open-edison 0.1.64__py3-none-any.whl → 0.1.72rc1__py3-none-any.whl

src/frontend_dist/index.html

@@ -10,8 +10,8 @@
         const prefersLight = window.matchMedia && window.matchMedia('(prefers-color-scheme: light)').matches;
         document.documentElement.setAttribute('data-theme', prefersLight ? 'light' : 'dark');
     </script>
-  <script type="module" crossorigin src="/assets/index-BUUcUfTt.js"></script>
-  <link rel="stylesheet" crossorigin href="/assets/index-o6_8mdM8.css">
+  <script type="module" crossorigin src="/assets/index-D6ziuTsl.js"></script>
+  <link rel="stylesheet" crossorigin href="/assets/index-D05VN_1l.css">
 </head>
 
 <body>

src/frontend_dist/sw.js

@@ -61,8 +61,28 @@ self.addEventListener('notificationclick', (event) => {
             return;
         }
 
-        // Generic click: open dashboard as a safe fallback
-        event.waitUntil(self.clients.openWindow('/dashboard').catch(() => { }));
+        // Generic click: focus existing dashboard tab; if not found, open one with URL params so it can enqueue the pending approval
+        event.waitUntil((async () => {
+            try {
+                const allClients = await self.clients.matchAll({ type: 'window', includeUncontrolled: true });
+                const base = self.location && self.location.origin ? self.location.origin : '';
+                const targetPrefix = base + '/dashboard';
+                const existing = allClients.find(c => c.url && c.url.startsWith(targetPrefix));
+                if (existing) {
+                    try { existing.postMessage({ type: 'MCP_ENQUEUE_PENDING', data: payload }); } catch (e) { /* ignore */ }
+                    await existing.focus();
+                    return;
+                }
+            } catch (e) { /* ignore */ }
+            try {
+                const params = new URLSearchParams();
+                if (payload.sessionId) params.set('pa_s', payload.sessionId);
+                if (payload.kind) params.set('pa_k', payload.kind);
+                if (payload.name) params.set('pa_n', payload.name);
+                const url = '/dashboard/?' + params.toString();
+                await self.clients.openWindow(url);
+            } catch (e) { /* ignore */ }
+        })());
     } catch (e) {
         // swallow
     }

src/mcp_importer/exporters.py

@@ -300,7 +300,7 @@ def export_to_vscode(
 
     # Build the minimal config
     new_config: dict[str, Any] = {
-        "mcpServers": _build_open_edison_server(name=server_name, url=url, api_key=api_key)
+        "servers": _build_open_edison_server(name=server_name, url=url, api_key=api_key)
     }
 
     # If already configured exactly as desired and not forcing, no-op

src/mcp_stdio_capture.py

@@ -0,0 +1,144 @@
+import asyncio
+import os
+import sys
+from collections.abc import AsyncIterator
+from contextlib import asynccontextmanager, suppress
+from typing import TextIO
+
+import anyio
+from anyio import to_thread
+from loguru import logger as log
+
+# Track active stderr pipe endpoints so we can force-close on shutdown
+_ACTIVE_PIPES: set[tuple[TextIO, TextIO]] = set()
+_shutting_down: bool = False
+
+
+def install_stdio_client_stderr_capture() -> None:  # noqa: C901
+    """
+    Monkeypatch mcp.client.stdio.stdio_client so child process stderr is
+    routed to our logger at trace level with a stable prefix.
+
+    If an explicit errlog is provided by the caller, we respect it and do not capture.
+    """
+    try:
+        from mcp.client import stdio as _mcp_stdio
+    except Exception as e:  # noqa: BLE001
+        log.debug(f"stdio capture: MCP stdio not available: {e}")
+        return
+
+    _original_stdio_client = _mcp_stdio.stdio_client
+
+    @asynccontextmanager
+    async def _edison_stdio_client(  # noqa: C901
+        server: _mcp_stdio.StdioServerParameters, errlog: TextIO | None = sys.stderr
+    ) -> AsyncIterator[tuple[object, object]]:
+        # Respect non-default errlog
+        if errlog is not None and errlog is not sys.stderr:
+            async with _original_stdio_client(server, errlog=errlog) as transport:
+                yield transport
+                return
+
+        # Create a pipe for stderr capture
+        read_fd, write_fd = os.pipe()
+        read_fp = os.fdopen(
+            read_fd,
+            "r",
+            buffering=1,
+            encoding=server.encoding,
+            errors=server.encoding_error_handler,
+        )
+        write_fp = os.fdopen(
+            write_fd,
+            "w",
+            buffering=1,
+            encoding=server.encoding,
+            errors=server.encoding_error_handler,
+        )
+        _ACTIVE_PIPES.add((read_fp, write_fp))
+
+        if sys.platform != "win32":
+            # POSIX: integrate with event loop, avoid background thread
+            os.set_blocking(read_fd, False)
+            loop = asyncio.get_running_loop()
+            buffer = b""
+
+            def _on_readable() -> None:
+                nonlocal buffer
+                try:
+                    chunk = os.read(read_fd, 8192)
+                except Exception:
+                    with suppress(Exception):
+                        loop.remove_reader(read_fd)
+                    return
+                if not chunk:
+                    with suppress(Exception):
+                        loop.remove_reader(read_fd)
+                    return
+                buffer += chunk
+                while True:
+                    try:
+                        idx = buffer.index(b"\n")
+                    except ValueError:
+                        break
+                    line = buffer[:idx]
+                    buffer = buffer[idx + 1 :]
+                    if not _shutting_down:
+                        try:
+                            text = line.decode(
+                                server.encoding, errors=server.encoding_error_handler
+                            )
+                        except Exception:
+                            text = line.decode(errors="replace")
+                        log.trace(f"TOOL PROCESS STDERR {text.rstrip()}")
+
+            loop.add_reader(read_fd, _on_readable)
+            try:
+                async with _original_stdio_client(server, errlog=write_fp) as transport:
+                    yield transport
+            finally:
+                with suppress(Exception):
+                    loop.remove_reader(read_fd)
+                with suppress(Exception):
+                    write_fp.close()
+                with suppress(Exception):
+                    read_fp.close()
+                with suppress(Exception):
+                    _ACTIVE_PIPES.discard((read_fp, write_fp))
+        else:
+
+            async def _stderr_reader() -> None:
+                try:
+                    while True:
+                        line = await to_thread.run_sync(read_fp.readline)
+                        if not line:
+                            break
+                        if not _shutting_down:
+                            log.trace(f"TOOL PROCESS STDERR {line.rstrip()}")
+                except Exception as e:  # noqa: BLE001
+                    log.debug(f"stderr monitor stopped: {e}")
+                finally:
+                    with suppress(Exception):
+                        read_fp.close()
+                    with suppress(Exception):
+                        _ACTIVE_PIPES.discard((read_fp, write_fp))
+
+            async with anyio.create_task_group() as tg:
+                tg.start_soon(_stderr_reader)
+                try:
+                    async with _original_stdio_client(server, errlog=write_fp) as transport:
+                        yield transport
+                finally:
+                    with suppress(Exception):
+                        write_fp.close()
+                    with suppress(Exception):
+                        read_fp.close()
+                    tg.cancel_scope.cancel()
+                    with suppress(Exception):
+                        _ACTIVE_PIPES.discard((read_fp, write_fp))
+
+    try:
+        _mcp_stdio.stdio_client = _edison_stdio_client  # type: ignore[assignment]
+        log.debug("stdio capture: installed stdio_client monkeypatch")
+    except Exception as e:  # noqa: BLE001
+        log.debug(f"stdio capture: failed to install monkeypatch: {e}")

src/middleware/data_access_tracker.py

@@ -14,10 +14,12 @@ names (with server-name/path prefixes) to their security classifications:
 
 from dataclasses import dataclass
 from typing import Any
+from urllib.parse import urlparse
 
 from loguru import logger as log
 
 from src import events
+from src.config import Config
 from src.permissions import (
     ACL_RANK,
     Permissions,
@@ -109,6 +111,45 @@ class DataAccessTracker:
             log.info(f"✍️ Write operation detected via {source_type}: {name}")
             record_write_operation(source_type, name)
 
+    @staticmethod
+    def _server_name_from_resource_uri(resource_uri: str) -> str:
+        """Extract the mounted server name from a FastMCP-prefixed resource URI.
+
+        FastMCP prefixes resources by inserting the mount prefix as the authority
+        (e.g., scheme://prefix/...) or as the first path segment. We try both and
+        fall back to "builtin" (local server) if no known prefix is found.
+        """
+        try:
+            server_names = {s.name for s in Config().mcp_servers}
+
+            parsed = urlparse(resource_uri)
+            # Primary: authority/netloc holds the prefix in typical FastMCP URIs
+            if parsed.netloc and parsed.netloc in server_names:
+                return parsed.netloc
+
+            # Secondary: first path segment may hold the prefix
+            path = parsed.path or ""
+            if path.startswith("/"):
+                path = path[1:]
+            first_segment = path.split("/", 1)[0] if path else ""
+            if first_segment and first_segment in server_names:
+                return first_segment
+        except Exception:
+            pass
+        return "builtin"
+
+    @staticmethod
+    def _server_name_from_prompt_name(prompt_name: str) -> str:
+        """Extract mounted server name from a prompt name using FastMCP prefixing.
+
+        Prompts are exposed with prefixed names (similar to tools), e.g. "prefix_name".
+        We leverage existing logic for tools to determine the server name.
+        """
+        try:
+            return Permissions.server_name_from_tool_name(prompt_name)
+        except Exception:
+            return "builtin"
+
     def add_tool_call(self, tool_name: str):
         """
         Add a tool call and update trifecta flags based on tool classification.
@@ -222,8 +263,10 @@ class DataAccessTracker:
         perms = Permissions()
         permissions = perms.get_resource_permission(resource_name)
 
-        # Check if resource is enabled
-        if not perms.is_resource_enabled(resource_name):
+        # Check if resource is enabled and server is enabled via resource-specific resolution
+        server_name = self._server_name_from_resource_uri(resource_name)
+        server_enabled = Permissions.is_server_enabled(server_name)
+        if not (permissions.enabled and server_enabled):
             log.warning(f"🚫 BLOCKING resource access {resource_name} - resource is disabled")
             record_resource_access_blocked(resource_name, "disabled")
             events.fire_and_forget(
@@ -284,8 +327,10 @@ class DataAccessTracker:
         perms = Permissions()
         permissions = perms.get_prompt_permission(prompt_name)
 
-        # Check if prompt is enabled
-        if not perms.is_prompt_enabled(prompt_name):
+        # Check if prompt is enabled and server is enabled via prompt-specific resolution
+        server_name = self._server_name_from_prompt_name(prompt_name)
+        server_enabled = Permissions.is_server_enabled(server_name)
+        if not (permissions.enabled and server_enabled):
             log.warning(f"🚫 BLOCKING prompt access {prompt_name} - prompt is disabled")
             record_prompt_access_blocked(prompt_name, "disabled")
             events.fire_and_forget(

src/middleware/session_tracking.py

@@ -5,6 +5,7 @@ This middleware tracks tool usage patterns across all mounted tool calls,
 providing session-level statistics accessible via contextvar.
 """
 
+import time
 import uuid
 from collections.abc import Generator
 from contextlib import contextmanager
@@ -15,6 +16,7 @@ from pathlib import Path
 from typing import Any, cast
 
 import mcp.types as mt
+from fastmcp.exceptions import ToolError
 from fastmcp.prompts.prompt import FunctionPrompt
 from fastmcp.resources import FunctionResource
 from fastmcp.server.middleware import Middleware
@@ -140,7 +142,8 @@ def get_session_from_db(session_id: str) -> MCPSession:
                 session_id=session_id,
                 correlation_id=str(uuid.uuid4()),
                 tool_calls=[],  # type: ignore
-                data_access_summary={},  # type: ignore
+                # Store session creation timestamp inside the summary to avoid schema changes
+                data_access_summary={"created_at": datetime.now().isoformat()},  # type: ignore
             )
             db_session.add(new_session_model)
             db_session.commit()
@@ -194,6 +197,41 @@ def get_session_from_db(session_id: str) -> MCPSession:
         )
 
 
+def _persist_session_to_db(session: MCPSession) -> None:
+    """Serialize and persist the given session to the SQLite database."""
+    with create_db_session() as db_session:
+        db_session_model = db_session.execute(
+            select(MCPSessionModel).where(MCPSessionModel.session_id == session.session_id)
+        ).scalar_one()
+
+        tool_calls_dict = [
+            {
+                "id": tc.id,
+                "tool_name": tc.tool_name,
+                "parameters": tc.parameters,
+                "timestamp": tc.timestamp.isoformat(),
+                "duration_ms": tc.duration_ms,
+                "status": tc.status,
+                "result": tc.result,
+            }
+            for tc in session.tool_calls
+        ]
+        db_session_model.tool_calls = tool_calls_dict  # type: ignore
+        # Merge existing summary with tracker dict so we preserve created_at and other keys
+        existing_summary: dict[str, Any] = {}
+        try:
+            if isinstance(db_session_model.data_access_summary, dict):  # type: ignore
+                existing_summary = dict(db_session_model.data_access_summary)  # type: ignore
+        except Exception:
+            existing_summary = {}
+        updates: dict[str, Any] = (
+            session.data_access_tracker.to_dict() if session.data_access_tracker is not None else {}
+        )
+        merged = {**existing_summary, **updates}
+        db_session_model.data_access_summary = merged  # type: ignore
+        db_session.commit()
+
+
 class SessionTrackingMiddleware(Middleware):
     """
     Middleware that tracks tool call statistics for all mounted tools.
@@ -235,6 +273,14 @@ class SessionTrackingMiddleware(Middleware):
 
         try:
             return await call_next(context)  # type: ignore
+        except SecurityError as e:
+            # Avoid noisy tracebacks for expected security blocks
+            log.warning(f"MCP request blocked by security policy: {e}")
+            raise
+        except ToolError as e:
+            # Upstream tool failed; avoid noisy traceback here. Specific handlers may format a response.
+            log.warning(f"MCP tool error: {e}")
+            raise
         except Exception:
             log.exception("MCP request handling failed")
             raise
@@ -252,7 +298,8 @@ class SessionTrackingMiddleware(Middleware):
         except Exception:
             log.exception("MCP list_tools failed")
             raise
-        log.trace(f"🔍 on_list_tools response: {response}")
+        log.debug("🔍 listed raw tools.")
+        log.trace(f"🔍 on_list_tools response: length {len(response)}")
 
         session_id = current_session_id_ctxvar.get()
         if session_id is None:
@@ -330,7 +377,16 @@ class SessionTrackingMiddleware(Middleware):
                 session_id, "tool", context.message.name, timeout_s=30.0
             )
             if not approved:
-                raise
+                # Return formatted SecurityError message (includes ASCII art)
+                return ToolResult(
+                    content=[
+                        {
+                            "type": "text",
+                            "text": str(e),
+                        }
+                    ],
+                    structured_content=None,
+                )
             # Approved: apply effects and proceed
             session.data_access_tracker.apply_effects_after_manual_approval(
                 "tool", context.message.name
@@ -338,34 +394,44 @@ class SessionTrackingMiddleware(Middleware):
         # Telemetry: record tool call
         record_tool_call(context.message.name)
 
-        # Update database session
-        with create_db_session() as db_session:
-            db_session_model = db_session.execute(
-                select(MCPSessionModel).where(MCPSessionModel.session_id == session_id)
-            ).scalar_one()
-
-            # Convert tool calls to dict format for JSON storage
-            tool_calls_dict = [
-                {
-                    "id": tc.id,
-                    "tool_name": tc.tool_name,
-                    "parameters": tc.parameters,
-                    "timestamp": tc.timestamp.isoformat(),
-                    "duration_ms": tc.duration_ms,
-                    "status": tc.status,
-                    "result": tc.result,
-                }
-                for tc in session.tool_calls
-            ]
-            # Update the tool_calls for this session
-            db_session_model.tool_calls = tool_calls_dict  # type: ignore
-            db_session_model.data_access_summary = session.data_access_tracker.to_dict()  # type: ignore
-
-            db_session.commit()
+        # Persist the pending call immediately so it appears in UI
+        _persist_session_to_db(session)
 
         log.trace(f"Tool call {context.message.name} added to session {session_id}")
 
-        return await call_next(context)  # type: ignore
+        # Execute tool and update status/duration based on outcome
+        start_time = time.perf_counter()
+        try:
+            result = await call_next(context)  # type: ignore
+            new_tool_call.status = "ok"
+            new_tool_call.duration_ms = (time.perf_counter() - start_time) * 1000.0
+
+            _persist_session_to_db(session)
+
+            return result
+        except ToolError as e:
+            new_tool_call.status = "error"
+            new_tool_call.duration_ms = (time.perf_counter() - start_time) * 1000.0
+
+            _persist_session_to_db(session)
+
+            # Convert tool errors to a concise ToolResult rather than bubbling a stack trace
+            log.warning(f"Tool failed: {context.message.name}: {e}")
+            return ToolResult(
+                content=[
+                    {
+                        "type": "text",
+                        "text": (f"Tool '{context.message.name}' failed: {str(e)}"),
+                    }
+                ],
+                structured_content=None,
+            )
+        except Exception:
+            new_tool_call.status = "error"
+            new_tool_call.duration_ms = (time.perf_counter() - start_time) * 1000.0
+
+            _persist_session_to_db(session)
+            raise
 
     # Hooks for Resources
     async def on_list_resources(  # noqa
@@ -381,7 +447,7 @@ class SessionTrackingMiddleware(Middleware):
         except Exception:
             log.exception("MCP list_resources failed")
             raise
-        log.trace(f"🔍 on_list_resources response: {response}")
+        log.trace(f"🔍 on_list_resources response: length {len(response)}")
 
         session_id = current_session_id_ctxvar.get()
         if session_id is None:
@@ -457,7 +523,10 @@ class SessionTrackingMiddleware(Middleware):
                 session_id, "resource", resource_name, timeout_s=30.0
             )
             if not approved:
-                raise
+                return {
+                    "type": "text",
+                    "text": str(e),
+                }
             session.data_access_tracker.apply_effects_after_manual_approval(
                 "resource", resource_name
             )
@@ -469,7 +538,16 @@ class SessionTrackingMiddleware(Middleware):
                 select(MCPSessionModel).where(MCPSessionModel.session_id == session_id)
             ).scalar_one()
 
-            db_session_model.data_access_summary = session.data_access_tracker.to_dict()  # type: ignore
+            # Use helper to preserve created_at and merge updates
+            existing_summary: dict[str, Any] = {}
+            try:
+                if isinstance(db_session_model.data_access_summary, dict):  # type: ignore
+                    existing_summary = dict(db_session_model.data_access_summary)  # type: ignore
+            except Exception:
+                existing_summary = {}
+            updates: dict[str, Any] = session.data_access_tracker.to_dict()
+            merged: dict[str, Any] = {**existing_summary, **updates}
+            db_session_model.data_access_summary = merged  # type: ignore
             db_session.commit()
 
         log.trace(f"Resource access {resource_name} added to session {session_id}")
@@ -493,7 +571,7 @@ class SessionTrackingMiddleware(Middleware):
         except Exception:
             log.exception("MCP list_prompts failed")
             raise
-        log.debug(f"🔍 on_list_prompts response: {response}")
+        log.debug(f"🔍 on_list_prompts response: length {len(response)}")
 
         session_id = current_session_id_ctxvar.get()
         if session_id is None:
@@ -568,7 +646,10 @@ class SessionTrackingMiddleware(Middleware):
                 session_id, "prompt", prompt_name, timeout_s=30.0
             )
             if not approved:
-                raise
+                return {
+                    "type": "text",
+                    "text": str(e),
+                }
             session.data_access_tracker.apply_effects_after_manual_approval("prompt", prompt_name)
         record_prompt_used(prompt_name)
 
@@ -578,7 +659,15 @@ class SessionTrackingMiddleware(Middleware):
                 select(MCPSessionModel).where(MCPSessionModel.session_id == session_id)
             ).scalar_one()
 
-            db_session_model.data_access_summary = session.data_access_tracker.to_dict()  # type: ignore
+            existing_summary = {}
+            try:
+                if isinstance(db_session_model.data_access_summary, dict):  # type: ignore
+                    existing_summary = dict(db_session_model.data_access_summary)  # type: ignore
+            except Exception:
+                existing_summary = {}
+            updates: dict[str, Any] = session.data_access_tracker.to_dict()
+            merged: dict[str, Any] = {**existing_summary, **updates}
+            db_session_model.data_access_summary = merged  # type: ignore
             db_session.commit()
 
         log.trace(f"Prompt access {prompt_name} added to session {session_id}")

src/oauth_manager.py

@@ -84,7 +84,7 @@ class OAuthManager:
         Returns:
             OAuthServerInfo with detection results
         """
-        log.info(f"🔍 Checking OAuth requirement for {server_name}")
+        log.debug(f"🔍 Checking OAuth requirement for {server_name}")
 
         # If no mcp_url provided, this is a local server - no OAuth needed
         if not mcp_url:
@@ -95,7 +95,7 @@ class OAuthManager:
             self._oauth_info[server_name] = info
             return info
 
-        log.info(f"🔍 Checking OAuth requirement for remote server {server_name} at {mcp_url}")
+        log.debug(f"🔍 Checking OAuth requirement for remote server {server_name} at {mcp_url}")
 
         try:
             # Check if auth is required (with timeout)