# Changelog All notable changes to MediaWiki MCP Server are documented here. ## [Unreleased] ## [1.32.1] - 2026-06-26 ### Fixed - **Reported server version no longer drifts from the release tag.** `ServerVersion` was a hand-maintained constant stuck at `1.28.1` through the 1.29–1.32 releases, so the value surfaced in MCP server registration, the `/health` and `/status` endpoints, and startup logs was wrong. It is now a build-time variable injected from the git tag via `-ldflags "-X main.ServerVersion="` (release workflow and Makefile), defaulting to `dev` for plain `go build`. ## [1.32.0] - 2026-06-25 ### Added - **`mediawiki_upload_file` now accepts base64 `file_data` over MCP.** Agents that already hold a file's bytes can base64-encode them and pass `file_data` directly, instead of standing up a local HTTP server for the `file_url` path (which the SSRF guard correctly blocks for private/internal addresses). The byte-upload path already existed internally for the `wiki` CLI; this exposes it on the MCP tool surface. `file_data` uploads bytes directly and never triggers a server-side fetch, so the allowlist/SSRF gates do not apply to that path. `file_data` and `file_url` are mutually exclusive. Decoded size is capped at 100 MiB by default (matching MediaWiki's default `$wgMaxUploadSize`), adjustable via the new `MEDIAWIKI_MAX_UPLOAD_DATA_BYTES` env var. Resolves #84 (thanks to @vansanper for the report). - **`wiki` CLI `--verbose` / `-v` flag.** Lowers the logger level from `Warn` to `Debug`, making existing debug/info log lines visible. Also adds new `Debug` log lines showing the API action, URL, and attempt count before each request, plus response status and redacted body preview (token fields like `logintoken`/`csrftoken` are replaced with `[REDACTED]`). Thanks to @strk for the feature. - **Interactive CAPTCHA prompting for `edit` and `publish` CLI commands.** When a CAPTCHA is required, the CLI now prompts interactively via `/dev/tty` (or stdin as fallback) for the answer and retries the request. Plain-text non-interactive mode (CI/piped stdin) exits with a hint instead of looping infinitely. Thanks to @strk for the implementation. ### Changed - `make build` and `make install` now also build and install the `wiki` CLI binary via `go install ./cmd/wiki/`. The local build target produces `wiki-cli` to avoid collision with the `wiki/` package directory. ### Fixed - **Stale session cookies no longer cause login failures.** When a cached session (loaded via `RestoreSession`) has expired cookies, `checkExistingSession()` correctly fails, but the stale cookies remained in the jar. The subsequent login token request ran with those stale cookies, causing "Unable to continue login. Your session most likely timed out." from the wiki. The fix calls `resetCookies()` when `checkExistingSession()` returns false, so the login flow starts with a clean jar. Thanks to @strk for the fix. - **`wiki edit` no longer reports a false success when an edit is blocked.** The MediaWiki edit API returns `result: "Failure"` inside a `200 OK` body when a CAPTCHA (ConfirmEdit) or AbuseFilter blocks the edit. The CLI previously checked only the new-page flag and printed `Edited (rev: 0)`. It now prints `Failed to edit : `, and the client surfaces the CAPTCHA type and `info` reason in the message (e.g. `Edit failed: Failure (CAPTCHA: simple)`). The MCP path already exposed `success: false` via structured content; this fixes the human-readable CLI surface. Thanks to @strk for the fix. ## [1.31.0] - 2026-05-14 ### Added - **`wiki stale-pages`** CLI command. Lists pages not edited in N days (default 90) with `--days`, `--category`, `--namespace`, `--limit` filters. Wraps the existing `mediawiki_get_stale_pages` MCP tool so the CLI surface matches MCP coverage. - **`wiki similar `** CLI command. Finds pages whose content overlaps with a source page; includes a similarity score, common terms, and existing-link indicators. Flags: `--limit`, `--category`, `--min-score`. Wraps the existing `mediawiki_find_similar_pages` MCP tool. - `wiki` CLI now returns typed exit codes so shell scripts can branch on failure category: `2` usage error, `3` not found (HTTP 404), `5` wiki API error (other 4xx/5xx), `6` auth error (HTTP 401/403), `7` rate limit (HTTP 429), `10` config error. Adapted from the cli-printing-press canonical map; `4` remains reserved for `wiki lint` findings (existing public API), so auth errors use `6` instead of `4`. Plain errors still exit `1`. `wiki.APIError` from the wiki client is auto-classified by status; commands can also return `usageErr`/`notFoundErr`/`authErr`/`apiErr`/`rateLimitErr`/`configErr` directly. Cobra flag-parse errors (unknown flag, missing required arg) auto-wrap to exit `2`. - **Claude Code plugin scaffold.** New `.claude-plugin/` directory with `marketplace.json`, `plugin.json`, and a first skill `wiki-publish` that shells out to the `wiki publish` CLI. Install via `/plugin marketplace add olgasafonova/mediawiki-mcp-server`. Design rationale and the full surface map are in [`MULTI-SURFACE-DISTRIBUTION.md`](MULTI-SURFACE-DISTRIBUTION.md): the Go module is the shared knowledge layer; MCP server, `wiki` CLI, and this plugin are surfaces over it. ### Changed - **Breaking (write tools only): `rationale` is now a required parameter on 7 destructive MCP tools** — `mediawiki_edit_page`, `mediawiki_find_replace`, `mediawiki_apply_formatting`, `mediawiki_bulk_replace`, `mediawiki_upload_file`, `mediawiki_move_page`, `mediawiki_manage_categories`. The agent must supply a one-sentence "why" with each write call; the value is logged to the tool audit trail and the `mcp.tool.rationale` OTel span attribute. Rationale is **optional** (recorded when supplied, ignored when omitted) on the 35 read-only tools. Pattern source: Teddy Riker, "Designing for Agents" (Ramp). Read-only integrations require no changes; write integrations must add the `rationale` field. - `tools/handlers.go` dispatcher refactored from a 41-case method switch + 41-case type switch to a name→closure map; the non-generic dispatcher method is gone, closures call the generic `register[Args, Result]` helper directly via type inference. `logExecution` split into `appendArgAttrs` + `appendResultAttrs`. Code Health 7.64 → 9.53 (Yellow → Green). No public API change. - `wiki/` package reorganized: monolithic read path consolidated into `wiki/read.go`; helpers extracted across `links.go`, `quality.go`, `search.go`, `write.go` to lift per-file Code Health scores. No public API change. ### Dependencies - Bumped `golang.org/x/text` (security fix) - Bumped `github.com/modelcontextprotocol/go-sdk` - Bumped `github.com/olgasafonova/mcp-servercard-go` to v0.3.0 ## [1.30.0] - 2026-05-03 ### Fixed (security) - API client refuses all redirects, closing a 307/308 cross-origin credential leak. The login flow POSTs `lgpassword=` via the API client; without `CheckRedirect`, a wiki (or any proxy in front of it, or a MITM during DNS/TLS bootstrap) returning `307 Location: https://attacker/` would cause Go to re-POST the entire body — including `lgpassword` — to the attacker. The configured wiki URL is the only legitimate target; the MediaWiki API does not redirect under normal operation. (`1f8b2e4`) - API errors no longer echo the raw response body to MCP callers. Two call sites in `apiRequest` previously wrapped `string(body)` into the error chain, which propagated HTML error pages, MITM proxy responses, and any echoed POST parameters to the LLM client. Replaced with a structured `APIError` type that retains HTTP status and a stable status-text message; the body snippet is preserved on the struct (capped at 256 bytes) for server-side logging only. Restores compliance with hard gate HG-2. (`bef66aa`) - `mediawiki_upload_file` and `mediawiki_manage_categories` now correctly declare `Destructive: true`. Both mutate wiki state but were annotated `Destructive: false`, so hosts that gate destructive operations on the annotation (Claude Code's allowlist, n8n agent guards, MCP Inspector) silently passed them through. With `IgnoreWarnings: true`, `mediawiki_upload_file` overwrites existing files on the wiki — on wikis that allow SVG, an attacker SVG with inline JS becomes stored XSS-as-the-wiki-origin against every viewer. (`c48289e`) - `uploadFromURL` (the URL upload path of `mediawiki_upload_file`) now validates the source URL through both `validateFileURL` (blocks private/internal IP destinations — closes wiki-as-SSRF-proxy targeting cloud metadata, RFC1918, link-local, etc.) and a new `MEDIAWIKI_UPLOAD_ALLOWED_DOMAINS` env-var allowlist (fail-closed when unset). The asymmetry where `validateFileURL` was applied to the *download* path but not the *upload* path was the gap. (`c48289e`) ### Changed - `mediawiki_upload_file` URL upload path now requires the `MEDIAWIKI_UPLOAD_ALLOWED_DOMAINS` environment variable to be set with one or more allowed source hostnames. Without it, all URL uploads are rejected (fail-closed). Comma-separated; supports leading `*.` for subdomain wildcards (`*.cdn.example.com` matches `us.cdn.example.com` but not the apex `cdn.example.com` itself, which must be listed separately if needed). Mirrors the `MIRO_SHARE_ALLOWED_DOMAINS` pattern. ## [1.29.0] - 2026-04-24 ### Added - **`wiki` CLI** — a command-line companion to the MCP server for shell scripts and CI pipelines. Ships from the same repo under `cmd/wiki/`, shares the same API client, auth, and `MEDIAWIKI_*` environment variables. 14 commands: `search`, `page`, `edit`, `replace`, `lint` (exit code 4 on findings, CI-friendly), `audit`, `recent`, `history`, `diff`, `links` (external/backlinks/broken/orphans/batch), `list` (pages/categories/members/users), `publish` (Markdown → wikitext), `config`, `version`. Every command supports `--json` and `--quiet`. - Release workflow now builds and publishes both `mediawiki-mcp-server` and `wiki` binaries per platform. ## [1.28.1] - 2026-04-04 ### Fixed - Server now starts in inspection mode when `MEDIAWIKI_URL` is not set, allowing MCP registries (Glama, Smithery) to enumerate tool definitions. Tool calls return a clear configuration error instead of crashing at startup. - `mediawiki_audit` tool was silently failing to register due to a missing type case in the handler dispatch. Now registers correctly. ## [1.28.0] - 2026-04-01 ### Added - **7 new tools** bringing total from 33 to 40: - `mediawiki_batch_get_pages` — Fetch content from multiple pages in one API call (max 50) - `mediawiki_batch_get_pages_info` — Get metadata for multiple pages at once - `mediawiki_search_and_read` — Search + read top results in one call, eliminating the most common two-call pattern - `mediawiki_get_page_summary` — Lead section + metadata without loading full page content - `mediawiki_move_page` — Move (rename) pages with redirect, talk page, and subpage support - `mediawiki_manage_categories` — Add/remove categories without full page edit - `mediawiki_get_stale_pages` — Find pages not edited in N days for wiki hygiene ### Changed - **Go 1.25 required** — minimum Go version bumped from 1.24 to 1.25 ### Security - Upgraded `google.golang.org/grpc` to v1.79.3 (CVE-2026-33186) ### CI/CD - Added `go.sum` integrity check and `govulncheck` to CI pipeline - Made `govulncheck` advisory (warn, don't fail) to avoid blocking on upstream advisories - Bumped `codecov/codecov-action` from 5 to 6 - Bumped Docker actions (login v4, setup-buildx v4, build-push v7, metadata v6) ## [1.27.2] - 2026-03-03 ### Fixed - Suppress pre-initialize `notifications/tools/list_changed` from go-sdk, preventing intermittent connection failures when many MCP servers start simultaneously - Correct release asset count in MCP Registry publish workflow ## [1.27.0] - 2026-02-27 ### Security - **go-sdk v1.3.1** security patch - **Regex pattern length limit** - user-provided regex capped at 500 characters to prevent CPU abuse - Regex validation now runs before page fetch (fail fast, no wasted API calls) - Added gosec security linter to golangci-lint config ### Added - **Handler-level audit logging** for all tool calls - **Cursor marketplace plugin** support - Improved `use_regex` parameter descriptions to warn about metacharacter behavior ### Fixed - Suppressed gosec false positives on intentional HTTP calls and type conversions ## [1.26.0] - 2026-02-15 ### Added - **Tieto setup guide** - beginner-friendly `TIETO_SETUP.md` for Public 360 Wiki users - Clarified that Tieto wiki requires authentication for all operations including reading ### Improved - **Tool descriptions** - `mediawiki_get_page` now cross-references `mediawiki_resolve_title` for case-sensitivity recovery - `mediawiki_compare_revisions` now cross-references `mediawiki_compare_topic` for disambiguation ### CI/CD - Bumped `actions/checkout` from v4 to v6 - Bumped Go dependency group (7 updates) - Added Claude GitHub Action workflow ## [1.25.1] - 2026-01-05 ### Added - **MCP Registry publishing** - server now listed on official MCP Registry - `server.json` metadata for registry integration - GitHub Actions workflow for automatic registry publishing on release - MCP label in Docker image for OCI validation ## [1.25.0] - 2025-12-29 ### Changed - **Go 1.24+ required** - minimum Go version bumped from 1.23 to 1.24 - Updated OpenTelemetry packages from 1.36.0 to 1.39.0 - Updated Prometheus client from 1.22.0 to 1.23.2 - Updated semconv to v1.37.0 for OTel SDK compatibility ### CI/CD - Upgraded actions/checkout from v4 to v6 - Upgraded actions/setup-go from v5 to v6 - Upgraded actions/upload-artifact from v4 to v6 - Upgraded codecov/codecov-action from v4 to v5 - Upgraded softprops/action-gh-release from v1 to v2 - Updated golangci-lint to v2.7.2 ## [1.24.1] - 2025-12-26 ### Fixed - Bumped version for release ## [1.24.0] - 2025-12-26 ### Added - Docker support with multi-stage build - Dependabot configuration for automated dependency updates - Makefile for common development tasks - QUICKSTART.md guide - LICENSE file (MIT) ### Changed - Reorganized CI workflows ## [1.23.0] - 2025-12-26 ### Added - **Circuit breaker** for wiki API resilience (5 failures threshold, 30s reset) - **Request deduplication** infrastructure for coalescing in-flight requests - **Enhanced error types** with recovery suggestions (`WikiError`) - **Cache warming** on startup for improved first-request latency - `/tools` endpoint for tool discovery (lists all 33 tools by category) - `/status` endpoint for circuit breaker and dedup monitoring ### Changed - Updated golangci-lint config to v1 format for CI compatibility ## [1.22.0] - 2025-12-25 ### Added - **Graceful shutdown** with proper resource cleanup - **Health endpoints**: `/health` (liveness) and `/ready` (wiki connectivity) - **Request batching** for improved API efficiency - **Prometheus metrics** at `/metrics` endpoint - **OpenTelemetry tracing** support ### Changed - Updated Go version matrix to 1.23 and 1.24 in CI ## [1.21.0] - 2025-12-25 ### Added - Improved test coverage and code quality - Security scan fixes ## [1.20.0] - 2025-12-19 ### Added - Increased test coverage for wiki package to 40%+ - Comprehensive test suite improvements ## [1.19.0] - 2025-12-19 ### Added - Metadata-driven tool registry for cleaner tool definitions - Improved tool organization and maintainability ## [1.18.0] - 2025-12-19 ### Added - Audit logging for all write operations - Track who made changes and when ### Documentation - Added ARCHITECTURE.md - Added CONTRIBUTING.md ## [1.17.8] - 2025-12-19 ### Security - Fixed gosec security scan findings - Added Unicode NFC normalization for input sanitization - Added fail-closed DNS handling with structured error codes - Fixed DNS rebinding vulnerability in CheckLinks (SSRF protection) ### Refactored - Split methods.go into logical modules for better maintainability ## [1.17.3] - 2025-12-18 ### Fixed - Fixed enum struct tag crash on Windows ## [1.17.2] - 2025-12-17 ### Fixed - Fixed unchecked errors and data race in cache - Fixed unchecked error returns in tests ## [1.16.0] - 2025-12-17 ### Added - `mediawiki_convert_markdown` tool for Markdown to MediaWiki conversion - Theme support: tieto, neutral, dark - Options: add_css, reverse_changelog, prettify_checks ## [1.15.0] - 2025-12-16 ### Added - Revision info and undo instructions in edit responses - Edit operations now return old/new revision IDs and diff URLs ## [1.14.0] - 2025-12-16 ### Added - `mediawiki_find_similar_pages` - Find related content based on term overlap - `mediawiki_compare_topic` - Compare how topics are described across pages - Content discovery tools for finding inconsistencies ### Fixed - Fixed nil slice JSON serialization in content discovery tools ## [1.13.0] - 2025-12-15 ### Added - `aggregate_by` parameter for `get_recent_changes` - Aggregate by user, page, or change type for compact summaries ## [1.12.0] - 2025-12-14 ### Added - `mediawiki_get_sections` - Get section structure or specific section content - `mediawiki_get_related` - Find related pages via categories/links - `mediawiki_get_images` - Get images used on a page - `mediawiki_upload_file` - Upload files from URL - `mediawiki_search_in_file` - Search text in PDFs and text files ## [1.11.0] - 2025-12-13 ### Added - HTTP transport mode for ChatGPT, n8n integration - Bearer token authentication - CORS origin validation - Rate limiting (configurable requests per minute) ## [1.10.0] - 2025-12-12 ### Added - Google ADK integration support (Go and Python) - Streamable HTTP transport ## [1.0.0] - 2025-12-01 ### Added - Initial release - Core MediaWiki API operations - Search, read, and edit wiki content - Link analysis and quality checks - History and revision tracking - Claude Desktop, Claude Code, Cursor support