mcp-data-platform-v1.79.0
⚠️ Breaking change: connection access is now deny-by-default
Persona connection access previously failed open: a persona with no connections.allow rules could reach every connection. As of v1.79.0 connections behave exactly like tools, fail-closed:
- Deny patterns are checked first (they take precedence).
- An explicit
connections.allowmatch is then required. - An empty or omitted
connectionsblock grants no connections.
Action required before upgrading. Every persona that should reach a connection must now list it explicitly. Add a connections.allow block to each persona; an admin-equivalent persona uses allow: ["*"]. A persona that still relies on an empty allow list will be denied all connections after upgrade (its tool calls fail the connection check).
personas:
analyst:
tools:
allow: ["trino_*", "datahub_*"]
connections:
allow: ["production", "primary", "data_lake"] # name each connection it may reach
admin:
tools:
allow: ["*"]
connections:
allow: ["*"]See docs/personas/overview.md and configs/platform.yaml for worked examples.
What's changed
Connection access deny-by-default (and admin_only removed)
Making connections fail-closed also removed the admin_only / restricted-connection mechanism added in v1.78.0, which is now redundant. The platform-admin self-configuration connection is protected the honest way: it is reachable only by personas that explicitly allow it, and leaving it out of every other persona keeps self-configuration admin-only. There is no longer a per-connection admin_only flag.
This also resolves an inconsistency where the Portal's persona-access preview (computed client-side) showed a restricted connection as "allowed" while the running server denied it. The preview is now deny-by-default for both tools and connections, so it matches the server.
platform-admin self-connection polish
- The built-in connection now shows a real description of its purpose instead of its loopback base URL. The api-gateway toolkit gained an optional
descriptionconnection field that falls back to the base URL when unset, so other connections are unchanged. - File-defined and built-in connections (no database row) are attributed to
systemrather than left blank in the Connections view; a database-managed instance still shows its real author. descriptionis no longer duplicated as a raw config row in the Connections detail pane.
Developer experience: make dev login info
- The local dev environment's API Gateway metrics warm-up now runs in the background and bounds every request with a timeout, so a slow or unreachable fixture can no longer delay the "ready" banner that prints the Portal URL, API key, and sign-in users.
- New
make dev-info(anddev/info.sh) prints the Portal URL, API key, and Keycloak sign-in users on demand.
Security: Go toolchain 1.26.4
The build toolchain and CI workflows move from Go 1.26.3 to 1.26.4, clearing two standard-library advisories that govulncheck flags on 1.26.3 and that are reached through existing code: GO-2026-5039 (net/textproto) and GO-2026-5037 (crypto/x509).
Documentation
docs/personas/overview.md, docs/server/api-gateway.md, docs/server/self-configuration.md, and the docs/llms*.txt mirrors are updated to describe deny-by-default connection access and to grant connections explicitly per persona.
Upgrade checklist
- Add a
connections.allowblock to every persona that should reach a connection (admin-equivalent:["*"]). - Grant the
platform-adminconnection only to the persona that should operate the platform through MCP. - Roll out the persona config change together with the new build, not after it.
Full details: #545
Installation
Homebrew (macOS)
brew install txn2/tap/mcp-data-platformClaude Code CLI
claude mcp add mcp-data-platform -- mcp-data-platformDocker
docker pull ghcr.io/txn2/mcp-data-platform:v1.79.0Verification
All release artifacts are signed with Cosign. Verify with:
cosign verify-blob --bundle mcp-data-platform_1.79.0_linux_amd64.tar.gz.sigstore.json \
mcp-data-platform_1.79.0_linux_amd64.tar.gz