mirror of
https://github.com/affaan-m/everything-claude-code.git
synced 2026-06-11 18:53:11 +08:00
7113b5bf63
* feat: add MCP inventory (ecc.mcp.v1) across harnesses Read-only MCP-gateway groundwork: discover MCP server configs across every installed harness, normalize to a canonical ecc.mcp.v1 inventory, redact secrets, and report which servers are configured in 2+ harnesses (the configure-N-times pain). The read+dedup side of a unified gateway, mirroring how the session-adapter layer started read-only. Readers (per-harness config formats): - claude-code: ~/.claude.json mcpServers + project .mcp.json - codex: ~/.codex/config.toml [mcp_servers.*] TOML via @iarna/toml - opencode: ~/.config/opencode/opencode.json mcp block (command ARRAY) canonical-mcp.js: - normalize transport labels (local=>stdio, remote=>http) to stdio/http/sse - merge servers by name across harnesses; flag DRIFT when signatures differ - fragmentation report + aggregates - SECRET REDACTION: env values stripped to key names; secrets in args (--modelApiKey sk-ant-...), inline --flag=secret, and URL userinfo/token query params all redacted before storage AND before the dedup signature. scripts/mcp-inventory.js: CLI (--json, --fragmented, --help). tests/lib/mcp-inventory.test.js: 12 tests incl. a regression for the real arg-carried-secret leak found while smoke-testing on live configs. Tests: 12/0. Real-data smoke: 33 servers across 3 harnesses, 21 configured in 2+ harnesses (7 drift); secret-leak audit clean. * test: cover reader error paths, collect skip-logic, and CLI main() for mcp-inventory Lift global branch coverage past the 80% gate (was 79.86%). Adds 6 tests exercising: missing-file/malformed-JSON/missing-block reader fallbacks, codex no-parser path, collect skipping non-function readers and swallowing reader errors, CLI usage()/main() help+json+human paths, and formatHumanReport no-fragmentation + fragmented-only branches. Also scrub a real API-key fragment that had leaked into a test fixture; all secret-like fixtures are now obviously-fake FAKE... tokens. mcp-inventory.js branch 30%->93%, collect.js ->100%. Global branch 80.33%.
48 lines
1.4 KiB
JavaScript
48 lines
1.4 KiB
JavaScript
'use strict';
|
|
|
|
const { normalizeServerEntry, buildInventory } = require('./canonical-mcp');
|
|
const { readClaudeCodeMcp } = require('./readers/claude-code');
|
|
const { readCodexMcp } = require('./readers/codex');
|
|
const { readOpencodeMcp } = require('./readers/opencode');
|
|
|
|
const DEFAULT_READERS = Object.freeze({
|
|
'claude-code': readClaudeCodeMcp,
|
|
codex: readCodexMcp,
|
|
opencode: readOpencodeMcp
|
|
});
|
|
|
|
// Collect MCP server configs from every harness reader, normalize each raw
|
|
// entry to ecc.mcp.v1, then merge into a single deduplicated inventory with a
|
|
// fragmentation report. Secrets are stripped during normalization (only env
|
|
// key names survive), so the returned inventory is safe to print or persist.
|
|
function collectMcpInventory(options = {}) {
|
|
const readers = options.readers || DEFAULT_READERS;
|
|
const readerOptions = options.readerOptions || {};
|
|
|
|
const rawRecords = [];
|
|
for (const [harness, reader] of Object.entries(readers)) {
|
|
if (typeof reader !== 'function') {
|
|
continue;
|
|
}
|
|
|
|
let entries;
|
|
try {
|
|
entries = reader(readerOptions[harness] || readerOptions.shared || {});
|
|
} catch {
|
|
entries = [];
|
|
}
|
|
|
|
if (Array.isArray(entries)) {
|
|
rawRecords.push(...entries);
|
|
}
|
|
}
|
|
|
|
const normalized = rawRecords.map(normalizeServerEntry);
|
|
return buildInventory(normalized);
|
|
}
|
|
|
|
module.exports = {
|
|
collectMcpInventory,
|
|
DEFAULT_READERS
|
|
};
|