v2.1.0
This release scopes TLS relaxation to the client's own requests, hardens response parsing and artifact preflight, gates bulky tool output behind opt-in flags, adds two-phase confirmation fields for live mutations, and ships a Claude Code plugin with authoring and operations skills.
Security
VCFA_IGNORE_TLS=trueno longer disables TLS certificate verification process-wide viaNODE_TLS_REJECT_UNAUTHORIZED. TLS relaxation is now scoped to the client's own requests to the configured VCFA host through a dedicated HTTPS agent, so other HTTPS traffic in the same Node process keeps full certificate verification. The minimum supported Node.js version is now 18.17.get-configurationnow redactsSecureStringattribute values instead of returning them in plain text (VCFO-048).
Added
- Added a Claude Code plugin (
vcfa-orchestrator) and marketplace manifest under.claude-plugin/, bundling two skills inskills/:vcfa-authoring(discovery-first artifact lifecycle and package-first publishing) andvcfa-operations(running workflows and guided troubleshooting). The skills delegate to the server's existingvcfa-*prompts, resources, and tools rather than duplicating them, andnpm run validate:docsnow drift-checks the tool/prompt/resource names they reference. - Added
VroClient.close()to release the client's network resources (the TLS-relaxed dispatcher); the server now calls it during graceful shutdown. - Added a local TLS integration test that runs the client against a self-signed HTTPS server, verifying
ignoreTlscompletes a real handshake (and that strict mode still rejects) without touchingNODE_TLS_REJECT_UNAUTHORIZED. - Added optional two-phase confirmation fields to high-risk live mutation tools: when expected target fields such as
expectedName,expectedCategoryId/expectedCategoryName,expectedPackageName,expectedWorkflowName/expectedInputNames, orexpectedDeploymentName/expectedActionNameare supplied, the handler performs read-only discovery first and refuses to mutate if the live target does not match. Omitted fields keep existingconfirm: truebehavior unchanged. - Workflow tools now return
structuredContent(structured workflow, execution, and execution-log shapes) alongside their text output.
Changed
get-template,get-action, andget-subscriptionnow summarize bulky content (blueprint YAML, action script, constraints JSON) as a sha256 + length line by default, consistent with context-snapshot redaction; the newincludeContent,includeScript, andincludeConstraintsflags restore the full output (VCFO-055).- Tools that overwrite or delete live state — import, update, run, and delete tools, plus
rebuild-project-package— now advertisedestructiveHint: truein their MCP annotations so hosts can require heightened approval; additive creates andadd-*-to-project-packagetools do not (VCFO-051).
Fixed
run-workflownow validates and type-normalizes caller-supplied inputs through the same shared preamble asrun-workflow-and-waitinstead of POSTing them to the live workflow unvalidated; the two handlers' drifted input schemas (inputs[].typerequired in one, optional in the other) are reconciled (VCFO-047).- Query parameter values containing
$or~are no longer un-encoded by the pagination query serializer; the literal-$exemption now applies only to OData system query keys such as$filterand$search(VCFO-050). - Empty-body 2xx responses with a
Locationheader no longer masquerade as a running workflow execution for non-execution endpoints; the synthetic{ id, state: "running" }shape is now scoped to the explicit workflow-execution start path (startExecution), and generic empty 2xx responses return{}(VCFO-052). - A 2xx response with a non-JSON body (for example an HTML error page from a load balancer or SSO interstitial) now throws a sanitized, contextualized error naming the method, path, and correlation ID instead of a bare
SyntaxError: Unexpected token(VCFO-053). - List results that stop at the pagination request cap now carry a
truncatedflag instead of silently returning partial data with the server's full total; list tools append a visible truncation warning and context snapshots record a per-domain warning (VCFO-054). - Artifact preflight now rejects
input_form_entries that are not UTF-16BE (the documented contract) instead of silently accepting UTF-16LE, decodes UTF-16 entries fatally so corrupt bytes fail instead of passing as U+FFFD mojibake, and reports XML-looking.action/.vsoconfarchive entries with invalid byte sequences instead of skipping them (VCFO-056).