DreamFactory v7.5.0

DreamFactory v7.5.0 delivers a platform-wide 2026-04 security hardening pass (auth bypass, SQL injection, SSRF, unsafe deserialization, and timing-attack fixes across most packages), introduces GitHub as a first-class MCP utility service, adds a custom-tool lookup picker and unsaved-changes save guard to the admin UI, switches the MCP server from SSE streams to JSON responses with stale-stream eviction to prevent PHP worker lockups, and ships a new Jest + Playwright CI test harness for the admin interface.

New Features

GitHub MCP Utility Service

• New DreamFactory utility-service integration for GitHub — custom MCP tooling can call GitHub as a first-class service so AI agents reach repositories, issues, and pull requests without custom auth plumbing
• Admin UI elements for configuring the GitHub integration end-to-end

Custom MCP Tool Lookup Picker

• Added a lookup picker for custom MCP tools — admins can insert DreamFactory lookup values into custom-tool configuration through the UI instead of hand-typing keys
• Inline JSON/JS lint-error display for custom tool bodies, with error notifications on static-header JSON

Unsaved-Changes Guard for MCP Custom Tools

• Added a save guard that detects unsaved custom-tool changes when saving an MCP service and surfaces a contextual popup with persist/discard options (replaces the previous silent-drop behavior)
• Fixed a related issue where custom tools were not persisted on first service creation or on re-save without IDs

MCP OAuth Direct Redirect Workflow

• MCP services can now declare an OAuth service for direct redirect — the MCP client is sent straight through the OAuth flow, skipping the DreamFactory UI login and removing a step from the desktop MCP connect experience

Security

Authentication & Authorization

• df-core: Fixed auth bypass, widened the OAuth filter blocklist, removed token logging; reverted an earlier change that had narrowed OAuth method coverage so all meth
  ods are now protected again
• df-core: Replaced rand() with random_int() in generateConfirmationCode()
• df-core: Added /auth/ prefix to password-reset and email-invite URLs so they route through the authenticated handler
• df-system: Removed the admin flag from password-reset email URLs
• df-script: Replaced uniqid() with random_bytes(32) for script auth tokens
• df-oauth: Fixed unsafe deserialization, a timing-attack vector, an open-redirect, and a name-field bug

SQL Injection Hardening

• df-sqldb: Fixed SQL injection in MySQL INOUT stored-procedure parameters (regression test added)
• df-sqldb: Fixed SQL injection in ORDER BY, GROUP BY, filter, and expression handling; widened expression/filter checks from allowlist to blocklist
• df-database: db_function template value substitution now uses quoteValue() to prevent injection via template expansion

SSRF & Request Integrity

• df-system: Added SSRF validation to import_url endpoints on Package, Import, and App resources
• df-mcp-server: Fixed host-header injection, OAuth-redirect issues, and session leaks; CORS posture re-widened explicitly for MCP's inherently-external clients after
  being tightened in the scan

Admin UI

• df-admin-interface: Added a same-origin check to handleRedirectIfPresent
• df-admin-interface: Updated npm dependencies to eliminate critical CVEs surfaced by the scan

MCP Server

Transport & Stability

• Switched MCP responses from SSE streams to JSON, with guards around remaining SSE streams to prevent PHP worker lockups when multiple MCP session connections arrive concurrently
• Stale-SSE-stream eviction on reconnect — resolves 409 errors clients previously saw when reconnecting to an MCP session

Custom Tools

• Fixed order-of-operations for custom-tool role checks against services — role rules now evaluate consistently with other service-level authorization
• Custom tools persist correctly on first service creation and on re-save without IDs

Admin UI

Event Scripts

• Script Type dropdown now populates for services whose names contain underscores
• Fixed scriptMethod wiring and added fallback behavior when the method name is empty
• Event-script services are fetched lazily on open (events on service selection), cutting initial page load on large instances
• /system/event responses exempted from the snake→camelCase interceptor so event identifiers are returned raw

Editor & Loading States

• Permitted top-level await in the Ace JavaScript lint worker under module:true
• Fixed a stuck loading spinner that could persist after rapid concurrent requests

SQL Databases

• df-sqldb: Fixed a regression where null values in additional SQL init statements caused service errors at startup
• Blocklist-based filter/expression validation (from the security hardening above) now applies uniformly across all SQL connectors

Performance

• df-system: Added a services_only fast path to the system/event resource, avoiding a full event walk when callers only need the service enumeration
• df-admin-interface: Deferred event-script fetching until the user opens the section, with a secondary fetch on service selection

Testing & CI

• df-admin-interface: Jest wired into CI with regression specs covering the 2026-04 fixes
• df-admin-interface: Playwright scaffold with smoke specs and a dedicated CI workflow, scoped to manual/nightly to keep PR CI fast
• df-admin-interface: UI automation affordances added and a discovery spec reporting navigation automation limits
• df-admin-interface: Dropped the pre-existing lint gate from default CI (lint still runs, just non-blocking)
• Test-suite hardening across df-sqldb (PHPUnit 9 compatibility, driver/host config, reliable cleanup), df-database (void return type on tearDown()), df-syst
  em (explicit admin auth, order-independent assertions, stronger fixture passwords), and df-user (fixture passwords updated for stronger strength policy)

Upgrade Notes

• Security fixes are cumulative — upgrading is recommended for all deployments. The 2026-04 security scan covers auth bypass, SQL injection, SSRF, unsafe deserializati
  on, and timing-attack vectors across multiple packages.
• Password-reset / invite URLs now include an /auth/ prefix. Update any external tooling that parses or constructs DreamFactory reset URLs.
• MCP transport: The MCP server now returns JSON instead of SSE for most flows. Compliant MCP clients require no changes — the switch is server-side and transparent.
• MCP custom tool persistence: Tools that previously appeared to be "lost" on service creation in 7.4.x will now persist correctly; re-verify any that were affected.
• Password strength policy: The df-user fixture-password hardening reflects a stronger strength policy. Deployments relying on weak programmatic passwords (e.g., old C
  I fixtures or seeded test accounts) may need to update them.
• Platform baseline is unchanged from 7.4.x (PHP 8.3 / Laravel 11). No host-level upgrade is required.
• Standard upgrade process applies for all other changes.

Full Changelog: https://github.com/dreamfactorysoftware/dreamfactory/compare/7.4.5...7.5.0

DreamFactory v7.4.5 introduces a dedicated aggregate data tool for MCP-connected AI agents, adds server-side aggregate expression support in the SQL fields parameter, improves MCP server stability with request timeout guards and crash prevention, fixes OAuth connectivity for Cursor IDE and desktop MCP clients, and resolves admin UI issues for non-sysadmin users.

New Features

MCP Aggregate Data Tool

• New aggregate_data MCP tool — AI agents can now compute SUM, COUNT, AVG, MIN, and MAX directly on the database server through a single MCP tool call, eliminating the need to fetch and manually aggregate raw rows
• Supports groupBy for efficient server-side grouping (e.g., total revenue by country, average order value by status, row count by category)
• Supports filter to narrow rows before aggregation using the same filter syntax as get_table_data
• Improved MCP tool descriptions to guide AI agents toward using aggregate_data instead of attempting aggregation through get_table_data

Server-Side Aggregate Expressions in Fields Parameter

• SQL database services now support aggregate expressions directly in the fields query parameter (e.g., SUM(amount), COUNT(*), AVG(price))
• Updated GROUP and FIELDS option descriptions across the API to document aggregate expression support
• Applies to all SQL database connectors (MySQL, PostgreSQL, SQL Server, Oracle, Snowflake, etc.)

MCP Desktop OAuth Success Page

• Added a post-redirect success page for desktop MCP OAuth flows — after completing authentication, users now see a confirmation page instead of a blank browser tab
• Improves the onboarding experience for Claude Desktop, Cursor, and other MCP desktop clients

MCP Server

Stability & Reliability

• Request timeout guards — Added timeout guards to MCP daemon requests to prevent PHP worker lockups when external requests fail or hang
• Global error handlers — Added process-level error handlers to prevent unhandled exceptions from crashing the MCP daemon
• Custom tool auth injection — DreamFactory authentication headers are now automatically injected into custom tool API requests, so custom tools can call DreamFactory-hosted services without manual auth configuration

OAuth & Authentication Fixes

• Fixed OAuth connection issue for Cursor IDE — Resolved compatibility problems when connecting Cursor to the DreamFactory MCP server
• Fixed duplicate scope keys in OAuth createCode calls that could cause authentication failures
• Fixed general MCP OAuth connection issue affecting desktop clients
• Fixed MCP tools disabling — Resolved an issue where toggling tools off in the admin UI was not being correctly persisted

Query Hints

• Added filter syntax hint for field names containing spaces — MCP tool descriptions now instruct AI agents not to quote or escape field names with spaces in filter expressions

Admin UI

Non-Sysadmin Database Filtering

• Enhanced logic for non-sysadmin users' database filtering by role — Resolved edge cases where certain database services were incorrectly shown or hidden based on the user's assigned role

OAuth Redirect Fix

• Fixed an issue where a stale redirect URL caused the login screen to become stuck between states, returning an empty response after OAuth redirect — the admin UI now properly detects and cleans up stale redirect URLs

Logging

Monolog v3 Compatibility

• Fixed log level conversion for Monolog v3 — Log levels are now properly converted to integers, resolving compatibility issues with the Monolog v3 API that expects integer severity levels instead of strings

Upgrade Notes

• MCP server users: The new aggregate_data tool is automatically available on all database services connected to your MCP server. No configuration changes are required.
• The server-side aggregate expression support in the fields parameter is backward-compatible — existing queries are unaffected.
• Standard upgrade process applies for all other changes.

DreamFactory v7.4.4 delivers an AI-optimized data model endpoint for LLM and MCP integrations, adds custom tool support to the MCP server, introduces granular MCP tool management in the admin UI, and includes fixes for Google OAuth group mapping, Azure AD role-per-app fields, and MCP OAuth redirect handling.

New Features

AI-Optimized Data Model Endpoint

• New _spec endpoint on database services — Returns a condensed ~14KB data model payload containing all tables, columns, types, primary keys, foreign keys, row counts, and structural patterns in a single response
• Automatic relationship pattern detection — Identifies self-referencing hierarchies (tree structures) and junction tables (many-to-many relationships) so AI agents can navigate complex schemas correctly
• ?model=true parameter for LLM-optimized compact output; ?stock=true toggle for enriched metadata including query templates, field semantic hints, and sample data
• spec_url added to the service listing response for programmatic discoverability

MCP Server Custom Tools

• Custom tool definitions — Admins can now define custom MCP tools that make HTTP requests to external REST APIs, with configurable parameters, HTTP methods, static headers, and auto-generated Zod schemas
• Custom tools management UI — New table view and inline add/edit form in the MCP service configuration page for creating and managing custom tool definitions
• 30-second request timeout and case-insensitive Content-Type handling for robust external API integration

MCP Server Tool Management

• Per-service and per-tool toggle controls — Enable or disable individual built-in MCP tools (database and file operations) directly from the admin UI
• New disabled_tools column in MCP server configuration for persistent tool state
• Role-based service discovery — MCP tool listing now respects DreamFactory role permissions, only exposing services and tools the authenticated user is authorized to access

Google OAuth Group-to-Role Mapping

• Switched from Google Admin SDK to Google Identity Provider for the group-to-role mapping workflow, improving compatibility and reducing configuration complexity
• Enhanced OAuth flow logging with appropriate log levels (info, warning, debug) for easier troubleshooting

Bug Fixes

Azure AD / Entra ID

• Fixed get and set inheritance for role-per-app fields in the Azure AD connector

MCP Server

• Fixed OAuth redirect passthrough — Changed from localStorage to sessionStorage for redirect auth URLs, resolving stale redirect issues
• Fixed N+1 query in syncToolsForService by bulk-fetching with keyBy
• Fixed text double-serialization in non-JSON custom tool responses
• Used forceDelete to avoid soft-delete and unique constraint conflicts when removing tools

Upgrade Notes

• MCP server users: A new database migration adds the disabled_tools column to the MCP server configuration table and a custom_tools table. Run php artisan migrate after upgrading.
• Google OAuth users: If you are using the map-group-to-role feature with Google, this release switches from the Google Admin SDK to Google Identity Provider. Verify your Google OAuth configuration after upgrading.
• Standard upgrade process applies for all other changes.

New Features

MCP Server Integration

• df-mcp-server v1.2.0 — Introduces ability to toggle on/off MCP tools from the MCP Server configuration page.