Skip to content

v0.7.0

Latest
Latest

Choose a tag to compare

View all tags
@github-actions github-actions released this 12 Mar 09:10
· 1 commit to main since this release
v0.7.0
1dae04c
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

MCP for Azure DevOps Boards v0.7.0

This release adds markdown-native authoring for work items and comments, hardens security across the board, and improves performance for large work item queries.

Installation

macOS (Homebrew)

brew tap danielealbano/mcp-tools
brew install mcp-for-azure-devops-boards

Windows (Scoop)

scoop bucket add mcp-tools https://github.com/danielealbano/scoop-mcp-tools
scoop install mcp-for-azure-devops-boards

Docker

docker pull ghcr.io/danielealbano/mcp-for-azure-devops-boards:v0.7.0

What is new and improved

  • Markdown-native authoring

    • azdo_create_work_item and azdo_update_work_item now accept a format parameter (default: markdown). Azure DevOps stores and renders Description, Acceptance Criteria, and Repro Steps as markdown instead of HTML.
    • azdo_add_comment gains the same format parameter (markdown/html, default: markdown).
    • New azdo_update_comment tool for editing existing work item comments.

  • Anti-prompt-injection protection

    • Every MCP tool response now includes an untrusted content warning, protecting LLM consumers from prompt injection via Azure DevOps data.

  • Security hardening

    • URL-encode all user-controlled parameters in API calls to prevent injection.
    • Escape single quotes in WIQL queries to prevent WIQL injection.
    • CSV formula injection mitigation in all CSV output.

  • Performance improvements

    • Parallelize comment fetching with bounded concurrency (10 concurrent requests).
    • HTTP server connection limits and per-connection timeouts.

Changelog

Full Changelog: v0.5.0...v0.7.0

Contributors

danielealbano
Assets 5
Loading