This release adds 2 notable features for engineering teams evaluating rollout.
✓ No known CVEs patched in this version
Topics
+4 more
Affected surfaces
Summary
AI summaryAdded Cloudflare Worker entry and auto-deployment workflow.
Full changelog
Added
- Cloudflare Worker entry (
src/worker.ts) exposing the server as streamable-HTTP, so the same factory can be hosted on free Cloudflare Workers and surfaced as a Smithery "Deploy via URL" endpoint. .github/workflows/deploy-worker.yml: auto-deploys the Worker onmainpushes that touch worker code; usesCLOUDFLARE_API_TOKENrepo secret. Also manually dispatchable.createSandboxServer()export insrc/index.tsso Smithery's capability scanner can introspect without real credentials.- Tests: 10 cases for
src/index.ts(factory, sandbox, default export, configSchema), 12 cases forsrc/worker.ts(token resolver + handler). 61 tests pass total.
Changed
- Worker reads
GITHUB_TOKENper-request:?githubToken=...query param or base64-encoded?config={...}. No shared Worker secret — each user supplies their own token, individual rate limits.
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About DigiCatalyst-Systems/dep-diff-mcp
Translates a lockfile diff (npm, PyPI) into a human-readable upgrade plan. Point it at a Dependabot PR and get back semver classification, breaking changes from GitHub release notes, CVEs fixed in range, migration links, and a per-package recommendation. Bulk tool ranks up to 50 changes by risk (security > caution > review > likely-safe > safe)
Related context
Beta — feedback welcome: [email protected]