This release keeps dependencies and maintenance posture current for teams operating this tool.
Published 4mo
MCP Security & Auth
✓ No known CVEs patched
✓ No known CVEs patched in this version
Affected surfaces
deps
Summary
AI summaryMinor fixes and improvements.
Full changelog
What's Changed
- Minor updates to the governance docs by @danbarr in https://github.com/StacklokLabs/osv-mcp/pull/20
- Update README by @danbarr in https://github.com/StacklokLabs/osv-mcp/pull/21
- chore(deps): bump github.com/mark3labs/mcp-go from 0.32.0 to 0.33.0 by @dependabot[bot] in https://github.com/StacklokLabs/osv-mcp/pull/23
- chore(deps): bump aquasecurity/trivy-action from 0.31.0 to 0.32.0 by @dependabot[bot] in https://github.com/StacklokLabs/osv-mcp/pull/22
- chore(deps): bump sigstore/cosign-installer from 3.8.2 to 3.9.1 by @dependabot[bot] in https://github.com/StacklokLabs/osv-mcp/pull/19
- chore(deps): bump github.com/mark3labs/mcp-go from 0.33.0 to 0.36.0 by @dependabot[bot] in https://github.com/StacklokLabs/osv-mcp/pull/25
- chore(deps): bump sigstore/cosign-installer from 3.9.1 to 3.9.2 by @dependabot[bot] in https://github.com/StacklokLabs/osv-mcp/pull/24
- chore: Configure Renovate by @renovate[bot] in https://github.com/StacklokLabs/osv-mcp/pull/26
- chore(deps): bump github.com/mark3labs/mcp-go from 0.36.0 to 0.37.0 by @dependabot[bot] in https://github.com/StacklokLabs/osv-mcp/pull/27
- chore(deps): bump actions/checkout from 4 to 5 by @dependabot[bot] in https://github.com/StacklokLabs/osv-mcp/pull/28
- MCP Trust Score by @Matvey-Kuk in https://github.com/StacklokLabs/osv-mcp/pull/31
- fix(deps): update module github.com/mark3labs/mcp-go to v0.38.0 by @renovate[bot] in https://github.com/StacklokLabs/osv-mcp/pull/32
- fix(deps): update module github.com/stretchr/testify to v1.11.0 by @renovate[bot] in https://github.com/StacklokLabs/osv-mcp/pull/33
- fix(deps): update module github.com/stretchr/testify to v1.11.1 by @renovate[bot] in https://github.com/StacklokLabs/osv-mcp/pull/34
- chore(deps): update aquasecurity/trivy-action action to v0.33.0 by @renovate[bot] in https://github.com/StacklokLabs/osv-mcp/pull/35
- fix(deps): update module github.com/mark3labs/mcp-go to v0.39.0 by @renovate[bot] in https://github.com/StacklokLabs/osv-mcp/pull/36
- chore(deps): bump aquasecurity/trivy-action from 0.32.0 to 0.33.0 by @dependabot[bot] in https://github.com/StacklokLabs/osv-mcp/pull/38
- fix(deps): update module github.com/mark3labs/mcp-go to v0.39.1 by @renovate[bot] in https://github.com/StacklokLabs/osv-mcp/pull/37
- chore(deps): update actions/setup-go action to v6 by @renovate[bot] in https://github.com/StacklokLabs/osv-mcp/pull/40
- chore(deps): update aquasecurity/trivy-action action to v0.33.1 by @renovate[bot] in https://github.com/StacklokLabs/osv-mcp/pull/39
- chore(deps): update sigstore/cosign-installer action to v3.10.0 by @renovate[bot] in https://github.com/StacklokLabs/osv-mcp/pull/41
- fix(deps): update module github.com/mark3labs/mcp-go to v0.40.0 by @renovate[bot] in https://github.com/StacklokLabs/osv-mcp/pull/42
- fix(deps): update module github.com/mark3labs/mcp-go to v0.41.0 by @renovate[bot] in https://github.com/StacklokLabs/osv-mcp/pull/43
- chore(deps): bump github.com/mark3labs/mcp-go from 0.41.0 to 0.41.1 by @dependabot[bot] in https://github.com/StacklokLabs/osv-mcp/pull/45
- chore(deps): bump github/codeql-action from 3 to 4 by @dependabot[bot] in https://github.com/StacklokLabs/osv-mcp/pull/47
- chore(deps): update sigstore/cosign-installer action to v4 by @renovate[bot] in https://github.com/StacklokLabs/osv-mcp/pull/49
- fix(deps): update module github.com/mark3labs/mcp-go to v0.42.0 by @renovate[bot] in https://github.com/StacklokLabs/osv-mcp/pull/50
- fix(deps): update module github.com/mark3labs/mcp-go to v0.43.0 by @renovate[bot] in https://github.com/StacklokLabs/osv-mcp/pull/53
- fix(deps): update module github.com/mark3labs/mcp-go to v0.43.1 by @renovate[bot] in https://github.com/StacklokLabs/osv-mcp/pull/57
- chore(deps): update golangci/golangci-lint-action action to v9 by @renovate[bot] in https://github.com/StacklokLabs/osv-mcp/pull/54
- chore(deps): update actions/checkout action to v6 by @renovate[bot] in https://github.com/StacklokLabs/osv-mcp/pull/56
- chore(deps): bump actions/upload-artifact from 4 to 6 by @dependabot[bot] in https://github.com/StacklokLabs/osv-mcp/pull/61
- chore(deps): bump github.com/mark3labs/mcp-go from 0.43.1 to 0.43.2 by @dependabot[bot] in https://github.com/StacklokLabs/osv-mcp/pull/60
- chore(deps): bump golangci/golangci-lint-action from 8 to 9 by @dependabot[bot] in https://github.com/StacklokLabs/osv-mcp/pull/55
New Contributors
- @danbarr made their first contribution in https://github.com/StacklokLabs/osv-mcp/pull/20
- @renovate[bot] made their first contribution in https://github.com/StacklokLabs/osv-mcp/pull/26
- @Matvey-Kuk made their first contribution in https://github.com/StacklokLabs/osv-mcp/pull/31
Full Changelog: https://github.com/StacklokLabs/osv-mcp/compare/v0.0.7...v0.1.0
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About StacklokLabs/osv-mcp
Access the OSV (Open Source Vulnerabilities) database for vulnerability information. Query vulnerabilities by package version or commit, batch query multiple packages, and get detailed vulnerability information by ID.
Related context
Beta — feedback welcome: [email protected]