v0.1.4

Full Changelog: v0.1.3...v0.1.4

v0.1.3

What's Changed

• docs: add scan demo GIF and embed in README (#96) by @hello-args in #130
• feat(jailbreak): add live payload probing behind consent flag (#66) by @hello-args in #129
• feat(sast): add optional tree-sitter taint for Go and Rust (#91) by @hello-args in #128
• feat(discovery): add Go and Rust static MCP discovery (#67) by @hello-args in #127
• fix(scripts): idempotent branch protection ruleset (#79) by @hello-args in #124
• refactor(sigma): expose public compile and loader APIs (#80) by @hello-args in #125
• chore(deps): bump github/codeql-action from 3 to 4 by @dependabot[bot] in #115
• chore(deps): bump protobuf from 4.25.9 to 5.29.6 by @dependabot[bot] in #113
• fix(api): add rate limits, body caps, and scan concurrency (#85) by @hello-args in #126
• Require full test gate before PyPI releases (#72) by @hello-args in #131
• Paginate batch API scans and document rate limits (#86) by @hello-args in #135
• Pin GitHub Action install to uv.lock with configurable extras (#77, #69) by @hello-args in #134
• Rust rmcp tool discovery and auto language detection (#121) by @hello-args in #133
• Harden REST API auth and live scan consent (#84) by @hello-args in #132
• fix(scripts): CI gate exit codes for import_scanner_eval (#78) by @hello-args in #136
• fix(report): offline HTML reports without CDN loads (#88) by @hello-args in #137
• fix(action): single scan and upload SARIF artifact (#70, #76) by @hello-args in #138
• fix(scripts): CLI args and CI gate for behavioral regression (#81) by @hello-args in #143
• fix(tests): add httpx2 dev dep for Starlette TestClient (#99) by @hello-args in #139
• ci: integrate CLI smoke script into test gate (#74) by @hello-args in #140
• ci: run behavioral eval script in test gate (#73) by @hello-args in #141
• ci: enforce coverage threshold in test gate (#75) by @hello-args in #142
• ci: Python 3.11–3.13 test matrix (#71) by @hello-args in #144
• fix: trivial P3 — gitignore, ruff scripts src, mktemp cleanup (#98, #82, #83) by @hello-args in #145
• fix(vet): clarify missing PyPI versions by @Yurii201811 in #230
• fix(probe): Stop jailbreak probe from always reporting acceptance by @kraby-dev in #234
• Fail fast on invalid governance policy files by @Yurii201811 in #229
• Fix prompt template and SKILL.md scan noise by @caioribeiroclw-pixel in #146
• fix(readiness): fail when zero MCP tools are discovered (#181) by @hello-args in #240
• feat(fuzz): add remote protocol fuzz via --url for HTTP/SSE endpoints by @biswajit-satapathy1998 in #232
• fix(cli): allow mcts scan --url without TARGET (#189) by @hello-args in #235
• fix(pip-audit): surface skip reasons when audit cannot run (#185) by @hello-args in #237
• Add doctor optional toolchain checks by @amarjaleelbanbhan in #233
• fix(cli): validate live launch config before consent (#222) by @hello-args in #242
• fix(snapshot): exit 2 when live launch config is missing (#149) by @hello-args in #241
• fix(semgrep): report when SAST scan is skipped (#184) by @hello-args in #238
• fix(readiness): warn when optional OPA or LLM checks unavailable (#187) by @hello-args in #239
• fix(auto): error on ambiguous multi-config discovery (#188) by @hello-args in #236
• fix(cli): distinct HTML/SARIF paths for surface scan subcommands (#220) by @hello-args in #244
• fix(compliance): suppress MCP gap finding when no tools discovered (#208) by @hello-args in #246
• fix(cli): print score breakdown when CI min-score gate fails (#204) by @hello-args in #247
• fix(doctor): explain when --deep import checks are skipped (#211) by @hello-args in #245
• fix(cli): unify -o and --no-progress across doctor and scan subcommands (#156, #157, #158) by @hello-args in #249
• fix(supply-chain): parse pyproject deps and honor Python lockfiles (#151, #155, #160) by @hello-args in #248
• docs(vet): document pypi:package==version spec syntax (#159) by @hello-args in #250
• fix(discovery): exclude docs/prompts from default instruction discovery (#162) by @hello-args in #252
• fix(analyzers): classify SQL tools separately from file-access tools (#165) by @hello-args in #251
• fix(oauth): scope repo JSON URL analysis to OAuth config keys (#164) by @hello-args in #253
• Fix invalid static snapshot validation by @Yurii201811 in #228
• Fix T-1004 false positives in logging statements by @winkle05 in #147
• fix: surface missing [mcp] extra guidance by @ded-furby in #225
• fix: ignore requires-python in supply-chain scan by @ssmubc in #227
• fix: clarify category gate failure message for inclusive threshold by @laishettikarthik-tech in #231
• fix(cli): scope scan-resources to its own surface (#221) by @maxime2476 in #254
• Release v0.1.3 by @hello-args in #256

New Contributors

• @Yurii201811 made their first contribution in #230
• @kraby-dev made their first contribution in #234
• @caioribeiroclw-pixel made their first contribution in #146
• @amarjaleelbanbhan made their first contribution in #233
• @winkle05 made their first contribution in #147
• @ded-furby made their first contribution in #225
• @ssmubc made their first contribution in #227
• @laishettikarthik-tech made their first contribution in #231
• @maxime2476 made their first contribution in #254

Full Changelog: v0.1.2...v0.1.3

v0.1.2

What's Changed

• Feat/repo instruction discovery by @hello-args in #114

Full Changelog: v0.1.1...v0.1.2

v0.1.1

What's Changed

• docs: document single-file and repo-wide scan in README by @hello-args in #107
• [BUG] Live probe returns empty tool lists on partial MCP failures by @biswajit-satapathy1998 in #105
• chore: remove brand logo images from package by @hello-args in #109
• chore: restore brand logo images to package by @hello-args in #110
• docs: update setup uv@4 to @v7 in CI integration guide by @sachinML in #111
• Feat/shipped features split by @hello-args in #112

New Contributors

• @biswajit-satapathy1998 made their first contribution in #105

Full Changelog: v0.1.0...v0.1.1

v0.1.0

What's Changed

• ci: simplify workflow and add branch protection ruleset by @hello-args in #5
• ci: bump setup-uv to v7 in CI and release workflows by @hello-args in #6
• ci: enforce ruff format check in CI by @hello-args in #7
• Rename/redmcp to mcpvault by @hello-args in #8
• Rename/mcpaudit resolved by @hello-args in #11
• docs: add phased product roadmap for MCPAudit platform vision by @hello-args in #18
• chore(deps-dev): update mcp requirement from >=1.0.0 to >=1.27.2 by @dependabot[bot] in #17
• chore(deps-dev): update pytest-cov requirement from >=6.0.0 to >=7.1.0 by @dependabot[bot] in #16
• chore(deps): update pydantic requirement from >=2.10.0 to >=2.13.4 by @dependabot[bot] in #15
• chore(deps-dev): update pre-commit requirement from >=4.0.0 to >=4.6.0 by @dependabot[bot] in #13
• Chore/configure funding update by @hello-args in #19
• Update FUNDING.yml by @hello-args in #20
• Fix/merge main funding conflict by @hello-args in #23
• Refactor/rename to mcts by @hello-args in #26
• Integrate/mcts v1 readiness by @hello-args in #34
• Docs/sync scan flow and cli merge main by @hello-args in #37
• docs: remove status emojis from README and docs tables. by @hello-args in #39
• docs: remove status emojis from README and docs tables. by @hello-args in #40
• Docs/mcts product positioning merge main by @hello-args in #42
• Modify funding sources in FUNDING.yml by @hello-args in #45
• Feat/mcp scanner parity ruff fix by @hello-args in #48
• docs: sync documentation with shipped features and analyzer counts by @hello-args in #54
• docs: add security checks reference with examples for every analyzer by @hello-args in #56
• Fix/remove terminal score formula by @hello-args in #58
• chore: gitignore local issues folder by @hello-args in #100
• Docs/clarity improvements by @hello-args in #102
• Add issue labeling and creation guide for contributors. by @hello-args in #103
• Docs/issue labeling brand logos by @hello-args in #104
• fix: gate CrossServerAnalyzer in _is_enabled when inventory is empty by @sachinML in #59
• Feat/pypi packaging by @hello-args in #106

New Contributors

• @dependabot[bot] made their first contribution in #17
• @sachinML made their first contribution in #59

Full Changelog: https://github.com/MCP-Audit/MCTS/commits/v0.1.0