v0.6.1
What's changed
Security
- Cap MCP request body size and guard Content-Length parsing to reject oversized payloads (#445 — closes #439)
- Refuse non-loopback MCP binds unless
--allow-remoteis explicitly set (#445 — closes #440)
Fixes
- Use
ThreadingHTTPServerfor the MCP server so concurrent client requests do not block (#445 — closes #444) - Deduplicate read/redact/error handling blocks in the MCP request handler (#445 — closes #443)
- Route MCP server lifecycle output through Rich console helpers for consistent formatting (#445 — closes #442)
Documentation
- Document the v0.6.0 MCP server and interactive PII-redaction features in README (#445 — closes #441)
Closed Issues
- #439 Cap MCP request body size and guard Content-Length parse
- #440 Refuse non-loopback MCP binds without explicit --allow-remote
- #441 Document the v0.6.0 MCP server and interactive PII-redaction features in README
- #442 Route MCP server lifecycle output through Rich console helpers
- #443 Deduplicate read/redact/error block in MCP handler
- #444 Use ThreadingHTTPServer for the MCP server
Full Changelog: v0.6.0...v0.6.1