Skip to content

mcp-data-platform-v0.15.1

Choose a tag to compare

View all tags
@github-actions github-actions released this 09 Feb 06:09
· 381 commits to main since this release
v0.15.1
8d246cf
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

OAuth refresh tokens and authorization codes now persist across server restarts. Previously, the OAuth server used in-memory storage, so every restart invalidated all active tokens and forced clients (including Claude) to disconnect and re-authenticate. The platform now automatically uses PostgreSQL storage when database.dsn is configured, with a background cleanup routine for expired tokens.

OAuth PostgreSQL Storage

What changed

pkg/platform/platform.go:initOAuth() now selects the storage backend based on whether a database connection is available:

  • Database configured (database.dsn set): Uses pkg/oauth/postgres/store.go backed by the existing oauth_clients, oauth_authorization_codes, and oauth_refresh_tokens tables from migration 000001. Starts a cleanup goroutine (1-minute interval) for expired codes and tokens. Properly shut down via platform.Close().
  • No database: Falls back to oauth.MemoryStorage (identical to pre-v0.15.1 behavior).

New package: pkg/oauth/postgres/

PostgreSQL implementation of oauth.Storage with:

  • Full CRUD for clients, authorization codes, and refresh tokens
  • StartCleanupRoutine(interval) / Close() lifecycle using cancel+done channel pattern
  • Soft-delete for clients (active = false)
  • 86.1% test coverage via go-sqlmock

No migration required

The three OAuth tables already exist from migration 000001. They were previously created but never used (the in-memory store was hardcoded). No schema changes needed.

Vaporware Detection Tests

Two new tests in pkg/database/migrate/migrate_unit_test.go prevent dead database tables and dead packages from shipping:

  • TestMigrationTablesHaveConsumers: Every CREATE TABLE in a migration must have corresponding DML (INSERT INTO, SELECT...FROM, UPDATE, DELETE FROM) in non-test Go source code.
  • TestNoDeadPackages: Every Go package under pkg/ with non-test source files must be imported by at least one non-test file in pkg/, cmd/, or internal/.

These tests would have caught the OAuth storage gap before it shipped. Added as CLAUDE.md rule #5 "No Vaporware" under AI Verification Requirements.

Upgrading from v0.15.0

No configuration changes needed. If database.dsn is already configured (required for audit logging), OAuth storage automatically switches to PostgreSQL on startup. Existing clients will no longer need to disconnect and reconnect after server restarts.

Changelog

Others

  • 8d246cf: Wire OAuth PostgreSQL storage and add vaporware detection tests (#77) (@cjimti)

Installation

Homebrew (macOS)

brew install txn2/tap/mcp-data-platform

Claude Code CLI

claude mcp add mcp-data-platform -- mcp-data-platform

Docker

docker pull ghcr.io/txn2/mcp-data-platform:v0.15.1

Verification

All release artifacts are signed with Cosign. Verify with:

cosign verify-blob --bundle mcp-data-platform_0.15.1_linux_amd64.tar.gz.sigstore.json \
  mcp-data-platform_0.15.1_linux_amd64.tar.gz

Contributors

cjimti
Assets 25
Loading