Skip to content

Release history

arvindand/maven-tools-mcp releases

Universal Maven Central dependency intelligence for JVM build tools (Maven, Gradle, SBT, Mill). Features bulk operations, version comparison, stability filtering, dependency age analysis, release patterns, and Context7 integration for upgrade guidance.

Back to tool Latest release

All releases

11 shown

No immediate action
v3.0.1 Bug fix

Pre‑release qualifier classification

Open
Review required
v3.0.0 Breaking risk
Dependencies

Removed get_version_timeline

Open
Upgrade now
v2.1.1 Breaking risk
Dependencies Breaking upgrade

MCP SDK BOM removal

Open
v2.1.0 New feature
Notable features
  • Bearer and Basic auth support via OkHttp interceptor for private repositories
  • Configuration properties `maven.central.auth.type`, `maven.central.auth.username`, `maven.central.auth.password`, `maven.central.auth.token`
  • Full compatibility of authentication config with GraalVM native images
Full changelog

Private Repository Authentication

Adds support for private Maven repositories (Nexus, Artifactory, GitHub Packages) with configurable authentication. Works with both JVM and native Docker images.

Added

  • Repository Authentication: Bearer and Basic auth support via OkHttp interceptor
  • Configuration Properties: maven.central.auth.type, maven.central.auth.username, maven.central.auth.password, maven.central.auth.token
  • Native Image Support: Auth config fully compatible with GraalVM native images
  • Spring Configuration Metadata: IDE autocomplete for all new auth properties

Usage

# Bearer auth (JFrog, GitHub Packages)
docker run -i --rm \
  -e MAVEN_CENTRAL_REPOSITORY_BASE_URL=https://maven.pkg.github.com/your-org/your-repo \
  -e MAVEN_CENTRAL_AUTH_TYPE=bearer \
  -e MAVEN_CENTRAL_AUTH_TOKEN=your-token \
  arvindand/maven-tools-mcp:latest

# Basic auth (Nexus, Artifactory)
docker run -i --rm \
  -e MAVEN_CENTRAL_REPOSITORY_BASE_URL=https://nexus.internal.corp/repository/maven/ \
  -e MAVEN_CENTRAL_AUTH_TYPE=basic \
  -e MAVEN_CENTRAL_AUTH_USERNAME=admin \
  -e MAVEN_CENTRAL_AUTH_PASSWORD=secret \
  arvindand/maven-tools-mcp:latest

Any repository that serves standard maven-metadata.xml files is supported.

Full Changelog: https://github.com/arvindand/maven-tools-mcp/compare/v2.0.7...v2.1.0

View release on GitHub
v2.0.7 Maintenance

Minor fixes and improvements.

Full changelog

Dependency Patch Release - Bumps Spring Boot and Spring AI to latest stable patch versions, pins Copilot SDK for dogfood agent reliability.

Changed (2.0.7)

  • Spring Boot: Upgraded from 3.5.12 to 3.5.13 (patch)
  • Spring AI: Upgraded from 1.1.3 to 1.1.4 (patch)
  • Copilot SDK: Pinned dogfood agent to ==0.2.0 (ensures correct manylinux_2_28 wheel on CI)
View release on GitHub
v2.0.6 Bug fix
⚠ Upgrade required
  • MCP SDK pinned at version 0.17.2 and Logback pinned at version 1.5.22 remain required workarounds.
  • Spring AI 1.1.3 manages MCP SDK 0.17.0; the build still needs MCP SDK >= 0.17.2.
  • Logback 1.5.32 (latest) continues to cause stdout pollution in native stdio images; expected resolution with Spring AI 2.0.0 GA (~2‑3 months).
Full changelog

Dependency Update & Dogfood Agent Fix Release - Upgrades Spring AI and Spring Boot to latest stable, fixes three weeks of dogfood agent CI failures, and migrates to Copilot SDK 0.2.0 API.

Changed (2.0.6)

  • Spring AI: Upgraded from 1.1.2 to 1.1.3 (latest stable)
  • Spring Boot: Upgraded from 3.5.11 to 3.5.12 (patch)
  • maven-artifact: Upgraded from 3.9.12 to 3.9.14 (patch)
  • Resilience4j: Upgraded from 2.3.0 to 2.4.0 (minor)
  • Copilot SDK: Migrated agent to SDK 0.2.0 API (dataclass configs, PermissionHandler.approve_all)
  • Workaround Documentation: Improved pom.xml comments with clear "remove when" conditions for MCP SDK and Logback temporary overrides

Fixed (2.0.6)

  • Dogfood Agent CI Failures: The Copilot backend now requires explicit permission handling for MCP tool calls. Migrated to SDK 0.2.0 which uses PermissionHandler.approve_all and the new dataclass-based API (SubprocessConfig, keyword-arg create_session)

Notes (2.0.6)

  • Workaround status review: MCP SDK 0.17.2 pin and Logback 1.5.22 pin still required. Spring AI 1.1.3 manages MCP SDK 0.17.0 (need >= 0.17.2). Logback 1.5.32 (latest) still has stdout pollution in native stdio images. Both workarounds expected to resolve with Spring AI 2.0.0 GA (~2-3 months)
View release on GitHub
v2.0.5 Bug fix
Notable features
  • Explicitly enables Spring AI MCP stdio transport in the `docker` profile (`application-docker.yaml`).
Full changelog

STDIO Docker Reliability Release - Restores native stdio MCP startup for VS Code/Copilot after recent dependency updates and temporarily pins Logback to avoid stdout protocol pollution.

Changed (2.0.5)

  • Native STDIO Docker Build Config: Explicitly enables Spring AI MCP stdio transport in the docker profile (application-docker.yaml) so native stdio images respond correctly to MCP initialize
  • Self-Update Workflow Ignore List: Excludes temporary MCP SDK and Logback override dependencies from automated dependency-update PRs

Fixed (2.0.5)

  • VS Code / Copilot STDIO MCP Startup: Temporary logback.version override to 1.5.22 avoids Logback 1.5.32 startup status output on stdout in native stdio images, which breaks MCP message parsing
View release on GitHub
v2.0.4 New feature
⚠ Upgrade required
  • Override MCP Java SDK version to 0.17.2 to resolve startup failures caused by `202 Accepted` text/plain responses from Context7
  • If using the new dogfooding workflow, ensure the GitHub Actions runner has permissions to open PRs in the repository
Notable features
  • Weekly GitHub Actions workflow that runs a local Python dependency‑update agent against the project and opens/updates bot PRs for safe minor/patch changes
  • Server‑side `compare_dependency_versions` now suggests same‑major stable fallback when the latest recommendation is a major update (e.g., prefer Spring Boot 3.5.x over 4.x)
  • Optional `CONTEXT7_API_KEY` environment variable added for outbound authentication to Context7 MCP client requests
Full changelog

[2.0.4] - 2026-02-22

Dogfooding & Context7 Compatibility Release - Adds automated self-update workflow dogfooding, fixes Context7 MCP client startup compatibility, and improves dependency update selection behavior.

Added (2.0.4)

  • Dogfooding Self-Update Workflow: Weekly GitHub Actions workflow that runs a local Python dependency-update agent subproject against Maven Tools MCP itself and opens/updates a bot PR for safe minor/patch changes
  • Local Dependency Agent Subproject: agents/copilot-maven-tools-agent/ (Copilot SDK + Maven Tools MCP) for repository-local dogfooding automation
  • Server-side Same-Major Fallbacks: compare_dependency_versions can now return a same-major stable fallback suggestion when the latest stable recommendation is a major update (e.g., Spring Boot 3.5.x patch while 4.x exists)

Changed (2.0.4)

  • Context7 MCP Compatibility: Override MCP Java SDK to 0.17.2 to fix startup failures caused by 202 Accepted text/plain responses for MCP notifications
  • Context7 API Key Support: Added optional CONTEXT7_API_KEY outbound auth support for Context7 MCP client requests (documented as optional; default run configs remain key-free)
  • Dogfooding Agent Selection Logic: Keeps version semantics in Maven Tools MCP and allows configurable dependency ignores (used for temporary MCP SDK BOM override during dogfooding)
  • Dogfooding Agent Default Model: Default Copilot model updated to claude-haiku-4.5
View release on GitHub
v2.0.3 New feature
Notable features
  • New `http` Spring profile with `/mcp` endpoint on port 8080
  • Actuator health probes at `/actuator/health/liveness` and `/actuator/health/readiness`
  • `:latest-http` multi‑arch Docker image for HTTP transport
Full changelog

Adds streamable HTTP transport support and Actuator health probes.

New Features

  • HTTP Transport: New http Spring profile with /mcp endpoint on port 8080
  • Health Probes: /actuator/health/liveness and /actuator/health/readiness
  • HTTP Docker Image: New :latest-http multi-arch variant

Docker Images

| Tag | Transport | Description |
|-----|-----------|-------------|
| :latest | STDIO | Default with Context7 |
| :latest-noc7 | STDIO | Without Context7 |
| :latest-http | HTTP | Streamable HTTP transport |

Usage

# STDIO (default)
docker run -i --rm arvindand/maven-tools-mcp:latest

# HTTP transport
docker run -p 8080:8080 arvindand/maven-tools-mcp:latest-http

Full Changelog: https://github.com/arvindand/maven-tools-mcp/compare/v2.0.2...v2.0.3

View release on GitHub
v2.0.2 Breaking risk
Notable features
  • Automated MCP Registry publishing via GitHub Actions on each release
Full changelog

Changes

  • Fixed health analysis counts - Corrected parameter ordering bug in buildSimpleHealthSummary that caused incorrect dependency counts in project health reports
  • Fixed cache race condition - VulnerabilityService now uses atomic cache.get() to prevent duplicate OSV API requests under concurrent load
  • Removed duplicate annotation - Cleaned up duplicate @EnableConfigurationProperties in main application class
  • Improved documentation - Enhanced checkVersionExists() javadoc to clarify error handling behavior
  • Automated MCP Registry publishing - New GitHub Actions workflow automatically syncs to the official MCP Registry on each release
View release on GitHub
v2.0.1 Maintenance

Routine maintenance release for arvindand/maven-tools-mcp.

Changelog

Full Changelog: https://github.com/arvindand/maven-tools-mcp/compare/v2.0.0...v2.0.1

View release on GitHub

Beta — feedback welcome: [email protected]