Skip to content

v0.1.6

Choose a tag to compare

@github-actions github-actions released this 21 May 16:42

Security

This release fixes a path traversal vulnerability (CWE-22, CVSS 8.1 High) affecting all prior versions. Crafted filename or folder arguments to the vault tools could read, write, or delete files outside the configured vault root. Symlinks inside the vault pointing outside it were also followed.

Users of obsidian-mcp-rs should upgrade immediately.

See GHSA-qcqq-h5q6-69qq for the full advisory; a CVE ID will be assigned by MITRE shortly.

Reported by Luca King — thank you.

What's new

Security

  • Path traversal in vault tools (CWE-22) — every path argument (filename, folder, search_path) now goes through a safe_join helper that canonicalizes the deepest existing ancestor and rejects anything outside the canonicalized vault root. Absolute paths in filename / folder are rejected outright. Symlink escapes (a symlink inside the vault pointing outside it) are also blocked.

Added

  • install / uninstall / list support for 12 additional MCP clients:
    Windsurf, VS Code (Copilot), Gemini CLI, Antigravity, Cline, Kiro,
    LM Studio, Factory, Amp, opencode, Codex CLI, Goose
  • TOML and YAML config writers (Codex config.toml, Goose config.yaml)

Changed

  • logs subcommand now colorizes output (ERROR red, WARN yellow, DEBUG/TRACE dim)

Upgrade

# npm / npx users
npx -y obsidian-mcp-rs@0.1.6 --version

# cargo users
cargo install obsidian-mcp-rs --version 0.1.6 --force

Full Changelog: v0.1.5...v0.1.6