From 9ea77a729cfc9894e3e8d0c5c4fc3f10a0d69c65 Mon Sep 17 00:00:00 2001 From: "devin-ai-integration[bot]" <158243242+devin-ai-integration[bot]@users.noreply.github.com> Date: Fri, 6 Dec 2024 19:33:08 +0000 Subject: [PATCH 1/5] chore: add shell-quote package and types --- package-lock.json | 20 ++++++++++++++++---- package.json | 4 +++- 2 files changed, 19 insertions(+), 5 deletions(-) diff --git a/package-lock.json b/package-lock.json index 26f07ff..1e81bd0 100644 --- a/package-lock.json +++ b/package-lock.json @@ -24,7 +24,9 @@ }, "devDependencies": { "@types/node": "^22.7.5", - "prettier": "3.3.3" + "@types/shell-quote": "^1.7.5", + "prettier": "3.3.3", + "shell-quote": "^1.8.2" } }, "client": { @@ -2393,6 +2395,13 @@ "@types/send": "*" } }, + "node_modules/@types/shell-quote": { + "version": "1.7.5", + "resolved": "https://registry.npmjs.org/@types/shell-quote/-/shell-quote-1.7.5.tgz", + "integrity": "sha512-+UE8GAGRPbJVQDdxi16dgadcBfQ+KG2vgZhV1+3A1XmHbmwcdwhCUwIdy+d3pAGrbvgRoVSjeI9vOWyq376Yzw==", + "dev": true, + "license": "MIT" + }, "node_modules/@types/ws": { "version": "8.5.13", "resolved": "https://registry.npmjs.org/@types/ws/-/ws-8.5.13.tgz", @@ -5688,10 +5697,13 @@ } }, "node_modules/shell-quote": { - "version": "1.8.1", - "resolved": "https://registry.npmjs.org/shell-quote/-/shell-quote-1.8.1.tgz", - "integrity": "sha512-6j1W9l1iAs/4xYBI1SYOVZyFcCis9b4KCLQ8fgAGG07QvzaRLVVRQvAy85yNmmZSjYjg4MWh4gNvlPujU/5LpA==", + "version": "1.8.2", + "resolved": "https://registry.npmjs.org/shell-quote/-/shell-quote-1.8.2.tgz", + "integrity": "sha512-AzqKpGKjrj7EM6rKVQEPpB288oCfnrEIuyoT9cyF4nmGa7V8Zk6f7RRqYisX8X9m+Q7bd632aZW4ky7EhbQztA==", "license": "MIT", + "engines": { + "node": ">= 0.4" + }, "funding": { "url": "https://github.com/sponsors/ljharb" } diff --git a/package.json b/package.json index 9061a7a..bdc835a 100644 --- a/package.json +++ b/package.json @@ -41,6 +41,8 @@ }, "devDependencies": { "@types/node": "^22.7.5", - "prettier": "3.3.3" + "@types/shell-quote": "^1.7.5", + "prettier": "3.3.3", + "shell-quote": "^1.8.2" } } From cc1ae05f9d2fcbca82f1380d0df15ffd449a4ab7 Mon Sep 17 00:00:00 2001 From: "devin-ai-integration[bot]" <158243242+devin-ai-integration[bot]@users.noreply.github.com> Date: Fri, 6 Dec 2024 19:34:03 +0000 Subject: [PATCH 2/5] fix: use shell-quote for proper argument parsing --- server/src/index.ts | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/server/src/index.ts b/server/src/index.ts index a217f44..940a008 100644 --- a/server/src/index.ts +++ b/server/src/index.ts @@ -3,6 +3,7 @@ import cors from "cors"; import EventSource from "eventsource"; import { parseArgs } from "node:util"; +import { parse as shellParseArgs } from 'shell-quote'; import { SSEClientTransport } from "@modelcontextprotocol/sdk/client/sse.js"; import { @@ -38,7 +39,7 @@ const createTransport = async (query: express.Request["query"]) => { if (transportType === "stdio") { const command = query.command as string; - const origArgs = (query.args as string).split(/\s+/); + const origArgs = shellParseArgs(query.args as string) as string[]; const env = query.env ? JSON.parse(query.env as string) : undefined; const { cmd, args } = findActualExecutable(command, origArgs); From c340e5f1ed69b32abd18ae255c5b677339b82166 Mon Sep 17 00:00:00 2001 From: "devin-ai-integration[bot]" <158243242+devin-ai-integration[bot]@users.noreply.github.com> Date: Fri, 6 Dec 2024 19:43:11 +0000 Subject: [PATCH 3/5] chore: move shell-quote to main dependencies --- package-lock.json | 4 ++-- package.json | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index 1e81bd0..13f4248 100644 --- a/package-lock.json +++ b/package-lock.json @@ -16,6 +16,7 @@ "@modelcontextprotocol/inspector-client": "0.3.0", "@modelcontextprotocol/inspector-server": "0.3.0", "concurrently": "^9.0.1", + "shell-quote": "^1.8.2", "spawn-rx": "^5.1.0", "ts-node": "^10.9.2" }, @@ -25,8 +26,7 @@ "devDependencies": { "@types/node": "^22.7.5", "@types/shell-quote": "^1.7.5", - "prettier": "3.3.3", - "shell-quote": "^1.8.2" + "prettier": "3.3.3" } }, "client": { diff --git a/package.json b/package.json index bdc835a..c262588 100644 --- a/package.json +++ b/package.json @@ -36,13 +36,13 @@ "@modelcontextprotocol/inspector-client": "0.3.0", "@modelcontextprotocol/inspector-server": "0.3.0", "concurrently": "^9.0.1", + "shell-quote": "^1.8.2", "spawn-rx": "^5.1.0", "ts-node": "^10.9.2" }, "devDependencies": { "@types/node": "^22.7.5", "@types/shell-quote": "^1.7.5", - "prettier": "3.3.3", - "shell-quote": "^1.8.2" + "prettier": "3.3.3" } } From bd6586bbad77af75391296cf3bfaed7dc6941c55 Mon Sep 17 00:00:00 2001 From: "devin-ai-integration[bot]" <158243242+devin-ai-integration[bot]@users.noreply.github.com> Date: Fri, 6 Dec 2024 19:43:48 +0000 Subject: [PATCH 4/5] style: apply prettier formatting --- CODE_OF_CONDUCT.md | 22 +++++++++++----------- SECURITY.md | 1 + client/src/App.tsx | 3 ++- client/src/main.tsx | 4 ++-- client/vite.config.ts | 8 ++++---- server/src/index.ts | 2 +- 6 files changed, 21 insertions(+), 19 deletions(-) diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md index 05c32c6..7e832b3 100644 --- a/CODE_OF_CONDUCT.md +++ b/CODE_OF_CONDUCT.md @@ -17,23 +17,23 @@ diverse, inclusive, and healthy community. Examples of behavior that contributes to a positive environment for our community include: -* Demonstrating empathy and kindness toward other people -* Being respectful of differing opinions, viewpoints, and experiences -* Giving and gracefully accepting constructive feedback -* Accepting responsibility and apologizing to those affected by our mistakes, +- Demonstrating empathy and kindness toward other people +- Being respectful of differing opinions, viewpoints, and experiences +- Giving and gracefully accepting constructive feedback +- Accepting responsibility and apologizing to those affected by our mistakes, and learning from the experience -* Focusing on what is best not just for us as individuals, but for the +- Focusing on what is best not just for us as individuals, but for the overall community Examples of unacceptable behavior include: -* The use of sexualized language or imagery, and sexual attention or +- The use of sexualized language or imagery, and sexual attention or advances of any kind -* Trolling, insulting or derogatory comments, and personal or political attacks -* Public or private harassment -* Publishing others' private information, such as a physical or email +- Trolling, insulting or derogatory comments, and personal or political attacks +- Public or private harassment +- Publishing others' private information, such as a physical or email address, without their explicit permission -* Other conduct which could reasonably be considered inappropriate in a +- Other conduct which could reasonably be considered inappropriate in a professional setting ## Enforcement Responsibilities @@ -106,7 +106,7 @@ Violating these terms may lead to a permanent ban. ### 4. Permanent Ban **Community Impact**: Demonstrating a pattern of violation of community -standards, including sustained inappropriate behavior, harassment of an +standards, including sustained inappropriate behavior, harassment of an individual, or aggression toward or disparagement of classes of individuals. **Consequence**: A permanent ban from any sort of public interaction within diff --git a/SECURITY.md b/SECURITY.md index 21f8e59..9d54767 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,4 +1,5 @@ # Security Policy + Thank you for helping us keep the inspector secure. ## Reporting Security Issues diff --git a/client/src/App.tsx b/client/src/App.tsx index 2c84377..8a4df79 100644 --- a/client/src/App.tsx +++ b/client/src/App.tsx @@ -59,7 +59,8 @@ const DEFAULT_REQUEST_TIMEOUT_MSEC = 10000; const params = new URLSearchParams(window.location.search); const PROXY_PORT = params.get("proxyPort") ?? "3000"; -const REQUEST_TIMEOUT = parseInt(params.get("timeout") ?? "") || DEFAULT_REQUEST_TIMEOUT_MSEC; +const REQUEST_TIMEOUT = + parseInt(params.get("timeout") ?? "") || DEFAULT_REQUEST_TIMEOUT_MSEC; const PROXY_SERVER_URL = `http://localhost:${PROXY_PORT}`; const App = () => { diff --git a/client/src/main.tsx b/client/src/main.tsx index 8ed57a0..450213d 100644 --- a/client/src/main.tsx +++ b/client/src/main.tsx @@ -1,7 +1,7 @@ import { StrictMode } from "react"; import { createRoot } from "react-dom/client"; -import { ToastContainer } from 'react-toastify'; -import 'react-toastify/dist/ReactToastify.css'; +import { ToastContainer } from "react-toastify"; +import "react-toastify/dist/ReactToastify.css"; import App from "./App.tsx"; import "./index.css"; diff --git a/client/vite.config.ts b/client/vite.config.ts index 3b6c407..dd3bd01 100644 --- a/client/vite.config.ts +++ b/client/vite.config.ts @@ -14,8 +14,8 @@ export default defineConfig({ minify: false, rollupOptions: { output: { - manualChunks: undefined - } - } - } + manualChunks: undefined, + }, + }, + }, }); diff --git a/server/src/index.ts b/server/src/index.ts index 940a008..b82b17d 100644 --- a/server/src/index.ts +++ b/server/src/index.ts @@ -3,7 +3,7 @@ import cors from "cors"; import EventSource from "eventsource"; import { parseArgs } from "node:util"; -import { parse as shellParseArgs } from 'shell-quote'; +import { parse as shellParseArgs } from "shell-quote"; import { SSEClientTransport } from "@modelcontextprotocol/sdk/client/sse.js"; import { From fdc521646fa97d6d70da984e538024c77171848e Mon Sep 17 00:00:00 2001 From: Jeffrey Ling Date: Fri, 6 Dec 2024 12:48:48 -0700 Subject: [PATCH 5/5] no need to prettier format everything right now --- CODE_OF_CONDUCT.md | 22 +++++++++++----------- SECURITY.md | 1 - client/src/App.tsx | 3 +-- client/src/main.tsx | 4 ++-- client/vite.config.ts | 8 ++++---- 5 files changed, 18 insertions(+), 20 deletions(-) diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md index 7e832b3..05c32c6 100644 --- a/CODE_OF_CONDUCT.md +++ b/CODE_OF_CONDUCT.md @@ -17,23 +17,23 @@ diverse, inclusive, and healthy community. Examples of behavior that contributes to a positive environment for our community include: -- Demonstrating empathy and kindness toward other people -- Being respectful of differing opinions, viewpoints, and experiences -- Giving and gracefully accepting constructive feedback -- Accepting responsibility and apologizing to those affected by our mistakes, +* Demonstrating empathy and kindness toward other people +* Being respectful of differing opinions, viewpoints, and experiences +* Giving and gracefully accepting constructive feedback +* Accepting responsibility and apologizing to those affected by our mistakes, and learning from the experience -- Focusing on what is best not just for us as individuals, but for the +* Focusing on what is best not just for us as individuals, but for the overall community Examples of unacceptable behavior include: -- The use of sexualized language or imagery, and sexual attention or +* The use of sexualized language or imagery, and sexual attention or advances of any kind -- Trolling, insulting or derogatory comments, and personal or political attacks -- Public or private harassment -- Publishing others' private information, such as a physical or email +* Trolling, insulting or derogatory comments, and personal or political attacks +* Public or private harassment +* Publishing others' private information, such as a physical or email address, without their explicit permission -- Other conduct which could reasonably be considered inappropriate in a +* Other conduct which could reasonably be considered inappropriate in a professional setting ## Enforcement Responsibilities @@ -106,7 +106,7 @@ Violating these terms may lead to a permanent ban. ### 4. Permanent Ban **Community Impact**: Demonstrating a pattern of violation of community -standards, including sustained inappropriate behavior, harassment of an +standards, including sustained inappropriate behavior, harassment of an individual, or aggression toward or disparagement of classes of individuals. **Consequence**: A permanent ban from any sort of public interaction within diff --git a/SECURITY.md b/SECURITY.md index 9d54767..21f8e59 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,5 +1,4 @@ # Security Policy - Thank you for helping us keep the inspector secure. ## Reporting Security Issues diff --git a/client/src/App.tsx b/client/src/App.tsx index 8a4df79..2c84377 100644 --- a/client/src/App.tsx +++ b/client/src/App.tsx @@ -59,8 +59,7 @@ const DEFAULT_REQUEST_TIMEOUT_MSEC = 10000; const params = new URLSearchParams(window.location.search); const PROXY_PORT = params.get("proxyPort") ?? "3000"; -const REQUEST_TIMEOUT = - parseInt(params.get("timeout") ?? "") || DEFAULT_REQUEST_TIMEOUT_MSEC; +const REQUEST_TIMEOUT = parseInt(params.get("timeout") ?? "") || DEFAULT_REQUEST_TIMEOUT_MSEC; const PROXY_SERVER_URL = `http://localhost:${PROXY_PORT}`; const App = () => { diff --git a/client/src/main.tsx b/client/src/main.tsx index 450213d..8ed57a0 100644 --- a/client/src/main.tsx +++ b/client/src/main.tsx @@ -1,7 +1,7 @@ import { StrictMode } from "react"; import { createRoot } from "react-dom/client"; -import { ToastContainer } from "react-toastify"; -import "react-toastify/dist/ReactToastify.css"; +import { ToastContainer } from 'react-toastify'; +import 'react-toastify/dist/ReactToastify.css'; import App from "./App.tsx"; import "./index.css"; diff --git a/client/vite.config.ts b/client/vite.config.ts index dd3bd01..3b6c407 100644 --- a/client/vite.config.ts +++ b/client/vite.config.ts @@ -14,8 +14,8 @@ export default defineConfig({ minify: false, rollupOptions: { output: { - manualChunks: undefined, - }, - }, - }, + manualChunks: undefined + } + } + } });