catlog22/Claude-Code-Workflow
1
0
Fork 0
mirror of https://github.com/catlog22/Claude-Code-Workflow.git synced 2026-02-11 02:33:51 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: 实现 MCP 工具集中式路径验证,增强安全性和可配置性

Browse Source 
- 新增 path-validator.ts:参考 MCP filesystem 服务器设计的集中式路径验证器
  - 支持 CCW_PROJECT_ROOT 和 CCW_ALLOWED_DIRS 环境变量配置
  - 多层路径验证:绝对路径解析 → 沙箱检查 → 符号链接验证
  - 向后兼容:未设置环境变量时回退到 process.cwd()

- 更新所有 MCP 工具使用集中式路径验证:
  - write-file.ts: 使用 validatePath()
  - edit-file.ts: 使用 validatePath({ mustExist: true })
  - read-file.ts: 使用 validatePath() + getProjectRoot()
  - smart-search.ts: 使用 getProjectRoot()
  - core-memory.ts: 使用 getProjectRoot()

- MCP 服务器启动时输出项目根目录和允许目录信息

- MCP 管理界面增强:
  - CCW Tools 安装卡片新增路径设置 UI
  - 支持 CCW_PROJECT_ROOT 和 CCW_ALLOWED_DIRS 配置
  - 添加"使用当前项目"快捷按钮
  - 支持 Claude 和 Codex 两种模式
  - 添加中英文国际化翻译

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
catlog22
2025-12-21 18:14:06 +08:00
parent f492f4839a
commit 45f92fe066
11 changed files with 330 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
ccw/src/mcp-server/index.ts
View File

@@ -12,10 +12,15 @@ import {
} from '@modelcontextprotocol/sdk/types.js';
import { getAllToolSchemas, executeTool, executeToolWithProgress } from '../tools/index.js';
import type { ToolSchema, ToolResult } from '../types/tool.js';
import { getProjectRoot, getAllowedDirectories } from '../utils/path-validator.js';
const SERVER_NAME = 'ccw-tools';
const SERVER_VERSION = '6.2.0';
// Environment variable names for documentation
const ENV_PROJECT_ROOT = 'CCW_PROJECT_ROOT';
const ENV_ALLOWED_DIRS = 'CCW_ALLOWED_DIRS';
// Default enabled tools (core set)
const DEFAULT_TOOLS: string[] = ['write_file', 'edit_file', 'read_file', 'smart_search', 'core_memory'];
@@ -162,7 +167,15 @@ async function main(): Promise<void> {
});
// Log server start (to stderr to not interfere with stdio protocol)
const projectRoot = getProjectRoot();
const allowedDirs = getAllowedDirectories();
console.error(`${SERVER_NAME} v${SERVER_VERSION} started`);
console.error(`Project root: ${projectRoot}`);
console.error(`Allowed directories: ${allowedDirs.join(', ')}`);
if (!process.env[ENV_PROJECT_ROOT]) {
console.error(`[Warning] ${ENV_PROJECT_ROOT} not set, using process.cwd()`);
console.error(`[Tip] Set ${ENV_PROJECT_ROOT} in your MCP config to specify project directory`);
}
}
// Run server