Skip to content

Commit fb8cda6

Browse files
silkspacesilkspace
committed
Security: Mask Graphistry credentials in logs, robustly load .env in Python, and ensure no sensitive info is printed in shell or server logs
1 parent f7a9521 commit fb8cda6

File tree

2 files changed

+13
-8
lines changed

2 files changed

+13
-8
lines changed

src/graphistry_mcp_server/server.py

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,9 @@
1515
from typing import Any, Dict, List, Optional, Tuple, Union, cast
1616
import os
1717

18+
from dotenv import load_dotenv
19+
load_dotenv()
20+
1821
import graphistry
1922
import pandas as pd
2023
import networkx as nx
@@ -32,8 +35,8 @@
3235
graph_cache = {}
3336

3437
# Debug: Print environment variables for Graphistry
35-
print(f"[DEBUG] GRAPHISTRY_USERNAME: {os.environ.get('GRAPHISTRY_USERNAME')}")
36-
print(f"[DEBUG] GRAPHISTRY_PASSWORD: {os.environ.get('GRAPHISTRY_PASSWORD')}")
38+
print(f"[DEBUG] GRAPHISTRY_USERNAME is set: {os.environ.get('GRAPHISTRY_USERNAME') is not None}")
39+
print(f"[DEBUG] GRAPHISTRY_PASSWORD is set: {os.environ.get('GRAPHISTRY_PASSWORD') is not None}")
3740

3841
# Register Graphistry client with credentials and API version 3
3942
print("[DEBUG] Calling graphistry.register() with api=3, protocol=https, server=hub.graphistry.com")

start-graphistry-mcp.sh

Lines changed: 8 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -12,10 +12,10 @@ if [ -z "$VIRTUAL_ENV" ]; then
1212
if [ -d ".venv" ]; then
1313
source .venv/bin/activate
1414
else
15-
echo "Creating virtual environment with uvx..."
16-
uvx venv .venv
15+
echo "Creating virtual environment with python3..."
16+
python3 -m venv .venv
1717
source .venv/bin/activate
18-
uvx pip install -e ".[dev]"
18+
pip install -e ".[dev]"
1919
fi
2020
fi
2121

@@ -52,7 +52,9 @@ if [ -z "$GRAPHISTRY_USERNAME" ] || [ -z "$GRAPHISTRY_PASSWORD" ]; then
5252
fi
5353
fi
5454
else
55-
echo "✓ Graphistry credentials found in environment variables"
55+
echo "✓ Graphistry credentials found in environment variables:"
56+
echo " GRAPHISTRY_USERNAME is set: $([ -n "$GRAPHISTRY_USERNAME" ] && echo True || echo False)"
57+
echo " GRAPHISTRY_PASSWORD is set: $([ -n "$GRAPHISTRY_PASSWORD" ] && echo True || echo False)"
5658
fi
5759

5860
# Check for mode parameter
@@ -78,8 +80,8 @@ echo "Starting Graphistry MCP server in $MODE mode..."
7880

7981
if [ "$MODE" == "http" ]; then
8082
echo "Server will be available at http://localhost:$PORT"
81-
uvx python src/graphistry_mcp_server/server.py --http $PORT
83+
python src/graphistry_mcp_server/server.py --http $PORT
8284
else
8385
# stdio mode
84-
exec uvx python src/graphistry_mcp_server/server.py
86+
exec python src/graphistry_mcp_server/server.py
8587
fi

0 commit comments

Comments
 (0)