This release adds 4 notable features for engineering teams evaluating rollout.
✓ No known CVEs patched in this version
Topics
+14 more
Summary
AI summaryAdded MCP ToolAnnotations, security context export, stdio proxy mode with lifecycle management, and redesigned AskTab.
Full changelog
1.22.0 (2026-04-15)
Features
- add MCP ToolAnnotations to all tools for Glama TDQS scoring (5be916b)
- add security context export for MCP server analysis (7b685c4)
- add stdio proxy mode and lifecycle management (722579e)
- redesign AskTab with provider setup CTA and settings deep-linking (d55226e)
Bug Fixes
- add pre-flight check in GraphExplorer to prevent raw error display (eb1e06b)
- match LICENSE text to SPDX Elastic-2.0 canonical template (717951d)
- move frameRequested declaration before first use in visualize (ee86d7b)
- remove extra text from LICENSE for exact SPDX template match (6b0a6e0)
- split license into standard ELv2 + ethical addendum (0a9ccd3)
- unset ELECTRON_RUN_AS_NODE in electron dev script (1c2c21c)
- use valid SPDX license identifier for Elastic-2.0 (11e128b)
Documentation
- add usage guidelines and output format to all tool descriptions (2b544a5)
Upgrade
npm install -g trace-mcp@latest
trace-mcp init
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About nikolai-vysotskyi/trace-mcp
Framework-aware code intelligence that indexes source code into a cross-language dependency graph. Understands framework semantics — routes, ORM relations, component rendering, DI trees — for navigation, impact analysis, call graphs, refactoring, security scanning, and cross-session memory.
Related context
Related tools
Earlier breaking changes
- v1.41.1 Removes desktop app from core repository (phase E).
Beta — feedback welcome: [email protected]