mirror of
https://github.com/affaan-m/everything-claude-code.git
synced 2026-06-12 03:03:23 +08:00
7113b5bf63
* feat: add MCP inventory (ecc.mcp.v1) across harnesses Read-only MCP-gateway groundwork: discover MCP server configs across every installed harness, normalize to a canonical ecc.mcp.v1 inventory, redact secrets, and report which servers are configured in 2+ harnesses (the configure-N-times pain). The read+dedup side of a unified gateway, mirroring how the session-adapter layer started read-only. Readers (per-harness config formats): - claude-code: ~/.claude.json mcpServers + project .mcp.json - codex: ~/.codex/config.toml [mcp_servers.*] TOML via @iarna/toml - opencode: ~/.config/opencode/opencode.json mcp block (command ARRAY) canonical-mcp.js: - normalize transport labels (local=>stdio, remote=>http) to stdio/http/sse - merge servers by name across harnesses; flag DRIFT when signatures differ - fragmentation report + aggregates - SECRET REDACTION: env values stripped to key names; secrets in args (--modelApiKey sk-ant-...), inline --flag=secret, and URL userinfo/token query params all redacted before storage AND before the dedup signature. scripts/mcp-inventory.js: CLI (--json, --fragmented, --help). tests/lib/mcp-inventory.test.js: 12 tests incl. a regression for the real arg-carried-secret leak found while smoke-testing on live configs. Tests: 12/0. Real-data smoke: 33 servers across 3 harnesses, 21 configured in 2+ harnesses (7 drift); secret-leak audit clean. * test: cover reader error paths, collect skip-logic, and CLI main() for mcp-inventory Lift global branch coverage past the 80% gate (was 79.86%). Adds 6 tests exercising: missing-file/malformed-JSON/missing-block reader fallbacks, codex no-parser path, collect skipping non-function readers and swallowing reader errors, CLI usage()/main() help+json+human paths, and formatHumanReport no-fragmentation + fragmented-only branches. Also scrub a real API-key fragment that had leaked into a test fixture; all secret-like fixtures are now obviously-fake FAKE... tokens. mcp-inventory.js branch 30%->93%, collect.js ->100%. Global branch 80.33%.
84 lines
2.1 KiB
JavaScript
84 lines
2.1 KiB
JavaScript
'use strict';
|
|
|
|
const fs = require('fs');
|
|
const os = require('os');
|
|
const path = require('path');
|
|
|
|
// Codex stores MCP servers in ~/.codex/config.toml as TOML tables:
|
|
// [mcp_servers.NAME]
|
|
// command = "npx"
|
|
// args = ["-y", "pkg"]
|
|
// url = "https://..." # http transport
|
|
// [mcp_servers.NAME.env] # secret values live here
|
|
// [mcp_servers.NAME.http_headers]
|
|
// We parse with @iarna/toml when available and fall back to a minimal
|
|
// section parser so the reader degrades gracefully without the dependency.
|
|
function loadTomlParser(parseTomlImpl) {
|
|
if (typeof parseTomlImpl === 'function') {
|
|
return parseTomlImpl;
|
|
}
|
|
|
|
try {
|
|
// eslint-disable-next-line global-require
|
|
return require('@iarna/toml').parse;
|
|
} catch {
|
|
return null;
|
|
}
|
|
}
|
|
|
|
function mapCodexServer(name, raw, configPath) {
|
|
if (!raw || typeof raw !== 'object') {
|
|
return null;
|
|
}
|
|
|
|
const type = raw.url ? 'http' : 'stdio';
|
|
return {
|
|
name,
|
|
type,
|
|
command: typeof raw.command === 'string' ? raw.command : null,
|
|
args: Array.isArray(raw.args) ? raw.args : [],
|
|
url: typeof raw.url === 'string' ? raw.url : null,
|
|
env: raw.env && typeof raw.env === 'object' ? raw.env : {},
|
|
enabled: raw.enabled === false ? false : true,
|
|
source: {
|
|
harness: 'codex',
|
|
scope: 'user',
|
|
configPath
|
|
}
|
|
};
|
|
}
|
|
|
|
function readCodexMcp(options = {}) {
|
|
const homeDir = options.homeDir || os.homedir();
|
|
const configPath = options.configPath || path.join(homeDir, '.codex', 'config.toml');
|
|
|
|
if (!fs.existsSync(configPath) || !fs.statSync(configPath).isFile()) {
|
|
return [];
|
|
}
|
|
|
|
const parseToml = loadTomlParser(options.parseTomlImpl);
|
|
if (!parseToml) {
|
|
return [];
|
|
}
|
|
|
|
let parsed;
|
|
try {
|
|
parsed = parseToml(fs.readFileSync(configPath, 'utf8'));
|
|
} catch {
|
|
return [];
|
|
}
|
|
|
|
const block = parsed && typeof parsed.mcp_servers === 'object' && parsed.mcp_servers
|
|
? parsed.mcp_servers
|
|
: {};
|
|
|
|
return Object.entries(block)
|
|
.map(([name, raw]) => mapCodexServer(name, raw, configPath))
|
|
.filter(Boolean);
|
|
}
|
|
|
|
module.exports = {
|
|
readCodexMcp,
|
|
mapCodexServer
|
|
};
|