Skip to content

StacklokLabs/osv-mcp

v0.1.2 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 2mo MCP Security & Auth
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 1 known CVE

Affected surfaces

deps

Summary

AI summary

Migrated vulnerability scanning from Trivy to Grype and fixed OSV security issues.

Full changelog

What's Changed

  • chore(deps): bump aquasecurity/trivy-action from 0.33.1 to 0.35.0 by @dependabot[bot] in https://github.com/StacklokLabs/osv-mcp/pull/77
  • fix(deps): update module github.com/mark3labs/mcp-go to v0.45.0 by @renovate[bot] in https://github.com/StacklokLabs/osv-mcp/pull/64
  • chore(deps): update docker/login-action action to v4 by @renovate[bot] in https://github.com/StacklokLabs/osv-mcp/pull/73
  • chore(deps): update actions/upload-artifact action to v7 by @renovate[bot] in https://github.com/StacklokLabs/osv-mcp/pull/68
  • chore(deps): update sigstore/cosign-installer action to v4.1.0 by @renovate[bot] in https://github.com/StacklokLabs/osv-mcp/pull/74
  • chore(deps): bump github.com/buger/jsonparser from 1.1.1 to 1.1.2 by @dependabot[bot] in https://github.com/StacklokLabs/osv-mcp/pull/81
  • chore: migrate from Trivy to Grype for vulnerability scanning by @JAORMX in https://github.com/StacklokLabs/osv-mcp/pull/80
  • chore(deps): bump anchore/scan-action from 7.3.2 to 7.4.0 by @dependabot[bot] in https://github.com/StacklokLabs/osv-mcp/pull/83
  • fix(deps): update module github.com/mark3labs/mcp-go to v0.46.0 by @renovate[bot] in https://github.com/StacklokLabs/osv-mcp/pull/85
  • chore(deps): update sigstore/cosign-installer action to v4.1.1 by @renovate[bot] in https://github.com/StacklokLabs/osv-mcp/pull/84
  • fix: OSV security issues by @glageju in https://github.com/StacklokLabs/osv-mcp/pull/87
  • chore(deps): update github/codeql-action digest to c10b806 by @renovate[bot] in https://github.com/StacklokLabs/osv-mcp/pull/88

New Contributors

  • @glageju made their first contribution in https://github.com/StacklokLabs/osv-mcp/pull/87

Full Changelog: https://github.com/StacklokLabs/osv-mcp/compare/v0.1.1...0.1.2

Security Fixes

  • Fixed OSV security issues
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track StacklokLabs/osv-mcp

Get notified when new releases ship.

Sign up free

About StacklokLabs/osv-mcp

Access the OSV (Open Source Vulnerabilities) database for vulnerability information. Query vulnerabilities by package version or commit, batch query multiple packages, and get detailed vulnerability information by ID.

All releases →

Related context

Beta — feedback welcome: [email protected]