Skip to content

v0.2.6

Choose a tag to compare

@github-actions github-actions released this 24 Mar 22:20
· 1025 commits to main since this release
80771b0

🌟 Release Highlights

This release tightens security and correctness in the GitHub MCP guard layer, with improved DIFC labeling accuracy, expanded guard coverage, and developer-experience improvements.

πŸ› Bug Fixes & Improvements

  • Correct secrecy labeling for Actions data β€” actions_get and get_job_logs now derive secrecy from repository visibility rather than using an incorrect default, ensuring private repo workflow data is handled with appropriate confidentiality labels. (#2463)
  • Five GitHub MCP guard coverage gaps closed β€” Write-operation classification, DIFC labeling, and future-proofing fixes address gaps where certain tool responses were not correctly classified or labeled by the guard layer, improving overall security posture. (#2461)

πŸ”§ Internal Improvements

  • Go module drift detection β€” A new tidy-check Makefile target and CI step detect go.mod/go.sum drift automatically, preventing dependency inconsistencies from landing in the codebase. (#2456)
  • Enhanced debug logging for stdin config β€” Additional debug logging in config/config_stdin.go makes it easier to diagnose JSON-over-stdin configuration issues. (#2464)
  • DIFC format function test coverage β€” New tests for difc.formatIntegrityLevel and difc.formatSecrecyLevel improve confidence in label formatting correctness. (#2444)
  • Rust guard code cleanup β€” Removed dead code (is_owner), cleaned up stale #[allow(dead_code)] annotations, and extracted resolve_search_scope for clarity. (#2434)

πŸ“š Documentation

  • CONTRIBUTING.md accuracy fixes β€” Corrected discrepancies around port numbers, wazero references, and the test-container-proxy target to match current project reality. (#2471)

🐳 Docker Image

The Docker image for this release is available at:

docker pull ghcr.io/github/gh-aw-mcpg:v0.2.6
# or
docker pull ghcr.io/github/gh-aw-mcpg:latest

Supported platforms: linux/amd64, linux/arm64


For complete details, see the full release notes.

Generated by Release


What's Changed

  • rust-guard: remove dead is_owner, strip stale #[allow(dead_code)] on get_nested_str, extract resolve_search_scope by @Copilot in #2434
  • [test] Add tests for difc.formatIntegrityLevel and difc.formatSecrecyLevel by @github-actions[bot] in #2444
  • [WIP] Add tidy-check Makefile target and CI step for go.mod/go.sum drift detection by @Copilot in #2456
  • fix: use repo visibility for actions_get and get_job_logs secrecy by @lpcox in #2463
  • fix(guard): close 5 GitHub MCP guard coverage gaps β€” write classification, DIFC labeling, and future-proofing by @Copilot in #2461
  • [log] Add debug logging to config/config_stdin.go by @github-actions[bot] in #2464
  • docs: fix CONTRIBUTING.md discrepancies (port, wazero, test-container-proxy) by @Copilot in #2471

Full Changelog: v0.2.5...v0.2.6