github doobidoo/mcp-memory-service v10.17.10
v10.17.10 - Zero CodeQL Alerts: All Security Issues Resolved
on GitHub

latest releases: v10.36.4, v10.36.3, v10.36.2...
one month ago

Security - Zero Open CodeQL Alerts

This release completes the full remediation of all GitHub CodeQL code scanning alerts.

Fixes

  • py/log-injection (19 alerts): Removed all user-controlled data from log messages in web/api/documents.py, web/api/search.py, web/oauth/authorization.py. Replaced with static context strings — no user input flows into any log statement.
  • py/clear-text-logging-sensitive-data (5 alerts): Removed OAuth configuration values (issuer URL, algorithm name, expiry minutes, backend type, SQLite path) from all logger calls in config.py and web/oauth/storage/__init__.py.
  • py/url-redirection (3 alerts): validate_redirect_uri() now returns the stored (trusted) URI from the database instead of the user-supplied value, eliminating taint flow into RedirectResponse.
  • py/stack-trace-exposure (3 alerts): Removed exception details from error responses and log messages throughout API layer.

Result

0 open CodeQL security alerts — complete remediation across all alert categories:

  • ✅ py/log-injection
  • ✅ py/clear-text-logging-sensitive-data
  • ✅ py/stack-trace-exposure
  • ✅ py/url-redirection
  • ✅ py/tarslip (fixed in v10.17.9)
  • ✅ py/polynomial-redos (fixed in v10.17.8)

Full Changelog: v10.17.9...v10.17.10

Check out latest releases or
releases around doobidoo/mcp-memory-service v10.17.10

Don't miss a new mcp-memory-service release

NewReleases is sending notifications on new releases.

Get notifications