UNPKG

context-optimizer-mcp-server

Version:

Context optimization tools MCP server for AI coding assistants - compatible with GitHub Copilot, Cursor AI, and other MCP-supporting assistants

github.com/malaksedarous/context-optimizer-mcp-server

malaksedarous/context-optimizer-mcp-server

211 lines 8.42 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
"use strict"; /** * Path security validation utilities * * Prevents path traversal attacks and unauthorized file access */ var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { if (k2 === undefined) k2 = k; var desc = Object.getOwnPropertyDescriptor(m, k); if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { desc = { enumerable: true, get: function() { return m[k]; } }; } Object.defineProperty(o, k2, desc); }) : (function(o, m, k, k2) { if (k2 === undefined) k2 = k; o[k2] = m[k]; })); var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { Object.defineProperty(o, "default", { enumerable: true, value: v }); }) : function(o, v) { o["default"] = v; }); var __importStar = (this && this.__importStar) || (function () { var ownKeys = function(o) { ownKeys = Object.getOwnPropertyNames || function (o) { var ar = []; for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k; return ar; }; return ownKeys(o); }; return function (mod) { if (mod && mod.__esModule) return mod; var result = {}; if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]); __setModuleDefault(result, mod); return result; }; })(); Object.defineProperty(exports, "__esModule", { value: true }); exports.PathValidator = void 0; const path = __importStar(require("path")); const fs = __importStar(require("fs/promises")); const manager_1 = require("../config/manager"); class PathValidator { /** * Validates a file path against security boundaries * * @param requestedPath - Path to validate * @returns Validation result with resolved path or error */ static async validateFilePath(requestedPath) { try { const config = manager_1.ConfigurationManager.getConfig(); const resolvedPath = path.resolve(requestedPath); // Check against allowed base paths const isAllowed = config.security.allowedBasePaths.some(basePath => { const resolvedBase = path.resolve(basePath); // Use case-insensitive comparison on Windows const normalizedPath = process.platform === 'win32' ? resolvedPath.toLowerCase() : resolvedPath; const normalizedBase = process.platform === 'win32' ? resolvedBase.toLowerCase() : resolvedBase; const basePlusSlash = normalizedBase + path.sep; return normalizedPath.startsWith(basePlusSlash) || normalizedPath === normalizedBase; }); if (!isAllowed) { return { valid: false, error: `Path '${resolvedPath}' is outside allowed directories: ${config.security.allowedBasePaths.join(', ')}` }; } // Check if file exists try { const stats = await fs.stat(resolvedPath); if (!stats.isFile()) { return { valid: false, error: `Path '${resolvedPath}' is not a file` }; } // Check file size if (stats.size > config.security.maxFileSize) { return { valid: false, error: `File '${resolvedPath}' exceeds maximum size limit (${config.security.maxFileSize} bytes)` }; } } catch { return { valid: false, error: `File '${resolvedPath}' does not exist or is not accessible` }; } return { valid: true, resolvedPath }; } catch (error) { return { valid: false, error: `Path validation error: ${error instanceof Error ? error.message : String(error)}` }; } } /** * Validates a working directory path against security boundaries * * @param requestedPath - Directory path to validate * @returns Validation result with resolved path or error */ static async validateWorkingDirectory(requestedPath) { try { const config = manager_1.ConfigurationManager.getConfig(); const resolvedPath = path.resolve(requestedPath); // Check against allowed base paths const isAllowed = config.security.allowedBasePaths.some(basePath => { const resolvedBase = path.resolve(basePath); // Use case-insensitive comparison on Windows const normalizedPath = process.platform === 'win32' ? resolvedPath.toLowerCase() : resolvedPath; const normalizedBase = process.platform === 'win32' ? resolvedBase.toLowerCase() : resolvedBase; const basePlusSlash = normalizedBase + path.sep; return normalizedPath.startsWith(basePlusSlash) || normalizedPath === normalizedBase; }); if (!isAllowed) { return { valid: false, error: `Working directory '${resolvedPath}' is outside allowed paths: ${config.security.allowedBasePaths.join(', ')}` }; } // Check if directory exists try { const stats = await fs.stat(resolvedPath); if (!stats.isDirectory()) { return { valid: false, error: `Path '${resolvedPath}' is not a directory` }; } } catch { return { valid: false, error: `Directory '${resolvedPath}' does not exist or is not accessible` }; } return { valid: true, resolvedPath }; } catch (error) { return { valid: false, error: `Directory validation error: ${error instanceof Error ? error.message : String(error)}` }; } } /** * Helper method to check if a path is within allowed boundaries (without file system checks) * * @param requestedPath - Path to check * @returns Whether the path is within allowed boundaries */ static isPathAllowed(requestedPath) { try { const config = manager_1.ConfigurationManager.getConfig(); const resolvedPath = path.resolve(requestedPath); return config.security.allowedBasePaths.some(basePath => { const resolvedBase = path.resolve(basePath); return resolvedPath.startsWith(resolvedBase + path.sep) || resolvedPath === resolvedBase; }); } catch { return false; } } /** * Normalize and sanitize a path for logging purposes * * @param filePath - Path to sanitize * @returns Sanitized path safe for logging */ static sanitizePathForLogging(filePath) { try { // Check for obviously invalid characters first if (/[<>:"|?*\0]/.test(filePath)) { return '[INVALID_PATH]'; } const resolved = path.resolve(filePath); // Replace all directory components except the last one with placeholders const parts = resolved.split(path.sep); if (parts.length <= 2) { return resolved; // Too short to sanitize meaningfully } // Keep first part (drive on Windows, root on Unix) and last part (filename) const sanitized = parts.map((part, index) => { if (index === 0 || index === parts.length - 1) { return part; } return '****'; }).join(path.sep); return sanitized; } catch { return '[INVALID_PATH]'; } } } exports.PathValidator = PathValidator; //# sourceMappingURL=pathValidator.js.map