cameronrye/gopher-mcp

v0.2.1 Security

This release includes 2 security fixes for security teams reviewing exposed deployments.

Published 8mo MCP Browser & Automation

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 2 known CVEs

Topics

gemini gemini-protocol gopher gopher-protocol mcp mcp-server

Affected surfaces

auth crypto_tls

Summary

AI summary

Gemini protocol v0.16.1 fully implemented with TOFU certificate validation, client certificates, and dual‑protocol server support.

Full changelog

Added

Gemini Protocol Support (NEW)

Complete Gemini protocol v0.16.1 implementation
gemini_fetch MCP tool for Gemini protocol access
TLS 1.2+ client with mandatory SNI support
TOFU (Trust-on-First-Use) certificate validation system
Client certificate generation and management
Gemtext parser with structured output for AI consumption
Dual-protocol MCP server supporting both Gopher and Gemini
Protocol-isolated caching systems
Comprehensive security features and host allowlists

Security Features

TOFU certificate fingerprint storage and validation
Automatic client certificate generation per hostname/path scope
TLS security configuration with minimum version enforcement
Certificate validation error handling and recovery
Host allowlists for both protocols
Enhanced input validation and sanitization
Security policy enforcement for connections

Documentation

Comprehensive Gemini support documentation
API reference for both protocols
AI assistant usage guide
Advanced features documentation
Configuration reference with all environment variables
Troubleshooting guide and FAQ
Integration examples and best practices
Migration guide for existing users

Testing and Quality Assurance

Comprehensive test suite for Gemini protocol
Security and penetration testing
Performance and load testing
Integration tests for dual-protocol operation
Test coverage >95% for all new features

Changed

Updated package metadata to reflect dual-protocol support
Enhanced error handling and logging across both protocols
Improved configuration validation and defaults
Updated dependencies to include cryptography for certificate management

Security

TLS 1.2+ enforcement for all Gemini connections
Certificate fingerprint validation with TOFU
Secure client certificate generation and storage
Enhanced input validation for both protocols

Release Information:

Version: 0.2.1
Release Date: 2025-09-18
Commit: d56f942
Workflow: 17843887798

Installation:

pip install gopher-mcp==0.2.1

Verification:
All packages are signed and can be verified using Sigstore.

Security Fixes

TLS 1.2+ enforcement for all Gemini connections with TOFU certificate fingerprint validation
Secure client certificate generation, storage, and automatic per‑hostname/path issuance

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track cameronrye/gopher-mcp

Get notified when new releases ship.

About cameronrye/gopher-mcp

Modern, cross-platform MCP server enabling AI assistants to browse and interact with both Gopher protocol and Gemini protocol resources safely and efficiently. Features dual protocol support, TLS security, and structured content extraction.

All releases →