Skip to content

Commit d9a8431

Browse files
Skyrxinclaude
andcommitted
fix: v0.8.3 — correct invalid Trivy version pin in Dockerfile.full
TRIVY_VERSION=0.55.0 doesn't exist as an aquasecurity/trivy release tag, so the full image's install script 404'd and the Docker CI job failed on every v0.8.2 run. Bump to 0.71.2 (verified against the GitHub releases API) and sync version manifests. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01GCn1oi5XezuxxQDMwEyoA7
1 parent 20bac49 commit d9a8431

7 files changed

Lines changed: 14 additions & 7 deletions

File tree

CHANGELOG.md

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,13 @@ All notable changes to this project will be documented in this file.
44

55
## [Unreleased]
66

7+
## [0.8.3] - 2026-06-23
8+
### Fixed
9+
- **`Dockerfile.full` failed to build**`TRIVY_VERSION` was pinned to `0.55.0`,
10+
a release tag that doesn't exist for aquasecurity/trivy, so the install
11+
script 404'd and the full (9-scanner) image build failed in CI on every
12+
v0.8.2 run. Bumped to `0.71.2`.
13+
714
## [0.8.2] - 2026-06-21
815
### Added
916
- **Published container images** — GHCR workflow builds and pushes both the

Dockerfile.full

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@
1111

1212
FROM python:3.12-slim AS base
1313

14-
ARG TRIVY_VERSION=0.55.0
14+
ARG TRIVY_VERSION=0.71.2
1515
ARG GITLEAKS_VERSION=8.18.4
1616
ARG OSV_SCANNER_VERSION=1.8.5
1717
ARG GRYPE_VERSION=0.79.6

gemini-extension.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"name": "sast-mcp-server",
3-
"version": "0.8.2",
3+
"version": "0.8.3",
44
"description": "SAST/DAST vulnerability scanner for AI agents — 11 scanners (Bandit, njsscan, Bearer, Semgrep, Trivy, CodeQL, Checkov, Gitleaks, OSV-Scanner, Grype, OWASP ZAP) with closed-loop remediation, SARIF/SBOM/VEX export, baselines, and CI integrations",
55
"mcpServers": {
66
"sast": {

pyproject.toml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
[project]
22
name = "sast-mcp-server"
3-
version = "0.8.2"
3+
version = "0.8.3"
44
description = "A standard MCP server for SAST/DAST tools (Bandit, njsscan, Bearer, Semgrep, Trivy, CodeQL, Checkov, Gitleaks, OSV-Scanner, Grype, OWASP ZAP) — scan code for security vulnerabilities from any AI agent"
55
readme = "README.md"
66
license = {text = "MIT"}

sast_mcp_server/__init__.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,3 @@
11
"""SAST MCP Server — Static Application Security Testing for AI agents."""
22

3-
__version__ = "0.8.2"
3+
__version__ = "0.8.3"

server.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33
"name": "io.github.Skyrxin/sast-mcp-server",
44
"title": "SAST MCP Server",
55
"description": "11-scanner SAST/DAST MCP server with closed-loop remediation, SBOM/SARIF, and CI integrations",
6-
"version": "0.8.2",
6+
"version": "0.8.3",
77
"websiteUrl": "https://github.com/Skyrxin/sast-mcp-server#readme",
88
"repository": {
99
"url": "https://github.com/Skyrxin/sast-mcp-server",
@@ -14,7 +14,7 @@
1414
"registryType": "pypi",
1515
"registryBaseUrl": "https://pypi.org",
1616
"identifier": "sast-mcp-server",
17-
"version": "0.8.2",
17+
"version": "0.8.3",
1818
"runtimeHint": "uvx",
1919
"transport": {
2020
"type": "stdio"

smithery.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
name: sast-mcp-server
2-
version: 0.8.2
2+
version: 0.8.3
33
description: >
44
Production-grade SAST/DAST vulnerability scanner MCP server — 11 scanners
55
(Bandit, njsscan, Bearer, Semgrep, Trivy, CodeQL, Checkov, Gitleaks,

0 commit comments

Comments
 (0)