secureenv

package

v0.41.0 Latest Latest Go to latest Published: Jun 18, 2026 License: MIT Imports: 5 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/smart-mcp-proxy/mcpproxy-go

Links

Open Source Insights

Documentation ¶

Rendered for

Index ¶

type EnvConfig
- func DefaultEnvConfig() *EnvConfig
type Manager
- func NewManager(config *EnvConfig) *Manager
type PathDiscovery

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type EnvConfig ¶

type EnvConfig struct {
	InheritSystemSafe bool              `json:"inherit_system_safe"`
	AllowedSystemVars []string          `json:"allowed_system_vars"`
	CustomVars        map[string]string `json:"custom_vars"`
	EnhancePath       bool              `json:"enhance_path"` // Enable PATH enhancement for Launchd scenarios
	// ForwardProxyEnv opts in to forwarding the ambient HTTP(S)/ALL/NO/FTP proxy
	// environment variables to spawned upstream servers (MCP-2769). It is OFF by
	// default and deliberately kept out of the AllowedSystemVars default list:
	// proxy URLs frequently carry credentials (http://user:pass@proxy), so
	// forwarding them to every stdio upstream is a credential-leak risk. When
	// enabled, values are forwarded with their userinfo (credentials) redacted.
	ForwardProxyEnv bool `json:"forward_proxy_env,omitempty"`
}

EnvConfig represents environment configuration for secure filtering

func DefaultEnvConfig ¶

func DefaultEnvConfig() *EnvConfig

DefaultEnvConfig returns default environment configuration with safe system variables

type Manager ¶

type Manager struct {
	// contains filtered or unexported fields
}

Manager handles secure environment variable filtering

func NewManager ¶

func NewManager(config *EnvConfig) *Manager

NewManager creates a new secure environment manager

func (*Manager) BuildSecureEnvironment ¶

func (m *Manager) BuildSecureEnvironment() []string

BuildSecureEnvironment builds a secure environment variable list

func (*Manager) GetFilteredEnvCount ¶

func (m *Manager) GetFilteredEnvCount() (filteredCount, totalCount int)

GetFilteredEnvCount returns the number of filtered and total system environment variables

func (*Manager) GetPathDiscovery ¶

func (m *Manager) GetPathDiscovery() *PathDiscovery

GetPathDiscovery returns the discovered path information

func (*Manager) GetSystemEnvVar ¶

func (m *Manager) GetSystemEnvVar(key string) (string, bool)

GetSystemEnvVar safely gets a system environment variable.

func (*Manager) ValidateConfig ¶

func (m *Manager) ValidateConfig() error

ValidateConfig checks if the environment configuration is valid

type PathDiscovery ¶

type PathDiscovery struct {
	HomePath        string
	BrewPaths       []string
	NodePaths       []string
	PythonPaths     []string
	RustPaths       []string
	GoPaths         []string
	ChocoPaths      []string
	ScoopPaths      []string
	SystemPaths     []string
	DiscoveredPaths []string
	AvailableTools  map[string]string
}

PathDiscovery contains auto-discovered paths for common tools

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL