Skip to content

v0.1.15

Latest
Latest

Choose a tag to compare

View all tags
@github-actions github-actions released this 13 Mar 19:00
· 91 commits to main since this release
v0.1.15
4e3f721
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

🌟 Release Highlights

This release focuses on write-sink guard capabilities, expanding how MCP Gateway controls data flow to backend servers β€” with simplified wildcard configuration, comprehensive scope-type support, and a notable RFC 6901 path-matching fix.

✨ What's New

  • Write-Sink Guard (#1772, #1773): A new write-sink guard type lets you control which tools can write data to backend MCP servers, enforcing data flow policies at the gateway level.
  • Wildcard Accept for Write-Sink (#1868): Configure write-sink guards with accept = ["*"] to allow all repositories β€” simplifying permissive policies without enumerating every repo.
  • Full Scope-Type Coverage for Write-Sink (#1828): Write-sink accept rules now support all repository scope types (owner-wildcard, owner/repo, and bare owner), with complete documentation and tests.

πŸ› Bug Fixes & Improvements

  • RFC 6901 Path Matching Fix (#1863): extractIndexFromPath now correctly handles JSON Pointer (/-prefixed) paths per RFC 6901, preventing silent mismatches in DIFC path label resolution.
  • WASM Guard Reliability (#1849): Corrected a malformed WASM binary and stale test expectation in guard tests, ensuring WASM-based guards compile and behave correctly.
  • Schema Updated to v0.57.2 (#1755): Configuration validation now targets the latest schema version.

πŸ“š Documentation

  • DIFC Flags & Environment Variables (#1790): README now documents all DIFC-related CLI flags and environment variables, making it easier to configure data flow control.
  • README Consistency (#1803): Resolved inconsistencies across documentation files and the README for a more reliable reference.

🐳 Docker Image

The Docker image for this release is available at:

docker pull ghcr.io/github/gh-aw-mcpg:v0.1.15
# or
docker pull ghcr.io/github/gh-aw-mcpg:latest

Supported platforms: linux/amd64, linux/arm64

For complete details, see the full release notes.

Generated by Release

What's Changed

  • added write sink by @lpcox in #1772
  • added write sink by @lpcox in #1773
  • test: add server-level tests for write-sink and allow-only guard policies by @lpcox in #1783
  • docs: add missing DIFC flags and environment variables to README by @claude in #1790
  • Refactor duplicate code patterns in logger and DIFC packages by @claude in #1791
  • Refactor duplicate code patterns in DIFC package by @claude in #1792
  • [log] Add debug logging to difc/path_labels.go by @github-actions[bot] in #1727
  • [test] Add tests for config.NormalizeGuardPolicy and guard policy helpers by @github-actions[bot] in #1728
  • [test-improver] Improve tests for tty package by @github-actions[bot] in #1742
  • πŸ”„ chore: update schema URL to v0.57.2 by @github-actions[bot] in #1755
  • [test] Add tests for mcp HTTP transport pure functions by @github-actions[bot] in #1788
  • [test-improver] Improve tests for logger/rpc_logger package by @github-actions[bot] in #1789
  • fix: remove duplicate test functions in internal/mcp by @lpcox in #1801
  • docs: Fix inconsistent documentation files and update README by @claude in #1803
  • feat: document and test write-sink accept rules for all repos scope types by @lpcox in #1828
  • [log] Add debug logging to guard_policy.go by @github-actions[bot] in #1817
  • [test] Add tests for guard.parseLabelAgentResponse by @github-actions[bot] in #1818
  • [test-improver] Improve tests for guard package: cover pure parser functions by @github-actions[bot] in #1819
  • Completing task by @claude in #1843
  • Fix context-in-struct anti-pattern and add wazero best practices by @claude in #1834
  • Refactor: extract isValidTokenString helper to eliminate duplicate validation logic by @claude in #1833
  • Remove duplicate integrity constant declarations in guard_policy.go by @claude in #1832
  • fix: correct malformed WASM binary and stale test expectation in guard tests by @lpcox in #1849
  • refactor: extract duplicate code patterns into helpers by @claude in #1855
  • [log] cmd/flags_difc: add debug logging for DIFC policy and mode resolution by @github-actions[bot] in #1856
  • Fix extractIndexFromPath RFC 6901 prefix matching and clean up test comments by @Copilot in #1863
  • [test] Add tests for difc package: getItems, AddIntegrityTags, Intersect, checkFlowHelper by @github-actions[bot] in #1860
  • feat: add wildcard accept ["*"] for write-sink guards by @lpcox in #1868
  • [test-improver] Improve tests for mcp schema package by @github-actions[bot] in #1867
  • fix: remove duplicate TestNormalizeInputSchema_NilSchema by @lpcox in #1873

Full Changelog: v0.1.14...v0.1.15

Contributors

claude and lpcox
Assets 8
Loading