From c03b1c5748ef13cedcddafd22c5abf9b41491d60 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sat, 23 May 2026 17:00:22 +0000 Subject: [PATCH 1/2] Initial plan From 80ecfdc163644a5242ef3eab49759281f9bf496e Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sat, 23 May 2026 17:08:07 +0000 Subject: [PATCH 2/2] docs: update release highlights for v0.3.18 --- docs/RELEASE_NOTES.md | 34 ++++++++++++++-------------------- 1 file changed, 14 insertions(+), 20 deletions(-) diff --git a/docs/RELEASE_NOTES.md b/docs/RELEASE_NOTES.md index 42ec1f7cc..5f8451daa 100644 --- a/docs/RELEASE_NOTES.md +++ b/docs/RELEASE_NOTES.md @@ -1,37 +1,31 @@ # Release Notes -## v0.3.6 +## v0.3.18 -This is a quality-focused maintenance release for MCP Gateway v0.3.6, emphasizing code reliability, performance improvements, and test coverage across the codebase. +This release focuses on **hardening the WASM guard subsystem**, improving code quality through targeted refactoring, and expanding test coverage for the Rust guard and collaborator permission packages. -### โšก Performance Improvements +### โœจ What's New -- **Faster Rust guard processing**: Eliminated redundant clones in `extract_mcp_response` and `first_matching_scope`, reducing memory allocation overhead in guard evaluation ([#5103](https://github.com/github/gh-aw-mcpg/pull/5103)) +- **WASM guard robustness** ([#6290](https://github.com/github/gh-aw-mcpg/pull/6290), [#6296](https://github.com/github/gh-aw-mcpg/pull/6296)): The wazero-based guard runtime now handles oversized `call_backend` responses via a size-hint protocol, uses larger I/O buffers, improves cache reconfiguration locking, and adds fallback-path coverage โ€” making guard execution more reliable under high-load and edge-case conditions. +- **DIFC flags module** ([#6243](https://github.com/github/gh-aw-mcpg/pull/6243)): Guard policy override logic has been refactored into a dedicated DIFC flags module, improving maintainability and consistency of security policy enforcement. -### ๐Ÿ”ง Reliability & Code Quality +### ๐Ÿ› Bug Fixes & Improvements -- **Unified session timeout handling**: `MCP_GATEWAY_SESSION_TIMEOUT` lookup is now deduplicated into a shared `getSessionTimeout()` helper, ensuring consistent behavior across routed and unified server modes ([#5100](https://github.com/github/gh-aw-mcpg/pull/5100)) -- **Cleaner server handler construction**: Extracted `buildMCPHandler` to eliminate duplicated handler setup logic across server modes ([#5101](https://github.com/github/gh-aw-mcpg/pull/5101)) -- **Streamlined utilities**: `generateRandomID` inlined, truncation delegated to `strutil`, and `loadEnvFile` moved to `envutil` โ€” reducing coupling and improving reuse ([#5104](https://github.com/github/gh-aw-mcpg/pull/5104)) -- **Fixed Rust guard compile error**: Resolved unused import error in `labels/mod.rs` that could prevent guard compilation ([#5089](https://github.com/github/gh-aw-mcpg/pull/5089)) +- **Config map expansion** ([#6289](https://github.com/github/gh-aw-mcpg/pull/6289)): Stdin config map expansion no longer duplicates environment/header logic, reducing the risk of subtle configuration drift. +- **Flag/env override helper** ([#6288](https://github.com/github/gh-aw-mcpg/pull/6288)): A shared `applyFlagOrEnv` helper eliminates duplicated flag-override patterns across CLI commands. -### ๐Ÿงช Test Coverage +### ๐Ÿ”ฌ Testing & Reliability -- **Improved CI reliability**: Integration test timeouts increased for Docker image pulls, reducing flaky test failures in CI environments ([#5118](https://github.com/github/gh-aw-mcpg/pull/5118)) -- **Expanded sys package tests**: Added success-path coverage for `CheckPortMapping`, `CheckStdinInteractive`, and `CheckLogDirMounted` ([#5077](https://github.com/github/gh-aw-mcpg/pull/5077)) -- **Tracing config tests**: Improved test coverage for the config tracing package ([#5076](https://github.com/github/gh-aw-mcpg/pull/5076)) -- **Idiomatic testify usage**: Refactored assertions across the test suite to use specific testify methods for clearer failure messages ([#5102](https://github.com/github/gh-aw-mcpg/pull/5102)) - -### ๐Ÿ“š Debug Observability - -- **DIFC label debug logging**: Added structured debug logging to `difc/labels.go` to improve traceability of label evaluation during development and troubleshooting ([#5069](https://github.com/github/gh-aw-mcpg/pull/5069)) +- Expanded Rust guard test coverage for GraphQL node paths and GitHub URL repo extraction ([#6284](https://github.com/github/gh-aw-mcpg/pull/6284), [#6291](https://github.com/github/gh-aw-mcpg/pull/6291)). +- Improved unit tests for the MCP collaborator permission package ([#6249](https://github.com/github/gh-aw-mcpg/pull/6249)). +- Added debug logging to `proxy/graphql_rewrite.go` for easier diagnostics ([#6248](https://github.com/github/gh-aw-mcpg/pull/6248)). ### ๐Ÿณ Docker Image The Docker image for this release is available at: ```bash -docker pull ghcr.io/github/gh-aw-mcpg:v0.3.6 +docker pull ghcr.io/github/gh-aw-mcpg:v0.3.18 # or docker pull ghcr.io/github/gh-aw-mcpg:latest ``` @@ -40,4 +34,4 @@ Supported platforms: `linux/amd64`, `linux/arm64` --- -For complete details, see the [full release notes](https://github.com/github/gh-aw-mcpg/releases/tag/v0.3.6). +For complete details, see the [full release notes](https://github.com/github/gh-aw-mcpg/releases/tag/v0.3.18).