1.2.0 — 2026-05-10

Performance, token optimization, and new protocol analysis tools.

Added

• QUIC/HTTP3 analysis — wireshark_analyze_quic extracts QUIC version, connection IDs, SNI, and HTTP/3 frames
• WebSocket analysis — wireshark_analyze_websocket reports frame types, payload lengths, and masking
• MQTT analysis — wireshark_analyze_mqtt extracts message types, topics, QoS, and client IDs with frequency stats
• gRPC analysis — wireshark_analyze_grpc with HTTP/2 content-type fallback detection
• Result cache — LRU cache for tshark read-only commands (file mtime + size invalidation, 5-min TTL)
• Token budget test — CI guard ensuring total tool docstring size stays under 8000 chars
• Concurrency tests — verify agents and TCP health run phases in parallel
• Protocol tool tests — coverage for all 4 new protocol tools

Changed

• Concurrent security audit — 6 independent analysis phases now run via asyncio.gather (~3x faster)
• Concurrent quick analysis — 7 data fetches run in parallel
• Concurrent TCP health — 8 tshark checks run via asyncio.gather instead of sequential loop
• Docstring optimization — all 51 tool descriptions slimmed to 4447 chars total (~1100 tokens)
• Output format — emoji replaced with text tags ([!]/[W]/[i]/[OK]), ASCII box art removed
• Stats truncation — expert_info and service_response_time now auto-truncate large results
• Publish workflow — added contents: read permission and Homebrew tap notification step

Fixed

• Version mismatch between pyproject.toml and server.json