Skip to content

CHANGELOG.md

Latest commit

 

History

History
803 lines (412 loc) · 36.2 KB

CHANGELOG.md

File metadata and controls

803 lines (412 loc) · 36.2 KB

3.2.0 (2026-02-17)

Features

  • harden HTTP transport security and add tool annotations (5919f9f)

3.1.0 (2026-02-17)

Features

  • modernize HTTP transport and standardize MCP tool contracts (615b373)

3.0.0 (2026-02-04)

Features

  • migrate to OIDC trusted publishing for npm (long-term solution) (b7c36e3)

BREAKING CHANGES

  • Requires one-time OIDC configuration on npmjs.com See docs/OIDC-TRUSTED-PUBLISHING-SETUP.md for complete migration guide

2.0.0 (2026-02-04)

Bug Fixes

  • disable npm publishing in semantic-release (7bef842)

Features

  • add security hardening, prompts support, and ResourceLink pattern (02a89c2)

BREAKING CHANGES

  • none Security: DNS rebinding protection, localhost binding Testing: 47 unit tests + 15 integration tests passing (100%)

1.19.0 (2026-02-04)

Security 🔒

  • security: implement DNS rebinding protection with Origin header validation (src/index.ts)

    • Validates Origin header on all HTTP requests
    • Prevents malicious websites from accessing localhost MCP server
    • Allows localhost/127.0.0.1 origins only
    • Returns 403 Forbidden for invalid origins

  • security: add explicit localhost-only binding (src/index.ts)

    • Server explicitly binds to 127.0.0.1 (not 0.0.0.0)
    • Prevents network exposure and remote attacks
    • Ensures server only accepts local connections

  • security: add comprehensive security documentation (SECURITY.md)

    • Complete threat model and mitigation strategies
    • Authentication implementation guides (Bearer, API Key, OAuth, mTLS)
    • Security checklists for dev/staging/production
    • Best practices for input validation, rate limiting, logging

  • security: publish security audit report (docs/AUDIT-2025-01-13.md)

    • Independent audit against MCP best practices
    • 70% compliance rating with clear improvement roadmap
    • All critical security gaps addressed in this release

Features ✨

  • mcp: add isError: true field to tool error responses (src/utils/error.util.ts)

    • Follows MCP best practices for error signaling
    • Enables clients to reliably detect error states
    • Maintains backward compatibility with metadata

  • mcp: add ResourceLink pattern example (src/tools/ipaddress-link.tool.ts)

    • New ip_get_details_link tool demonstrates ResourceLink pattern
    • Returns resource references instead of inline content
    • Reduces token usage for large responses
    • Shows pattern for cacheable, reusable data

  • mcp: add prompt registration support (src/prompts/analysis.prompt.ts)

    • New ip-analysis prompt generates structured IP analysis requests
    • Supports multiple focus modes (security, geolocation, network, comprehensive)
    • Demonstrates all three MCP primitives (tools, resources, prompts)
    • Provides template for AI-driven analysis workflows

  • architecture: add prompts layer to 7-layer architecture

    • Clean separation of prompt templates from tools/resources
    • Type-safe prompt argument schemas with Zod
    • Registered in index.ts alongside tools and resources

Documentation 📖

  • readme: update README with security section and new features

    • Add security badges and protection summary
    • Document ResourceLink pattern and prompt examples
    • Update architecture overview to 7 layers
    • Add references to SECURITY.md and audit report

  • docs: update project structure in README

    • Add prompts/ directory
    • Add ipaddress-link.tool.ts
    • Update layer descriptions

Testing ✅

All tests passing after security and feature additions:

  • ✅ 6 test suites, 47 tests passed
  • ✅ Build successful with TypeScript compilation
  • ✅ DNS rebinding protection tested
  • ✅ Localhost binding verified
  • ✅ New tools and prompts functional

Breaking Changes

None - All changes are backward compatible additions.

1.18.0 (2026-02-04)

Features

  • deps: modernize all dependencies to latest stable versions (#TBD)
    • Update MCP SDK from 1.23.0 to 1.25.3 (stability improvements)
    • Update Zod from 4.1.13 to 4.3.6 (major feature release)
    • Update @toon-format/toon from 2.0.1 to 2.1.0
    • Update Express from 5.1.0 to 5.2.1
    • Update Commander from 14.0.2 to 14.0.3
    • Update CORS from 2.8.5 to 2.8.6
    • Update @types/node from 24.10.1 to 24.10.10

Documentation

  • modernization: add comprehensive modernization guide (MODERNIZATION.md)

    • Document new Zod 4.3 features (z.fromJSONSchema, z.xor, z.looseRecord, .exactOptional)
    • Add MCP SDK v2 preparation guide
    • Include migration timeline and recommendations
    • Provide code examples for new features

  • readme: update README with latest versions and v2 preparation notes

Zod 4.3 New Features Available

While maintaining backward compatibility, the following new Zod features are now available:

  • z.fromJSONSchema() - Convert JSON Schema to Zod schemas
  • z.xor() - Exclusive union validation (exactly one must match)
  • z.looseRecord() - Partial record validation
  • .exactOptional() - Strict optional properties
  • .apply() - Schema composition helper
  • .with() - Readable alias for .check()
  • Type predicates on .refine()
  • z.slugify() - URL-friendly slug transformation

MCP SDK v2 Preparation

  • Confirmed compatibility with v2 patterns (no code changes needed)
  • Added v2 migration guide and timeline
  • Project already uses modern v1.x APIs (registerTool, ResourceTemplate, etc.)

Testing

All tests pass with updated dependencies:

  • ✅ 6 test suites, 47 tests passed
  • ✅ CLI functionality verified
  • ✅ HTTPS to HTTP fallback working correctly

Breaking Changes

None - This is a drop-in update maintaining full backward compatibility.

1.17.0 (2025-12-03)

Bug Fixes

  • regenerate package-lock.json to sync with package.json (aeb3d63)

Features

  • add raw response logging with truncation for large API responses (3ed7b19)

1.16.1 (2025-12-01)

Bug Fixes

  • deps: resolve security vulnerabilities in body-parser and js-yaml (abd1c08)

1.16.0 (2025-12-01)

Bug Fixes

  • regenerate package-lock.json to fix CI dependency resolution (a0225a8)

Features

  • modernize SDK usage and update dependencies (#127) (a36c9f6)

1.15.0 (2025-12-01)

Bug Fixes

  • update tests for TOON output format (6054be3)

Features

  • add TOON output format with JMESPath filtering support (#126) (2b3d8d8)

1.14.0 (2025-09-09)

Features

  • modernize dependencies and enhance testing infrastructure (#67) (a74f114)

1.13.5 (2025-08-02)

Bug Fixes

  • allow Gemini to run even if build fails to catch PR issues (c7b31b3)

1.13.4 (2025-08-02)

Bug Fixes

  • remove debug logging from Gemini workflow (6f176fe)

1.13.3 (2025-08-02)

Bug Fixes

  • add GEMINI_API_KEY to Execute Gemini CLI step env (b4a7959)

1.13.2 (2025-08-02)

Bug Fixes

  • debug GEMINI_API_KEY availability in workflow (20581bd)

1.13.1 (2025-08-02)

Bug Fixes

  • pass GEMINI_API_KEY to gemini CLI command (a9dd9d7)

1.13.0 (2025-08-02)

Bug Fixes

  • apply prettier formatting to index.ts (b416d81)

Features

  • implement Gemini CLI autonomous MCP engineer (cb632bd)

1.12.0 (2025-08-02)

Features

  • add startup logging with package name and version (cb09d0f)

1.11.4 (2025-08-02)

Bug Fixes

  • revert zod to v3.25.67 for consistency across MCP projects (6d6ed1c)

1.11.3 (2025-08-02)

Bug Fixes

  • resolve TypeScript compilation errors and improve compatibility (873c3f6)
  • resolve TypeScript/ESLint version conflict and linting issues (fa0486a)

1.11.2 (2025-06-22)

Bug Fixes

  • change default transport from HTTP to STDIO for proper MCP client integration (05027b8)

1.11.1 (2025-06-22)

Bug Fixes

1.11.0 (2025-06-22)

Features

  • add Streamable HTTP transport support alongside STDIO (aa04e01)

1.10.5 (2025-06-02)

Bug Fixes

  • replace Unix-specific chmod with cross-platform ensure-executable script (6733798)

1.10.4 (2025-06-02)

Bug Fixes

1.10.3 (2025-05-21)

Bug Fixes

  • Refactor IP address controller to accept args as a single object (acb7ea2)
  • update dependencies (02c42fa)

1.10.2 (2025-05-21)

Bug Fixes

1.10.1 (2025-05-20)

Bug Fixes

1.10.0 (2025-05-19)

Features

1.9.0 (2025-05-18)

Features

  • refactor services to use live API tests and remove timeout parameter (3c483b4)

1.8.0 (2025-05-18)

Features

  • refactor ControllerResponse to only include content field (68118c7)

1.7.0 (2025-05-17)

Features

  • improve ip_get_details tool description and CLI usability with short options (895feeb)

1.6.0 (2025-05-15)

Features

  • enhanced error handling across the application (75aa905)

1.5.10 (2025-05-14)

Bug Fixes

  • remove Dockerfile and smithery.yaml (582e9f9)

1.5.9 (2025-05-13)

Bug Fixes

1.5.8 (2025-05-07)

Performance Improvements

1.5.7 (2025-05-06)

Performance Improvements

1.5.6 (2025-05-06)

Performance Improvements

1.5.5 (2025-05-06)

Bug Fixes

  • Revert back the index.ts and package.json (74c6e08)

1.5.4 (2025-05-05)

Bug Fixes

  • improve signal handling for npx support (72634a8)

1.5.3 (2025-05-05)

Bug Fixes

  • standardize index.ts entrypoint logic and package bin (7f9aaf0)

Reverts

  • Revert "fix(test): Skip invalid IP test assertion on CI due to rate limits" (be8c766)

1.5.2 (2025-05-05)

Bug Fixes

  • Manually set version to 1.6.1 to resolve release conflict (a96c37b)
  • test: Skip invalid IP test assertion on CI due to rate limits (258d2e7)

Reverts

  • Revert "Revert "chore: Manually set version to 1.6.0 to resolve release conflict"" (e4d071e)

1.5.1 (2025-05-05)

Bug Fixes

  • Add comment to force version bump (0a24ecd)
  • Improve cross-platform compatibility for npx execution (d840c51)
  • Log package name and version on startup (b4534db)

Performance Improvements

1.5.1 (2025-05-05)

Bug Fixes

  • Add comment to force version bump (0a24ecd)
  • Improve cross-platform compatibility for npx execution (d840c51)
  • Log package name and version on startup (b4534db)

Performance Improvements

1.5.1 (2025-05-05)

Bug Fixes

  • Add comment to force version bump (0a24ecd)
  • Improve cross-platform compatibility for npx execution (d840c51)
  • Log package name and version on startup (b4534db)

Performance Improvements

1.5.1 (2025-05-05)

Bug Fixes

  • Improve cross-platform compatibility for npx execution (d840c51)
  • Log package name and version on startup (b4534db)

Performance Improvements

1.5.0 (2025-05-05)

Features

  • boilerplate: add standard pagination utils and formatPagination (cb1e004)

1.4.9 (2025-05-04)

Performance Improvements

1.4.8 (2025-05-04)

Bug Fixes

  • Refactor types using Zod and restore resources (4965bd2)

1.4.7 (2025-05-04)

Bug Fixes

  • Remove unused exports identified by ts-prune (c9fdc7d)

1.4.6 (2025-05-02)

Bug Fixes

1.4.5 (2025-05-02)

Bug Fixes

  • Remove re-exports from index.ts (5175dcf)

1.4.4 (2025-05-02)

Performance Improvements

1.4.3 (2025-05-01)

Bug Fixes

  • Align CLI options and descriptions with style guide (0f5f490)
  • align README tool example with concise description style (b8126a4)

1.4.2 (2025-05-01)

Bug Fixes

  • align ipaddress CLI descriptions with tool/schema (1eeaeeb)

1.4.1 (2025-04-30)

Performance Improvements

1.4.0 (2025-04-30)

Features

  • Support multiple keys for global config lookup (49c26f1)

1.3.5 (2025-04-25)

Bug Fixes

  • rename IP tool to 'ip_get_details' for naming consistency (fb2a5c6)
  • unify tool description for clarity and consistency (006460b)

1.3.4 (2025-04-22)

Performance Improvements

1.3.3 (2025-04-20)

Bug Fixes

  • Update dependencies and fix related type errors (dfdec0a)

1.3.2 (2025-04-09)

Bug Fixes

  • deps: update dependencies to latest versions (97baabe)

1.3.1 (2025-04-04)

Bug Fixes

  • update function references from register to registerTools and registerResources (393cff2)

1.3.0 (2025-04-03)

Features

  • logging: add file logging with session ID to ~/.mcp/data/ (0448918)

1.2.2 (2025-04-03)

Bug Fixes

  • logging: ensure consistent logger implementation across projects (253323e)

1.2.1 (2025-04-03)

Bug Fixes

  • logger: ensure consistent logger implementation across all projects (ec37c74)

1.2.0 (2025-04-03)

Features

  • boilerplate: improve version handling and module exports (faa1713)

1.1.3 (2025-03-28)

Bug Fixes

  • correct TypeScript errors in transport utility (573a7e6)

1.1.2 (2025-03-28)

Performance Improvements

  • ipaddress: enhance formatter output and optimize service implementation (f1ccdbf)

1.1.1 (2025-03-27)

Performance Improvements

  • core: refactor code structure to align with Atlassian MCP patterns (090fd56)
  • standards: align codebase with Atlassian MCP server patterns (8b8eb13)
  • tests: add CLI test infrastructure and ipaddress tests (ccee308)
  • utils: implement standardized core utilities and error handling (6c14a2f)

1.1.0 (2025-03-23)

Features

  • improve development workflow and update documentation (4458957)

1.0.3 (2025-03-23)

Bug Fixes

  • handle empty strings properly in greet function (546d3a8)

1.0.2 (2025-03-23)

Bug Fixes

  • improve error logging with IP address details (121f516)

1.0.1 (2025-03-23)

Bug Fixes

  • ensure executable permissions for bin script (395f1dc)

1.0.0 (2025-03-22)

Bug Fixes

  • add workflows permission to semantic-release workflow (de3a335)
  • improve GitHub Packages publishing with a more robust approach (fd2aec9)
  • improve GitHub Packages publishing with better error handling and debugging (db25f04)
  • improve GITHUB_OUTPUT syntax in semantic-release workflow (6f154bc)
  • improve version detection for global installations (97a95dc)
  • make publish workflow more resilient against version conflicts (ffd3705)
  • remove invalid workflows permission (c012e46)
  • remove type module to fix CommonJS compatibility (8b1f00c)
  • resolve linter errors in version detection code (5f1f33e)
  • update examples to use correct API (greet instead of sayHello) (7c062ca)
  • update release workflow to ensure correct versioning in compiled files (a365394)
  • update version display in CLI (2b7846c)

Features

  • add automated dependency management (efa1b62)
  • add CLI usage examples for both JavaScript and TypeScript (d5743b0)
  • add support for custom name in greet command (be48a05)
  • add version update script and fix version display (ec831d3)
  • implement review recommendations (a23cbc0)
  • implement testing, linting, and semantic versioning (1d7710d)
  • improve CI workflows with standardized Node.js version, caching, and dual publishing (0dc9470)
  • improve package structure and add better examples (bd66891)

Reverts

  • restore simple version handling (bd0fadf)

1.8.0 (2025-03-22)

Features

  • add CLI usage examples for both JavaScript and TypeScript (d5743b0)

1.7.2 (2025-03-22)

Bug Fixes

  • update release workflow to ensure correct versioning in compiled files (a365394)

1.7.1 (2025-03-22)

Bug Fixes

  • update examples to use correct API (greet instead of sayHello) (7c062ca)

1.7.0 (2025-03-22)

Features

  • improve package structure and add better examples (bd66891)

1.6.1 (2025-03-22)

Bug Fixes

  • improve GitHub Packages publishing with better error handling and debugging (db25f04)

1.6.0 (2025-03-22)

Features

  • add support for custom name in greet command (be48a05)

1.5.2 (2025-03-22)

Bug Fixes

  • add workflows permission to semantic-release workflow (de3a335)
  • improve GITHUB_OUTPUT syntax in semantic-release workflow (6f154bc)
  • make publish workflow more resilient against version conflicts (ffd3705)
  • remove invalid workflows permission (c012e46)

1.5.2 (2025-03-22)

Bug Fixes

  • make publish workflow more resilient against version conflicts (ffd3705)

1.5.1 (2025-03-22)

Bug Fixes

  • improve GitHub Packages publishing with a more robust approach (fd2aec9)

1.5.0 (2025-03-22)

Features

  • improve CI workflows with standardized Node.js version, caching, and dual publishing (0dc9470)