config

package
v1.4.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 29, 2026 License: MIT Imports: 5 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Validate 

func Validate(cfg *Config) error

Validate checks that every server in the config has the required fields for its transport type.

Types

type ArgRule added in v1.4.0 

type ArgRule struct {
	DenyPattern string   `yaml:"deny_pattern"`
	AllowPrefix []string `yaml:"allow_prefix"`
	DenyPrefix  []string `yaml:"deny_prefix"`
}

ArgRule defines rules for matching argument values.

type AuditConfig added in v1.4.0 

type AuditConfig struct {
	Enabled bool     `yaml:"enabled"`
	Log     string   `yaml:"log"`
	Redact  []string `yaml:"redact"`
}

AuditConfig controls audit logging.

type AuthConfig added in v1.2.0 

type AuthConfig struct {
	Type  string `yaml:"type"`
	Token string `yaml:"token"`
}

AuthConfig holds authentication settings for remote transports.

type Config 

type Config struct {
	Servers  map[string]*ServerConfig `yaml:"servers"`
	Security *SecurityConfig          `yaml:"security"`
}

Config holds the full mcpx configuration.

func Load 

func Load() (*Config, string, error)

Load reads the global (~/.mcpx/config.yml) and project (.mcpx/config.yml) configs, merges them, and validates the result. Returns the merged config, the project root (empty if no project config), and any error.

func LoadFrom 

func LoadFrom(globalPath, projectPath string) (*Config, error)

LoadFrom loads configs from explicit paths (useful for testing).

func Merge 

func Merge(global, project *Config) *Config

Merge combines global and project configs. Project servers replace global servers entirely on a per-server-name basis. Project security overrides global.

type ContentMatch added in v1.4.0 

type ContentMatch struct {
	Target         string `yaml:"target"` // dot-path to arg, e.g. "args.sql"
	DenyPattern    string `yaml:"deny_pattern"`
	RequirePattern string `yaml:"require_pattern"`
	When           string `yaml:"when"` // only apply require_pattern when this matches
}

ContentMatch inspects the body/value of a specific argument.

type GlobalSecurity added in v1.4.0 

type GlobalSecurity struct {
	Audit     *AuditConfig     `yaml:"audit"`
	RateLimit *RateLimitConfig `yaml:"rate_limit"`
	Policies  []Policy         `yaml:"policies"`
}

GlobalSecurity holds security settings that apply to all servers.

type LifecycleConfig added in v1.4.0 

type LifecycleConfig struct {
	OnConnect []LifecycleHook `yaml:"on_connect"`
}

LifecycleConfig holds server lifecycle hooks.

type LifecycleHook added in v1.4.0 

type LifecycleHook struct {
	Tool string         `yaml:"tool"`
	Args map[string]any `yaml:"args"`
}

LifecycleHook defines a tool call executed during a lifecycle event.

type Policy added in v1.4.0 

type Policy struct {
	Name    string      `yaml:"name"`
	Match   PolicyMatch `yaml:"match"`
	Action  string      `yaml:"action"` // "allow", "deny", "warn"
	Message string      `yaml:"message"`
}

Policy defines a security rule evaluated before tool calls.

type PolicyMatch added in v1.4.0 

type PolicyMatch struct {
	Tools   []string           `yaml:"tools"`
	Args    map[string]ArgRule `yaml:"args"`
	Content *ContentMatch      `yaml:"content"`
}

PolicyMatch defines what a policy matches against.

type RateLimitConfig added in v1.4.0 

type RateLimitConfig struct {
	MaxCallsPerMinute int `yaml:"max_calls_per_minute"`
	MaxCallsPerTool   int `yaml:"max_calls_per_tool"`
}

RateLimitConfig controls per-server rate limiting.

type SecurityConfig added in v1.4.0 

type SecurityConfig struct {
	Enabled bool           `yaml:"enabled"`
	Global  GlobalSecurity `yaml:"global"`
}

SecurityConfig holds the top-level security configuration.

type ServerConfig 

type ServerConfig struct {
	Command        string            `yaml:"command"`
	Args           []string          `yaml:"args"`
	Transport      string            `yaml:"transport"`
	Env            map[string]string `yaml:"env"`
	Daemon         bool              `yaml:"daemon"`
	StartupTimeout string            `yaml:"startup_timeout"`
	URL            string            `yaml:"url"`
	Headers        map[string]string `yaml:"headers"`
	Auth           *AuthConfig       `yaml:"auth"`
	Security       *ServerSecurity   `yaml:"security"`
	Lifecycle      *LifecycleConfig  `yaml:"lifecycle"`
	Workspaces     []WorkspaceConfig `yaml:"workspaces"`
}

ServerConfig describes a single MCP server.

type ServerSecurity added in v1.4.0 

type ServerSecurity struct {
	Mode         string   `yaml:"mode"` // "read-only", "editing", "custom"
	AllowedTools []string `yaml:"allowed_tools"`
	BlockedTools []string `yaml:"blocked_tools"`
	Policies     []Policy `yaml:"policies"`
}

ServerSecurity holds per-server security overrides.

type WorkspaceConfig added in v1.4.0 

type WorkspaceConfig struct {
	Name      string           `yaml:"name"`
	Path      string           `yaml:"path"` // relative to project root
	Lifecycle *LifecycleConfig `yaml:"lifecycle"`
	Security  *ServerSecurity  `yaml:"security"`
}

WorkspaceConfig defines a workspace within a monorepo. Each workspace maps to a subdirectory with its own lifecycle hooks and security.

func ResolveWorkspace added in v1.4.0 

func ResolveWorkspace(sc *ServerConfig, projectRoot string) *WorkspaceConfig

ResolveWorkspace returns the workspace matching the current working directory, or nil if cwd is not inside any workspace. projectRoot is the directory containing .mcpx/config.yml.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.