π Release Highlights
This release delivers a critical stability fix for the WASM security guard alongside internal code quality improvements that keep the codebase lean and efficient.
π Bug Fixes & Improvements
- Critical: WASM guard session poisoning on multi-byte UTF-8 content (#3713) β The WASM guard could panic when a tool response preview contained multi-byte UTF-8 characters (CJK text, emoji, accented characters). A byte-index slice across a character boundary triggered a Rust panic that became a WASM trap, permanently poisoning the guard instance and causing all subsequent MCP calls to fail with "WASM guard is unavailable after a previous trap". Fixed by using
str::floor_char_boundary()for safe UTF-8-aware truncation at all three preview sites. Discovered in a real-world workflow processing Chinese-language content.
π§ Internal Improvements
- Reduced redundant WASM allocations (#3710) β Eliminated a duplicate
extract_repo_infoJSON parse in theget_file_contentsarm of the Rust guard, matching the pattern used by every other arm and reducing unnecessary allocations in the WASM runtime. - Dead code removal (#3701) β Removed an unreachable match arm in
collaborator_permission_floorand an unusedMEDIUM_BUFFER_SIZEre-export, eliminating a lint suppression in the process.
π³ Docker Image
The Docker image for this release is available at:
docker pull ghcr.io/github/gh-aw-mcpg:v0.2.19
# or
docker pull ghcr.io/github/gh-aw-mcpg:latestSupported platforms: linux/amd64, linux/arm64
For complete details, see the full release notes.
Generated by Release Β· β 156.6K
What's Changed
- [Repo Assist] fix(rust-guard): remove redundant match arm and unused MEDIUM_BUFFER_SIZE re-export by @github-actions[bot] in #3701
- rust-guard: make LogLevel private and deduplicate extract_repo_info call by @Copilot in #3710
- fix(guard): use UTF-8 safe string truncation in output preview logging by @lpcox in #3713
Full Changelog: v0.2.18...v0.2.19
Contributors
lpcox