π Release Highlights
This release focuses on security hardening, proxy reliability improvements, and documentation alignment β making MCP Gateway more robust and easier to deploy.
π Security Fix
Environment variable exposure in tool response filters patched (#7208)
Tool response filters compiled without environment isolation could expose environment variables β including GITHUB_TOKEN β if a filter referenced $ENV. This release disables $ENV access in all CompileToolResponseFilter calls and aligns validation compile options with runtime behavior, eliminating a class of filter bypass. All users are encouraged to upgrade.
π Bug Fixes
Proxy no longer fails closed on unrecognized REST endpoints (#7227)
The proxy previously returned 403 for any GET endpoint not recognized by the routing table β repeatedly breaking gh CLI and agent startup when GitHub added or varied safe endpoints. The proxy now uses a three-tier model:
- Explicit metadata passthrough (known safe endpoints)
- Full DIFC pipeline for recognized data endpoints
- Passthrough with empty labels for unrecognized reads
This greatly improves compatibility with evolving GitHub API surfaces without sacrificing DIFC enforcement on known routes. See Proxy Mode docs for details.
run_containerized.sh now accepts MCP_GATEWAY_AGENT_ID (#7212)
The containerized entrypoint script previously required MCP_GATEWAY_API_KEY, but the README Quick Start and environment validation already used MCP_GATEWAY_AGENT_ID as the canonical name β causing immediate startup failure for anyone following the docs. The script now accepts MCP_GATEWAY_AGENT_ID (preferred) with graceful fallback to the deprecated MCP_GATEWAY_API_KEY.
π Documentation
Containerized deployment docs aligned with canonical env variable (#7229)
CONTRIBUTING.md and related docs now consistently describe MCP_GATEWAY_AGENT_ID as the required deployment gate variable, with MCP_GATEWAY_API_KEY called out explicitly as a deprecated alias. See Environment Variables for the full variable reference.
π Observability
DIFC reflection now has debug logging (#7173)
BuildReflectResponse now emits structured debug logs under the difc:reflect namespace β logging enforcement mode, agent registry counts, skipped agents, and response construction. Enable with DEBUG=difc:* ./awmg --config config.toml.
π³ Docker Image
The Docker image for this release is available at:
docker pull ghcr.io/github/gh-aw-mcpg:v0.3.25
# or
docker pull ghcr.io/github/gh-aw-mcpg:latest
Supported platforms: linux/amd64, linux/arm64
For complete details, see the full release notes.
Generated by Release Β· sonnet46 737.8K Β· β·
π Release Highlights
This release focuses on security hardening, proxy reliability improvements, and documentation alignment β making MCP Gateway more robust and easier to deploy.
π Security Fix
Environment variable exposure in tool response filters patched (#7208)
Tool response filters compiled without environment isolation could expose environment variables β including
GITHUB_TOKENβ if a filter referenced$ENV. This release disables$ENVaccess in allCompileToolResponseFiltercalls and aligns validation compile options with runtime behavior, eliminating a class of filter bypass. All users are encouraged to upgrade.π Bug Fixes
Proxy no longer fails closed on unrecognized REST endpoints (#7227)
The proxy previously returned
403for any GET endpoint not recognized by the routing table β repeatedly breakingghCLI and agent startup when GitHub added or varied safe endpoints. The proxy now uses a three-tier model:This greatly improves compatibility with evolving GitHub API surfaces without sacrificing DIFC enforcement on known routes. See Proxy Mode docs for details.
run_containerized.shnow acceptsMCP_GATEWAY_AGENT_ID(#7212)The containerized entrypoint script previously required
MCP_GATEWAY_API_KEY, but the README Quick Start and environment validation already usedMCP_GATEWAY_AGENT_IDas the canonical name β causing immediate startup failure for anyone following the docs. The script now acceptsMCP_GATEWAY_AGENT_ID(preferred) with graceful fallback to the deprecatedMCP_GATEWAY_API_KEY.π Documentation
Containerized deployment docs aligned with canonical env variable (#7229)
CONTRIBUTING.mdand related docs now consistently describeMCP_GATEWAY_AGENT_IDas the required deployment gate variable, withMCP_GATEWAY_API_KEYcalled out explicitly as a deprecated alias. See Environment Variables for the full variable reference.π Observability
DIFC reflection now has debug logging (#7173)
BuildReflectResponsenow emits structured debug logs under thedifc:reflectnamespace β logging enforcement mode, agent registry counts, skipped agents, and response construction. Enable withDEBUG=difc:* ./awmg --config config.toml.π³ Docker Image
The Docker image for this release is available at:
docker pull ghcr.io/github/gh-aw-mcpg:v0.3.25 # or docker pull ghcr.io/github/gh-aw-mcpg:latestSupported platforms:
linux/amd64,linux/arm64For complete details, see the full release notes.