Revert "Lpcox/print failed container logs"

.gitignore

@@ -57,7 +57,3 @@ scripts/rebase-github-difc.sh
 
 # Serena cache directories
 .serena/
-
-# WASM guard build artifacts
-examples/guards/*/guard.wasm
-*.wasm

AGENTS.md

@@ -364,18 +364,6 @@ DEBUG_COLORS=0 DEBUG=* ./awmg --config config.toml
 - `DEBUG_COLORS` - Control colored output (0 to disable, auto-disabled when piping)
 - `MCP_GATEWAY_LOG_DIR` - Log file directory (sets default for `--log-dir` flag, default: `/tmp/gh-aw/mcp-logs`)
 - `MCP_GATEWAY_PAYLOAD_DIR` - Large payload storage directory (sets default for `--payload-dir` flag, default: `/tmp/jq-payloads`)
-- `MCP_GATEWAY_CONFIG_EXTENSIONS` - Enable config extensions for DIFC features (sets default for `--enable-config-extensions` flag)
-- `MCP_GATEWAY_ENABLE_DIFC` - Enable DIFC enforcement (requires `MCP_GATEWAY_CONFIG_EXTENSIONS=1`)
-- `MCP_GATEWAY_DIFC_FILTER` - Enable DIFC response filtering (requires DIFC enabled)
-- `MCP_GATEWAY_SESSION_SECRECY` - Initial secrecy labels for sessions (requires config extensions)
-- `MCP_GATEWAY_SESSION_INTEGRITY` - Initial integrity labels for sessions (requires config extensions)
-
-**Config Extensions:**
-Config extensions (guards, session labels) require `--enable-config-extensions` or `MCP_GATEWAY_CONFIG_EXTENSIONS=1`.
-This gates all DIFC-related configuration including:
-- `guards` section in config
-- `gateway.session` section in config
-- `--enable-difc`, `--difc-filter`, `--session-secrecy`, `--session-integrity` flags
 
 **File Logging:**
 - Operational logs are always written to `mcp-gateway.log` in the configured log directory

Makefile

@@ -1,4 +1,4 @@
-.PHONY: build lint test test-unit test-integration test-all test-serena test-serena-gateway coverage test-ci format clean install release help agent-finished echo-guard-demo echo-guard-build echo-guard-test echo-guard-codex echo-guard-tmux
+.PHONY: build lint test test-unit test-integration test-all test-serena test-serena-gateway coverage test-ci format clean install release help agent-finished
 
 # Default target
 .DEFAULT_GOAL := help
@@ -21,15 +21,15 @@ build:
 lint:
 	@echo "Running linters..."
 	@go mod tidy
-	@go vet $$(go list ./... | grep -v '/examples/guards/')
+	@go vet ./...
 	@echo "Running gofmt check..."
-	@test -z "$$(gofmt -l $$(find . -name '*.go' -not -path './examples/guards/*'))" || (echo "The following files are not formatted:"; gofmt -l $$(find . -name '*.go' -not -path './examples/guards/*'); exit 1)
+	@test -z "$$(gofmt -l .)" || (echo "The following files are not formatted:"; gofmt -l .; exit 1)
 	@echo "Running golangci-lint..."
 	@GOPATH=$$(go env GOPATH); \
 	if [ -f "$$GOPATH/bin/golangci-lint" ]; then \
-		$$GOPATH/bin/golangci-lint run --timeout=5m --skip-dirs examples/guards || echo "⚠ Warning: golangci-lint failed (compatibility issue with Go 1.25.0). Continuing with other checks..."; \
+		$$GOPATH/bin/golangci-lint run --timeout=5m || echo "⚠ Warning: golangci-lint failed (compatibility issue with Go 1.25.0). Continuing with other checks..."; \
 	elif command -v golangci-lint >/dev/null 2>&1; then \
-		golangci-lint run --timeout=5m --skip-dirs examples/guards || echo "⚠ Warning: golangci-lint failed (compatibility issue with Go 1.25.0). Continuing with other checks..."; \
+		golangci-lint run --timeout=5m || echo "⚠ Warning: golangci-lint failed (compatibility issue with Go 1.25.0). Continuing with other checks..."; \
 	else \
 		echo "⚠ Warning: golangci-lint not found. Run 'make install' to install it."; \
 		echo "  Skipping golangci-lint checks..."; \
@@ -261,43 +261,4 @@ help:
 	@echo "  install         - Install required toolchains and dependencies"
 	@echo "  release         - Create and push a release tag (usage: make release patch|minor|major)"
 	@echo "  agent-finished  - Run format, build, lint, and all tests (for agents before completion)"
-	@echo "  echo-guard-demo - Run quick echo guard test demo (shows guard I/O)"
-	@echo "  echo-guard-codex - Start gateway with echo guard for Codex integration"
-	@echo "  echo-guard-tmux - Interactive tmux demo (gateway + instructions)"
-	@echo "  echo-guard-build - Build the echo guard WASM file"
-	@echo "  echo-guard-test - Run echo guard integration tests"
 	@echo "  help            - Display this help message"
-
-# Echo Guard Demo targets
-echo-guard-demo:
-	@echo ""
-	@echo "╔═══════════════════════════════════════════════════════════════╗"
-	@echo "║              ECHO GUARD DEMO                                  ║"
-	@echo "║  Demonstrates guard I/O for debugging guard implementations   ║"
-	@echo "╚═══════════════════════════════════════════════════════════════╝"
-	@echo ""
-	@./scripts/echo-guard-demo.sh all
-
-echo-guard-codex:
-	@echo ""
-	@echo "╔═══════════════════════════════════════════════════════════════╗"
-	@echo "║        ECHO GUARD END-TO-END DEMO WITH CODEX                  ║"
-	@echo "╚═══════════════════════════════════════════════════════════════╝"
-	@echo ""
-	@./scripts/echo-guard-demo.sh codex
-
-echo-guard-tmux:
-	@echo ""
-	@echo "╔═══════════════════════════════════════════════════════════════╗"
-	@echo "║        ECHO GUARD INTERACTIVE TMUX DEMO                       ║"
-	@echo "╚═══════════════════════════════════════════════════════════════╝"
-	@echo ""
-	@./scripts/echo-guard-demo.sh tmux
-
-echo-guard-build:
-	@echo "Building echo guard WASM..."
-	@./scripts/echo-guard-demo.sh build
-
-echo-guard-test:
-	@echo "Running echo guard tests..."
-	@go test -v -run "TestEchoGuard" ./test/integration/...

config.example.toml

@@ -104,7 +104,7 @@ args = [
 # ============================================================================
 
 # Enable Data Information Flow Control (DIFC) security model (default: false)
-# When true, enables DIFC enforcement. Sessions are auto-created from Authorization header.
+# When true, requires sys___init call before tool access
 # This is an experimental feature - keep disabled for standard MCP compatibility
 # enable_difc = false