Skip to content

v2.1.1 — ChatGPT Desktop MCP Integration + Security Hardening

Choose a tag to compare

@gregdigittal gregdigittal released this 11 Jul 16:15

What's new in v2.1.1

ChatGPT Desktop macOS MCP Integration (E-66)

  • Connect ChatGPT Desktop for macOS to DepthFusion's MCP server via the existing SSE transport at https://mcp.tonracein.com
  • One-step install script: curl -s https://raw.githubusercontent.com/gregdigittal/depthfusion/main/docs/chatgpt-install.sh | python3
  • All 30 MCP tools available; 19 are immediately useful in a chat context
  • Full setup guide: docs/chatgpt-mcp-setup.md

Security Hardening

  • Path confinement on set_memory_score and pin_discovery tools — external callers (e.g. ChatGPT) cannot write to arbitrary server paths; restricted to ~/.claude/shared/discoveries/
  • Timing-safe Bearer token comparison via secrets.compare_digest in both http_server.py and api/auth.py (prevents token prefix leakage via short-circuit equality)
  • Token rotation after prior token was committed to public repo; install script now uses getpass (no hardcoded secrets)

Server URL update

  • Default server URL updated to https://mcp.tonracein.com (port 7301 locally, nginx-proxied)
  • Tauri desktop app settings updated accordingly

Planning artifacts

  • docs/Account_synch/ directory added with architecture/build planning documents

Full changelog: CHANGELOG.md