Releases: docker/mcp-gateway
Releases · docker/mcp-gateway
v0.40.3
Fallback se:// URI generation when secrets engine is unreachable (#448) * Fallback se:// URI generation when secrets engine is unreachable When GetSecrets() fails (e.g. MSIX-sandboxed Claude Desktop on Windows cannot follow AF_UNIX reparse points to the WSL2 secrets engine socket), generate se:// URIs for all declared secrets instead of silently setting them to <UNKNOWN>. Docker Desktop resolves se:// URIs at container runtime via named pipes, which are unaffected by MSIX restrictions. Also log the GetSecrets() error instead of silently discarding it. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * Address PR feedback: handle OAuth secrets in fallback path Refactored into separate functions for clarity: - buildFallbackURIs: generates se:// URIs for all declared secrets when the secrets engine is unreachable (OAuth preferred when configured) - buildVerifiedURIs: generates se:// URIs only for secrets that exist in the store (OAuth checked first, then direct secret) - oauthMapping: shared helper for OAuth provider lookup When GetSecrets() fails (e.g. MSIX sandbox on Windows), the fallback generates URIs for everything and lets Docker Desktop resolve at runtime. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
v0.41.0
v0.40.2
Merge pull request #427 from docker/bugfix-preserve-empty-tools fix: Preserve empty tools after applying policy
v0.40.1
Add dynamic OAuth discovery for community MCP servers (#410) ## Summary - Community MCP servers from third-party registries (e.g., Kubit) require OAuth but have no `oauth.providers` metadata in their catalog entry, so the existing `IsRemoteOAuthServer()` gate prevents DCR entries from being created - Adds `RegisterProviderForDynamicDiscovery()` which probes remote servers using `DiscoverOAuthRequirements()` and creates pending DCR entries when OAuth is detected - Integrates the fallback into all three callsites: working set sync, `docker mcp server enable`, and gateway `mcpadd` - Expands the gateway OAuth condition to also match remote servers without `oauth.providers` ## Test plan - [x] `docker mcp catalog-next pull mcp/community-registry` - [x] `docker mcp profile server add default --server catalog://mcp/community-registry/com-notion-mcp` - [x] Verify DCR entry is created: `docker mcp oauth ls` - [x] Authorize the server: `docker mcp oauth authorize com-notion-mcp` - [x] Verify authorization: `docker mcp oauth ls` - [x] Revoke and re-authorize: `docker mcp oauth revoke com-notion-mcp` - [x] Verify existing servers with `oauth.providers` still work (no regression) - [x] Verify servers that don't require OAuth are not affected (probe returns no OAuth) Confirming `com-notion-mcp` from community registry successfully authorized via oauth: ``` ❯ docker mcp oauth ls ai-kubit-mcp-server | not authorized com-notion-mcp | authorized github | authorized miro-remote | not authorized ``` Confirming oauth flow for `com-notion-mcp` from community registry: ``` ❯ docker mcp oauth authorize com-notion-mcp Opening your browser for authentication. If it doesn't open automatically, please visit: ... ```
v0.40.0
Fix opencode parsing failure. (#416)
v0.39.3
Cherry-pick: Proactive OAuth token refresh for Desktop mode (#407)
v0.39.2
Fix DCR registration idempotent check. (#405)
v0.39.1
- GetTokenStatus now works in Desktop mode by reading ExpiryAt from (…
v0.39.0
Merge pull request #380 from docker/commregistry Merge support for oci packages and remotes from community registry
v0.38.0
What's Changed
- Changes to use Docker Desktop proxy by @karman-docker in #354
- Remove legacy commands with profiles FF on by @cmrigney in #356
- MCP governance policy by @saucow in #363
- fix: oauth provider registration for workingsets by @bobbyhouse in #371
- Remove client connections when a profile is removed. by @cmrigney in #372
New Contributors
- @karman-docker made their first contribution in #354
Full Changelog: v0.37.0...v0.38.0
Contributors
saucow, bobbyhouse, and 2 other contributors