tuannvm/mcp-trino releases

Changelog

• 0826355c686b50820e652333279422a318fc1562 fix: address CodeRabbit review comments post-merge
• 128a0bf8596984e1a6e20074a7957696ddf8e28c fix: move sanitization of queries to before newlines are removed

Changelog

• 704031307e5c6d55759a7d766d7accc3deceacd9 feat(cli): add dual-purpose CLI mode to mcp-trino (#168)

Changelog

• 860c39667315a291d65c3b60d7fdbc0837faec54 perf: add row limiting, precompile regexes, increase default timeout (#162)

Changelog

• a74a3a36341243a4b3fbbbcf2184454680769047 docs(auth): add programmatic authentication guide using mcp-remote token
• 0a77a278e8d0e9347960addceca92d79899598f6 feat(claude-plugin): add binary installer and plugin configs
• de96ae7e20454a934f7f4f4807bd21351fe71af5 feat: Add MCP tool annotations for LLM guidance (#148)

Changelog

• 8acc5c3c41ab5395bdd71aeb532d1ce7be981b08 Pr/tommynguyen vungle/142 (#143)

Changelog

• 2f81f575e88f6f3ed54d79226795f40c5fe69cdd feat: Implement Trino user impersonation and query attribution (#132)
• 0c2ee263406203e1334b1f174813846373b2e446 fix(trino): handle custom HTTP client registration errors

Changelog

• ad694cccf17f6d1e90058ed7f48858feb0c8ae3f chore(deps): bump github.com/mark3labs/mcp-go from 0.42.0 to 0.43.1 (#133)
• 25954a061b4cec34c9c035319dfc61cae360a662 chore(deps): bump github.com/tuannvm/oauth-mcp-proxy from 1.0.0 to 1.0.1 (#130)
• 0aabe4a11944d1421b6bd789a058822bf72e9412 chore(deps): bump the github-actions group across 1 directory with 3 updates (#134)
• 87916125117d07979bc2d12f261310bd00e6fe07 ci(add-cursor-workflow): Add Cursor code review workflow
• 07451feb63393ed9ebb884ef6404fe5152033b23 ci(cursor): harden workflow and update Cursor model version

Changelog

• f82f84c536f82e717ce55697621f65e1bd44730d chore(build): Update Go version to 1.24.9 in workflows and go.mod
• 06ab9e34467db6c03b4e6454158c64a30d6a1450 chore(deps): bump github.com/mark3labs/mcp-go from 0.41.1 to 0.42.0
• 110322baf736bc6b4f9240384f5930f4e0e8be01 chore(deps): bump github.com/tuannvm/oauth-mcp-proxy from 0.0.4 to 1.0.0 (#124)
• 0f83ab1da185f9b8b7ddbe6ac1ae87af5a356935 chore(deps): bump the github-actions group across 1 directory with 2 updates
• 276424e8af8bd7c58bd19518ead483ef546fb530 init commit to fix show create table perm (#123)

Changelog

• d008e3c68542d0792c614d085f426336de0ba609 build(update dependency): Bump oauth-mcp-proxy to v0.0.4
• 536733021d2728f099b31a76818bc388c004d740 chore(configmap): add OIDC_CLIENT_SECRET if specified
• 13e90f8484d664a5d2859ea113eafb3ed5fadf07 chore(go.mod): Update oauth-mcp-proxy to v0.0.3

Changelog

• e4e6c6aa73f497b0bd0b8176c50165d8d6f28d5a feat(config): Refactor OAuth configuration and enable flexible setup

Changelog

• 62b48a2ab99d1b7774deb7fc508c971e374c85b4 chore(go.mod): update Go version to 1.24 and replace oauth-mcp-proxy version
• 7b838e2b7035cebeb043870f8440400fe1bad3a7 chore: Remove internal oauth implementation and related tests (#119)

Changelog

• 829ead506604d416fbfe3d8ed8eb7361da000edb Strip trailing semicolon that Trino doesn't support and which was breaking validation (#115)
• e5013e75cd74398354fec468bcab787bee698fcd chore(deps): bump the github-actions group across 1 directory with 5 updates (#116)

Changelog

• 2eed0de3ba534ed0ba6c537507007d989f632e78 chore(README): Add detailed OAuth setup, security, and deployment info
• ab82ac11cf3822119957658a364fc67b965e790f fix(oauth): update JWKS URL for Okta verification endpoint

Changelog

• 6649044c6d49a1916e496655e5d603d8aa30f648 Pe 7414 trino oauth enhancement (#23)
• ee97377fa885ca513ed0a465bea49157d07240ad fix(metadata): Add scopes_supported to authorization server metadata
• 7ae42b9a634d4ef25beebac0a0f12c280aa160a2 fix(oauth): update Okta JWKS URL to conform with standard path
• dfa46a5c43f41ad726f89a4a42605ccb120a03fd fix(oauth): update authorization_servers to use Issuer URL
• d0cef33819ffbc8724431f88f43627944eb67cec fix(oauth): update registration endpoint URL and remove redirect URIs
• 5b9a25450aa15f6d158f8e86feb55b52fe9a4ae1 perf(handlers): implement HMAC signing and verification for state integrity (#24)
• 19d474e4922b294854d527e5ceb9e27ea0eda1c0 refactor(metadata): Update auth server URL based on mode and adjust JWKS URI
• f41e4866e62b9ccacfb568c62a0b418ceb95c417 refactor(oauth): add debug logs for client configuration type
• b3854b19f0f667a4d864574c9597e28b641bdd96 refactor(oauth): update metadata endpoints to use Okta URLs

Changelog

• 4e0fdc18016d8042a105e79b36a7bf537c99ea69 [PE-7414] Trino Whitelist (#22)
• 588605b0ef8aa3613239e01c482fa248a5989af8 ci(config): Add environment-based allowlist parsing and validation tests
• 1bb5d6134f9b909657987024f88a0f49d445ae97 fix(server): add multiple WWW-Authenticate headers for compatibility

What's Changed

• Merge Upstream by @tommynguyen-vungle in https://github.com/tuannvm/mcp-trino/pull/102

• Consolidating README installation/usage instructions with references to dedicated documentation guides

• Adding CORS headers and OPTIONS handling to OAuth endpoints for browser-based MCP client compatibility

• Fixing critical JWT audience validation bug in go-oidc library configuration

• Enhancing OAuth success page with security headers and proper HTML structure

• Updating deployment health check paths from / to /status across Kubernetes charts

• Adding detailed OAuth lessons learned documentation for browser client integration

Full Changelog: https://github.com/tuannvm/mcp-trino/compare/v2.3.2...v3.0.0

Changelog

• af0ec9333d44c2f1836dbde4ea9cd7123c5eb1e7 fix(oidc): add explicit audience validation in token claims validation (#100)

Changelog

• 1c61c0fbb97e0bf6536acf055902722c34a668f0 Merge branch 'main' into patch-1
• 1232de6bae08993c727358d4c78585185a26486f Merge pull request #98 from ovaladares/patch-1
• 5490fc01e4e1a2703c2face0b92beef152cea3d9 Refactor OAuth2 configuration handling
• 112a59e4c54df2850528550509f263a6e0a50f6b Remove redundant oauth2Config initialization
• 4ee6e6e8947160273fe73c830ae8abb747c80442 refactor(server): update MCP_URL to automatically include scheme

Changelog

• 4161587f4252964db72702be5c513d660f14925b feat(oauth): add redirect URIs for mcp-remote compatibility (#5)
• 2673e1a347e1f8b8c5427cf525664c2859dbca0e feat(oauth): allow client registration of redirect URIs (#6)
• 5d8459383a9e0fd189021bbfccfdc03abfa31c4a fix(oauth): hash JWT tokens in logs to prevent sensitive info exposure (#8)
• d2933d97ac5c8dc71e347fd0fa556877432a761b fix: patch SQL write operation detection bypass vulnerabilities (#10)
• d06b3f9fa00726eed91566c643af91c52167ea4a perf(oauth): Add audience validation to HMAC token validation logic (#9)

Changelog

• 9d329d2ead3b28f7ce24362476cc2ad6fbc5e612 chore(deps): bump github.com/mark3labs/mcp-go from 0.37.0 to 0.38.0 (#87)
• dd3509ece1749933dab3c8bcd92306116156b718 chore(deps): bump github.com/trinodb/trino-go-client (#81)
• 0be6dfc0be521655bf3652ef54850d15b8394f53 chore(deps): bump the github-actions group with 2 updates (#82)
• 677040986bd85b66bc70e48324f2a43ff1e4e85d merge upstream (#86)
• 232cbfafb2c22d2e55b47a74cf88a8e7de9c4d7e test(mcp): Update test for MCP handlers to reflect changes

Changelog

• 0133f1dcd6ab490599c1fb100f1bd1bae1b1860e Feat/additional tools (#85)

Changelog

• 0455cd026112f3d2a95ed1b0900dedd2841647d7 Fix Redirect URI (#84)
• 2e95e1f449bee08ec9ed698555be23a7a09baaa2 Merge Upstream (#80)
• 2e021d3c14a1ecf25cbf0bdb3765c95639f61c9d Update release.yml
• d52d7b9ca06db26db872bc799d1be28db9cfac68 chore: remove CHANGELOG.md file

Changelog

• 191b493be252bd1944c1b4f4fa7a8443010eb03f Add MCP Catalog Trust Score badge (#79)
• 1c43476fc931dc3f5102d5ba339466224f9ee90d chore(deps): bump github.com/coreos/go-oidc/v3 from 3.14.1 to 3.15.0 (#70)
• ad0a2f963254ec773773728c9bd45a61acc22bee chore(deps): bump github.com/mark3labs/mcp-go from 0.34.0 to 0.37.0 (#78)
• 7b1848a954b359ed4ae8c27fba3715ce030e580b chore(deps): bump github.com/trinodb/trino-go-client (#72)
• 7ba05f3b796a6229916c1c78b1a5cff55e1c3a69 ci(workflow): update release workflow name

Changelog

• 5d05cea31ecc7eda435c7d9529ccfe879a1de183 Fix Oauth implementation (#74)
• 463492771c7d34c2c472e8f8dbf2c9dd09f52919 chore(deps): bump anchore/sbom-action in the github-actions group (#67)
• 3fae1fb82705d2264b9c4d8309f11bbf8cebc061 chore(deps): bump github.com/golang-jwt/jwt/v5 from 5.2.3 to 5.3.0 (#71)
• d013d742c7c6ebf6828db2da509a3a234c8dbd8e fix: upgrade Go version to 1.24.6 to resolve GO-2025-3849 vulnerability (#77)

Changelog

• 6e2bfbd0acd833466402cb42e7d1850854e21678 chore(ci): update workflow name to "Create Release"
• 6e0197ea21c09779cec3758fa3cffa4d2e7ba9bb docs(charts): add Helm chart documentation and configuration files (#66)

Changelog

• 5f16061437cef36fc7b04217677c56d4e94e2714 Merge pull request #64 from tuannvm/dependabot/go_modules/github.com/golang-jwt/jwt/v5-5.2.3
• 57cd7c21ab206ebe0c35170ee9312ccd29eb6202 Merge pull request #65 from tuannvm/dependabot/go_modules/github.com/trinodb/trino-go-client-0.326.0
• 7ff21bcb935215e0fa2c12ba7da3284cec73948e chore(deps): bump github.com/golang-jwt/jwt/v5 from 5.2.2 to 5.2.3
• c14b97fde8605935ad2172c4ff632569bb2ec225 chore(deps): bump github.com/trinodb/trino-go-client

Changelog

• be678b62575df1654217de00522d15b2c8211a46 Merge pull request #63 from tuannvm/feat/sso-oauth-support

Changelog

• b85b12218f994cd16cfcdcaf042289dcf29e82ad Merge pull request #57 from tuannvm/dependabot/github_actions/github-actions-8b6d567b46
• 1f52798f7567ee6d0f929438dcdf6d6cd8420d92 Merge pull request #59 from tuannvm/dependabot/go_modules/github.com/trinodb/trino-go-client-0.325.0
• 9743b68cafdc3f4480353c9f166dc31bf7612a2a Merge pull request #61 from tuannvm/feat/oauth-support
• 80a74a3394555e51df85b2c7d6173505487d26da Merge pull request #62 from tuannvm/add-claude-github-actions-1752561517958

Changelog

• 9af0ab888ed6876f35d5065616c44bf242a77942 Add Claude Code OAuth workflows
• c9f8ba8499e4af97f5e7b3f2267bfa424820635e Fixing issues in GetTable Schema function and IsReadonly query functions.
• a19bd45c0ecea3649c64229d4904e1efedb13ba2 Merge branch 'main' into bugfixes
• 762812118c87cee62ca2d493c257f28a70ab5ea2 Merge branch 'tuannvm:main' into bugfixes
• bd3b77ee4040bd3ccbef67e4ec5d90cd7e4293bc Merge pull request #50 from petrtsatsin-branch/bugfixes
• 9298cae14031a3d952d34153ccb1b0bc5542dd03 Merge pull request #51 from tuannvm/dependabot/github_actions/github-actions-4109f9774f
• f2fb42f3d2b3f3b1384434e884efa657d4f512aa Merge pull request #55 from tuannvm/chore/update-claude-md
• 3773b5adae40f0fac3d1a696f15e38ff940f0586 build(makefile): add DXT packaging with multi-platform build targets
• 0b51074507b9d548bf989d81e3ec5fc84adc5acd chore(deps): bump the github-actions group across 1 directory with 2 updates
• 20ef320641a7a11635d72de4c64e133b1277a8df chore(gitignore): add server/ to .gitignore
• 2c80a7f59d747f9aca0fa05f94515af30a58ecb3 chore: add .dxtignore for excluding unnecessary files
• db4d5b9639ad4cf5b739af74bc447234cb69472c ci(workflow): update model to claude-sonnet-4-20250514
• 7d7d4e2637c5b2e56af18746aa4227342c9f2fa6 feat(install): add one-liner installer for macOS and Linux
• 0d5d8910069bded841ebfafd835cd58978873335 feat: add manifest.json for mcp-trino project configuration
• ceb14d950065129f759756f1b488c23259479dd4 fix(manifest): add execution permissions for binary commands

Changelog

• c3bda3344ee6da07ad92a019a0317697ea6b30fb build(docker): specify target platform in Dockerfile

Changelog

• 6ed7a849d28d81f61efcee1ec1a38f46533b800a ci(release): improve caching and environment vars in workflow and Dockerfile

Changelog

• 2dcd2737808b2357ec96003c3f507f3d21611721 Add the missing params for tool get_table_schema
• d1fb1a6ac7f6ca1a2acb066b7c3651c8af54ce93 Merge pull request #54 from frdeng/fix-get-table-schema-params
• 17492575e1624b0ddb9f2081e1ba634c9c635fa6 ci(workflows): add checks write permission to build workflow
• 36327ccbdd58785de10954649b7d99b874aca8ad refactor(Dockerfile): update build command path

Changelog

• 5d2065f82aee71f2c861274ce6197c49725907a0 ci(release): update goreleaser version to latest