torbjorn/my-pal-mcp-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
af68e8bf7c0b67ade4030adc1d2556382e950172
my-pal-mcp-server/setup-docker-env.bat
Fahad 27add4d05d feat: Major refactoring and improvements v2.11.0 
## 🚀 Major Improvements

### Docker Environment Simplification
- **BREAKING**: Simplified Docker configuration by auto-detecting sandbox from WORKSPACE_ROOT
- Removed redundant MCP_PROJECT_ROOT requirement for Docker setups
- Updated all Docker config examples and setup scripts
- Added security validation for dangerous WORKSPACE_ROOT paths

### Security Enhancements
- **CRITICAL**: Fixed insecure PROJECT_ROOT fallback to use current directory instead of home
- Enhanced path validation with proper Docker environment detection
- Removed information disclosure in error messages
- Strengthened symlink and path traversal protection

### File Handling Optimization
- **PERFORMANCE**: Optimized read_files() to return content only (removed summary)
- Unified file reading across all tools using standardized file_utils routines
- Fixed review_changes tool to use consistent file loading patterns
- Improved token management and reduced unnecessary processing

### Tool Improvements
- **UX**: Enhanced ReviewCodeTool to require user context for targeted reviews
- Removed deprecated _get_secure_container_path function and _sanitize_filename
- Standardized file access patterns across analyze, review_changes, and other tools
- Added contextual prompting to align reviews with user expectations

### Code Quality & Testing
- Updated all tests for new function signatures and requirements
- Added comprehensive Docker path integration tests
- Achieved 100% test coverage (95 tests passing)
- Full compliance with ruff, black, and isort linting standards

### Configuration & Deployment
- Added pyproject.toml for modern Python packaging
- Streamlined Docker setup removing redundant environment variables
- Updated setup scripts across all platforms (Windows, macOS, Linux)
- Improved error handling and validation throughout

## 🔧 Technical Changes

- **Removed**: `_get_secure_container_path()`, `_sanitize_filename()`, unused SANDBOX_MODE
- **Enhanced**: Path translation, security validation, token management
- **Standardized**: File reading patterns, error handling, Docker detection
- **Updated**: All tool prompts for better context alignment

## 🛡️ Security Notes

This release significantly improves the security posture by:
- Eliminating broad filesystem access defaults
- Adding validation for Docker environment variables
- Removing information disclosure in error paths
- Strengthening path traversal and symlink protections

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-06-10 09:50:05 +04:00

82 lines
2.6 KiB
Batchfile
Raw Blame History

@echo off
REM Helper script to set up .env file for Docker usage on Windows
echo Setting up .env file for Gemini MCP Server Docker...
REM Get the current working directory (absolute path)
set CURRENT_DIR=%CD%
REM Check if .env already exists
if exist .env (
echo Warning: .env file already exists! Skipping creation.
echo.
) else (
REM Check if GEMINI_API_KEY is already set in environment
if defined GEMINI_API_KEY (
set API_KEY_VALUE=%GEMINI_API_KEY%
echo Found existing GEMINI_API_KEY in environment
) else (
set API_KEY_VALUE=your-gemini-api-key-here
)
REM Create the .env file
(
echo # Gemini MCP Server Docker Environment Configuration
echo # Generated on %DATE% %TIME%
echo.
echo # Your Gemini API key ^(get one from https://makersuite.google.com/app/apikey^)
echo # IMPORTANT: Replace this with your actual API key
echo GEMINI_API_KEY=%API_KEY_VALUE%
) > .env
echo.
echo Created .env file
echo.
)
echo Next steps:
if "%API_KEY_VALUE%"=="your-gemini-api-key-here" (
echo 1. Edit .env and replace 'your-gemini-api-key-here' with your actual Gemini API key
echo 2. Run 'docker build -t gemini-mcp-server .' to build the Docker image
echo 3. Copy this configuration to your Claude Desktop config:
) else (
echo 1. Run 'docker build -t gemini-mcp-server .' to build the Docker image
echo 2. Copy this configuration to your Claude Desktop config:
)
echo.
echo ===== COPY BELOW THIS LINE =====
echo {
echo "mcpServers": {
echo "gemini": {
echo "command": "%CURRENT_DIR%\gemini-mcp-docker.bat"
echo }
echo }
echo }
echo ===== COPY ABOVE THIS LINE =====
echo.
echo Alternative: If you prefer the direct Docker command:
echo {
echo "mcpServers": {
echo "gemini": {
echo "command": "docker",
echo "args": [
echo "run",
echo "--rm",
echo "-i",
echo "--env-file", "%CURRENT_DIR%\.env",
echo "-e", "WORKSPACE_ROOT=%USERPROFILE%",
echo "-v", "%USERPROFILE%:/workspace:ro",
echo "gemini-mcp-server:latest"
echo ]
echo }
echo }
echo }
echo.
echo Config file location:
echo Windows: %%APPDATA%%\Claude\claude_desktop_config.json
echo.
echo Note: This configuration mounts your user directory ^(%USERPROFILE%^).
echo Docker can access any file within your user directory.
echo.
echo If you want to restrict access to a specific directory:
echo Change both the mount ^(-v^) and WORKSPACE_ROOT to match:
echo Example: -v "%CURRENT_DIR%:/workspace:ro" and WORKSPACE_ROOT=%CURRENT_DIR%
echo The container will automatically use /workspace as the sandbox boundary.
Reference in New Issue View Git Blame Copy Permalink