Skip to content

mcp-data-platform-v0.22.2

Choose a tag to compare

View all tags
@github-actions github-actions released this 20 Feb 00:52
· 345 commits to main since this release
v0.22.2
557ee07
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

What's New

Fix: Complete Knowledge Pipeline — All Change Types Now Work

v0.22.1 fixed column-level update_description but left five other change types broken. This release completes the pipeline — every apply_knowledge change type now works end-to-end against DataHub.

Before (v0.22.1):

  • add_tag with detail: "pii" → DataHub rejected it (not a valid URN)
  • add_glossary_term → 422 error from DataHub (missing required auditStamp)
  • add_documentation → 422 error (wrong JSON field name in upstream library)
  • flag_quality_issue → produced invalid quality_issue:free text with spaces string
  • add_glossary_term with short names → no URN normalization

After (v0.22.2): All six change types succeed:

Change Type What Changed
update_description Already working (dataset + column)
add_tag Auto-normalizes "pii"urn:li:tag:pii; full URNs pass through
add_glossary_term Auto-normalizes short names → urn:li:glossaryTerm:<name>
add_documentation Params swapped: detail = description, target = URL (consistent with all other types)
flag_quality_issue Creates valid urn:li:tag:quality_issue_<sanitized_slug> tags

Upstream Fix: mcp-datahub v0.7.3

Upgrades to mcp-datahub v0.7.3 which fixes two root causes discovered by reading the actual DataHub PDL schemas:

  • AddGlossaryTerm 422: GlossaryTerms.pdl requires an auditStamp field with time (epoch ms) and actor (entity URN) — was missing entirely
  • AddLink 422: InstitutionalMemoryMetadata.pdl defines the audit stamp field as createStamp — the library used created (wrong JSON tag)

Security: All gosec Findings Resolved

Resolved all 20 gosec findings that were causing make verify to fail:

Rule Hits Fix
G117 (exported secret fields) 14 #nosec with RFC/spec justification — OAuth 2.1, Trino, S3, config struct fields that must exist by protocol
G704 (SSRF) 3 #nosec — URLs from admin-controlled OIDC issuer and upstream IdP config
G706 (log injection) 1 Added sanitizeLogValue() to strip \n\r\t from session IDs before logging
G115 (integer overflow) 1 Changed formatRowCount to iterate bytes directly, avoiding rune→byte cast

Also added golangci-lint exclusions for G101 (hardcoded test credentials) and G705 (XSS in httptest handlers) in _test.go files.

Schema Improvements

Tool schemas for capture_insight and apply_knowledge now have clearer target/detail field descriptions documenting the semantics for each change type. Enum constraints for category, confidence, source, action_type, change_type, and action were already present from v0.22.1.

Breaking Changes

add_documentation parameter swap: If you were passing detail = URL and target = description (the old, counterintuitive mapping), you need to swap them. The new convention matches all other change types: detail is always the content, target is always where it goes.

Changelog

Bug Fixes

  • fix: knowledge pipeline apply — URN normalization, gosec, mcp-datahub v0.7.3 (#119)

Installation

Homebrew (macOS)

brew install txn2/tap/mcp-data-platform

Claude Code CLI

claude mcp add mcp-data-platform -- mcp-data-platform

Docker

docker pull ghcr.io/txn2/mcp-data-platform:v0.22.2

Verification

All release artifacts are signed with Cosign. Verify with:

cosign verify-blob --bundle mcp-data-platform_0.22.2_linux_amd64.tar.gz.sigstore.json \
  mcp-data-platform_0.22.2_linux_amd64.tar.gz
Assets 25
Loading