doobidoo/mcp-memory-service v10.17.14
v10.17.14 - Security fixes & consolidation improvement

on GitHub

latest releases: v10.36.1, v10.36.0, v10.35.0...

one month ago

What's Changed

🔒 Security

CVE-2024-23342 (ecdsa): Replaced python-jose with PyJWT[crypto]. Eliminates ecdsa (Minerva timing attack, CVSS 7.4) and 4 other transitive packages (python-jose, pyasn1, rsa, six).
CWE-209 (stack-trace exposure): Fixed CodeQL #356 in consolidation API — exception messages no longer leaked to HTTP clients.

⚡ Performance

Consolidation associations: Default MCP_ASSOCIATION_MAX_PAIRS increased from 100 → 1000. Previous default caused 0 associations to be discovered on datasets with 8000+ memories.

Upgrade

pip install mcp-memory-service==10.17.14

Check out latest releases or
releases around doobidoo/mcp-memory-service v10.17.14

Don't miss a new mcp-memory-service release

NewReleases is sending notifications on new releases.

Get notifications