Skip to content

Commit b35192a

Browse files
committed
Merge branch 'release/9.1.0'
2 parents 1b4efe0 + 8356799 commit b35192a

File tree

4 files changed

+144
-15
lines changed

4 files changed

+144
-15
lines changed

README.md

Lines changed: 116 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -449,9 +449,14 @@ MongoDB Lens supports extensive customization via JSON configuration file.
449449
"initialRetryDelayMs": 1000 // Initial delay between retries
450450
},
451451
"disabled": {
452-
"tools": [], // List of tools to disable or true to disable all
453-
"prompts": [], // List of prompts to disable or true to disable all
454-
"resources": [] // List of resources to disable or true to disable all
452+
"tools": [], // Array of tools to disable or true to disable all
453+
"prompts": [], // Array of prompts to disable or true to disable all
454+
"resources": [] // Array of resources to disable or true to disable all
455+
},
456+
"enabled": {
457+
"tools": true, // Array of tools to enable or true to enable all
458+
"prompts": true, // Array of prompts to enable or true to enable all
459+
"resources": true // Array of resources to enable or true to enable all
455460
},
456461
"cacheTTL": {
457462
"stats": 15000, // Stats cache lifetime in milliseconds
@@ -841,6 +846,7 @@ To protect your data while using MongoDB Lens, consider the following:
841846

842847
- [Read-Only User Accounts](#data-protection-read-only-user-accounts)
843848
- [Working with Database Backups](#data-protection-working-with-database-backups)
849+
- [Data Flow Considerations](#data-protection-data-flow-considerations)
844850
- [Confirmation for Destructive Operations](#data-protection-confirmation-for-destructive-operations)
845851
- [Disabling Destructive Operations](#data-protection-disabling-destructive-operations)
846852

@@ -876,6 +882,75 @@ Start by generating the backup with `mongodump`. Next, spin up a fresh MongoDB i
876882

877883
This approach gives you a sandbox to test complex or destructive operations against without risking accidental corruption of your live data.
878884

885+
### Data Protection: Data Flow Considerations
886+
887+
- [How Your Data Flows Through the System](#data-flow-considerations-how-your-data-flows-through-the-system)
888+
- [Protecting Sensitive Data with Projection](#data-flow-considerations-protecting-sensitive-data-with-projection)
889+
- [Connection Aliases and Passwords](#data-flow-considerations-connection-aliases-and-passwords)
890+
- [Local Setup for Maximum Safety](#data-flow-considerations-local-setup-for-maximum-safety)
891+
892+
#### Data Flow Considerations: How Your Data Flows Through the System
893+
894+
When using an MCP Server with a remote LLM provider (such as Anthropic via Claude Desktop) understanding how your data moves through the system is key to protecting sensitive information from unintended exposure.
895+
896+
When you send a MongoDB Lens related query through your MCP client, here’s what happens:
897+
898+
```mermaid
899+
sequenceDiagram
900+
actor User
901+
box Local Machine #d4f1f9
902+
participant Client as MCP Client
903+
participant Lens as MongoDB Lens
904+
participant MongoDB as MongoDB Database
905+
end
906+
box Remote Server #ffe6cc
907+
participant LLM as Remote LLM Provider
908+
end
909+
910+
User->>Client: 1. Query request<br>"Show me all users older than 30"
911+
Client->>LLM: 2. Original request + available tools
912+
Note over LLM: Interprets request<br>Chooses appropriate tool
913+
LLM->>Client: 3. Tool selection (find-documents)
914+
Client->>Lens: 4. Run tool with parameters
915+
Lens->>MongoDB: 5. Database query
916+
MongoDB-->>Lens: 6. Query results
917+
Lens-->>Client: 7. Tool results (formatted data)
918+
Client->>LLM: 8. Tool results (raw data)
919+
Note over LLM: Processes results<br>Formats response
920+
LLM-->>Client: 9. Processed response
921+
Client-->>User: 10. Final answer
922+
```
923+
924+
1. **You sumbit a request**: e.g. _"Show me all users older than 30"_
925+
1. **Your client sends the request to the remote LLM**: The LLM provider receives your exact words, along with a list of currently available MCP tools and their parameters.
926+
1. **The remote LLM interprets your request**: It determines your intent and instructs the client to use a specific MCP tool, such as `find-documents`, with appropriate parameters.
927+
1. **The client asks MongoDB Lens to run the tool**: This occurs locally on your machine via stdio.
928+
1. **MongoDB Lens queries your MongoDB database**
929+
1. **MongoDB Lens retreves your MongoDB query results**
930+
1. **MongoDB Lens sends the data back to the client**: The client receives results formatted by MongoDB Lens.
931+
1. **The client forwards the data to the remote LLM**: The LLM provider sees the exact data returned by MongoDB Lens.
932+
1. **The remote LLM processes the data**: It may summarize or format the results further.
933+
1. **The remote LLM sends the final response to the client**: The client displays the answer to you.
934+
935+
The remote LLM provider sees both your original request and the full response from MongoDB Lens. If your database includes sensitive fields (e.g. passwords, personal details, etc), this data could be unintentionally transmitted to the remote provider unless you take precautions.
936+
937+
#### Data Flow Considerations: Protecting Sensitive Data with Projection
938+
939+
To prevent sensitive data from being sent to the remote LLM provider, use the concept of projection when using tools like `find-documents`, `aggregate-data`, or `export-data`. Projection allows you to specify which fields to include or exclude in query results, ensuring sensitive information stays local.
940+
941+
Example projection usage:
942+
943+
- _"Show me all users older than 30, but use projection to hide their passwords."_<br>
944+
<sup>➥ Uses `find-documents` tool with projection</sup>
945+
946+
#### Data Flow Considerations: Connection Aliases and Passwords
947+
948+
When adding new connection aliases using the `add-connection-alias` tool, avoid added aliases to URIs that contain passwords if you're using a remote LLM provider. Since your request is sent to the LLM, any passwords in the URI could be exposed. Instead, define aliases with passwords in the MongoDB Lens [config file](#configuration-multiple-mongodb-connections), where they remain local and are not transmitted to the LLM.
949+
950+
#### Data Flow Considerations: Local Setup for Maximum Safety
951+
952+
While outside the scope of this document, for the highest level of data privacy, consider using a local MCP client paired with a locally hosted LLM model. This approach keeps all requests and data within your local environment, eliminating the risk of sensitive information being sent to a remote provider.
953+
879954
### Data Protection: Confirmation for Destructive Operations
880955

881956
MongoDB Lens implements a token-based confirmation system for potentially destructive operations, requiring a two-step process to execute tools that may otherwise result in unchecked data loss:
@@ -923,6 +998,7 @@ docker run --rm -i --network=host --pull=always -e CONFIG_DISABLE_DESTRUCTIVE_OP
923998
- [High-Risk Tools](#high-risk-tools)
924999
- [Medium-Risk Tools](#medium-risk-tools)
9251000
- [Read-Only Configuration](#read-only-configuration)
1001+
- [Selective Component Enabling](#selective-component-enabling)
9261002

9271003
#### Disabling Tools
9281004

@@ -944,6 +1020,19 @@ MongoDB Lens includes several tools that can modify or delete data. To disable s
9441020
}
9451021
```
9461022

1023+
To disable all tools (keeping `resources` and `prompts`), set `disabled.tools` to `true`:
1024+
1025+
```json
1026+
{
1027+
"disabled": {
1028+
"tools": true
1029+
}
1030+
}
1031+
```
1032+
1033+
> [!NOTE]<br>
1034+
> Resources and prompts can also be disabled via `disabled.resources` and `disabled.prompts` settings.
1035+
9471036
#### High-Risk Tools
9481037

9491038
These tools can cause immediate data loss and should be considered for disabling in sensitive environments:
@@ -995,6 +1084,30 @@ For a complete read-only configuration, disable all potentially destructive tool
9951084

9961085
This configuration allows MongoDB Lens to query and analyze data while preventing any modifications, providing multiple layers of protection against accidental data loss.
9971086

1087+
#### Selective Component Enabling
1088+
1089+
In addition to [disabling components](#disabling-tools), specify exactly which components should be enabled (implicitly disabling all others) using the `enabled` settings in your [configuration file](#configuration-config-file):
1090+
1091+
```json
1092+
{
1093+
"enabled": {
1094+
"tools": [
1095+
"use-database",
1096+
"find-documents",
1097+
"count-documents",
1098+
"aggregate-data"
1099+
]
1100+
},
1101+
"disabled": {
1102+
"resources": true,
1103+
"prompts": true
1104+
}
1105+
}
1106+
```
1107+
1108+
> [!IMPORTANT]<br>
1109+
> If a component appears in both `enabled` and `disabled` lists, the `enabled` setting takes precedence.
1110+
9981111
## Tutorial
9991112

10001113
This following tutorial guides you through setting up a MongoDB container with sample data, then using MongoDB Lens to interact with it through natural language queries:

mongodb-lens.js

Lines changed: 25 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -300,13 +300,24 @@ const changeConnection = async (uri, validate = true) => {
300300
}
301301

302302
const isDisabled = (type, name) => {
303-
if (!config.disabled || !config.disabled[type]) return false
304-
if (config.disabled[type] === true) return true
305-
return Array.isArray(config.disabled[type]) && config.disabled[type].includes(name)
303+
if (config.enabled && config.enabled[type] !== undefined) {
304+
if (name === 'all') return config.enabled[type] === false
305+
if (Array.isArray(config.enabled[type]) && config.enabled[type].includes(name)) return false
306+
}
307+
308+
if (config.disabled && config.disabled[type] !== undefined) {
309+
if (name === 'all') return config.disabled[type] === true
310+
if (Array.isArray(config.disabled[type]) && config.disabled[type].includes(name)) return true
311+
}
312+
313+
if (config.enabled && Array.isArray(config.enabled[type]))
314+
return !config.enabled[type].includes(name)
315+
316+
return false
306317
}
307318

308319
const registerResources = (server) => {
309-
if (isDisabled('resources', true)) {
320+
if (isDisabled('resources', 'all')) {
310321
log('All MCP resources disabled via configuration', true)
311322
return
312323
}
@@ -695,7 +706,7 @@ const registerResources = (server) => {
695706
}
696707

697708
const registerPrompts = (server) => {
698-
if (isDisabled('prompts', true)) {
709+
if (isDisabled('prompts', 'all')) {
699710
log('All MCP prompts disabled via configuration', true)
700711
return
701712
}
@@ -1330,7 +1341,7 @@ const registerPrompts = (server) => {
13301341
}
13311342

13321343
const registerTools = (server) => {
1333-
if (isDisabled('tools', true)) {
1344+
if (isDisabled('tools', 'all')) {
13341345
log('All MCP tools disabled via configuration', true)
13351346
return
13361347
}
@@ -5999,9 +6010,14 @@ const defaultConfig = {
59996010
}
60006011
},
60016012
disabled: {
6002-
tools: [],
6003-
prompts: [],
6004-
resources: []
6013+
tools: undefined,
6014+
prompts: undefined,
6015+
resources: undefined
6016+
},
6017+
enabled: {
6018+
tools: undefined,
6019+
prompts: undefined,
6020+
resources: undefined
60056021
}
60066022
}
60076023

package-lock.json

Lines changed: 2 additions & 2 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"name": "mongodb-lens",
3-
"version": "9.0.2",
3+
"version": "9.1.0",
44
"author": "James Furey (https://about.me/jamesfurey)",
55
"description": "MongoDB Lens: Full Featured MCP Server for MongoDB Databases",
66
"license": "MIT",

0 commit comments

Comments
 (0)