Skip to content

nikolai-vysotskyi/trace-mcp

v1.39.4 Feature

This release adds 1 notable feature for engineering teams evaluating rollout.

Published 9d MCP Developer Tools
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

ai-agents claude claude-ai claude-code claude-code-plugin claude-code-skill
+14 more
claude-desktop claude-skill claude-skills code-intelligence codex codex-skill developer-tools knowledge-graph mcp mcp-server llm token token-savings tokens

Summary

AI summary

Bug fixes in app, db, env; added a PR‑comment workflow for CI/CD; upgrade to version 1.39.4.

Changes in this release

Bugfix Medium

Prevents in-app updater from looping on npm-only outcomes.

Prevents in-app updater from looping on npm-only outcomes.

Source: llm_adapter@2026-05-25

Confidence: high
Bugfix Medium

Uses ON CONFLICT DO UPDATE in insertSymbol to keep parent_id FKs valid.

Uses ON CONFLICT DO UPDATE in insertSymbol to keep parent_id FKs valid.

Source: llm_adapter@2026-05-25

Confidence: high
Bugfix Medium

Unifies .env secrecy model and adds provenance gate for tool‑managed files.

Unifies .env secrecy model and adds provenance gate for tool‑managed files.

Source: llm_adapter@2026-05-25

Confidence: high
Full changelog

1.39.4 (2026-05-25)

Bug Fixes

  • app: stop in-app updater from looping on npm-only outcomes (#173) (ae0b9ef)
  • db: use ON CONFLICT DO UPDATE in insertSymbol to keep parent_id FKs valid (fd63f52)
  • env: unify .env secrecy model + provenance gate for tool-managed files (#172) (8572741)

Documentation

  • toon: standardize TOON description wording and document allowlist (4a3a46f)

CI/CD

  • add pr-comment workflow that posts impact-report from CI artifact (bdc24b9)

Upgrade

npm install -g trace-mcp@latest
trace-mcp init
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track nikolai-vysotskyi/trace-mcp

Get notified when new releases ship.

Sign up free

About nikolai-vysotskyi/trace-mcp

Framework-aware code intelligence that indexes source code into a cross-language dependency graph. Understands framework semantics — routes, ORM relations, component rendering, DI trees — for navigation, impact analysis, call graphs, refactoring, security scanning, and cross-session memory.

All releases →

Related context

Earlier breaking changes

  • v1.41.1 Removes desktop app from core repository (phase E).

Beta — feedback welcome: [email protected]