[release] v0.3.28 Release Highlights

[github-actions]

🌟 Release Highlights

This release (v0.3.28) focuses on security hardening of the WASM guard subsystem, expanded guard coverage for GitHub CLI operations, and a significant internal code-quality cleanup to improve reliability and maintainability.

✨ What's New

🛡️ WASM Guard Security Hardening (#7938)

The Wazero-based WASM guard runtime now enforces strict resource limits to prevent runaway guard execution:

• Memory cap: Guards are limited to a maximum memory allocation, preventing OOM scenarios from malicious or buggy guard code.
• Backend call limit: Guards can no longer make unbounded calls to backend systems.
• Interpreter-mode tests added to ensure guards behave correctly under constrained resources.

See Security Guide for details on guard architecture.

🔒 Expanded GitHub Guard Coverage (#7935, #7842, #7888, #7765)

Over 15 additional GitHub CLI-only operations now have explicit DIFC guard coverage, including:

• Issue, repository, and GitHub Projects v2 mutations
• SSH key and GPG key management (add_gpg_key, add_ssh_key)
• Code quality findings (get_code_quality_finding), UI operations (ui_get)
• Synthetic guard entries for operations that bypass normal tool-call paths

This ensures security policy is enforced consistently across all GitHub API surface area, not just the most common tool calls. See Guard Response Labeling.

🔐 Centralized TLS Configuration (#7841, #7834)

TLS configuration is now constructed through shared httputil helpers, ensuring a consistent minimum TLS version policy enforced gateway-wide. Previously, TLS settings were scattered across multiple construction sites with risk of divergence.

⬆️ Wazero v1.12.0 Upgrade (#7793)

The embedded Wazero WASM runtime has been upgraded to v1.12.0. The WASM compilation cache shutdown sequence has been hardened to prevent data corruption on abrupt process termination.

🐛 Bug Fixes & Improvements

• DIFC labeling gaps fixed (fix(guard): cover 4 DIFC labeling gaps — get_code_quality_finding, ui_get, add_gpg_key, add_ssh_key #7765): Four previously unlabeled tool responses (get_code_quality_finding, ui_get, add_gpg_key, add_ssh_key) now correctly propagate DIFC labels, closing gaps in information flow control enforcement.
• Rust guard commit_integrity improved ([rust-guard] Hoist commit SHA extraction in commit_integrity and add default-branch commit-context coverage #7939): Commit SHA extraction hoisted earlier in the call path; default-branch commit context now covered, eliminating a category of missed integrity checks.
• TOML gateway.port validation (Validate TOML gateway.port and cover config.example.toml #7792): The gateway.port field in TOML config is now validated at startup; invalid port values are caught early with a clear error message rather than silently failing later.
• Duplicate TLS declarations removed (Remove duplicate TLS declarations in internal/httputil #7887, fix: remove duplicate TLS helpers in httputil; add create-issue safe output to nightly schema updater #7884): Redundant TLS helper declarations in internal/httputil have been consolidated, eliminating the risk of diverging TLS behavior between code paths.

🔍 Observability

Debug logging has been extended to several previously opaque components:

• Proxy response transformation pipeline (proxy/response_transform.go)
• Proxy routing decisions (proxy/router.go)
• DIFC policy helper functions
• Shared server handler dispatch paths

Enable with DEBUG=proxy:*,server:* to trace request flow end-to-end. See Environment Variables for full DEBUG pattern syntax.

🐳 Docker Image

The Docker image for this release is available at:

docker pull ghcr.io/github/gh-aw-mcpg:v0.3.28
# or
docker pull ghcr.io/github/gh-aw-mcpg:latest

Supported platforms: linux/amd64, linux/arm64

---

For complete details, see the full release notes.

Generated by Release · 72 AIC · ⊞ 33.8K · ◷