Security
- fix(security): Enable TLS certificate verification in peer discovery (GHSA-x9r8-q2qj-cgvw)
- Replaced hardcoded
verify_ssl=Falsewith configurable TLS verification (default: enabled) - Added
MCP_PEER_VERIFY_SSLenv var (defaulttrue) for opt-out in dev environments - Added
MCP_PEER_SSL_CA_FILEenv var for custom CA bundle support - Added 7 tests including AST-based regression test against hardcoded
verify_ssl=False
- Replaced hardcoded
Full Changelog: v10.20.5...v10.20.6