
src/frontend_dist/assets/index-BPaXg1vr.js +0 -51
src/frontend_dist/assets/index-BVdkI6ig.css +0 -1
{open_edison-0.1.11.dist-info → open_edison-0.1.15.dist-info}/WHEEL +0 -0
{open_edison-0.1.11.dist-info → open_edison-0.1.15.dist-info}/entry_points.txt +0 -0
{open_edison-0.1.11.dist-info → open_edison-0.1.15.dist-info}/licenses/LICENSE +0 -0

src/server.py CHANGED Viewed

@@ -6,6 +6,7 @@ No multi-user support, no complex routing - just a straightforward proxy.
 """
 import asyncio
+import traceback
 from collections.abc import Awaitable, Callable, Coroutine
 from pathlib import Path
 from typing import Any, cast
@@ -16,7 +17,9 @@ from fastapi.middleware.cors import CORSMiddleware
 from fastapi.responses import FileResponse, JSONResponse, Response
 from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
 from fastapi.staticfiles import StaticFiles
+from fastmcp import FastMCP
 from loguru import logger as log
+from pydantic import BaseModel, Field
 from src.config import MCPServerConfig, config
 from src.config import get_config_dir as _get_cfg_dir  # type: ignore[attr-defined]
@@ -178,21 +181,33 @@ class OpenEdisonProxy:
         }
         def _resolve_json_path(filename: str) -> Path:
-            # JSON files reside in the config directory
+            """
+            Resolve a JSON config file path consistently with src.config defaults.
+            Precedence for reads (and writes if chosen):
+            1) Repository root next to src/ (editable/dev) if file exists
+            2) Config dir (OPEN_EDISON_CONFIG_DIR or platform default)
+               - If missing, bootstrap from repo root default when available
+            3) Current working directory as last resort
+            """
+            # 1) Prefer repository root next to src/
+            repo_candidate = Path(__file__).parent.parent / filename
+            if repo_candidate.exists():
+                return repo_candidate
+            # 2) Config directory
             try:
                 base = _get_cfg_dir()
             except Exception:
                 base = Path.cwd()
             target = base / filename
-            # If missing and we ship a default in package root, bootstrap it
-            if not target.exists():
+            if (not target.exists()) and repo_candidate.exists():
                 try:
-                    pkg_default = Path(__file__).parent.parent / filename
-                    if pkg_default.exists():
-                        target.write_text(pkg_default.read_text(encoding="utf-8"), encoding="utf-8")
+                    target.parent.mkdir(parents=True, exist_ok=True)
+                    target.write_text(repo_candidate.read_text(encoding="utf-8"), encoding="utf-8")
                 except Exception:
                     pass
-            return target
+            return target if target.exists() else repo_candidate
         async def _serve_json(filename: str) -> Response:  # type: ignore[override]
             if filename not in allowed_json_files:
@@ -262,6 +277,18 @@ class OpenEdisonProxy:
         return app
+    def _build_backend_config_top(
+        self, server_name: str, body: "OpenEdisonProxy._ValidateRequest"
+    ) -> dict[str, Any]:
+        backend_entry: dict[str, Any] = {
+            "command": body.command,
+            "args": body.args,
+            "env": body.env or {},
+        }
+        if body.roots:
+            backend_entry["roots"] = body.roots
+        return {"mcpServers": {server_name: backend_entry}}
     async def start(self) -> None:
         """Start the Open Edison proxy server"""
         log.info("🚀 Starting Open Edison MCP Proxy Server")
@@ -343,6 +370,12 @@ class OpenEdisonProxy:
             methods=["POST"],
             dependencies=[Depends(self.verify_api_key)],
         )
+        app.add_api_route(
+            "/mcp/validate",
+            self.validate_mcp_server,
+            methods=["POST"],
+            # Intentionally no auth required for validation for now
+        )
         app.add_api_route(
             "/mcp/{server_name}/stop",
             self.stop_mcp_server,
@@ -565,3 +598,151 @@ class OpenEdisonProxy:
         except Exception as e:
             log.error(f"Failed to fetch sessions: {e}")
             raise HTTPException(status_code=500, detail="Failed to fetch sessions") from e
+    # ---- MCP validation ----
+    class _ValidateRequest(BaseModel):
+        name: str | None = Field(None, description="Optional server name label")
+        command: str = Field(..., description="Executable to run, e.g. 'npx' or 'uvx'")
+        args: list[str] = Field(default_factory=list, description="Arguments to the command")
+        env: dict[str, str] | None = Field(
+            default=None,
+            description="Environment variables for the subprocess (values should already exist)",
+        )
+        roots: list[str] | None = Field(
+            default=None, description="Optional allowed roots for the MCP server"
+        )
+        timeout_s: float | None = Field(20.0, description="Overall timeout for validation")
+    async def validate_mcp_server(self, body: _ValidateRequest) -> dict[str, Any]:  # noqa: C901
+        """
+        Validate an MCP server by launching it via FastMCP and listing capabilities.
+        Returns tools, resources, and prompts if successful.
+        """
+        server_name = body.name or "validation"
+        backend_cfg = self._build_backend_config_top(server_name, body)
+        log.info(
+            f"Validating MCP server command for '{server_name}': {body.command} {' '.join(body.args)}"
+        )
+        server: FastMCP[Any] | None = None
+        try:
+            # Guard for template entries with no command configured
+            if not body.command or not body.command.strip():
+                return {
+                    "valid": False,
+                    "error": "No command configured (template entry)",
+                    "server": {
+                        "name": server_name,
+                        "command": body.command,
+                        "args": body.args,
+                        "has_roots": bool(body.roots),
+                    },
+                }
+            server = FastMCP.as_proxy(
+                backend=backend_cfg, name=f"open-edison-validate-{server_name}"
+            )
+            tools, resources, prompts = await self._list_all_capabilities(server, body)
+            return {
+                "valid": True,
+                "server": {
+                    "name": server_name,
+                    "command": body.command,
+                    "args": body.args,
+                    "has_roots": bool(body.roots),
+                },
+                "tools": [self._safe_tool(t) for t in tools],
+                "resources": [self._safe_resource(r) for r in resources],
+                "prompts": [self._safe_prompt(p) for p in prompts],
+            }
+        except TimeoutError as te:  # noqa: PERF203
+            log.error(f"MCP validation timed out: {te}\n{traceback.format_exc()}")
+            return {
+                "valid": False,
+                "error": "Validation timed out",
+                "server": {
+                    "name": server_name,
+                    "command": body.command,
+                    "args": body.args,
+                    "has_roots": bool(body.roots),
+                },
+            }
+        except Exception as e:  # noqa: BLE001
+            log.error(f"MCP validation failed: {e}\n{traceback.format_exc()}")
+            return {
+                "valid": False,
+                "error": str(e),
+                "server": {
+                    "name": server_name,
+                    "command": body.command,
+                    "args": body.args,
+                    "has_roots": bool(body.roots),
+                },
+            }
+        finally:
+            # Best-effort cleanup if FastMCP exposes a shutdown/close
+            try:
+                if isinstance(server, FastMCP):
+                    result = server.shutdown()  # type: ignore[attr-defined]
+                    # If it returns an awaitable, await it
+                    if isinstance(result, Awaitable):
+                        await result  # type: ignore[func-returns-value]
+            except Exception as cleanup_err:  # noqa: BLE001
+                log.debug(f"Validator cleanup skipped/failed: {cleanup_err}")
+    def _build_backend_config(
+        self, server_name: str, body: "OpenEdisonProxy._ValidateRequest"
+    ) -> dict[str, Any]:
+        backend_entry: dict[str, Any] = {
+            "command": body.command,
+            "args": body.args,
+            "env": body.env or {},
+        }
+        if body.roots:
+            backend_entry["roots"] = body.roots
+        return {"mcpServers": {server_name: backend_entry}}
+    async def _list_all_capabilities(
+        self, server: FastMCP[Any], body: "OpenEdisonProxy._ValidateRequest"
+    ) -> tuple[list[Any], list[Any], list[Any]]:
+        s: Any = server
+        async def _call_list(kind: str) -> list[Any]:
+            # Prefer public list_*; fallback to _list_* for proxies that expose private methods
+            for attr in (f"list_{kind}", f"_list_{kind}"):
+                if hasattr(s, attr):
+                    method = getattr(s, attr)
+                    return await method()
+            raise AttributeError(f"Proxy does not expose list method for {kind}")
+        async def list_all() -> tuple[list[Any], list[Any], list[Any]]:
+            tools = await _call_list("tools")
+            resources = await _call_list("resources")
+            prompts = await _call_list("prompts")
+            return tools, resources, prompts
+        timeout = body.timeout_s if isinstance(body.timeout_s, (int | float)) else 20.0
+        return await asyncio.wait_for(list_all(), timeout=timeout)
+    def _safe_tool(self, t: Any) -> dict[str, Any]:
+        name = getattr(t, "name", None)
+        description = getattr(t, "description", None)
+        return {"name": str(name) if name is not None else "", "description": description}
+    def _safe_resource(self, r: Any) -> dict[str, Any]:
+        uri = getattr(r, "uri", None)
+        try:
+            uri_str = str(uri) if uri is not None else ""
+        except Exception:
+            uri_str = ""
+        description = getattr(r, "description", None)
+        return {"uri": uri_str, "description": description}
+    def _safe_prompt(self, p: Any) -> dict[str, Any]:
+        name = getattr(p, "name", None)
+        description = getattr(p, "description", None)
+        return {"name": str(name) if name is not None else "", "description": description}

src/telemetry.py CHANGED Viewed

@@ -50,6 +50,8 @@ _prompt_used_counter: Any | None = None
 _private_data_access_counter: Any | None = None
 _untrusted_public_data_counter: Any | None = None
 _write_operation_counter: Any | None = None
+_resource_access_blocked_counter: Any | None = None
+_prompt_access_blocked_counter: Any | None = None
 def _ensure_install_id() -> str:
@@ -116,7 +118,7 @@ def telemetry_recorder(func: Callable[P, R]) -> Callable[P, R | None]:  # noqa:
     return wrapper
-def initialize_telemetry(override: TelemetryConfig | None = None) -> None:
+def initialize_telemetry(override: TelemetryConfig | None = None) -> None:  # noqa: C901
     """Initialize telemetry if enabled in config.
     Safe to call multiple times; only first call initializes.
@@ -197,7 +199,9 @@ def initialize_telemetry(override: TelemetryConfig | None = None) -> None:
         _servers_installed_gauge = meter.create_up_down_counter("servers_installed")
         _tool_calls_metadata_counter = meter.create_counter("tool_calls_metadata")
         _resource_used_counter = meter.create_counter("resource_used")
+        _resource_access_blocked_counter = meter.create_counter("resource_access_blocked")
         _prompt_used_counter = meter.create_counter("prompt_used")
+        _prompt_access_blocked_counter = meter.create_counter("prompt_access_blocked")
         _private_data_access_counter = meter.create_counter("private_data_access_calls")
         _untrusted_public_data_counter = meter.create_counter("untrusted_public_data_calls")
         _write_operation_counter = meter.create_counter("write_operation_calls")
@@ -280,6 +284,15 @@ def record_resource_used(resource_name: str) -> None:
     _resource_used_counter.add(1, attributes=_common_attrs({"resource": resource_name}))
+@telemetry_recorder
+def record_resource_access_blocked(resource_name: str, reason: str) -> None:
+    if _resource_access_blocked_counter is None:
+        return
+    _resource_access_blocked_counter.add(
+        1, attributes=_common_attrs({"resource": resource_name, "reason": reason})
+    )
 @telemetry_recorder
 def record_prompt_used(prompt_name: str) -> None:
     if _prompt_used_counter is None:
@@ -287,6 +300,15 @@ def record_prompt_used(prompt_name: str) -> None:
     _prompt_used_counter.add(1, attributes=_common_attrs({"prompt": prompt_name}))
+@telemetry_recorder
+def record_prompt_access_blocked(prompt_name: str, reason: str) -> None:
+    if _prompt_access_blocked_counter is None:
+        return
+    _prompt_access_blocked_counter.add(
+        1, attributes=_common_attrs({"prompt": prompt_name, "reason": reason})
+    )
 @telemetry_recorder
 def record_private_data_access(source_type: str, name: str) -> None:
     if _private_data_access_counter is None:

open_edison-0.1.11.dist-info/RECORD DELETED Viewed

@@ -1,18 +0,0 @@
-src/__init__.py,sha256=QWeZdjAm2D2B0eWhd8m2-DPpWvIP26KcNJxwEoU1oEQ,254
-src/__main__.py,sha256=kQsaVyzRa_ESC57JpKDSQJAHExuXme0rM5beJsYxFeA,161
-src/cli.py,sha256=9cJN6mRvjbCcpTyTdUVl47J7OB7bxzSy0h8tfVbHuQU,9982
-src/config.py,sha256=2a5rdImQmNGggL690PQprqZVsRUAJcdo8KS2Foj9N-U,9345
-src/mcp_manager.py,sha256=VpRdVMy1WLegC-gBnyTcBMcKzQsdIn4JIWuHf7Q40hg,4442
-src/server.py,sha256=IL0LA6k6b-r6hhpKXjqN3b3ZwvYLp0oneOx-r9DNNGs,23161
-src/single_user_mcp.py,sha256=ue5UnC0nfmuLR4z87904WqH7B-0FaACFDWaBNNL7hXE,15259
-src/telemetry.py,sha256=Rj8bk6DsJOvC_xNr07lkGIya4a95kt5Fnoo43B7qFWo,11061
-src/frontend_dist/index.html,sha256=Zh5YmjkX9_Uy-pUpcLNvhvym4NazF6uA8MrMAT_cSIM,673
-src/frontend_dist/assets/index-BPaXg1vr.js,sha256=BRGusr3m0yFM3wa3f_W81uKyCJmfmSQz249Fmt09FKA,232913
-src/frontend_dist/assets/index-BVdkI6ig.css,sha256=gRr72wH_UhcHGoG-jSJG56j-QsRQekD3p2RkpCWfXtI,13921
-src/middleware/data_access_tracker.py,sha256=D8ZeE1teR50glOeIPNTv9IIo8wfz8nDCXmIX4KrsfIM,21991
-src/middleware/session_tracking.py,sha256=Q8g7DZN9pX6nONKB3rwdPXprBZL_ManGn8E49zJiBd8,19578
-open_edison-0.1.11.dist-info/METADATA,sha256=sVFkwNbVZggGg0l5STE8Q0DWD_7pEYdn8aIPiG5o2HI,8967
-open_edison-0.1.11.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
-open_edison-0.1.11.dist-info/entry_points.txt,sha256=qNAkJcnoTXRhj8J--3PDmXz_TQKdB8H_0C9wiCtDIyA,72
-open_edison-0.1.11.dist-info/licenses/LICENSE,sha256=OXLcl0T2SZ8Pmy2_dmlvKuetivmyPd5m1q-Gyd-zaYY,35149
-open_edison-0.1.11.dist-info/RECORD,,

open-edison 0.1.11__py3-none-any.whl → 0.1.15__py3-none-any.whl

open-edison 0.1.11py3-none-any.whl → 0.1.15py3-none-any.whl