v1.3.11

What's Changed

• Update README.md by @christianfroehlichconsulting in #26
• Update package-lock.json and yarn.lock to address vulnerabilities in … by @rawveg in #27

New Contributors

• @christianfroehlichconsulting made their first contribution in #26

Full Changelog: v1.3.10...v1.3.11

v1.3.10

Release Notes for v1.3.10

Overview

This release marks a major step forward in robustness, developer experience, and operational quality for the OpenAPI Directory MCP Server. It includes sweeping improvements to the testing infrastructure, code quality, reliability and overhaul of deployment/CI automation logic. The comprehensiveness of the test suite, and the addition of e2e coverage, are highlights of this release. These changes represent the difference between the previous stable release (v1.3.9) and the current main branch.

---

✨ High-Level Improvements

• Comprehensive Test Suite Expansion:
  The test infrastructure has been refactored and significantly expanded. All major code paths are now covered by robust unit, integration, and end-to-end (e2e) test cases. Coverage thresholds are enforced and the suite is designed to catch regression bugs and specification mismatches early in development.

• End-to-End (e2e) Testing:
  Realistic e2e tests now validate the full MCP server lifecycle, including API contract validation, error handling, and key operational scenarios across supported environments.

• Test Coverage & Quality Gates:
  Coverage analysis is automated and integrated into the CI pipeline. Mutation testing and visual regression checks ensure that changes do not introduce unexpected behaviors.

• Code Review Quality:
  The code review for PR #25 highlighted that the test suite now exercises every critical path, with clear separation between unit, integration, and system-level tests. Coverage is consistently above project standards, with documentation and reporting for each test stage.

---

🛠️ Deployment, CI/CD & Automation

• Modernized Deployment/Release Scripts:
  Legacy .claude/commands/deploy scripts have been removed. The new release workflow is simpler, more reliable, and leverages best practices for semantic versioning, changelog automation, and rollback strategies.

• CI/CD Pipeline Improvements:

  • Linting, code quality, security, and coverage checks are centralized.
  • Multi-environment deployment strategies are documented.
  • New rollback and hotfix deployment

---

Full Changelog: v1.3.9...v1.3.10

v1.3.9

Full Changelog: v1.3.8...v1.3.9

v1.3.8

Release Notes — v1.3.8

---

🚀 Major Features & Enhancements

Comprehensive Pre-flight Check System

• New preflight command: Run npm run preflight to perform fast, thorough checks before CI/CD or pushing code.
• Checks included:
  • Build Output Validation: Ensures build artifacts and directories are present.
  • Tool & Prompt Exposure: Automatically verifies that all tool and prompt files are exposed via handlers, using dynamic file system counting—no hardcoded lists.
  • Mock Validation: Ensures all test mocks implement required methods, catching incomplete test doubles before integration test runs.
  • TypeScript Compilation: Fails fast on type errors; guides with actionable feedback.
  • ESLint Enforcement: Enforces zero warnings and strict code style.
• Documentation: Full details in docs/preflight-checks.md.

CI/CD Pipeline Overhaul

• Pre-flight checks now run as the first CI/CD job and gate all further jobs, dramatically reducing wasted CI minutes and giving instant feedback.
• Workflows refactored: Both ci.yml and new ci-with-preflight.yml support staged jobs (preflight, code-quality, build-test, security-scan, etc).
• Matrix testing: Multi-Node version coverage (18, 20, 22).
• Artifact uploads: Coverage artifacts for unit and feature suites.
• Security scanning: Integrated SAST and dependency audit.

Developer Experience Improvements

• Git Hooks: Easy install via ./scripts/install-hooks.sh for automatic pre-push validation. Pre-push can be bypassed in emergencies.
• Fast Failure Philosophy: Most issues now caught in seconds, not minutes.
• Self-adjusting checks: No hardcoded counts, always accurate.
• Clear error messages: All pre-flight failures are specific and actionable.
• Documentation index added: New docs/README.md provides a full documentation map for architecture, development, and API reference.

🛠️ Refactoring & Code Quality

Tool & Prompt Loader Robustness

• Dynamic directory resolution: The loader now finds tool and prompt directories reliably from any working directory or environment.
• Improved fallback logic: Ensures tools are loaded in both test and production environments.

Expanded Testing

• Tool Enumeration Test: Guards against silent tool removal/addition, enforcing a hardcoded regression barrier for API surface stability.
• Integration:
  • ToolLoader Path Test: Verifies plugin loading works from multiple directories (project root, tests, home, temp).
  • Mock Validation Test: Ensures all required API client methods are present on test doubles.
• Fixtures: Edge cases and negative scenarios expanded for coverage.

Examples & Usage

• New examples: Added both JS and TS basic usage samples for programmatic server interaction.
• Updated examples: Now use production builds (dist/) instead of source (src/) to ensure real-world compatibility.

🧹 Maintenance & Chores

• .gitignore update: Now excludes temp files from pre-flight checks.
• New ignore files for linters: .eslintignore, .jsonlintignore added for clean linting runs.
• Package updates: Version bumped to 1.3.8 in both package.json and package-lock.json.
• Readme improvements: Detailed sections on pre-flight checks, CI/CD process, and git hook setup.

🐞 Bug Fixes & Reliability

• Loader fallback: Fixed issues where tools or prompts wouldn’t load in non-standard environments.
• Test mocks: Updated to cover all new cache and API methods required by tools.
• Fixtures: Improved negative scenario handling for edge cases in provider and API responses.

📝 Documentation

• New documentation: docs/preflight-checks.md and improved docs/README.md for quick onboarding and reference.
• Readme additions: Step-by-step instructions for pre-flight, CI/CD, and git hook usage.

---

⚡️ How to Use

• Run all pre-flight checks locally:

  npm run preflight

• Install git hooks:

  ./scripts/install-hooks.sh

• Bypass pre-push checks (not recommended):

  git push --no-verify

• See documentation index:
  docs/README.md

---

v1.3.8 is a major stability and developer experience upgrade.
Enjoy lightning-fast feedback and bulletproof CI/CD!

---

Full Changelog: v1.3.7...v1.3.8

v1.3.7

Release Notes – v1.3.7

🚀 Highlights

This release marks a major leap forward for the openapi-directory-mcp project in code quality, test robustness, and automation maturity. The v1.3.7 milestone delivers industry-leading quality assurance, advanced CI/CD validation, and a new focus on security-critical mutation testing, establishing a new bar for reliability and maintainability.

---

✨ What's New

🧬 Comprehensive Mutation Testing

• Advanced Mutation Testing Integration

  • Introduces mutation testing as a first-class quality gate in CI, focusing on security-critical modules (src/utils/validation.ts, src/utils/logger.ts).
  • Validates that tests effectively catch injected faults for XSS prevention, SQL injection, and input sanitization.
  • Mutation test reports are uploaded as artifacts for every run, with HTML and Markdown summaries for quick insights.

• Weekly Automated Coverage

  • New .github/workflows/mutation-testing.yml runs full mutation testing weekly, generating detailed security-focused analysis and opening issues for low mutation scores.
  • Quality metrics are benchmarked against industry standards (70%+ for validation, 60%+ for logging/security).

• Pull Request Mutation Comments

  • Automated comments on pull requests summarize mutation testing results, highlighting surviving mutants and areas for improvement.

✅ Post-Release Validation Workflow

• Automated NPM Registry Validation
  • New .github/workflows/post-release-validation.yml waits for NPM propagation, then validates:
    • Package availability and installation.
    • CLI tool functionality (npx openapi-directory-mcp --help).
    • Published metadata (version, license, author).
  • Automated issue creation on validation failure, with self-healing detection when the registry update completes.

🏗️ CI/CD Pipeline Enhancements

• CI Workflow Upgrades

  • Regression and integration test jobs now check for exact “Success Rate: 100.0%” output, improving consistency.
  • CLI functionality is explicitly tested as part of the release process, ensuring usability for end-users.
  • Artifact uploads for mutation and regression test runs streamline debugging and historic analysis.

• All-Checks Job

  • Now depends on the new mutation-testing workflow, ensuring mutation quality is always visible in the full build status.
  • Reports on the success or warnings from mutation testing without blocking the full release, encouraging continuous improvement.

📝 Developer Experience & Documentation

• Mutation and Release Documentation
  • Auto-generated mutation and post-release validation summaries are available in build artifacts for audit and learning.
  • Detailed README updates and new markdown documentation for deployment, changelog, release, rollback, and CI/CD setup (via Claude command suite).

---

🛡️ Security & Quality Focus

• Security as a Code Quality Milestone

  • Security validation is now directly measured by mutation test survival in critical code paths, quantifying real-world protection.
  • Logger and input validation modules are continuously assessed for resilience against attack vectors and sensitive data leaks.

• Automated Quality Regression Prevention

  • All critical paths (validation, logging, CLI, package release) are now validated by automated, reproducible workflows.
  • Human error and accidental regressions are dramatically reduced by layered, automated gates.

---

Full Changelog: v1.3.6...v1.3.7

v1.3.6

🏆 OpenAPI Directory MCP v1.3.6 – Release Notes

---

🚀 Major Highlights

🔧 Tooling Overhaul & Fixes

• Critical Tool Fixes

  • Resolved regressions in the secondary client: implemented 9 missing methods (getAPIEndpoints, getProviderStats, getAPISummaryById, searchAPIs, getPopularAPIs, getRecentlyUpdatedAPIs, getEndpointDetails, getEndpointSchema, getEndpointExamples).
  • Custom client interface now provides all 11 required methods to match and maintain API surface parity.
  • Corrected endpoint format for googleapis.com (e.g., admin:directory_v1) to eliminate 404 errors in get_api.
  • Enhanced secondary source endpoint extraction with robust OpenAPI spec parsing.
  • Fixed dual-source bugs where secondary APIs would incorrectly route via the primary client.

• ToolHandler & Testing

  • Eliminated ToolHandler race conditions causing intermittent tool loading failures.
  • Created dedicated test custom spec and comprehensive configurations for custom source testing.
  • Achieved 100% pass rate across all 68 test combinations (22 tools × 4 sources).

📊 Visual Reporting & Testing Infrastructure

• Visual Status Report Generator

  • Introduced a powerful reporting system generating status in Markdown, text, and JSON.
  • At-a-glance tool status matrix showing Primary/Secondary/Custom verification.
  • Integrated into CI/CD: automatic artifact uploads, 30-day retention for historical health tracking.
  • NPM scripts for local report generation and regression testing.
  • Detailed error and tool status breakdown for rapid diagnosis.
  • ES module import fixes in report generator for Node.js compatibility.

• Testing & Regression

  • Comprehensive triple-source smoke testing now covers all data sources.
  • Regression test integration in CI/CD with 100% success validation and zero-regression policy.
  • Performance benchmarking and tool coverage validation.
  • Regression workflow scheduled daily.

🪲 Bug Fixes

• Fixed major regressions across multiple clients, ensuring all APIs, endpoints, and tools work reliably with all sources (primary, secondary, custom).
• Fixed regex escaping to resolve security warnings and prevent unsafe pattern usage.
• Resolved intermittent CI/CD failures due to tool comparison mismatches.
• Fixed ES module import issues and linting problems during reports and test runs.
• Ensured tests and quality standards are strictly enforced in CI/CD pipelines.

---

🛠️ Improvements & Refactoring

• Interface Consistency:

  • All clients (primary, secondary, custom) now share a unified interface, enabling seamless cross-source operations and easier maintenance.

• Enhanced Error Reporting:

  • Visual status and error reporting are now categorized and surfaced in CI/CD and as downloadable artifacts.

• CI/CD System:

  • Added npm scripts for regression and visual reporting.
  • Improved artifact management and test result clarity.

---

🔒 Security & Compliance

• Patched incomplete string escaping/encoding (fix for code scanning alert #4).
• Hardened tool and endpoint logic to prevent new and future vulnerabilities.
• Addressed code scanning and review issues directly in release workflow.

---

📝 Documentation & Developer Experience

• Report Artifacts:

  • Test reports now generated and automatically .gitignore’d to avoid clutter.
  • JSON format enables automation and dashboard integration.

• Contribution Quality:

  • Addressed all PR and code review feedback.
  • Improved documentation for tool interface, testing, and reporting.

---

💡 How to Upgrade

• Update to v1.3.5 for:
  • Robust, cross-source tool reliability.
  • Visual status reporting and test artifacts.
  • Stronger regression safety and developer confidence.
  • Full compatibility with the latest OpenAPI specs and custom imports.

---

📚 Resources

• View all releases & changelogs →
• Browse full commit history →

---

Thank you for using OpenAPI Directory MCP – now with triple-source architecture, robust visual health checks, and the most reliable toolset yet!

---

Full Changelog: v1.3.4...v1.3.6

v1.3.4

Full Changelog: v1.3.3...v1.3.4

v1.3.3

What's Changed

• Release: v1.3.3 - Bug Fixes and Maintenance by @rawveg in #12

Full Changelog: v1.3.2...v1.3.3

v1.3.2

What's Changed

• Fixed a bug with retrieving openapi specs in full for custom providers by @rawveg in #8

Full Changelog: v1.3.1...v1.3.2

v1.3.1

What's Changed

• Fixed: Issues with endpoint retrieval by @rawveg in #7

Full Changelog: v1.3.0...v1.3.1