Skip to content

Releases: openclaw/mcporter

mcporter v0.12.3

Choose a tag to compare

@steipete steipete released this 01 Jul 07:34
v0.12.3
f20febe

Highlights

  • Fix list signatures and call examples for typed arrays, keeping number, boolean, object, and unknown array values type-correct.
  • Refresh compatible runtime, bundling, type-checking, lint, and security-override dependencies while preserving the Node and pnpm toolchain.

Changelog

CLI

  • Fix list signatures and call examples for typed arrays, keeping number, boolean, object, and unknown array values type-correct. (Issue #221, thanks @VincXiong)

Tooling / Dependencies

  • Refresh compatible runtime, bundling, type-checking, lint, and security-override dependencies while preserving the Node and pnpm toolchain. (PR #224)

npm

  • Package: mcporter@0.12.3
  • Registry tarball: mcporter-0.12.3.tgz
  • Integrity: sha512-FD6nV4AzrsJSYtIqkLE0emNNiVl0p9W2bJosORAhmI5HCfcz2fc0WjmaY26bfFRW+2aCNL3aCssoFRjcYcQjgQ==
  • Registry shasum: 1ab6f1306745e601c31927b2c1e34ec1873db8a5
  • Published: 2026-07-01T07:32:19.109Z

Artifacts

  • SHA256 (mcporter-macos-arm64-v0.12.3.tar.gz): bb896bde3b7e2eef0a700bcd2598678f4f4184306e63b2e12465d780a1184b78
  • SHA256 (mcporter-0.12.3.tgz): 9cf707fac46fdf69c27e67b9e29b866e7bb51d98266671c4282fdfed66569751

Verification

  • Exact-head CI green on Ubuntu, macOS, and Windows
  • pnpm check; 129 test files passed, 814 tests passed, 3 skipped; TypeScript and Bun builds passed.
  • Typed-array implementation proof and source-blind built-CLI validation
  • Packed consumer install/import, typed-array list/call/error validation, generated CLI compile, and published empty-directory generate-cli --compile smoke passed.
  • pnpm audit --json: zero advisories at every severity; structured autoreview clean; Public Model Identifier Gate passed.
  • Dependency refresh proof: the deprecated DeepWiki endpoint assertion passed; upstream live calls timed out at 30 and 90 seconds. The owner waived that item-specific success-path proof because provider and transport code are unchanged.

mcporter v0.12.2

Choose a tag to compare

@steipete steipete released this 27 Jun 00:27
v0.12.2
25daad4

Highlights

  • Prevent large piped CLI output from being truncated during forced shutdown, while keeping stalled readers bounded and treating broken pipes as normal shell behavior.
  • Resolve configured and ad-hoc HTTP tool selectors consistently so targeted list and call commands keep server names separate from MCP tool names.

npm

  • Package: mcporter@0.12.2
  • Registry tarball: mcporter-0.12.2.tgz
  • Integrity: sha512-tpVjIFsXlrsy1LUqzDrWBNsA3ialxH2ekm8KGBKjKgBRKdfcVblTGyhI8qmjvxAhuzg+4h0IsZxCD+CPwOVJvg==
  • Registry shasum: fff5ba423d56b88a720491621a43240db16d1f2d

Artifacts

  • SHA256 (mcporter-macos-arm64-v0.12.2.tar.gz): 5084bad0c08816c88a39a3a56e1eff514639b1575c1e1cec81bc8094045bf358
  • SHA256 (mcporter-0.12.2.tgz): 69645910e190def4a9adaf9f527216a6d59eb4e50773e93995cc5a0fc50a43f6

Verification

mcporter v0.12.1

Choose a tag to compare

@steipete steipete released this 26 Jun 06:44
v0.12.1
61340d3

Highlights

  • Add key=@path and --key @path call arguments for exact UTF-8 file values, with @@ escaping for literal leading @.
  • Skip imported server entries with unresolved editor-specific environment placeholders while allowing later valid duplicates.
  • Recover from corrupt cached OAuth tokens and client metadata by re-authenticating, while keeping callback state fail-closed.
  • Preserve replacement daemon socket and metadata ownership during superseded-daemon shutdown.
  • Refresh development dependencies and security overrides.

npm

  • Package: mcporter@0.12.1
  • Registry tarball: mcporter-0.12.1.tgz
  • Integrity: sha512-SHuuxLSvCVsnDXAEIRuFQXbKwJud/02jaQlgZypdz4VB9IuIPWUU5sQf9uWvfPiN3uSMiiq4Ww0QigOzdNxpmw==
  • Registry shasum: 7eb2a2fd39823aaeb848d40e43ba3bb06ab29cb2

Artifacts

  • SHA256 (mcporter-macos-arm64-v0.12.1.tar.gz): b14a2ceb48b1e389aab9cf346a59034429589d9b0dd0489fb8eda2a7455f9ba9
  • SHA256 (mcporter-0.12.1.tgz): af164afb573414b7336762648200f92d3d25cd1fccae19cae81286edc0b2dcde

Verification

  • pnpm check
  • pnpm test: 799 passed, 3 skipped
  • TypeScript and Bun builds
  • Published empty-directory generate-cli --compile smoke

mcporter v0.12.0

Choose a tag to compare

@steipete steipete released this 10 Jun 05:50
v0.12.0
023314c

Highlights

  • Add cache-friendly disableOAuth support across headless runtime, CLI, daemon, proxy, and callOnce paths.
  • Add per-server mcporter serve endpoints at /mcp/<server> plus MCP traffic record/replay helpers.
  • Improve daemon reliability, keep CloudBase authentication polling alive, and return non-zero status for explicit unknown-server list failures.

Changes

OAuth

  • Add cache-friendly disableOAuth support across headless runtime, CLI, daemon, proxy, and callOnce paths so callers can suppress interactive OAuth without losing connection reuse. (Issues #197, #199, #201, thanks @feniix)
  • Recover cleanly from renamed OAuth server entries, invalid refresh tokens, and stale dynamic client registrations without reusing unrelated same-URL credentials.
  • Prevent concurrent OAuth vault updates from briefly exposing empty lock files and losing credential entries under load.

CLI

  • Add per-server Streamable HTTP paths for mcporter serve at /mcp/<server>, exposing one keep-alive server with original tool names while preserving aggregate /mcp namespacing. (PR #194, thanks @zm2231)
  • Add mcporter record and mcporter replay helpers for capturing and replaying MCP JSON-RPC traffic, with server filters and daemon-safe manual env setup. (PR #192, thanks @LDMB123)
  • Prevent direct daemon starts from rebinding over an already-running healthy daemon, avoiding orphaned keep-alive processes during foreground or launch races. (PR #195, thanks @zm2231)
  • Return a non-zero exit code for explicit mcporter list <unknown-server> failures while preserving aggregate list health checks by default. (Issue #203, thanks @theo674)
  • Reconcile keep-alive daemon metadata with the responding process and serialize daemon startup across parallel clients, preventing duplicate orphaned daemons. (Issue #191, thanks @dtmsyi)
  • Keep CloudBase MCP alive by default so device-code authentication can finish polling and persist credentials after returning AUTH_PENDING. (PR #193, thanks @sevzq)
  • Keep daemon-managed stdio servers warm across repeated mcporter list requests instead of treating non-interactive tool listing as a throwaway process. (Issue #188, thanks @robertoronderosjr)

Tooling / Dependencies

  • Refresh development dependencies and satisfy the stricter oxlint check.

Verification

  • npm: mcporter@0.12.0
  • Registry tarball: mcporter-0.12.0.tgz
  • npm integrity: sha512-1jM+UcieQjLbQReVW0teYy8QS+2VH+/6sojK1rEdh6D5P5jsBuCRFW//0ZEhcHEsvLacSsuPyZLcV7UDJY/ouA==
  • Published: 2026-06-10T05:49:11.334Z
  • CI: release commit checks
  • Release commit: 023314cf31cd15759830296a61ac2b1b982bdd1d

SHA256 (mcporter-macos-arm64-v0.12.0.tar.gz): 6bd80a34422a890b92e2ff1074966114677e06aa92126ff8b850257b29c4441f

SHA256 (mcporter-0.12.0.tgz): 847753ddffaeb63305a3088730babb94b9a3ab83ef6e9f00551dae8bba70f3d0

mcporter v0.11.3

Choose a tag to compare

@steipete steipete released this 21 May 21:32
v0.11.3
94e65ba

Highlights

  • Falls back to ~/.mcporter/mcporter.json[c] when XDG_CONFIG_HOME points at an empty mcporter config directory, preventing embedders from accidentally hiding the user server registry. Fixes issue #184, thanks @ChrisBot2026.
  • Moves pnpm overrides into pnpm-workspace.yaml so current pnpm releases no longer ignore the override config during release gates.

Verification

Checksums

SHA256 (mcporter-macos-arm64-v0.11.3.tar.gz): cb73106b091ec5fcbf13bd0237ba9fc09d209147a7bc8df4e1cf25aefa320138
SHA1 (mcporter-0.11.3.tgz): a9112366b1f62260ec23875f9c2eaa35d2333566
SHA256 (mcporter-0.11.3.tgz): c9b032672005d15bf848d2c064e20053e40fb917c70dd217f701e809d6befd11

mcporter v0.11.2

Choose a tag to compare

@steipete steipete released this 21 May 20:30
v0.11.2
9ec79f2

Highlights

  • Add mcporter list --status, --exit-code, and --quiet for concise server health checks without introducing a separate health command.
  • Make generate-cli --bundle artifacts deterministic by removing bundle-only paths/timestamps from embedded metadata and sorting generated tool/schema output. Thanks @imroc.
  • Let daemon-managed OAuth servers reuse cached credentials for tool calls and tool listing after token expiry. Thanks @bradhallett.
  • Avoid restarting browser OAuth when an already-connected server has a still-valid cached access token. Thanks @jaigew and @StanAngeloff.
  • Add the documented top-level daemonIdleTimeoutMs config to shut down inactive keep-alive daemons. Thanks @jarek083.

Verification

Checksums

  • mcporter-0.11.2.tgz SHA1: b2e8731d39357934e174ac66feb1aebf83345407
  • mcporter-0.11.2.tgz SHA256: 379e1010daa4df47f8c1df068e749bc2b3c7d7d36905abaf1923ba342c0eadcb
  • mcporter-macos-arm64-v0.11.2.tar.gz SHA256: 4f87de9a1fc0d312c8c35cb1d60bebf6df19d97f7a74dda47be805e1b36abe75

mcporter v0.11.1

Choose a tag to compare

@steipete steipete released this 14 May 18:31
v0.11.1
46cc31c

Changelog

CLI

  • Make generate-cli --runtime node --bundle <name>.mjs emit an ES module bundle with a local require shim, fixing .mjs artifacts that previously crashed at startup.
  • Classify generated .mjs and .cjs outputs as bundle artifacts in embedded metadata instead of reporting them as binaries.
  • Avoid leaving implicit <server>.ts template files in the current directory when generating bundle-only artifacts without --output.
  • Print generated CLI help with a trailing newline so subsequent shell output no longer glues onto the help footer.
  • Point generated CLI metadata and npm package metadata at openclaw/mcporter.
  • Document the existing generate-cli --timeout, --minify, and --no-minify flags in generate-cli --help.
  • Suppress expected Rolldown unresolved-import warnings for Node built-ins during successful generated CLI bundling.

Verification

Checksums

  • SHA1 (mcporter-0.11.1.tgz): 2bb09b7be426e3eca533a5cfa1063b5b5878a959
  • SHA256 (mcporter-0.11.1.tgz): 0e93f4f6c036e21160ef32e1da8806744ded0fd90da336718ad0f7ad7f3a2abd
  • SHA256 (mcporter-macos-arm64-v0.11.1.tar.gz): 2c48292812bc23a7c7f690df6f70a721cf92df7dc0eaee0dc739a100df8b7abd

mcporter v0.11.0

Choose a tag to compare

@steipete steipete released this 14 May 17:54
v0.11.0
2ce585a

Highlights

  • mcporter serve exposes daemon-managed keep-alive servers as one MCP bridge with readable server__tool names.
  • Headless OAuth is stronger: no-browser auth URLs, vault seeding/clearing, cached token refresh, and auth: "refreshable_bearer" for stdio/env injection.
  • HTTP compatibility improved with httpFetch: "node-http1", including automatic Sunsama support.
  • Parallel agents get safer config/vault/cache writes and parseable JSON output under daemon recovery.

Full Changelog

Config

  • Support auth: "refreshable_bearer" with explicit refresh settings so cached OAuth tokens can be refreshed before HTTP connects or injected into stdio env vars. (Issue #173, thanks @tokyo-s)
  • Add httpFetch: "node-http1" for HTTP MCP servers whose providers reject Node's built-in fetch, and auto-apply it to Sunsama's endpoint. (Issue #158, thanks @mattash)
  • Resolve ${VAR} and ${VAR:-fallback} placeholders across string-valued server config fields such as baseUrl, command/args, tokenCacheDir, and pre-registered OAuth fields while keeping headers/env/bearer-token placeholders lazy until runtime. (PR #161 / issue #157, thanks @zxyasfas)
  • Add mcporter vault set <server> and mcporter vault clear <server> so headless deployments can seed or clear OAuth vault credentials without reproducing mcporter's internal vault-key format. (Issue #156)

CLI

  • Add mcporter serve, exposing daemon-managed keep-alive servers as one MCP bridge with readable server__tool names for stdio and Streamable HTTP clients. (PR #172, thanks @zm2231)
  • Prefer MCP structuredContent nested inside JSON-RPC result envelopes so mcporter call --output json stays parseable for dual text/structured tool responses. (Issue #168, thanks @mar-zh)
  • Serialize read-modify-write config and OAuth vault updates, and write JSON/cache metadata atomically to avoid lost entries under parallel invocations. (Issue #167, thanks @alexminza)
  • Patch chrome-devtools-mcp --autoConnect launches at runtime so mcporter call chrome-devtools.list_pages can keep using a logged-in Chrome profile while upstream DevTools-window detection can hang on busy profiles.

OAuth

  • Add headless OAuth login support via --no-browser, --browser none, and MCPORTER_OAUTH_NO_BROWSER, emitting parseable authorization URLs for remote auth flows. (PR #171 / issue #169, thanks @feniix)
  • Proactively complete OAuth for configured HTTP servers that allow unauthenticated initialize/listTools but require credentials for tool calls, and close the local callback server promptly after browser authorization. (PR #159, thanks @Spacefish)
  • Refresh expired cached OAuth access tokens during non-interactive mcporter list without opening a browser or clearing cached credentials when refresh fails. (Issue #166, thanks @chrisabad)

Verification

SHA256 (mcporter-macos-arm64-v0.11.0.tar.gz): 0b8965cb252fbd9852d31c1426ead35de75efdb4744b13b55344a9b4f3f1b224
SHA256 (mcporter-0.11.0.tgz): 18756d3ad01325e83120c9dd7a55e9b6aaebcd97761c97ac1ff593435df8a05e

mcporter v0.10.2

Choose a tag to compare

@steipete steipete released this 09 May 11:32
v0.10.2
3648a92

Highlights

  • Faster warm keep-alive calls by trimming daemon round-trips and runtime startup work.
  • More robust live MCP behavior for resource errors, OAuth/list failures, and tool-name auto-correction.
  • Generated CLIs now keep JSON output parseable for plain-text MCP results.

SHA256 (mcporter-macos-arm64-v0.10.2.tar.gz): 540390c49b5d04ecd9174a33a48bfabd4a3748b8616409882776954f9c17b571
SHA256 (mcporter-0.10.2.tgz): fedf0974ad84b78183c48caada7faf773dbed3100530765d7a6c503dc4f5b016

mcporter v0.10.1

Choose a tag to compare

@steipete steipete released this 05 May 00:03
v0.10.1
026eb28

Changes

CLI

  • Fixed Bun-compiled standalone macOS binaries so mcporter generate-cli --compile works from an empty directory, even when there is no local package.json or node_modules tree.
  • generate-cli --compile now stages the matching published mcporter package dependencies when bundled dependencies cannot be linked or copied from the local package tree.
  • The Bun compile step now runs from the staging directory, so generated CLI builds resolve mcporter, commander, and related dependencies from the same directory that contains the generated artifact.
  • Added a clearer failure message for standalone development binaries that cannot resolve published bundler dependencies.

Tests

  • Added an opt-in standalone Bun release-binary regression smoke behind MCPORTER_STANDALONE_BINARY_TEST=1.
  • The smoke builds dist-bun/mcporter, packs the current package, runs generate-cli --compile from an empty temp directory, and verifies the compiled CLI help output.

Docs / Release Process

  • Clarified that the Homebrew formula should install the npm .tgz, not the standalone Bun macOS tarball, because generated CLI compilation needs the installed package tree.
  • Documented the Homebrew release verification flow: update the tap URL/SHA, use --min-release-age=0, refresh tap README callouts, run brew reinstall, brew test, and run an empty-directory compile smoke with /opt/homebrew/bin/mcporter.
  • Documented npm and npx post-release verification, plus optional repeat verification on another Mac.

Maintenance

  • Started the next development cycle after v0.10.0 with a fresh Unreleased changelog stub.

Included Commits

  • 026eb28 fix: support standalone binary CLI compilation
  • 6ed9860 docs: clarify Homebrew release verification
  • 2100639 chore: start next development cycle

Release Verification

  • npm package surface verified.
  • npx mcporter@0.10.1 surface verified.
  • Direct standalone macOS binary surface verified.

Artifacts

  • mcporter-macos-arm64-v0.10.1.tar.gz
    • SHA256: 17451e9fd0cba13c4c506d43a3574f1cf8c707d9076aa1d22381d958199e0e1f
  • mcporter-0.10.1.tgz
    • SHA1: 918af2d239a8e27292c9621bae965e07578bdb1e
    • SHA256: efef969838b18df0bcbc3b5fe3d4a7057a96e99c46a3f25e2deb0dfd7afee1d3
  • Uploaded checksum files:
    • mcporter-macos-arm64-v0.10.1.tar.gz.sha256
    • mcporter-0.10.1.tgz.sha1
    • mcporter-0.10.1.tgz.sha256