github docker/docker-agent v1.46.0
on GitHub

2 hours ago

This release adds OAuth credential configuration for MCP servers, evaluation testing improvements, and numerous stability fixes.

What's New

  • Adds support for explicit OAuth credentials configuration for remote MCP servers that don't support Dynamic Client Registration
  • Adds --repeat flag to eval command for running evaluations multiple times
  • Adds support for xhigh effort level in Anthropic adaptive thinking (Claude Opus 4.7+)
  • Adds task_budget configuration field for Claude Opus 4.7 to cap total tokens across multi-step tasks
  • Adds markdown rendering support in user_prompt dialog messages

Improvements

  • Improves image attachment handling by inlining as base64 data URLs for cross-provider compatibility
  • Improves robots.txt caching to store parsed data per host instead of boolean results
  • Improves session database version detection with clear upgrade messages for newer databases

Bug Fixes

  • Fixes --attach flag being silently ignored when used without a message argument
  • Fixes data race in AddMessageUsageRecord by adding mutex lock
  • Fixes data race in rule-based router by protecting lastSelectedID with mutex
  • Fixes panic in extractSystemBlocks when system message is empty with CacheControl
  • Fixes empty messages slice handling in SendUserMessage path
  • Fixes symlink-based path traversal vulnerability in ACP filesystem toolset
  • Fixes OAuth callback CSRF vulnerability by rejecting when expected state is not set
  • Fixes MCP tryRestart to use context-aware select instead of time.Sleep
  • Fixes assistant text being discarded when tool calls are present in Responses API conversion
  • Fixes MCP OAuth token refresh by remembering the discovered auth server

Technical Changes

  • Updates mutex handling for MCP Toolset.Instructions() method
  • Updates Go dependencies including Anthropic SDK and various UI libraries

What's Changed

  • docs: update CHANGELOG.md for v1.45.0 by @docker-read-write[bot] in #2427
  • fix: reject OAuth callback when expected state has not been set (CSRF) by @dgageot in #2434
  • fix: prevent symlink-based path traversal in ACP filesystem toolset by @dgageot in #2433
  • fix: guard against empty messages slice in SendUserMessage path by @dgageot in #2432
  • fix: prevent panic in extractSystemBlocks on empty system message wit… by @dgageot in #2431
  • fix: hold mutex for instructions read in MCP Toolset.Instructions() by @dgageot in #2430
  • fix: add mutex to protect lastSelectedID in rule-based router by @dgageot in #2429
  • fix: add mutex lock to AddMessageUsageRecord to prevent data race by @dgageot in #2428
  • Add --repeat flag to eval command for running evaluations multiple times by @dgageot in #2440
  • fix: replace time.Sleep with context-aware select in MCP tryRestart by @dgageot in #2436
  • fix: preserve assistant text when tool calls present in Responses API conversion by @dgageot in #2438
  • fix: detect newer session database and show clear upgrade message by @dgageot in #2441
  • Support explicit OAuth credentials for remote MCP servers by @dgageot in #2394
  • fix: cache parsed robots.txt per host instead of boolean result by @dgageot in #2437
  • bump direct Go dependencies by @dgageot in #2444
  • Render markdown in user_prompt dialog messages by @dgageot in #2446
  • Add a pokemon example by @dgageot in #2445
  • Add an advanced coder example by @dgageot in #2447
  • fix(mcp): reuse discovered auth server for token refresh by @pandego in #2448
  • Fix --attach flag by @rumpl in #2449
  • Support xhigh effort for Anthropic adaptive thinking (Opus 4.7+) by @dgageot in #2450
  • feat(anthropic): add task_budget for Claude Opus 4.7 by @dgageot in #2453
  • chore: update cagent-action to v1.4.1 by @derekmisler in #2454

Full Changelog: v1.45.0...v1.46.0

Check out latest releases or
releases around docker/docker-agent v1.46.0

Don't miss a new docker-agent release

NewReleases is sending notifications on new releases.

Get notifications