Skip to content

v0.1.10: Untrusted-summary framing, empty-case enrichment, batch error-row version

Choose a tag to compare

@cyanheads cyanheads released this 11 Jul 16:28
v0.1.10
22ae5b9

Untrusted-summary framing, empty-case enrichment, batch error-row version

Frames untrusted OSV advisory text, adds enrichment for empty/edge-case query results, and picks up mcp-ts-core ^0.10.14 plus supply-chain hardening.

Added:

  • osv_query_package / osv_query_batch — optional enrichment.notice + enrichment.effectiveQuery on empty/all-clean/all-errors paths (#9)

Changed:

  • osv_query_batchcontent[] error rows now include the queried version (#5)

Security:

  • osv_query_package, osv_query_batch, osv_get_vulnerability — advisory summary text wrapped in <advisory_summary> boundaries against prompt injection (#11)

Dependency bumps:

  • @cyanheads/mcp-ts-core ^0.10.10 → ^0.10.14
  • @biomejs/biome ^2.5.1 → ^2.5.3
  • @types/node ^26.0.1 → ^26.1.1
  • tsc-alias ^1.8.17 → ^1.9.0
  • vitest ^4.1.9 → ^4.1.10
  • Added @socketsecurity/bun-security-scanner ^1.1.2 as the install-time scanner

62 tests pass; bun run devcheck clean.

CHANGELOG v0.1.10