This release includes 3 security fixes for security teams reviewing exposed deployments.
Topics
Affected surfaces
Summary
AI summaryUpdates 0.3.0] - 2026-05-31, 0.2.1] - 2025-02-15, and 0.2.2] - 2025-04-18 across a mixed release.
Full changelog
Changelog
All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog,
and this project adheres to Semantic Versioning.
[0.3.0] - 2026-05-31
Fixed
- Asynchronous Reliability: Refactored all blocking database and SSH operations to use background threads via
anyio.to_thread.run_sync. This prevents the server from hanging in environments like Windows 11 (Issue #54). - Graceful Error Reporting: Implemented global exception handling in tool calls to return clear, actionable error messages to AI agents and users instead of silent failures (Issue #50).
- Metadata Formatting: Improved result set handling for
DESCRIBE,SHOW COLUMNS, and other inspection queries, including explicitNULLvalue rendering (PR #38). - SQL Injection Risk: Added strict regex validation for all database and table identifiers (PR #86).
Added
- Multi-Database Mode:
MYSQL_DATABASEis now optional. When omitted, the server lists all available databases and supportsUSE <database>or fully qualified table names (PR #86, Issue #68, #81). - SSH Tunneling: Built-in support for secure remote database connections via an SSH jump host using
MYSQL_SSH_ENABLE(PR #64, contributed by @GeorgeLeex). - New Inspection Tools:
get_schema_info: Detailed column metadata, types, and comments.get_table_sample: Quick data previews to understand table content (PR #64, contributed by @GeorgeLeex).
- SSE/HTTP Transport: Support for running as an HTTP server by setting
MCP_TRANSPORT=sse(PR #86). - SSL/TLS Support: Added
MYSQL_SSL_MODEfor encrypted connections. - Environment Management: Added
.envsupport and.env.examplefile (PR #69).
Security
- Added
ToolAnnotationstoexecute_sqlto flag potentially destructive operations to AI agents (PR #78). - Dockerfile now runs as a non-root
appuserand follows best practices for secret management. - Masked sensitive information (passwords, SSH keys) in server logs.
Changed
- Refactored server initialization into distinct STDIO and SSE transport handlers.
- Updated minimum
mcpdependency to1.2.0for improved stability and security.
[0.2.2] - 2025-04-18
Fixed
- Fixed handling of SQL commands that return result sets, including
SHOW INDEX,SHOW CREATE TABLE, andDESCRIBE - Added improved error handling for result fetching operations
- Added additional debug output to aid in troubleshooting
[0.2.1] - 2025-02-15
Added
- Support for MYSQL_PORT configuration through environment variables
- Documentation for PORT configuration in README
Changed
- Updated tests to use handler functions directly
- Refactored database configuration to runtime
[0.2.0] - 2025-01-20
Added
- Initial release with MCP server implementation
- Support for SQL queries through MCP interface
- Ability to list tables and read data
Breaking Changes
- Minimum `mcp` dependency bumped to version 1.2.0
Security Fixes
- Strict regex validation added for all database and table identifiers to mitigate SQL injection (PR #86)
- ToolAnnotations flag destructive operations in `execute_sql`
- Dockerfile now runs as non-root `appuser` and masks sensitive info in logs
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About designcomputer/mysql_mcp_server
MySQL database integration with configurable access controls, schema inspection, and comprehensive security guidelines
Related context
Beta — feedback welcome: [email protected]