diff --git a/src/node/README.md b/src/node/README.md index c5661e0..02d02ff 100644 --- a/src/node/README.md +++ b/src/node/README.md @@ -59,6 +59,8 @@ npm install -g @connorbritain/mssql-mcp-server@latest | `DATABASE_NAME` | Yes | Target database | | `SQL_AUTH_MODE` | | `sql`, `windows`, or `aad` (default: `aad`) | | `SQL_USERNAME` / `SQL_PASSWORD` | | Required for `sql`/`windows` modes | +| `SQL_ENCRYPT` | | `true`/`false` (default: `true`). Azure SQL / Synapse require encryption. | +| `TRUST_SERVER_CERTIFICATE` | | `true`/`false` (default: `false`) | | `READONLY` | | `true` disables write tools | | `ENVIRONMENTS_CONFIG_PATH` | | Multi-environment JSON config | | `SCRIPTS_PATH` | | Named SQL scripts directory | diff --git a/src/node/src/config/EnvironmentManager.ts b/src/node/src/config/EnvironmentManager.ts index bff990d..7771e3b 100644 --- a/src/node/src/config/EnvironmentManager.ts +++ b/src/node/src/config/EnvironmentManager.ts @@ -17,6 +17,7 @@ export interface EnvironmentConfig { username?: string; password?: string; domain?: string; + encrypt?: boolean; trustServerCertificate?: boolean; connectionTimeout?: number; @@ -80,6 +81,14 @@ function resolveSecretsInConfig>(config: T): T { return resolved; } +const parseBool = (value: string | undefined, defaultValue: boolean): boolean => { + if (value === undefined) return defaultValue; + const normalized = value.toString().trim().toLowerCase(); + if (["true", "1", "yes"].includes(normalized)) return true; + if (["false", "0", "no"].includes(normalized)) return false; + return defaultValue; +}; + export class EnvironmentManager { private readonly environments: Map; private defaultEnvironment?: string; @@ -144,7 +153,8 @@ export class EnvironmentManager { username: process.env.SQL_USERNAME, password: process.env.SQL_PASSWORD, domain: process.env.SQL_DOMAIN, - trustServerCertificate: process.env.TRUST_SERVER_CERTIFICATE?.toLowerCase() === "true", + encrypt: parseBool(process.env.SQL_ENCRYPT ?? process.env.ENCRYPT, true), + trustServerCertificate: parseBool(process.env.TRUST_SERVER_CERTIFICATE, false), connectionTimeout: process.env.CONNECTION_TIMEOUT ? parseInt(process.env.CONNECTION_TIMEOUT, 10) : 30, @@ -318,7 +328,7 @@ export class EnvironmentManager { user: env.username, password: env.password, options: { - encrypt: false, + encrypt: env.encrypt ?? true, trustServerCertificate: env.trustServerCertificate ?? false, }, }, @@ -336,7 +346,7 @@ export class EnvironmentManager { config: { ...baseConfig, options: { - encrypt: false, + encrypt: env.encrypt ?? true, trustServerCertificate: env.trustServerCertificate ?? false, }, authentication: { @@ -365,7 +375,7 @@ export class EnvironmentManager { config: { ...baseConfig, options: { - encrypt: true, + encrypt: env.encrypt ?? true, trustServerCertificate: env.trustServerCertificate ?? false, }, authentication: { diff --git a/src/node/src/index.ts b/src/node/src/index.ts index 977d386..7c1b18f 100644 --- a/src/node/src/index.ts +++ b/src/node/src/index.ts @@ -1,6 +1,11 @@ #!/usr/bin/env node // External imports +// Keep MCP stdio JSON clean by sending logs to stderr +const origError = console.error.bind(console); +console.log = origError; +console.info = origError; +console.warn = origError; import { Buffer } from "node:buffer"; import * as dotenv from "dotenv"; import sql from "mssql";