v1.0.0-RC1 - Security Hardening, Enterprise Controls & Quality

This release delivers enterprise security hardening, comprehensive RBAC improvements, and production-quality enforcement with 189 issues resolved.

🏆 Major Achievements

Release 1.0.0-RC1 hardens ContextForge for enterprise production deployments:

🔐 31 Features - Enterprise security controls, unified policy decision point (Cedar/OPA), tool circuit breakers, session affinity, zero-config TLS, elicitation support, unified search, self-service password reset, license compliance, encoded exfiltration detector, flexible UI sections
🔧 106 Bug Fixes - Authentication flows, RBAC, Admin UI, MCP protocol, team management, multi-tenancy, pre-commit hooks, pagination, token handling, migration compatibility, SSO/OAuth, session affinity
🛡️ 4 Security Hardening - ReDoS protection in validators and plugins, WebSocket token validation, encryption and secrets testing
⚡ 9 Performance - Plugin regex precompilation, crypto threadpool offload, Cedar async, llm-guard optimization
🧪 14 Testing - 80%+ code coverage gate, JMeter baseline, Playwright improvements, manual test plans, local load testing, edge-case boundary conditions, iFrame mode
🔧 22 Chores - SonarQube cleanup, dependency updates, Helm improvements, linting fixes, CI/CD migration validation, template scaffolding
📝 3 Documentation - Password reset guide, contributing guide fixes

Security Highlights: This release overhauls authentication defaults to be secure by default. JWT tokens now require JTI and expiration claims, basic auth is disabled for API endpoints, public registration is off by default, and admin lockout protection is enforced. Enterprise security controls add credential protection, SSRF prevention, and granular RBAC.

⚠️ Breaking Changes

🔐 Streamlined Authentication Model & Secure Defaults (#2555)

Action Required: Multiple authentication defaults have changed to secure-by-default values.

Token Validation Defaults

REQUIRE_JTI now defaults to true - JWT tokens must include a JTI claim for revocation support
REQUIRE_TOKEN_EXPIRATION now defaults to true - JWT tokens must include an expiration claim
PUBLIC_REGISTRATION_ENABLED now defaults to false - Self-registration disabled by default

Migration: Existing tokens without JTI or expiration claims will be rejected. Generate new tokens with python -m mcpgateway.utils.create_jwt_token which includes these claims by default.

AdminAuthMiddleware

Added API token authentication support for /admin/* routes
Added platform admin bootstrap support for initial setup scenarios
Unified authentication methods with main API authentication
Admin UI uses session-based email/password login

Basic Auth Configuration

API_ALLOW_BASIC_AUTH now defaults to false - Basic auth disabled for API endpoints by default
DOCS_ALLOW_BASIC_AUTH remains false by default
Gateway credentials scoped to local authentication only

Migration: If you use Basic auth for API access, either:

(Recommended) Migrate to JWT tokens: export MCPGATEWAY_BEARER_TOKEN=$(python -m mcpgateway.utils.create_jwt_token ...)
Set API_ALLOW_BASIC_AUTH=true to restore previous behavior

Note: Gateways without configured auth_value will send unauthenticated requests to remote servers. Configure per-gateway authentication for servers that require it.

Cookie Authentication Rejected for API Requests

API endpoints now reject cookie-only authentication with HTTP 401
All API requests must use Authorization header (Bearer token, API key, or Basic auth if enabled)
Admin UI session cookies continue to work for /admin/* routes

SSO Redirect Validation

Redirect URI validation uses server-side allowlist
Validates against ALLOWED_ORIGINS and APP_DOMAIN settings

🔑 JWT Session Token Format Change (#2757)

Action Required: Session JWT tokens (login/SSO) no longer embed teams or namespaces claims.

Session tokens now use a token_use: "session" claim to signal server-side team resolution
Teams are resolved from the database/cache on each request instead of being embedded in the token
Reduces JWT cookie size to stay within browser 4KB limit for users with many team memberships

Migration: If your clients parse JWT session tokens to extract team membership, switch to the /auth/email/me endpoint or server-side team resolution. API tokens still embed teams claims as before.

📋 Strict JSON Schema Validation (#2348)

Action Required: Invalid JSON schemas are now rejected at registration time.

JSON_SCHEMA_VALIDATION_STRICT now defaults to true - Invalid JSON schemas rejected with HTTP 400
All schemas default to Draft 2020-12 validator if $schema field is missing
Affects POST/PUT on /tools, /prompts, /resources endpoints

Migration: Validate existing tool/prompt/resource schemas before upgrading. Set JSON_SCHEMA_VALIDATION_STRICT=false to temporarily restore permissive behavior while fixing schemas.

🛡️ SSRF Protection Enabled by Default (#2663)

Action Required: Gateway and tool URLs pointing to private/internal networks are now blocked.

SSRF_PROTECTION_ENABLED now defaults to true
Default blocklist includes cloud metadata endpoints (169.254.169.254), Kubernetes service IPs, and link-local addresses
Configurable via SSRF_BLOCKED_NETWORKS and SSRF_BLOCKED_HOSTS

Migration: If your gateways or tools connect to internal services, add them to the allowlist or set SSRF_PROTECTION_ENABLED=false. Review SSRF_BLOCKED_NETWORKS for your environment.

🔒 Admin Demotion Protection (#2763)

PROTECT_ALL_ADMINS now defaults to true - Prevents any admin from being demoted, deactivated, or locked out via API/UI
Set PROTECT_ALL_ADMINS=false to allow demoting all-but-last-admin (previous behavior)

👥 Mandatory Default Role Assignment (#2694, #2741)

All users now receive default RBAC roles upon creation or migration
Admin users: platform_admin (global) + team_admin (team scope)
Non-admin users: platform_viewer (global) + team_admin (team scope)
Database migration automatically assigns roles to existing users

Migration: Run alembic upgrade head to apply the role assignment migration. Review assigned roles in Admin UI after upgrade.

🌐 RFC 9728 OAuth Protected Resource Metadata (#2706)

Action Required: OAuth Protected Resource Metadata endpoint URLs have changed for RFC 9728 compliance.

GET /.well-known/oauth-protected-resource?server_id={id} now returns HTTP 404 (previously returned metadata)
GET /servers/{id}/.well-known/oauth-protected-resource now returns HTTP 301 redirect to the new path
New canonical endpoint: GET /.well-known/oauth-protected-resource/servers/{UUID}/mcp
Response field authorization_servers is now a JSON array (was a string)

Migration: Update MCP clients and integrations to use the new path-based endpoint. Ensure clients handle the authorization_servers field as an array.

🔑 Token Expiration Enforced at Creation (#2898)

Action Required: Token creation now rejects tokens without expiration when REQUIRE_TOKEN_EXPIRATION=true (the default).

POST /tokens returns HTTP 400 if expires_in_days is not provided
Previously, REQUIRE_TOKEN_EXPIRATION only validated incoming tokens at authentication time

Migration: Update any automation or scripts that create tokens via the API to include expires_in_days. Set REQUIRE_TOKEN_EXPIRATION=false to restore previous behavior.

🔒 Account Lockout Defaults Changed (#2628)

MAX_FAILED_LOGIN_ATTEMPTS default changed from 5 to 10
ACCOUNT_LOCKOUT_DURATION_MINUTES default changed from 30 to 1

Migration: If your deployment relies on specific lockout thresholds for compliance, set MAX_FAILED_LOGIN_ATTEMPTS and ACCOUNT_LOCKOUT_DURATION_MINUTES explicitly in your .env.

🖼️ X-Frame-Options Empty String Behavior (#2958)

Setting X_FRAME_OPTIONS="" (empty string) previously fell through to DENY (blocking iframe embedding)
Empty string is now normalized to None, which omits the header entirely and allows iframe embedding from any origin

Migration: If you intend to block iframe embedding, set X_FRAME_OPTIONS=DENY explicitly. Use X_FRAME_OPTIONS=SAMEORIGIN to allow same-origin iframes only.

🔐 Encryption Service v2 Format (#2724)

New secret encryptions use v2:{json} format with Argon2id-derived keys (old PBKDF2HMAC format still readable)
encrypt_secret() now raises AlreadyEncryptedError if called on already-encrypted data
decrypt_secret() now raises NotEncryptedError if called on plaintext data

Migration: Custom plugins or extensions calling EncryptionService.encrypt_secret() or decrypt_secret() directly must handle the new exceptions. Use decrypt_secret_or_plaintext() for idempotent decryption behavior.

📊 Admin UI Behavior Changes

Non-admin users no longer see admin-only menu entries (#2675)
Delete and Update buttons hidden for public MCP servers created by other users/teams (#2760)
Token-scoped filtering enforced on list endpoints - results filtered by token's team scope (#2663)

✨ Highlights

🔐 Enterprise Security Controls

Credential protection, SSRF prevention, and granular multi-tenant isolation

This release introduces a comprehensive enterprise security layer with defense-in-depth controls:

SSRF Prevention - Blocks requests to private networks, cloud metadata endpoints, and link-local addresses
Credential Protection - Secure defaults for JWT validation, token expiration, and basic auth
Multi-Tenant Isolation - Token-scoped filtering enforces team boundaries across all list endpoints
Admin Lockout Protection - Admin accounts protected from lockout via failed login attempts

🏛️ Unified Policy Decision Point (Cedar/OPA)

Pluggable authorization engine supporting Cedar, OPA, and native policy evaluation

A new policy abstraction layer (#2223) enables enterprise authorization decisions through Cedar policies, OPA rules, or the built-in native RBAC engine.

⚡ Tool Circuit Breaker & Timeouts

Configurable timeouts with circuit breaker pattern for tool invocations

New resilience controls (#2078) prevent cascading failures from slow or failing downstream MCP servers with configurable timeouts and automatic circuit breaking.

🔗 Session Affinity

Sticky sessions for stateful MCP workflows

Session affinity (#1986) ensures stateful MCP interactions are routed to the same backend server, enabling reliable multi-turn tool workflows.

🔍 Unified Search Experience

Cross-entity search across all MCP Gateway resources

Unified search (#2109) provides a single search interface across tools, prompts, resources, servers, gateways, and agents in the Admin UI.

🔒 Self-Service Password Reset

Forgot password flow for self-service password recovery

Users can now reset their passwords (#2542) through a self-service workflow without requiring administrator intervention.

📡 Elicitation Support (MCP 2025-06-18)

Interactive user input during tool execution per MCP specification

Elicitation support (#234) enables MCP servers to request additional user input during tool execution, following the MCP 2025-06-18 specification.

🆕 Added

🔐 Security & Policy

Enterprise Security Controls (#2663) - Credential protection, SSRF prevention, multi-tenant isolation, and granular RBAC
Unified Policy Decision Point (#2223) - Cedar/OPA/native policy abstraction for authorization decisions
Extensible Default Roles (#2187) - Add additional roles during bootstrap via configuration
Admin Lockout Protection (#2763) - Admin accounts protected from lockout via failed login attempts
Self-Service Password Reset Workflow (#2542) - Forgot password flow for self-service password recovery
Encoded Exfiltration Detector Plugin (#2953) - Suspicious encoded payload leak prevention plugin

🔌 Plugins & Extensibility

External Plugin STDIO Launch Options (#2535) - Configure cmd, env, and cwd for external plugin processes
Tool Invocation Timeouts & Circuit Breaker (#2078) - Configurable timeouts with circuit breaker pattern for tool invocations
Improved MCP Server Catalog Registration (#2644) - Broader catalog server compatibility
JWT Claims and Metadata Extraction Plugin (#1439) - Plugin for extracting JWT claims and metadata
Rust Secrets Detection Plugin (#2729) - Rust implementation for secrets detection plugin

🏗️ Infrastructure & Deployment

Zero-Config TLS for Nginx (#2571) - Docker Compose profile for automatic TLS setup
MCP Client (MCP Inspector) (#2198) - Integrated MCP Inspector in docker-compose for debugging
Helm Persistence Support (#1308) - Optional PVC persistence for PostgreSQL and Redis in Helm charts
Rocky Linux Setup Script (#2193) - Setup script variant for Rocky Linux deployments
Rust Filesystem Server (#266) - Sample MCP server in Rust
Keycloak SSO for Development (#2875) - Keycloak added to docker-compose with SSO enabled by default for development testing
Automated License Compliance Checker (#2939) - CI/CD validation with full SBOM scanning across all sub-projects

🎛️ Features

Session Affinity (#1986) - Sticky sessions for stateful MCP workflows
Keyboard Handlers (#2167) - Keyboard navigation for interactive UI elements
Elicitation Support (MCP 2025-06-18) (#234) - Elicitation support per MCP 2025-06-18 specification
Admin UI Search for Tools (#2076) - Search capabilities for tools in admin UI
Unified Search Experience (#2109) - Unified search across MCP Gateway admin UI
Dynamic Tools/Resources (#2171) - Dynamic tools and resources based on user context and server-side signals
Slow Time Server (#2783) - Configurable-latency MCP server for timeout, resilience, and load testing
Custom Tool Descriptions (#2893) - Maintain custom and original description for tools
Team Member Backend API (#2905) - New backend API to add a team member
Flexible UI Sections (#2075) - Flexible UI sections for embedded contexts

🧪 Testing & Quality

80%+ Code Coverage Gate (#2625) - CI/CD enforcement of code coverage thresholds
90% Coverage Quality Gate (#261) - Automatic badge and coverage report publication
REST API Data Population Framework (#2759) - tests/populate framework for seeding test data
JMeter Performance Baseline (#2541) - JMeter load testing configuration and baselines
Jest/Vitest Infrastructure (#2788, #2789) - JavaScript test runner setup for frontend tests
Playwright Resilience (#2632) - Improved E2E test stability and developer experience
Gateway Namespacing Regression Tests (#2520) - Regression tests for namespace constraints
Manual Test Plans (#2396, #2404, #2443, #2499) - Security headers, security logger, tags, and documentation site test plans
RBAC Automated Regression Suite (#2387) - Automated regression tests for visibility, teams, and token scope
MCP 2025-11-25 Protocol Compliance Test Suite (#2525) - Protocol compliance test suite
Lightweight Local Load Testing (#2815) - Lightweight local load testing and monitoring setup
Edge-Case Boundary Testing (#2487) - Boundary conditions, empty states, maximum limits, and null handling test plan
iFrame Mode Testing (#2492) - iFrame mode (X-Frame-Options) test plan

🐛 Fixed

🔐 Authentication & Authorization

Admin Login Redirect Loop (#2806) - Fixed redirect loop behind reverse proxy without path rewriting
SECURE_COOKIES Login Loop (#2539) - Fixed login loop when SECURE_COOKIES=true with HTTP access
Non-Admin Login Blocked (#2590) - Users without admin privileges can now login via UI and API
Missing Default Role Assignment (#2694, #2741) - Users assigned correct RBAC roles to access Admin UI
RBAC Token Creation Crash (#2821) - RBAC middleware no longer crashes during token creation
API Tokens Cannot Manage Tokens (#2870) - Removed overly restrictive interactive session guard
SSO AttributeError on app_domain (#2873) - Fixed AttributeError crash in SSO redirect validation; also fixed CORS origins producing malformed URLs
JWT CLI/API Divergence (#2261) - Token creation consistent between CLI and API
SSO Admin Role Revocation (#2331) - Admin role revoked when user removed from IdP admin group
SSO Admin Token Bypass (#2386) - SSO admin tokens no longer include teams key that prevented admin bypass
Proxy Auth Ignored (#1528) - Proxy-based authentication configuration now respected
Non-Admin Gateway Listing (#2185) - Non-admin users can list public gateways
Token Scoping (#2192) - Fixed token scoping behavior
Multi-Team Access Denied (#2189) - Multi-team users no longer denied access to non-primary teams
Account Lockout Issues (#2628) - Fixed lockout counter persistence, added user notification and admin unlock
Virtual Server Permission (#2697) - Virtual MCP Server no longer incorrectly requires servers.create permission
OAuth Protected Resource RFC 9728 (#2706) - Endpoint now RFC 9728 compliant
Admin Self-Demotion (#2794) - Admin users can no longer remove their own administration privileges
New Admin Missing Permissions (#2803) - New admin users receive admin.dashboard permission correctly
Token No Expiration 401 (#2836) - Token created with no expiration no longer returns 401
Login Page Inside Active Tab (#2874) - Login page no longer appears inside active module tab
Team Token Creation API (#2882) - Fixed inability to create team token using APIs
Team Server 403 Error (#2883) - Fixed 403 error when adding MCP server from team
Platform Admin Gateway Delete (#2891) - Platform admin no longer blocked by RBAC on gateway delete
Team Default Role (#2908) - Teams can deploy gateways with developer as default role
RBAC Role DELETE 500 (#2917) - RBAC role DELETE no longer returns 500
Error Creating API Token (#2725) - Fixed error when creating API token
OAuth2 Entra v2 Scope Conflict (#2881) - Fixed OAuth2 with Microsoft Entra v2 (AADSTS9010010)
SSO Bootstrap jwks_uri (#3010) - Fixed SSO provider bootstrap failure due to jwks_uri
Session Affinity server_id (#2973) - Fixed server ID context being dropped during stateful session processing

👥 Multi-Tenancy & Teams

list_teams Null DB (#2608) - Fixed current_user_ctx["db"] always being None
Admin Team Visibility (#2673) - Admins can see all teams again
JWT Cookie Size (#2757) - JWT cookie no longer exceeds browser 4KB limit
Team Member Add (#2676) - Add Member button works for user role
Team Member Role Switch (#2677) - Team owners can switch members between owner and member roles
New Team Display (#2690) - Newly created teams display immediately
Teams List Pagination (#2799) - Teams list no longer resets to page 1 after CRUD
Team Creation Error Handling (#2800) - Removed redundant HX-Retarget headers
Team Member Updates Require Refresh (#2811) - Team add/remove updates display without page refresh
Team Manage Members Modal (#2930) - Fixed height auto-expanding modal blocking save changes
Team Filter Lost During Pagination (#2932) - Team filter no longer lost during pagination

📊 Admin UI

Virtual Server Save (#2273) - Virtual server configuration saves correctly after edit
Observability Dark Mode (#2324) - Fixed dark mode for observability pages
User Update Overwrites (#2658) - Admin user update no longer overwrites fields with None
User Update via UI (#2545, #2693) - Edit user works correctly, mandatory fields no longer cause full name loss
User Creation (#2523, #2524) - Can create inactive users and users with password_change_required
API Token CRUD (#2573) - Token create/update now saves correct data
User Update Error Display (#2805) - API error messages displayed when updating a user
Auth Email Endpoint (#2700) - Fixed 422 error on /auth/email/me
Password Checker (#2702) - Password requirements checker works on user edit
Prompt ID Visibility (#2656) - prompt_id now visible in UI
Tool Description Encoding (#2710) - Tool descriptions display correctly
Button Text Overlap (#2681) - Authorize and Fetch tool texts no longer overlap
MCP Server Add Parse Error (#2562) - Fixed JSON parse error in admin.js
iFrame Embedding (#2777) - Admin UI works when embedded in an iframe
Browser Autocomplete Credentials (#2626) - Browser autocomplete no longer incorrectly fills fields
API Tokens Pagination (#2764) - API Tokens page now has pagination and correct team filter
Agents Double Spinner (#2887) - Agents page no longer shows double loading spinner
Select Team Visibility Default (#2920) - Team visibility selected as default when creating resources
HTML Tags in Server Listing (#2923) - HTML new line tags no longer appearing in server listing
Inconsistent Loading Messages (#2946) - Loading messages now consistent across all pages
Pagination Behind Reverse Proxies (#2845) - Pagination no longer breaks behind reverse proxies
Raw JSON Error on Deleted User (#2965) - Redirects to login instead of showing raw JSON error
API Tokens Usage Stats (#2572) - Last Used and Usage Stats now show data correctly

🔧 MCP Protocol & Tools

Tool Schema Breakage (#1430) - REST API tools with incorrect input schema no longer break GET tools
Schema Validation Strictness (#2348) - Rejects invalid schemas at registration time
SSE Transport (#1595) - Fixed incorrect endpoint and data parsing
OAuth Gateway Tool Loss (#2272) - Virtual servers using OAuth gateways no longer lose tools
Tag Filter 500 (#2329) - Tag filter on tools list no longer returns 500
Root Actions (#2346) - Fixed broken root actions
Pydantic Validation (#2512) - Tool invocation no longer fails with Pydantic validation errors
Underscore Tool Names (#2528) - Tool names starting with _ can be added to gateway
Gateway Tags Empty (#2563) - Fixed type mismatch between schema and validation layer
MCP Error Propagation (#2570) - Error messages now propagated in /mcp endpoint responses
Backtick Validation (#2576) - Loki query tools no longer rejected due to backtick validation
stdio LimitOverrunError (#2591) - Fixed LimitOverrunError with translate for stdio servers
PostgreSQL Tag Queries (#2607) - No longer uses SQLite-specific json_extract on PostgreSQL
Resource Plugin Ordering (#2648) - RESOURCE_POST_FETCH plugins execute after template resolution
A2A Agent Test (#2544) - A2A Agent "Test Agent" no longer returns HTTP 500
MultipleResultsFound on Tool Invoke (#2863) - Fixed name-only lookup in DbTool
Selective Export AttributeError (#2916) - Selective export no longer crashes on Tool.rate_limit
Toolkit Import Blocks Retry (#2987) - Failed toolkit imports no longer block subsequent attempts
MCP Toolkit Invocation Error (#2781) - Fixed MCP toolkit tool invocation error

🗄️ Database & Sessions

RBAC Session Duration (#2340) - RBAC middleware no longer holds sessions for entire request
Permission Query Redundancy (#2695) - Eliminated redundant queries in PermissionService.check_permission()
DCR Expiration (#2378) - Fixed missing expires_at calculation in DCR client registration
Migration Compatibility (#2955) - Fixed migration compatibility issues

⚡ Stability

CPU Spin Loop (#2360) - Fixed anyio cancel scope spin loop causing 100% CPU
Granian CPU Spike (#2357) - Fixed Granian CPU spikes to 800% after load stops
DB Session Pool Exhaustion (#2518) - DB sessions released during external HTTP calls
asyncio.CancelledError Re-raise (#2163) - Re-raise asyncio.CancelledError after cleanup

🐳 Deployment & Infrastructure

SSL Container Stuck (#2526) - Gateway container no longer stuck at "Waiting" with SSL enabled
TLS Passphrase Support (#2679) - TLS profile supports passphrase-protected certificates
Playwright Login Credentials (#2136) - Playwright tests updated for admin email/password login
Gunicorn macOS SIGSEGV (#2837) - Fixed gunicorn workers crashing with SIGSEGV on macOS
Gunicorn macOS Fork Safety (#2926) - Fixed worker crashes on macOS due to Objective-C fork safety

🔨 Linting & Pre-commit

Executable Shebangs (#2731, #2732) - Fixed check-executables-have-shebangs and check-shebang-scripts-are-executable
Private Key Detection (#2733) - detect-private-key hook excludes test fixtures
Multi-Document YAML (#2734) - check-yaml hook supports multi-document YAML
Test Name Patterns (#2735) - name-tests-test hook excludes test utility files
Flaky Tests (#2521) - Fixed TTL expiration and tool listing test flakiness
Locust False Failures (#2566) - Load tests no longer report false failures for 409 Conflict

🔒 Security

ReDoS in SSTI Validation (#2366) - Fixed ReDoS vulnerability in SSTI validation patterns in validators.py
ReDoS in Plugin Regex (#2370) - Fixed ReDoS vulnerability in plugin regex patterns
WebSocket Token Validation (#2375) - Added missing token validation in reverse_proxy WebSocket endpoint
Encryption and Secrets Test Plan (#2405) - Manual test plan for Argon2, Fernet, and key derivation encryption

⚡ Performance

🔌 Plugin Optimization

Plugin Regex Precompilation (#1834) - Precompiled regex patterns across all plugins
Response Cache Optimization (#1835) - Algorithmic optimization for response-cache-by-prompt
Crypto Threadpool Offload (#1836) - CPU-bound Argon2/Fernet operations moved to threadpool
Cedar Plugin Async (#2082) - Replaced synchronous requests with async in Cedar policy plugin
LLM Guard Optimization (#1959, #1960) - Fixed critical and high-impact performance issues in llm-guard plugin

🗄️ Database & Infrastructure

Metrics Rollup Window (#1938) - Admin metrics rollups no longer empty during benchmark window
PgBouncer File Descriptors (#1999) - Added ulimits to PgBouncer container

🔧 Chores

Helm Chart Build (#222) - Makefile with lint and values.schema.json validation, CODEOWNERS, CHANGELOG.md, .helmignore
Helm Volume Conflicts (#377) - Fixed PostgreSQL volume name conflicts
SSO Teams Format (#2233) - Aligned SSO service teams claim format
GatewayService Init (#2256) - Fixed uninitialized service instances
EntraID Admin Groups (#2265) - Added sso_entra_admin_groups to validator
CI/CD Workflow Fix (#2207) - Removed unused workflow_dispatch platforms input
Dependency Cleanup (#2651) - Removed unused runtime dependencies
MCP Server Dependencies (#2630) - Updated dependencies across Python, Go, and Rust MCP servers
Rust CI/CD (#2776) - Fixed Rust Plugins CI/CD workflow
Verbose Test Output (#2665) - Added verbose pytest output option
.gitignore Cleanup (#2337) - Cleaned up redundant patterns
README Rationalization (#2365) - Streamlined project README
SonarQube Cleanup (#2367, #2371, #2372, #2377, #2382) - Redundant ternary, dead code, deprecated datetime.utcnow(), unused imports
Alembic Migration CI/CD Validation (#2154) - CI/CD validation for Alembic migration status
Replace Copier with Cookiecutter (#2361) - Template scaffolding migration
Dead Code in oauth_manager.py (#2368) - Removed dead code with identical if/else branches
SonarQube Must-Fix Findings (#2981) - Fixed all must-fix SonarQube findings

📝 Documentation

Password Reset & Recovery Guide (#2543) - Administrator password reset and recovery guide
CONTRIBUTING.md Link Fix (#2817) - Fixed broken CONTRIBUTING.md link

📦 Migration Guide

From v1.0.0-BETA-2 to v1.0.0-RC1

Database migrations run automatically on startup. Backup recommended before upgrading.

1. Review Breaking Changes (Required)

This release changes multiple authentication defaults to secure-by-default values. Read the Breaking Changes section above before upgrading, especially:

JWT tokens now require JTI and expiration claims
Basic auth is disabled for API endpoints
SSRF protection blocks private/internal network URLs
JSON schema validation is strict by default

2. Update Docker Compose

# Backup database
docker compose exec postgres pg_dump -U postgres mcp > backup.sql

# Pull new image
docker pull ghcr.io/ibm/mcp-context-forge:1.0.0-RC1

# Start - migrations run automatically
docker compose up -d

3. Generate New Tokens (If Needed)

# Existing tokens without JTI or expiration will be rejected
python -m mcpgateway.utils.create_jwt_token \
  --username admin@example.com \
  --exp 10080 \
  --secret $JWT_SECRET_KEY

4. New Environment Variables

# Security defaults (all enabled by default)
REQUIRE_JTI=true
REQUIRE_TOKEN_EXPIRATION=true
PUBLIC_REGISTRATION_ENABLED=false
API_ALLOW_BASIC_AUTH=false
SSRF_PROTECTION_ENABLED=true
PROTECT_ALL_ADMINS=true
JSON_SCHEMA_VALIDATION_STRICT=true

# Account lockout (changed defaults)
MAX_FAILED_LOGIN_ATTEMPTS=10
ACCOUNT_LOCKOUT_DURATION_MINUTES=1

5. Verify RBAC Roles

After upgrade, all existing users will receive default RBAC roles. Review in Admin UI:

Admin users → platform_admin + team_admin
Non-admin users → platform_viewer + team_admin

🔗 Resources

Container Images

GitHub Container Registry: https://ghcr.io/ibm/mcp-context-forge
Image Tags: v1.0.0-RC1, 1.0.0-RC1, latest
Multi-Architecture: AMD64, ARM64, s390x, ppc64le

Community

Issue Tracker: https://github.com/IBM/mcp-context-forge/issues
Discussions: https://github.com/IBM/mcp-context-forge/discussions
Contributing Guide: https://github.com/IBM/mcp-context-forge/blob/main/CONTRIBUTING.md

Quick Start

# Pull the latest image (auto-selects architecture)
docker pull ghcr.io/ibm/mcp-context-forge:1.0.0-RC1

# Run with minimal configuration
docker run -d --name mcpgateway \
  -p 4444:4444 \
  -e PLATFORM_ADMIN_EMAIL=admin@example.com \
  -e PLATFORM_ADMIN_PASSWORD=changeme \
  ghcr.io/ibm/mcp-context-forge:1.0.0-RC1

# Access Admin UI
open http://localhost:4444/admin

Previous Release: v1.0.0-BETA-2 - Performance, Scale & Reliability
Next Planned Release: v1.0.0 RC2 - Release candidate 2, short bugfix release prior to v1.0.0 GA

IBM/mcp-context-forge v1.0.0-RC1 v1.0.0-RC1 - Security Hardening, Enterprise Controls & Quality on GitHub