🚀 ToolHive v0.3.8 is here!

This release focuses on expanding authentication capabilities, improving MCP support, and strengthening test coverage across the platform.

Authentication & Security

• OAuth 2.0 Token Exchange (RFC 8693) is now supported, enabling secure token acquisition for external authentication
• Token exchange middleware allows automatic swapping of downstream tickets for upstream credentials
• Client secrets for token exchange can now be configured via environment variables for better security practices

MCP (Model Context Protocol) Enhancements

• MCP parser updated to support the latest specification
• Secrets management is now available in the ToolHive MCP server for handling sensitive data
• MCPRegistry feature promoted to stable status with full documentation and e2e test coverage
• Telemetry failures no longer interfere with MCP responses, improving reliability

Session Management

• New pluggable storage backend system gives you flexibility in how sessions are stored and managed

Testing & Quality

• Integration tests added for the ToolHive Operator
• New e2e tests for MCPRegistry functionality
• Improved test isolation with dynamic port allocation in proxy tests

Documentation & Examples

• New Runtime Authoring Guide to help you build custom runtimes
• Updated middleware documentation with comprehensive coverage
• Kubernetes examples now use thv run consistently
• Removed deprecated permissionProfile from K8s examples

Infrastructure & Fixes

• Updated Podman socket path for macOS compatibility
• Corrected content length handling when mutating API calls
• Test utilities reorganized under test directory for better structure
• Upgraded to Go 1.25.2
• Multiple dependency updates (controller-runtime v0.22.3, golang.org/x/oauth2 v0.32.0, jsonschema v6, and more)

👋 Welcome to our newest contributor @abhiii71! 🎉

🔗 Full changelog: v0.3.7...v0.3.8