PyPI - open-edison - Versions diffs - 0.1.17__tar.gz → 0.1.19__tar.gz - Mend

open-edison 0.1.17tar.gz → 0.1.19tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (34) hide show

{open_edison-0.1.17 → open_edison-0.1.19}/.gitignore RENAMED Viewed

@@ -215,4 +215,5 @@ test.db
 src/frontend_dist/
 frontend_dist/
 frontend/node_modules/
-frontend/package-lock.json
+frontend/package-lock.json
+.vscode

{open_edison-0.1.17 → open_edison-0.1.19}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: open-edison
-Version: 0.1.17
+Version: 0.1.19
 Summary: Open-source MCP security, aggregation, and monitoring. Single-user, self-hosted MCP proxy.
 Author-email: Hugo Berg <hugo@edison.watch>
 License-File: LICENSE
@@ -27,9 +27,24 @@ Description-Content-Type: text/markdown
 # OpenEdison
-Open-source MCP security gateway that prevents data exfiltration—via direct access or tool chaining—with full monitoring for local single‑user deployments. Provides core functionality of <https://edison.watch> for local, single-user use.
+Open-source single-user MCP security gateway that prevents data exfiltration—via direct access or tool chaining—with full monitoring for local single‑user deployments. Provides core functionality of <https://edison.watch> for local use.
-Just want to run it?
+<div align="center">
+  <h2>📧 Interested in connecting AI to your business software with proper access controls? <a href="mailto:hello@edison.watch">Contact us</a> to discuss.</h2>
+</div>
+## Features
+- **Single-user MCP proxy** - No multi-user complexity, just a simple proxy for your MCP servers
+- **JSON configuration** - Easy to configure and manage your MCP servers
+- **Simple local frontend** - Track and monitor your MCP interactions, servers, and sessions.
+- **Session tracking** - Track and monitor your MCP interactions
+- **Simple API** - REST API for managing MCP servers and proxying requests
+- **Docker support** - Run in a container for easy deployment
+## Quick Start
+The fastest way to get started:
 ```bash
 # Installs uv (via Astral installer) and launches open-edison with uvx.
@@ -39,36 +54,30 @@ curl -fsSL https://raw.githubusercontent.com/Edison-Watch/open-edison/main/curl_
 Run locally with uvx: `uvx open-edison --config-dir ~/edison-config`
+<details>
+<summary>Install Node.js/npm (optional for MCP tools)</summary>
 If you need `npx` (for Node-based MCP tools like `mcp-remote`), install Node.js as well:
-- macOS:
-  - uv: `curl -fsSL https://astral.sh/uv/install.sh | sh`
-  - Node/npx: `brew install node`
-- Linux (Debian/Ubuntu):
-  - uv: `curl -fsSL https://astral.sh/uv/install.sh | sh`
-  - Node/npx: `sudo apt-get update && sudo apt-get install -y nodejs npm`
-- Windows (PowerShell):
-  - uv: `powershell -ExecutionPolicy ByPass -c "irm https://astral.sh/uv/install.ps1 | iex"`
-  - Node/npx: `winget install -e --id OpenJS.NodeJS`
+![macOS](https://img.shields.io/badge/mac%20os-000000?style=for-the-badge&logo=apple&logoColor=white)
-After installation, ensure that `npx` is available on PATH.
+- uv: `curl -fsSL https://astral.sh/uv/install.sh | sh`
+- Node/npx: `brew install node`
-<div align="center">
-  <h2>📧 Interested in connecting AI to your business software with proper access controls? <a href="mailto:hello@edison.watch">Contact us</a> to discuss.</h2>
-</div>
+![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)
-## Features
+- uv: `curl -fsSL https://astral.sh/uv/install.sh | sh`
+- Node/npx: `sudo apt-get update && sudo apt-get install -y nodejs npm`
-- **Single-user MCP proxy** - No multi-user complexity, just a simple proxy for your MCP servers
-- **JSON configuration** - Easy to configure and manage your MCP servers
-- **Simple local frontend** - Track and monitor your MCP interactions, servers, and sessions.
-- **Session tracking** - Track and monitor your MCP interactions
-- **Simple API** - REST API for managing MCP servers and proxying requests
-- **Docker support** - Run in a container for easy deployment
+![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)
-## Quick Start
+- uv: `powershell -ExecutionPolicy ByPass -c "irm https://astral.sh/uv/install.ps1 | iex"`
+- Node/npx: `winget install -e --id OpenJS.NodeJS`
+After installation, ensure that `npx` is available on PATH.
-### Install from PyPI
+<details>
+<summary><img src="https://img.shields.io/badge/pypi-3775A9?style=for-the-badge&logo=pypi&logoColor=white" alt="PyPI"> Install from PyPI</summary>
 #### Prerequisites
@@ -91,7 +100,10 @@ open-edison run --config-dir ~/edison-config
 OPEN_EDISON_CONFIG_DIR=~/edison-config open-edison run
 ```
-### Run with Docker
+</details>
+<details>
+<summary><img src="https://img.shields.io/badge/Docker-2CA5E0?style=for-the-badge&logo=docker&logoColor=white" alt="Docker"> Run with Docker</summary>
 There is a dockerfile for simple local setup.
@@ -110,7 +122,10 @@ make docker_run
 The MCP server will be available at `http://localhost:3000` and the api + frontend at `http://localhost:3001`.
-### Run from source
+</details>
+<details>
+<summary>⚙️ Run from source</summary>
 1. Clone the repository:
@@ -148,7 +163,10 @@ open-edison run
 The server will be available at `http://localhost:3000`.
-## MCP Connection
+</details>
+<details>
+<summary>MCP Connection</summary>
 Connect any MCP client to Open Edison (requires Node.js/npm for `npx`):
@@ -169,13 +187,17 @@ Or add to your MCP client config:
 }
 ```
-## Usage
+</details>
+<details>
+<summary>Usage</summary>
 ### API Endpoints
 See [API Reference](docs/quick-reference/api_reference.md) for full API documentation.
-## Development
+<details>
+<summary>Development</summary>
 ### Setup
@@ -197,6 +219,11 @@ We expect `make ci` to return cleanly.
 make ci
 ```
+</details>
+<details>
+<summary>⚙️ Configuration (config.json)</summary>
 ## Configuration
 The `config.json` file contains all configuration:
@@ -215,14 +242,23 @@ Each MCP server configuration includes:
 - `env` - Environment variables (optional)
 - `enabled` - Whether to auto-start this server
-## Security & Permissions System
+</details>
-Open Edison includes a comprehensive security monitoring system that tracks the "lethal trifecta" of AI agent risks:
+</details>
+<details>
+<summary>Security & Permissions System</summary>
+Open Edison includes a comprehensive security monitoring system that tracks the "lethal trifecta" of AI agent risks, as described in [Simon Willison's blog post](https://simonwillison.net/2025/Jun/16/the-lethal-trifecta/):
+<img src="media/lethal-trifecta.png" alt="The lethal trifecta diagram showing the three key AI agent security risks" width="30%">
 1. **Private data access** - Access to sensitive local files/data
 2. **Untrusted content exposure** - Exposure to external/web content
 3. **External communication** - Ability to write/send data externally
+<img src="media/pam-diagram.png" alt="Privileged Access Management (PAM) example showing the lethal trifecta in action" width="60%">
 The configuration allows you to classify these risks across **tools**, **resources**, and **prompts** using separate configuration files.
 In addition to trifecta, we track Access Control Level (ACL) for each tool call,
@@ -246,6 +282,9 @@ Defines security classifications for MCP tools. See full file: [tool_permissions
 }
 ```
+<details>
+<summary>Resource Permissions (`resource_permissions.json`)</summary>
 ### Resource Permissions (`resource_permissions.json`)
 Defines security classifications for resource access patterns. See full file: [resource_permissions.json](resource_permissions.json), it looks like:
@@ -257,6 +296,11 @@ Defines security classifications for resource access patterns. See full file: [r
 }
 ```
+</details>
+<details>
+<summary>Prompt Permissions (`prompt_permissions.json`)</summary>
 ### Prompt Permissions (`prompt_permissions.json`)
 Defines security classifications for prompt types. See full file: [prompt_permissions.json](prompt_permissions.json), it looks like:
@@ -268,6 +312,8 @@ Defines security classifications for prompt types. See full file: [prompt_permis
 }
 ```
+</details>
 ### Wildcard Patterns
 All permission types support wildcard patterns:
@@ -282,7 +328,10 @@ All permission types support wildcard patterns:
 Use the `get_security_status` tool to monitor your session's current risk level and see which capabilities have been accessed. When the lethal trifecta is achieved (all three risk flags set), further potentially dangerous operations are blocked.
-## Documentation
+</details>
+<details>
+<summary>Documentation</summary>
 📚 **Complete documentation available in [`docs/`](docs/)**
@@ -291,6 +340,11 @@ Use the `get_security_status` tool to monitor your session's current risk level
 - **[API Reference](docs/quick-reference/api_reference.md)** - REST API documentation
 - **[Development Guide](docs/development/development_guide.md)** - Contributing and development
-## License
+</details>
+<details>
+<summary>License</summary>
 GPL-3.0 License - see [LICENSE](LICENSE) for details.
+</details>

{open_edison-0.1.17 → open_edison-0.1.19}/README.md RENAMED Viewed

@@ -1,8 +1,23 @@
 # OpenEdison
-Open-source MCP security gateway that prevents data exfiltration—via direct access or tool chaining—with full monitoring for local single‑user deployments. Provides core functionality of <https://edison.watch> for local, single-user use.
+Open-source single-user MCP security gateway that prevents data exfiltration—via direct access or tool chaining—with full monitoring for local single‑user deployments. Provides core functionality of <https://edison.watch> for local use.
-Just want to run it?
+<div align="center">
+  <h2>📧 Interested in connecting AI to your business software with proper access controls? <a href="mailto:hello@edison.watch">Contact us</a> to discuss.</h2>
+</div>
+## Features
+- **Single-user MCP proxy** - No multi-user complexity, just a simple proxy for your MCP servers
+- **JSON configuration** - Easy to configure and manage your MCP servers
+- **Simple local frontend** - Track and monitor your MCP interactions, servers, and sessions.
+- **Session tracking** - Track and monitor your MCP interactions
+- **Simple API** - REST API for managing MCP servers and proxying requests
+- **Docker support** - Run in a container for easy deployment
+## Quick Start
+The fastest way to get started:
 ```bash
 # Installs uv (via Astral installer) and launches open-edison with uvx.
@@ -12,36 +27,30 @@ curl -fsSL https://raw.githubusercontent.com/Edison-Watch/open-edison/main/curl_
 Run locally with uvx: `uvx open-edison --config-dir ~/edison-config`
+<details>
+<summary>Install Node.js/npm (optional for MCP tools)</summary>
 If you need `npx` (for Node-based MCP tools like `mcp-remote`), install Node.js as well:
-- macOS:
-  - uv: `curl -fsSL https://astral.sh/uv/install.sh | sh`
-  - Node/npx: `brew install node`
-- Linux (Debian/Ubuntu):
-  - uv: `curl -fsSL https://astral.sh/uv/install.sh | sh`
-  - Node/npx: `sudo apt-get update && sudo apt-get install -y nodejs npm`
-- Windows (PowerShell):
-  - uv: `powershell -ExecutionPolicy ByPass -c "irm https://astral.sh/uv/install.ps1 | iex"`
-  - Node/npx: `winget install -e --id OpenJS.NodeJS`
+![macOS](https://img.shields.io/badge/mac%20os-000000?style=for-the-badge&logo=apple&logoColor=white)
-After installation, ensure that `npx` is available on PATH.
+- uv: `curl -fsSL https://astral.sh/uv/install.sh | sh`
+- Node/npx: `brew install node`
-<div align="center">
-  <h2>📧 Interested in connecting AI to your business software with proper access controls? <a href="mailto:hello@edison.watch">Contact us</a> to discuss.</h2>
-</div>
+![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)
-## Features
+- uv: `curl -fsSL https://astral.sh/uv/install.sh | sh`
+- Node/npx: `sudo apt-get update && sudo apt-get install -y nodejs npm`
-- **Single-user MCP proxy** - No multi-user complexity, just a simple proxy for your MCP servers
-- **JSON configuration** - Easy to configure and manage your MCP servers
-- **Simple local frontend** - Track and monitor your MCP interactions, servers, and sessions.
-- **Session tracking** - Track and monitor your MCP interactions
-- **Simple API** - REST API for managing MCP servers and proxying requests
-- **Docker support** - Run in a container for easy deployment
+![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)
-## Quick Start
+- uv: `powershell -ExecutionPolicy ByPass -c "irm https://astral.sh/uv/install.ps1 | iex"`
+- Node/npx: `winget install -e --id OpenJS.NodeJS`
+After installation, ensure that `npx` is available on PATH.
-### Install from PyPI
+<details>
+<summary><img src="https://img.shields.io/badge/pypi-3775A9?style=for-the-badge&logo=pypi&logoColor=white" alt="PyPI"> Install from PyPI</summary>
 #### Prerequisites
@@ -64,7 +73,10 @@ open-edison run --config-dir ~/edison-config
 OPEN_EDISON_CONFIG_DIR=~/edison-config open-edison run
 ```
-### Run with Docker
+</details>
+<details>
+<summary><img src="https://img.shields.io/badge/Docker-2CA5E0?style=for-the-badge&logo=docker&logoColor=white" alt="Docker"> Run with Docker</summary>
 There is a dockerfile for simple local setup.
@@ -83,7 +95,10 @@ make docker_run
 The MCP server will be available at `http://localhost:3000` and the api + frontend at `http://localhost:3001`.
-### Run from source
+</details>
+<details>
+<summary>⚙️ Run from source</summary>
 1. Clone the repository:
@@ -121,7 +136,10 @@ open-edison run
 The server will be available at `http://localhost:3000`.
-## MCP Connection
+</details>
+<details>
+<summary>MCP Connection</summary>
 Connect any MCP client to Open Edison (requires Node.js/npm for `npx`):
@@ -142,13 +160,17 @@ Or add to your MCP client config:
 }
 ```
-## Usage
+</details>
+<details>
+<summary>Usage</summary>
 ### API Endpoints
 See [API Reference](docs/quick-reference/api_reference.md) for full API documentation.
-## Development
+<details>
+<summary>Development</summary>
 ### Setup
@@ -170,6 +192,11 @@ We expect `make ci` to return cleanly.
 make ci
 ```
+</details>
+<details>
+<summary>⚙️ Configuration (config.json)</summary>
 ## Configuration
 The `config.json` file contains all configuration:
@@ -188,14 +215,23 @@ Each MCP server configuration includes:
 - `env` - Environment variables (optional)
 - `enabled` - Whether to auto-start this server
-## Security & Permissions System
+</details>
-Open Edison includes a comprehensive security monitoring system that tracks the "lethal trifecta" of AI agent risks:
+</details>
+<details>
+<summary>Security & Permissions System</summary>
+Open Edison includes a comprehensive security monitoring system that tracks the "lethal trifecta" of AI agent risks, as described in [Simon Willison's blog post](https://simonwillison.net/2025/Jun/16/the-lethal-trifecta/):
+<img src="media/lethal-trifecta.png" alt="The lethal trifecta diagram showing the three key AI agent security risks" width="30%">
 1. **Private data access** - Access to sensitive local files/data
 2. **Untrusted content exposure** - Exposure to external/web content
 3. **External communication** - Ability to write/send data externally
+<img src="media/pam-diagram.png" alt="Privileged Access Management (PAM) example showing the lethal trifecta in action" width="60%">
 The configuration allows you to classify these risks across **tools**, **resources**, and **prompts** using separate configuration files.
 In addition to trifecta, we track Access Control Level (ACL) for each tool call,
@@ -219,6 +255,9 @@ Defines security classifications for MCP tools. See full file: [tool_permissions
 }
 ```
+<details>
+<summary>Resource Permissions (`resource_permissions.json`)</summary>
 ### Resource Permissions (`resource_permissions.json`)
 Defines security classifications for resource access patterns. See full file: [resource_permissions.json](resource_permissions.json), it looks like:
@@ -230,6 +269,11 @@ Defines security classifications for resource access patterns. See full file: [r
 }
 ```
+</details>
+<details>
+<summary>Prompt Permissions (`prompt_permissions.json`)</summary>
 ### Prompt Permissions (`prompt_permissions.json`)
 Defines security classifications for prompt types. See full file: [prompt_permissions.json](prompt_permissions.json), it looks like:
@@ -241,6 +285,8 @@ Defines security classifications for prompt types. See full file: [prompt_permis
 }
 ```
+</details>
 ### Wildcard Patterns
 All permission types support wildcard patterns:
@@ -255,7 +301,10 @@ All permission types support wildcard patterns:
 Use the `get_security_status` tool to monitor your session's current risk level and see which capabilities have been accessed. When the lethal trifecta is achieved (all three risk flags set), further potentially dangerous operations are blocked.
-## Documentation
+</details>
+<details>
+<summary>Documentation</summary>
 📚 **Complete documentation available in [`docs/`](docs/)**
@@ -264,6 +313,11 @@ Use the `get_security_status` tool to monitor your session's current risk level
 - **[API Reference](docs/quick-reference/api_reference.md)** - REST API documentation
 - **[Development Guide](docs/development/development_guide.md)** - Contributing and development
-## License
+</details>
+<details>
+<summary>License</summary>
 GPL-3.0 License - see [LICENSE](LICENSE) for details.
+</details>

{open_edison-0.1.17 → open_edison-0.1.19}/config.json RENAMED Viewed

@@ -2,12 +2,14 @@
     "server": {
         "host": "0.0.0.0",
         "port": 3000,
-        "api_key": "dev-api-key-change-me-2"
+        "api_key": "dev-api-key-change-me"
     },
+    "autoconfig_url": "https://api.edison.watch/api/config-perms",
     "logging": {
         "level": "INFO",
         "database_path": "sessions.db"
     },
+    "edison-watch-api-key": "change-me",
     "mcp_servers": [
         {
             "name": "filesystem",
@@ -90,6 +92,18 @@
             ],
             "env": {},
             "enabled": false
+        },
+        {
+            "name": "zapier",
+            "command": "npx",
+            "args": [
+                "-y",
+                "mcp-remote",
+                "https://mcp.zapier.com/api/mcp/s/{access_token}/mcp"
+            ],
+            "env": {},
+            "enabled": false,
+            "roots": []
         }
     ]
 }

{open_edison-0.1.17 → open_edison-0.1.19}/pyproject.toml RENAMED Viewed

@@ -1,6 +1,6 @@
 [project]
 name = "open-edison"
-version = "0.1.17"
+version = "0.1.19"
 description = "Open-source MCP security, aggregation, and monitoring. Single-user, self-hosted MCP proxy."
 readme = "README.md"
 authors = [
@@ -34,6 +34,7 @@ build-backend = "hatchling.build"
 [tool.rye]
 managed = true
+python = "3.12"
 dev-dependencies = [
     "basedpyright>=1.21.0",
     "ruff>=0.12.3",

{open_edison-0.1.17 → open_edison-0.1.19}/src/middleware/data_access_tracker.py RENAMED Viewed

@@ -171,6 +171,12 @@ def _load_tool_permissions_cached() -> dict[str, dict[str, Any]]:
         return {}
+def clear_tool_permissions_cache() -> None:
+    """Clear the tool permissions cache to force reload from file."""
+    _load_tool_permissions_cached.cache_clear()
+    log.info("Tool permissions cache cleared")
 @cache
 def _load_resource_permissions_cached() -> dict[str, dict[str, Any]]:
     """Load resource permissions from JSON configuration file with LRU caching."""
@@ -186,6 +192,12 @@ def _load_resource_permissions_cached() -> dict[str, dict[str, Any]]:
         return {}
+def clear_resource_permissions_cache() -> None:
+    """Clear the resource permissions cache to force reload from file."""
+    _load_resource_permissions_cached.cache_clear()
+    log.info("Resource permissions cache cleared")
 @cache
 def _load_prompt_permissions_cached() -> dict[str, dict[str, Any]]:
     """Load prompt permissions from JSON configuration file with LRU caching."""
@@ -201,6 +213,20 @@ def _load_prompt_permissions_cached() -> dict[str, dict[str, Any]]:
         return {}
+def clear_prompt_permissions_cache() -> None:
+    """Clear the prompt permissions cache to force reload from file."""
+    _load_prompt_permissions_cached.cache_clear()
+    log.info("Prompt permissions cache cleared")
+def clear_all_permissions_caches() -> None:
+    """Clear all permission caches to force reload from files."""
+    clear_tool_permissions_cache()
+    clear_resource_permissions_cache()
+    clear_prompt_permissions_cache()
+    log.info("All permission caches cleared")
 @cache
 def _classify_tool_permissions_cached(tool_name: str) -> dict[str, Any]:
     """Classify tool permissions with LRU caching."""
@@ -351,6 +377,10 @@ class DataAccessTracker:
         """Load prompt permissions from JSON configuration file with caching."""
         return _load_prompt_permissions_cached()
+    def clear_caches(self) -> None:
+        """Clear all permission caches to force reload from configuration files."""
+        clear_all_permissions_caches()
     def _classify_by_tool_name(self, tool_name: str) -> dict[str, Any]:
         """Classify permissions based on external JSON configuration only."""
         return _classify_tool_permissions_cached(tool_name)
@@ -606,6 +636,5 @@ class SecurityError(Exception):
  ████ ████ ████ ████ ████ ████
  ██ ████ ████ ████ ████ ████ █
  ████ ████ ████ ████ ████ ████
-        {message}
-        """
+"""
         super().__init__(message)

{open_edison-0.1.17 → open_edison-0.1.19}/src/server.py RENAMED Viewed

@@ -363,7 +363,6 @@ class OpenEdisonProxy:
             "/mcp/status",
             self.mcp_status,
             methods=["GET"],
-            dependencies=[Depends(self.verify_api_key)],
         )
         app.add_api_route(
             "/mcp/validate",
@@ -377,12 +376,24 @@ class OpenEdisonProxy:
             methods=["GET"],
             dependencies=[Depends(self.verify_api_key)],
         )
+        app.add_api_route(
+            "/mcp/reinitialize",
+            self.reinitialize_mcp_servers,
+            methods=["POST"],
+            dependencies=[Depends(self.verify_api_key)],
+        )
         # Public sessions endpoint (no auth) for simple local dashboard
         app.add_api_route(
             "/sessions",
             self.get_sessions,
             methods=["GET"],
         )
+        # Cache invalidation endpoint (no auth required - allowed to fail)
+        app.add_api_route(
+            "/api/clear-caches",
+            self.clear_caches,
+            methods=["POST"],
+        )
     async def verify_api_key(
         self, credentials: HTTPAuthorizationCredentials = _auth_dependency
@@ -446,6 +457,49 @@ class OpenEdisonProxy:
                 detail=f"Failed to get mounted servers: {str(e)}",
             ) from e
+    async def reinitialize_mcp_servers(self) -> dict[str, Any]:
+        """Reinitialize all MCP servers by creating a fresh instance and reloading config."""
+        old_mcp = None
+        try:
+            log.info("🔄 Reinitializing MCP servers via API endpoint")
+            # Reload configuration from disk
+            log.info("Reloading configuration from disk")
+            from src.config import Config
+            fresh_config = Config.load()
+            log.info("✅ Configuration reloaded from disk")
+            # Create a completely new SingleUserMCP instance to ensure clean state
+            old_mcp = self.single_user_mcp
+            self.single_user_mcp = SingleUserMCP()
+            # Initialize the new instance with fresh config
+            await self.single_user_mcp.initialize(fresh_config)
+            # Get final status
+            final_mounted = await self.single_user_mcp.get_mounted_servers()
+            result = {
+                "status": "success",
+                "message": "MCP servers reinitialized successfully",
+                "final_mounted_servers": [server["name"] for server in final_mounted],
+                "total_final_mounted": len(final_mounted),
+            }
+            log.info("✅ MCP servers reinitialized successfully via API")
+            return result
+        except Exception as e:
+            log.error(f"❌ Failed to reinitialize MCP servers: {e}")
+            # Restore the old instance on failure
+            if old_mcp is not None:
+                self.single_user_mcp = old_mcp
+            raise HTTPException(
+                status_code=500,
+                detail=f"Failed to reinitialize MCP servers: {str(e)}",
+            ) from e
     async def get_sessions(self) -> dict[str, Any]:
         """Return recent MCP session summaries from local SQLite.
@@ -495,6 +549,21 @@ class OpenEdisonProxy:
             log.error(f"Failed to fetch sessions: {e}")
             raise HTTPException(status_code=500, detail="Failed to fetch sessions") from e
+    async def clear_caches(self) -> dict[str, str]:
+        """Clear all permission caches to force reload from configuration files."""
+        try:
+            from src.middleware.data_access_tracker import clear_all_permissions_caches
+            log.info("🔄 Clearing all permission caches via API endpoint")
+            clear_all_permissions_caches()
+            log.info("✅ All permission caches cleared successfully")
+            return {"status": "success", "message": "All permission caches cleared"}
+        except Exception as e:
+            log.error(f"❌ Failed to clear permission caches: {e}")
+            # Don't raise HTTPException - allow to fail gracefully as requested
+            return {"status": "error", "message": f"Failed to clear caches: {str(e)}"}
     # ---- MCP validation ----
     class _ValidateRequest(BaseModel):
         name: str | None = Field(None, description="Optional server name label")
@@ -551,9 +620,9 @@ class OpenEdisonProxy:
                     "args": body.args,
                     "has_roots": bool(body.roots),
                 },
-                "tools": [self._safe_tool(t) for t in tools],
+                "tools": [self._safe_tool(t, prefix=server_name) for t in tools],
                 "resources": [self._safe_resource(r) for r in resources],
-                "prompts": [self._safe_prompt(p) for p in prompts],
+                "prompts": [self._safe_prompt(p, prefix=server_name) for p in prompts],
             }
         except TimeoutError as te:  # noqa: PERF203
             log.error(f"MCP validation timed out: {te}\n{traceback.format_exc()}")
@@ -624,10 +693,13 @@ class OpenEdisonProxy:
         timeout = body.timeout_s if isinstance(body.timeout_s, (int | float)) else 20.0
         return await asyncio.wait_for(list_all(), timeout=timeout)
-    def _safe_tool(self, t: Any) -> dict[str, Any]:
+    def _safe_tool(self, t: Any, prefix: str) -> dict[str, Any]:
         name = getattr(t, "name", None)
         description = getattr(t, "description", None)
-        return {"name": str(name) if name is not None else "", "description": description}
+        return {
+            "name": prefix + "_" + str(name) if name is not None else "",
+            "description": description,
+        }
     def _safe_resource(self, r: Any) -> dict[str, Any]:
         uri = getattr(r, "uri", None)
@@ -638,7 +710,10 @@ class OpenEdisonProxy:
         description = getattr(r, "description", None)
         return {"uri": uri_str, "description": description}
-    def _safe_prompt(self, p: Any) -> dict[str, Any]:
+    def _safe_prompt(self, p: Any, prefix: str) -> dict[str, Any]:
         name = getattr(p, "name", None)
         description = getattr(p, "description", None)
-        return {"name": str(name) if name is not None else "", "description": description}
+        return {
+            "name": prefix + "_" + str(name) if name is not None else "",
+            "description": description,
+        }

{open_edison-0.1.17 → open_edison-0.1.19}/src/single_user_mcp.py RENAMED Viewed

@@ -7,6 +7,7 @@ Handles MCP protocol communication with running servers using a unified composit
 from typing import Any, TypedDict
+from fastmcp import Client as FastMCPClient
 from fastmcp import FastMCP
 from loguru import logger as log
@@ -107,103 +108,27 @@ class SingleUserMCP(FastMCP[Any]):
         Returns:
             True if composite proxy was created successfully, False otherwise
         """
-        try:
-            if not enabled_servers:
-                log.info("No real servers to mount in composite proxy")
-                return True
-            # Convert to FastMCP config format
-            fastmcp_config = self._convert_to_fastmcp_config(enabled_servers)
-            log.info(
-                f"Creating composite proxy for servers: {list(fastmcp_config['mcpServers'].keys())}"
-            )
-            # Create the composite proxy using FastMCP's multi-server support
-            self.composite_proxy = FastMCP.as_proxy(
-                backend=fastmcp_config, name="open-edison-composite-proxy"
-            )
-            # Import the composite proxy into this main server
-            # Tools and resources will be automatically namespaced by server name
-            await self.import_server(self.composite_proxy)
-            # Track mounted servers for status reporting
-            for server_config in enabled_servers:
-                self.mounted_servers[server_config.name] = MountedServerInfo(
-                    config=server_config, proxy=self.composite_proxy
-                )
-            log.info(f"✅ Created composite proxy with {len(enabled_servers)} servers")
+        if not enabled_servers:
+            log.info("No real servers to mount in composite proxy")
             return True
-        except Exception as e:
-            log.error(f"❌ Failed to create composite proxy: {e}")
-            return False
-    async def mount_server(self, server_config: MCPServerConfig) -> bool:
-        """
-        Mount a single MCP server by rebuilding the composite proxy.
-        Args:
-            server_config: Configuration for the server to mount
-        Returns:
-            True if mounting was successful, False otherwise
-        """
-        try:
-            # Check if server is already mounted
-            if server_config.name in self.mounted_servers:
-                log.info(f"Server {server_config.name} is already mounted")
-                return True
-            # Handle test servers separately
-            if server_config.command == "echo":
-                return await self._mount_test_server(server_config)
-            # For real servers, we need to rebuild the composite proxy
-            log.info(f"Mounting server {server_config.name} via composite proxy rebuild")
-            # Get currently mounted servers and add the new one
-            current_configs = [mounted["config"] for mounted in self.mounted_servers.values()]
-            # Add the new server if not already there
-            if server_config not in current_configs:
-                current_configs.append(server_config)
-            # Rebuild composite proxy with new server list
-            return await self.create_composite_proxy(current_configs)
-        except Exception as e:
-            log.error(f"❌ Failed to mount server {server_config.name}: {e}")
-            return False
-    async def unmount_server(self, server_name: str) -> bool:
-        """
-        Unmount an MCP server and stop its subprocess.
-        NOTE: For servers in the composite proxy, this will require rebuilding
-        the entire composite proxy without the specified server.
-        """
-        try:
-            # Check if this is a test server (individually mounted)
-            if server_name in self.mounted_servers:
-                mounted = self.mounted_servers[server_name]
-                if mounted["config"].command == "echo":
-                    # Test server - handle individually
-                    await self._cleanup_mounted_server(server_name)
-                    return True
-                # Real server in composite proxy - needs full rebuild
-                log.warning(f"Unmounting {server_name} requires rebuilding composite proxy")
-                return await self._rebuild_composite_proxy_without(server_name)
-            log.warning(f"Server {server_name} not found in mounted servers")
-            return False
+        # Import the composite proxy into this main server
+        # Tools and resources will be automatically namespaced by server name
+        for server_config in enabled_servers:
+            server_name = server_config.name
+            # Skip if this server would produce an empty config (e.g., misconfigured)
+            fastmcp_config = self._convert_to_fastmcp_config([server_config])
+            if not fastmcp_config.get("mcpServers"):
+                log.warning(f"Skipping server '{server_name}' due to empty MCP config")
+                continue
+            proxy = FastMCP.as_proxy(FastMCPClient(fastmcp_config))
+            self.mount(proxy, prefix=server_name)
+            self.mounted_servers[server_name] = MountedServerInfo(config=server_config, proxy=proxy)
-        except Exception as e:
-            log.error(f"❌ Failed to unmount MCP server {server_name}: {e}")
-            return False
+        log.info(
+            f"✅ Created composite proxy with {len(enabled_servers)} servers ({self.mounted_servers.keys()})"
+        )
+        return True
     async def _rebuild_composite_proxy_without(self, excluded_server: str) -> bool:
         """Rebuild the composite proxy without the specified server."""
@@ -233,6 +158,7 @@ class SingleUserMCP(FastMCP[Any]):
     async def _cleanup_mounted_server(self, server_name: str) -> None:
         """Clean up mounted server resources."""
+        # TODO not sure this is possible for the self object? i.e. there is no self.unmount
         if server_name in self.mounted_servers:
             del self.mounted_servers[server_name]
             log.info(f"✅ Unmounted MCP server: {server_name}")
@@ -270,6 +196,80 @@ class SingleUserMCP(FastMCP[Any]):
         log.info("✅ Single User MCP server initialized with composite proxy")
+    async def reinitialize(self, test_config: Any | None = None) -> dict[str, Any]:
+        """
+        Reinitialize all MCP servers by cleaning up existing ones and reloading config.
+        This method:
+        1. Cleans up all mounted servers and MCP proxies
+        2. Reloads the configuration
+        3. Reinitializes all enabled servers
+        Args:
+            test_config: Optional test configuration to use instead of reloading from disk
+        Returns:
+            Dictionary with reinitialization status and details
+        """
+        log.info("🔄 Reinitializing all MCP servers")
+        try:
+            # Step 1: Clean up existing mounted servers and proxies
+            log.info("Cleaning up existing mounted servers and proxies")
+            # Clean up composite proxy if it exists
+            if self.composite_proxy is not None:
+                log.info("Cleaning up composite proxy")
+                self.composite_proxy = None
+            # Clean up all mounted servers
+            mounted_server_names = list(self.mounted_servers.keys())
+            for server_name in mounted_server_names:
+                await self._cleanup_mounted_server(server_name)
+            # Clear the mounted servers dictionary completely
+            self.mounted_servers.clear()
+            log.info(f"✅ Cleaned up {len(mounted_server_names)} mounted servers")
+            # Step 2: Reload configuration if not using test config
+            config_to_use = test_config
+            if test_config is None:
+                log.info("Reloading configuration from disk")
+                # Import here to avoid circular imports
+                from src.config import Config
+                config_to_use = Config.load()
+                log.info("✅ Configuration reloaded from disk")
+            # Step 3: Reinitialize all servers
+            log.info("Reinitializing servers with fresh configuration")
+            await self.initialize(config_to_use)
+            # Step 4: Get final status
+            final_mounted = await self.get_mounted_servers()
+            result = {
+                "status": "success",
+                "message": "MCP servers reinitialized successfully",
+                "cleaned_up_servers": mounted_server_names,
+                "final_mounted_servers": [server["name"] for server in final_mounted],
+                "total_final_mounted": len(final_mounted),
+            }
+            log.info(
+                f"✅ Reinitialization complete. Final mounted servers: {result['final_mounted_servers']}"
+            )
+            return result
+        except Exception as e:
+            log.error(f"❌ Failed to reinitialize MCP servers: {e}")
+            return {
+                "status": "error",
+                "message": f"Failed to reinitialize MCP servers: {str(e)}",
+                "error": str(e),
+            }
     def _calculate_risk_level(self, trifecta: dict[str, bool]) -> str:
         """
         Calculate a human-readable risk level based on trifecta flags.

{open_edison-0.1.17 → open_edison-0.1.19}/tool_permissions.json RENAMED Viewed

@@ -256,5 +256,84 @@
             "read_untrusted_public_data": false,
             "acl": "PRIVATE"
         }
+    },
+    "atlassian": {
+        "getAccessibleAtlassianResources": {
+            "enabled": true,
+            "write_operation": false,
+            "read_private_data": true,
+            "read_untrusted_public_data": true,
+            "acl": "PUBLIC"
+        },
+        "getConfluenceSpaces": {
+            "enabled": true,
+            "write_operation": false,
+            "read_private_data": true,
+            "read_untrusted_public_data": true,
+            "acl": "PUBLIC"
+        },
+        "getPagesInConfluenceSpace": {
+            "enabled": true,
+            "write_operation": false,
+            "read_private_data": true,
+            "read_untrusted_public_data": true,
+            "acl": "PUBLIC"
+        },
+        "searchConfluenceUsingCql": {
+            "enabled": true,
+            "write_operation": false,
+            "read_private_data": true,
+            "read_untrusted_public_data": true,
+            "acl": "PUBLIC"
+        },
+        "createConfluencePage": {
+            "enabled": true,
+            "write_operation": true,
+            "read_private_data": false,
+            "read_untrusted_public_data": false,
+            "acl": "PUBLIC"
+        }
+    },
+    "zapier": {
+        "confluence_cloud_search_for_page_or_blog_post": {
+            "enabled": true,
+            "write_operation": false,
+            "read_private_data": true,
+            "read_untrusted_public_data": true,
+            "acl": "PUBLIC",
+            "description": "Searches for pages or blog posts in Confluence Cloud"
+        },
+        "confluence_cloud_create_page_or_blog_post": {
+            "enabled": true,
+            "write_operation": true,
+            "read_private_data": false,
+            "read_untrusted_public_data": false,
+            "acl": "PUBLIC",
+            "description": "Creates a new page or blog post in Confluence Cloud"
+        },
+        "confluence_cloud_api_request_beta": {
+            "enabled": false,
+            "write_operation": true,
+            "read_private_data": true,
+            "read_untrusted_public_data": true,
+            "acl": "PUBLIC",
+            "description": "Makes raw HTTP requests with Confluence Cloud authentication (advanced action). Caution: Disabled because it can perform reads and writes"
+        },
+        "add_tools": {
+            "enabled": true,
+            "write_operation": false,
+            "read_private_data": false,
+            "read_untrusted_public_data": false,
+            "acl": "PUBLIC",
+            "description": "Adds a new tool to the tool registry. Caution: Do not disable it is required for zapier to work properly"
+        },
+        "edit_tools": {
+            "enabled": true,
+            "write_operation": false,
+            "read_private_data": false,
+            "read_untrusted_public_data": false,
+            "acl": "PUBLIC",
+            "description": "Edit your existing MCP provider actions. TODO: Unknown side-effects"
+        }
     }
 }

open_edison-0.1.17/frontend/configurations/prompt_permissions.json DELETED Viewed

@@ -1,14 +0,0 @@
-{
-    "_metadata": {
-        "description": "Prompt security classifications for Open Edison data access tracker",
-        "last_updated": "2025-08-07"
-    },
-    "builtin": {
-        "summarize_text": {
-            "enabled": true,
-            "write_operation": false,
-            "read_private_data": false,
-            "read_untrusted_public_data": false
-        }
-    }
-}

open_edison-0.1.17/frontend/configurations/resource_permissions.json DELETED Viewed

@@ -1,14 +0,0 @@
-{
-    "_metadata": {
-        "description": "Resource security classifications for Open Edison data access tracker",
-        "last_updated": "2025-08-07"
-    },
-    "builtin": {
-        "config://app": {
-            "enabled": true,
-            "write_operation": false,
-            "read_private_data": false,
-            "read_untrusted_public_data": false
-        }
-    }
-}

open_edison-0.1.17/frontend/configurations/tool_permissions.json DELETED Viewed

@@ -1,170 +0,0 @@
-{
-    "_metadata": {
-        "description": "Tool security classifications for Open Edison data access tracker",
-        "last_updated": "2025-08-07"
-    },
-    "builtin": {
-        "echo": {
-            "enabled": true,
-            "write_operation": false,
-            "read_private_data": false,
-            "read_untrusted_public_data": false
-        },
-        "get_server_info": {
-            "enabled": true,
-            "write_operation": false,
-            "read_private_data": false,
-            "read_untrusted_public_data": false
-        },
-        "get_security_status": {
-            "enabled": true,
-            "write_operation": false,
-            "read_private_data": false,
-            "read_untrusted_public_data": false
-        }
-    },
-    "filesystem": {
-        "filesystem_read_file": {
-            "enabled": true,
-            "write_operation": false,
-            "read_private_data": true,
-            "read_untrusted_public_data": false
-        },
-        "filesystem_read_text_file": {
-            "enabled": true,
-            "write_operation": false,
-            "read_private_data": true,
-            "read_untrusted_public_data": false
-        },
-        "filesystem_read_media_file": {
-            "enabled": true,
-            "write_operation": false,
-            "read_private_data": true,
-            "read_untrusted_public_data": false
-        },
-        "filesystem_read_multiple_files": {
-            "enabled": true,
-            "write_operation": false,
-            "read_private_data": true,
-            "read_untrusted_public_data": false
-        },
-        "filesystem_write_file": {
-            "enabled": true,
-            "write_operation": true,
-            "read_private_data": true,
-            "read_untrusted_public_data": false
-        },
-        "filesystem_edit_file": {
-            "enabled": true,
-            "write_operation": true,
-            "read_private_data": true,
-            "read_untrusted_public_data": false
-        },
-        "filesystem_create_directory": {
-            "enabled": true,
-            "write_operation": true,
-            "read_private_data": false,
-            "read_untrusted_public_data": false
-        },
-        "filesystem_list_directory": {
-            "enabled": true,
-            "write_operation": false,
-            "read_private_data": true,
-            "read_untrusted_public_data": false
-        },
-        "filesystem_list_directory_with_sizes": {
-            "enabled": true,
-            "write_operation": false,
-            "read_private_data": true,
-            "read_untrusted_public_data": false
-        },
-        "filesystem_directory_tree": {
-            "enabled": true,
-            "write_operation": false,
-            "read_private_data": true,
-            "read_untrusted_public_data": false
-        },
-        "filesystem_move_file": {
-            "enabled": true,
-            "write_operation": true,
-            "read_private_data": true,
-            "read_untrusted_public_data": false
-        },
-        "filesystem_search_files": {
-            "enabled": true,
-            "write_operation": false,
-            "read_private_data": true,
-            "read_untrusted_public_data": false
-        },
-        "filesystem_get_file_info": {
-            "enabled": true,
-            "write_operation": false,
-            "read_private_data": true,
-            "read_untrusted_public_data": false
-        },
-        "filesystem_list_allowed_directories": {
-            "enabled": true,
-            "write_operation": false,
-            "read_private_data": false,
-            "read_untrusted_public_data": false
-        }
-    },
-    "sqlite": {
-        "sqlite_db_info": {
-            "enabled": true,
-            "write_operation": false,
-            "read_private_data": true,
-            "read_untrusted_public_data": false
-        },
-        "sqlite_query": {
-            "enabled": true,
-            "write_operation": true,
-            "read_private_data": true,
-            "read_untrusted_public_data": false
-        },
-        "sqlite_list_tables": {
-            "enabled": true,
-            "write_operation": false,
-            "read_private_data": true,
-            "read_untrusted_public_data": false
-        },
-        "sqlite_get_table_schema": {
-            "enabled": true,
-            "write_operation": false,
-            "read_private_data": true,
-            "read_untrusted_public_data": false
-        },
-        "sqlite_create_record": {
-            "enabled": true,
-            "write_operation": true,
-            "read_private_data": true,
-            "read_untrusted_public_data": false
-        },
-        "sqlite_read_records": {
-            "enabled": true,
-            "write_operation": false,
-            "read_private_data": true,
-            "read_untrusted_public_data": false
-        },
-        "sqlite_update_records": {
-            "enabled": true,
-            "write_operation": true,
-            "read_private_data": true,
-            "read_untrusted_public_data": false
-        },
-        "sqlite_delete_records": {
-            "enabled": true,
-            "write_operation": true,
-            "read_private_data": true,
-            "read_untrusted_public_data": false
-        }
-    },
-    "test_server": {
-        "test_server/*": {
-            "enabled": true,
-            "write_operation": false,
-            "read_private_data": true,
-            "read_untrusted_public_data": false
-        }
-    }
-}