·
4 commits
to main
since this release
π Toolhive v0.29.3 is live!
A small maintenance release that makes ToolHive's unauthenticated proxy default visible β surfacing it in logs and docs in response to GHSA-hfrv-94x5-85p2 β alongside internal release-tooling automation. No breaking changes and no behavioral changes to existing deployments.
π Bug Fixes
- An
MCPServer,MCPRemoteProxy, standalone CLI, or vMCP running withoutOIDCConfigRef(or any other auth source) now emits aWarn-level log stating that every request is forwarded under a synthetic local-user identity with no credential check, and the README/CRD docs are corrected to describe identity enforcement as conditional on configuring an authentication source β the unauthenticated default itself is unchanged (#5488)
π§Ή Misc
- Release notes generation and the Slack release announcement are now automated in CI when a release is published, keeping a maintainer in the loop via review-then-publish (#5487)
π¦ Dependencies
| Module | Version |
|---|---|
github.com/stacklok/toolhive-catalog |
v0.20260610.0 |
Full commit log
What's Changed
- Update module github.com/stacklok/toolhive-catalog to v0.20260610.0 by @renovate[bot] in #5485
- Automate release notes generation and Slack announce by @reyortiz3 in #5487
- Surface unauthenticated proxy default in logs and docs by @ChrisJBurns in #5488
- Release v0.29.3 by @toolhive-release-app[bot] in #5489
Full Changelog: v0.29.2...v0.29.3
π Full changelog: v0.29.2...v0.29.3
What's Changed
- Update module github.com/stacklok/toolhive-catalog to v0.20260610.0 by @renovate[bot] in #5485
- Automate release notes generation and Slack announce by @reyortiz3 in #5487
- Surface unauthenticated proxy default in logs and docs by @ChrisJBurns in #5488
- Release v0.29.3 by @toolhive-release-app[bot] in #5489
Full Changelog: v0.29.2...v0.29.3
Contributors
renovate, ChrisJBurns, and reyortiz3