v0.3.6

What's Changed

• [test] Add tests for sys.CheckPortMapping, CheckStdinInteractive, CheckLogDirMounted success paths by @github-actions[bot] in #5077
• [test-improver] Improve tests for config tracing package by @github-actions[bot] in #5076
• [log] Add debug logging to difc/labels.go by @github-actions[bot] in #5069
• perf(rust-guard): eliminate redundant clones in extract_mcp_response and first_matching_scope by @Copilot in #5103
• Deduplicate MCP_GATEWAY_SESSION_TIMEOUT env-var lookup into shared getSessionTimeout() by @Copilot in #5100
• refactor(tests): adopt idiomatic testify assertion methods across test suite by @Copilot in #5102
• refactor: inline generateRandomID, delegate truncation to strutil, move loadEnvFile to envutil by @Copilot in #5104
• refactor(server): extract buildMCPHandler to deduplicate handler construction by @Copilot in #5101
• fix: increase integration test timeouts for Docker image pulls in CI by @lpcox in #5118

Full Changelog: v0.3.5...v0.3.6

v0.3.4

What's Changed

• Add built-in promotion and demotion labels to GitHub guard by @Copilot in #4899
• [Repo Assist] fix(config): add promotion-label and demotion-label fields to AllowOnlyPolicy by @github-actions[bot] in #4928
• [log] middleware: add debug logging calls to jqschema by @github-actions[bot] in #4912
• [test-improver] Improve tests for logger/sanitize package by @github-actions[bot] in #4921
• [test] Add tests for proxy.forwardToGitHub auth header handling by @github-actions[bot] in #4922
• config: add promotion-label/demotion-label to Go AllowOnlyPolicy by @Copilot in #4942
• config: document SetStrict tradeoff and add parse error position logging by @Copilot in #4946
• rust-guard/tools.rs: add BLOCKED_TOOLS const and predicate test coverage by @Copilot in #4943
• refactor(guard): extract validateIntegrityField to eliminate triplicated switch blocks by @Copilot in #4944
• refactor(guard): extract validateStringArray to eliminate duplicated array validation by @Copilot in #4945
• fix: add session auto-init middleware for Gemini CLI v0.37.x MCP compatibility by @Copilot in #4957
• feat: MCP_GATEWAY_TOOL_TIMEOUT env var + minimum 10s bound for toolTimeout (no upper limit) by @Copilot in #4967
• fix: remove ResponseHeaderTimeout cap on HTTP backend tools/call by @lpcox in #4972
• [test] Add tests for guard.validateStringArray and guard.validateIntegrityField by @github-actions[bot] in #4992
• [log] log: add debug logging to fixSchemaBytes in validation_schema.go by @github-actions[bot] in #4986
• [test-improver] Improve tests for config/rules package by @github-actions[bot] in #4991
• [Repo Assist] test(launcher): add tests for clearServerForRestart and getServerConfig by @github-actions[bot] in #4998
• refactor: deduplicate nonce eviction loop and middleware guard pattern by @Copilot in #5005
• refactor: relocate misplaced functions to their natural homes by @Copilot in #5006
• [log] Add debug logging to unified server key functions by @github-actions[bot] in #5031
• [test-improver] Improve tests for tracing package by @github-actions[bot] in #5033
• [test] Add tests for middleware.inferSchema, savePayload, and WrapToolHandler by @github-actions[bot] in #5034
• [Repo Assist] perf(mcp): eliminate marshal/unmarshal round-trip in ConvertToCallToolResult by @github-actions[bot] in #5041
• [Repo Assist] refactor(strutil): move formatResetAt to strutil.FormatResetAt by @github-actions[bot] in #5042

Full Changelog: v0.3.3...v0.3.4

v0.3.3

v0.3.3

Highlights

🐛 Bug Fixes

• Routed mode session timeout — Replace hardcoded 30-min timeout with configurable MCP_GATEWAY_SESSION_TIMEOUT (6h default), fixing "session not found" errors in long-running agentic workflows (#4849)
• Auth error handling — Gracefully handle authentication errors in the MCP Gateway Log Analyzer (#4878)

⚡ Tracing Improvements

• HTTP response status on spans — Record HTTP status codes on OTel spans, sanitize error recording, bump semconv to v1.27.0 (#4879)

♻️ Refactors

• Rust guard constants — Add scope_names constants to replace bare string literals (#4857)
• Logger cleanup — Replace manual logger close calls in postRun with CloseAllLoggers() (#4881)

🧪 Tests

• Guard buildStrictLabelAgentPayload test coverage (#4853)
• Server shutdown test improvements (#4852)

📖 Docs & Logging

• Document intentional Log-Level Quad-Function Pattern as stable API (#4880)
• Add debug logging to guard/wasm_payload.go policy validation (#4841)

Full Changelog

9 merged PRs since v0.3.2 — see commit history for details.

v0.3.2

v0.3.2

Highlights

🐛 Bug Fixes

• ARC/DinD runner support — DOCKER_HOST propagation, TCP socket detection, and Kubernetes cgroup container ID detection (#4814)
• Data race fix in argument validation canary test using atomic.Bool (#4811)
• Middleware logging — correct chmod label, init-time jq compile error visibility (#4809)

⚡ Performance

• Native Go walk_schema — replaced recursive jq-based schema walker with a native Go implementation, improving throughput and eliminating CGo overhead (#4750)
• Eliminate os.Stat syscall and json.Marshal in the large-payload middleware hot path (#4788)

♻️ Refactors

• Split large monolithic files into focused modules based on semantic clustering analysis (#4813)
• Deduplicate guard init pipeline, DIFC component fields, and HTTP error helpers (#4740)
• Promote MarshalAndSanitize to the sanitize package for reuse (#4742)
• Extract copySchemaWithKey helper to eliminate duplicate code in NormalizeInputSchema (#4810)
• Rust guard cleanup — eliminate duplicate trim_matches/to_ascii_lowercase allocations, extract apply_post_integrity_adjustments helper, const TRUSTED_FIRST_PARTY_BOTS array (#4812, #4741)

🧪 Tests

• Circuit breaker integration tests for callBackendTool (#4781)
• Pagination package coverage for paginateAll and listMCPItems (#4780)
• Proxy edge-case tests for injectIntoFragment and findParentField (#4720)
• Middleware WrapToolHandler coverage improvements (#4719)
• Rust guard: mixed-case and edge-case tests for integrity helpers and search query parsing
• RandomHexWithFallback tests and jqschema.go simplification (#4729)

📖 Docs & Logging

• Document mTLS & HMAC request signing env vars across developer-facing references (#4739)
• Add debug logging to proxy/response_transform.go (#4710)
• Replace standard log calls with logHealth in health_monitor.go (#4772)

Full Changelog

18 merged PRs since v0.3.1 — see commit history for details.

v0.3.1

What's Changed

• fix: remove make-immutable job from release workflow by @lpcox in #4455
• [log] Add debug logging to difc/pipeline_decisions by @github-actions[bot] in #4457
• 🔄 chore: update schema URL to v0.71.0 by @github-actions[bot] in #4469
• [test-improver] Improve tests for cmd/flags_difc by @github-actions[bot] in #4465
• [test] Add tests for server.buildCircuitBreakers and server.getCircuitBreaker by @github-actions[bot] in #4466
• refactor(config): clean up BurntSushi/toml usage in LoadFromFile by @Copilot in #4483
• refactor(cmd): extract validateDIFCModeFlag to eliminate duplicate validation logic by @Copilot in #4496
• refactor: extract ApplyGitHubAPIHeaders to eliminate duplicate GitHub API header setup by @Copilot in #4499
• Extract ApplyLabelAgentResult helper to eliminate LabelAgent result processing duplication by @Copilot in #4495
• refactor: extract ParseCollaboratorPermissionArgs to eliminate cross-package duplication by @Copilot in #4497
• refactor: extract difc.NewComponents to deduplicate DIFC initialization by @Copilot in #4498
• Add smoke-long-session workflow to validate MCPG timeout robustness by @Copilot in #4512
• fix(tests): replace Nil/NotNil with NoError/Error for error assertions by @Copilot in #4518
• Semantic refactoring: eliminate code duplication and fix misplaced functions (8 findings) by @Copilot in #4516
• rust-guard: move items_path into Option instead of cloning + test extract_items_array by @Copilot in #4517
• 🔄 chore: update schema URL to v0.71.1 by @github-actions[bot] in #4549
• [test-improver] Improve tests for difc evaluator package by @github-actions[bot] in #4545
• [test] Add tests for server.getStringField, extractAuthorLogin, extractNumberField by @github-actions[bot] in #4546
• [Repo Assist] refactor(launcher): extract getServerConfig helper by @github-actions[bot] in #4550
• [log] Add debug logging to HTTP transport functions by @github-actions[bot] in #4539
• [log] Add debug logging to circuit breaker by @github-actions[bot] in #4582
• [Repo Assist] fix(mcp): remove duplicate debug log statements in HTTP transport by @github-actions[bot] in #4592
• Remove duplicate "Attempting transport" log messages from connection.go by @Copilot in #4605
• [test-improver] Improve tests for sys/docker package by @github-actions[bot] in #4587
• refactor: move format helpers to labels.go and SessionSuffix to logger package by @Copilot in #4602
• fix(guard): add missing unit test for actions_list DIFC labeling by @Copilot in #4603
• Fix duplicate HTTP request/response log statements between sendHTTPRequest and executeHTTPRequest by @Copilot in #4606
• Introduce loggerFactory[T] to bundle logger setup/error-handler pairs by @Copilot in #4604
• feat: add smoke-otel-tracing workflow for OTel/OTLP/Sentry validation by @lpcox in #4626
• docs: reconcile AGENTS.md, config.example.toml, and CONTRIBUTING.md with implementation by @Copilot in #4638
• [Repo Assist] perf(rust-guard): eliminate heap allocs in extract_items_array and policy_scope_token by @github-actions[bot] in #4654
• [log] Add debug logging to guard/guard.go by @github-actions[bot] in #4639
• [test-improver] Improve tests for difc package by @github-actions[bot] in #4647
• [test] Add tests for proxy graphql functions (MatchGraphQL, extractOwnerRepo, extractSearchQuery, IsGraphQLPath) by @github-actions[bot] in #4648
• ASI-07: Add mTLS and HMAC request signing for agent↔gateway communication by @Copilot in #4679
• refactor: split oversized files by responsibility (mcp/connection, proxy/handler, httputil) by @Copilot in #4701
• fix(guard): wazero improvements — shutdown cache cleanup, operational log routing, ReadUint32Le by @Copilot in #4700
• Eliminate dual-logging and extract logger initialization fallback helper by @Copilot in #4699
• fix(integrity-filtering-audit): allow Azure Blob Storage, surface DIFC counts in summary, classify rate-limit failures by @Copilot in #4696

Full Changelog: v0.3.0...v0.3.1

v0.3.0

🌟 Release Highlights

MCP Gateway v0.3.0 brings a significant DIFC security change, improved HTTP MCP server support, and better agent observability.

🔒 Security & DIFC

• author_association: NONE now maps to unapproved integrity (#4430): GitHub's NONE association means "no association with the repo" — it does not imply the user is established. Previously mapped to the lowest none level (same as brand-new accounts), NONE now correctly maps to unapproved alongside CONTRIBUTOR and FIRST_TIME_CONTRIBUTOR. Only FIRST_TIMER (never committed to GitHub) remains at none. Documentation updated with rationale and links to GitHub API definitions.

• DIFC filtering metadata for agents (#4427): Tool responses now include metadata that lets agents distinguish between "no results found" and "results were filtered by DIFC policy", improving agent decision-making when operating under security constraints.

🐛 Bug Fixes

• Fix HTTP MCP server startup failures (#4428): Disabled standalone SSE stream in the streamable HTTP transport, resolving startup failures when connecting to HTTP-based MCP backend servers.

• Fix flag completion registration (#4413): Shell completions for --config, --log-dir, --payload-dir, and --env flags now work correctly (switched from MarkFlagFilename to RegisterFlagCompletionFunc).

✨ Improvements

• Cobra CLI UX improvements (#4395, #4414): Added NoArgs enforcement, Example fields, AddGroup for organized help output, and improved command comments.

• Rust guard performance (#4394): Eliminated ctx.clone() overhead and switched to &'static str in NormalizedPolicy for reduced allocations.

• Deduplicated MCP text envelope construction (#4352): Shared helper eliminates duplicate raw MCP response envelope building.

• Extracted LogAndWrapCollaboratorPermission helper (#4412): Removes duplicated parse/log/wrap logic for collaborator permission handling in the Rust guard.

• Removed write-only owner-type cache (#4339): Simplified get_issue_author_association by removing unused cache code.

📚 Documentation & Testing

• Updated CONTRIBUTING.md to reflect actual make test-all behavior (#4346)
• Added debug logging to HTTP utility functions (#4324)
• New tests for proxy.initGuardPolicy (#4333), logger/rpc_formatter (#4332), httputil (#4383), JSONLLogger.logEntry (#4384)
• Schema URL updated to v0.69.3 (#4387)

🔧 Infrastructure

• Upgraded all 31 workflows to gh-aw v0.71.0 (#4443): Migrated features.cli-proxy → tools.github.mode: gh-proxy, bumped action versions.
• Release immutability support (#4410): Release workflow now includes a make-immutable job.

---

Full Changelog: v0.2.30...v0.3.0

v0.2.30

🌟 Release Highlights

This release strengthens MCP Gateway's reliability and security posture with hardened pagination safety, cleaner DIFC enforcement architecture, and more explicit guard label rules for sensitive GitHub operations.

🔒 Security & DIFC Improvements

• Explicit DIFC label rules for high-impact operations (#4300): Notification writes and repository create/fork operations now have explicit label rules in the Rust guard, eliminating ambiguity around inherited caller-provided DIFC labels via fallback behavior. This ensures high-sensitivity mutating operations are consistently and predictably labeled.

🛡️ Reliability Improvements

• Hardened MCP pagination against cursor cycles (#4302): The MCP pagination engine now fails fast when a backend repeats a cursor, preventing infinite loops caused by misbehaving upstream servers. Go-SDK registration canaries were also added to catch upgrade-sensitive tool registration behavior early.

🧹 Code Quality

• Refactored DIFC pipeline and logger level wrappers (#4301): Duplicated DIFC enforcement logic shared between unified MCP tool calls and proxy REST handling has been extracted into shared helpers, reducing maintenance burden and the risk of behavioral divergence between code paths.

🔧 Internal

• Workflow toolchain upgrade to gh-aw v0.69.2 (#4297): All 31 agentic workflows recompiled against the latest gh-aw compiler release.

🐳 Docker Image

The Docker image for this release is available at:

docker pull ghcr.io/github/gh-aw-mcpg:v0.2.30
# or
docker pull ghcr.io/github/gh-aw-mcpg:latest

Supported platforms: linux/amd64, linux/arm64

---

For complete details, see the full release notes.

Generated by Release · ● 180.3K

---

What's Changed

• chore: upgrade and recompile all workflows to gh-aw v0.69.2 by @lpcox in #4297
• Harden MCP pagination against cursor cycles and add go-sdk registration canaries by @Copilot in #4302
• Refactor duplicated DIFC pipeline decisions and logger level wrappers by @Copilot in #4301
• Guard DIFC: add explicit label rules for notification writes and repository create/fork operations by @Copilot in #4300

Full Changelog: v0.2.29...v0.2.30

v0.2.29

🐛 Release Highlights

This is a targeted fix release that resolves a guard compilation issue, ensuring the release pipeline proceeds cleanly.

🐛 Bug Fixes

• Guard cleanup — Removed unused org-ownership functions in the GitHub guard that were blocking the release build. No behavioral changes; this is a clean-up fix with no impact on existing guard policies or configurations.

🐳 Docker Image

The Docker image for this release is available at:

docker pull ghcr.io/github/gh-aw-mcpg:v0.2.29
# or
docker pull ghcr.io/github/gh-aw-mcpg:latest

Supported platforms: linux/amd64, linux/arm64

---

For complete details, see the full release notes.

Generated by Release · ● 178.8K

---

What's Changed

• fix(guard): remove unused org-ownership functions blocking release by @lpcox in #4290

Full Changelog: v0.2.28...v0.2.29

v0.2.28

What's Changed

• Guard: ignore stale maintainer reactions when content is edited after endorsement by @Copilot in #4228
• [log] oidc: add debug logging to provider.go by @github-actions[bot] in #4246
• [test-improver] Improve tests for mcp tool_result package by @github-actions[bot] in #4254
• Harden CLI proxy GraphQL path handling with explicit /api/graphql regression coverage by @Copilot in #4278
• [Repo Assist] refactor(rust-guard): extract is_any_trusted_actor helper and collapse URL fallback loop by @github-actions[bot] in #4260
• [gateway] Correct commit integrity elevation for personal repos on non-default refs by @Copilot in #4283

Full Changelog: v0.2.26...v0.2.28

v0.2.27

What's Changed

• Guard: ignore stale maintainer reactions when content is edited after endorsement by @Copilot in #4228
• [log] oidc: add debug logging to provider.go by @github-actions[bot] in #4246
• [test-improver] Improve tests for mcp tool_result package by @github-actions[bot] in #4254
• Harden CLI proxy GraphQL path handling with explicit /api/graphql regression coverage by @Copilot in #4278
• [Repo Assist] refactor(rust-guard): extract is_any_trusted_actor helper and collapse URL fallback loop by @github-actions[bot] in #4260
• [gateway] Correct commit integrity elevation for personal repos on non-default refs by @Copilot in #4283

Full Changelog: v0.2.26...v0.2.27