Changelog

What shipped across recent mcpgate releases. Self-host operators get the full prose in the image's CHANGELOG.md.

v2.0.1620 latest

5 July 2026

🔧 Improvements

  • Context Map: grade-gate plumbing (inert).

🐛 Fixes

  • Accurate 'Services configured' count.

Full changelog: https://mcpgate.de/changelog/

Docker: docker pull mcpgate/mcpgate:2.0.1620

v2.0.1618

5 July 2026

✨ Features

  • Context Map: write-time pitfall guard.
  • Sample data clears itself once you go live.
  • Context Memory: shared pitfall notes whispered into tool responses.
  • Demo story stays current.
  • Living demo data.
  • Demo instance access telemetry.
  • Richer demo incident scenario.

🔧 Improvements

  • Context Map: unified surface.
  • Consistent demo tool responses.
  • Consistent demo connections view.
  • Demo connections page reflects the sample setup.

🐛 Fixes

  • Complete prospect data cleanup on demo instances.
  • Correct avatar when one account uses two providers.

Full changelog: https://mcpgate.de/changelog/

Docker: docker pull mcpgate/mcpgate:2.0.1618

v2.0.1605

4 July 2026

✨ Features

  • Demo mode is fully visible and exitable.
  • Demo instance renders on the admin surfaces.
  • Demo instance sample dataset.
  • Demo instance always mode.
  • Demo instance foundation.

🔧 Improvements

  • Multi-tenant Microsoft sign-in.
  • Microsoft avatar is now opt-in.
  • Microsoft account avatar on sign-in.
  • Account avatar on SSO login.
  • Hardens demo mode's data boundaries.
  • Demo shows the full admin nav.
  • Demo entry, account pictures, one install guide.
  • Improves test-suite ordering independence.
  • Faster sample-data seeding.
  • The monthly spec refresh governs itself end to end.
  • Action catalogue reconciled with the July vendor specs.
  • Oversized upstream YAML specs are vendored as JSON automatically.

🐛 Fixes

  • Correct Microsoft avatar handling.
  • Demo history includes today.
  • Demo explorers reach the admin surfaces.
  • Prototype git tests are host-configuration independent.
  • Scheduled maintenance pipelines keep running on busy days.
  • Jira search recognises lowercase JQL keywords.

Full changelog: https://mcpgate.de/changelog/

Docker: docker pull mcpgate/mcpgate:2.0.1605

v2.0.1581

4 July 2026

✨ Features

  • Document review: opt-in OCR for scanned PDFs.

🔧 Improvements

  • Document review: OCR offer shows size and time.
  • Document review: cleaner text extraction from PDFs.

🐛 Fixes

  • Document review: protected terms match across extraction gaps.
  • Document review: PDF extraction preserves reading order.
  • Document review: hardened re-analysis and toggle integrity.

Full changelog: https://mcpgate.de/changelog/

Docker: docker pull mcpgate/mcpgate:2.0.1581

v2.0.1575

3 July 2026

🔧 Improvements

  • Document review: confidentiality register covered.
  • Document review: register list round three.
  • Document review: suggestion quality tuned on a real legal corpus.
  • Document review: contract role words are no longer suggested.

Full changelog: https://mcpgate.de/changelog/

Docker: docker pull mcpgate/mcpgate:2.0.1575

v2.0.1571

3 July 2026

✨ Features

  • Document review: English NER model with automatic language routing.
  • Document review: sharper suggestions and an opt-in date type.
  • Document review: bulk protection toggles by type.
  • Document review: re-analyze an open review.
  • AI suggestions in the document review.
  • Try-the-demo button for document review.
  • Admin management for document-review term lists.
  • Document review UI and durable term lists.
  • Human-gated document review (preview).

🔧 Improvements

  • Document review: one switch instead of two.
  • Sharper AI suggestions in the document review.
  • Clearer next step on the review page.
  • Reopen a released review.
  • Document Review is its own service.
  • Document review is now admin-toggleable at runtime.

🐛 Fixes

  • Document review: date-aware NER suggestions.
  • Document review browser endpoints wired up.

Full changelog: https://mcpgate.de/changelog/

Docker: docker pull mcpgate/mcpgate:2.0.1571

v2.0.1554

3 July 2026

✨ Features

  • Microsoft 365 file uploads via the Media Transfer Protocol.
  • Third-party license manifest.
  • Create Google Docs from Markdown.

🔧 Improvements

  • Tighten IP-address PII detection.

🐛 Fixes

  • Public image build restored.

Full changelog: https://mcpgate.de/changelog/

Docker: docker pull mcpgate/mcpgate:2.0.1554

v2.0.1553

3 July 2026

✨ Features

  • Microsoft 365 file uploads via the Media Transfer Protocol.
  • Third-party license manifest.
  • Create Google Docs from Markdown.

🔧 Improvements

  • Tighten IP-address PII detection.

Full changelog: https://mcpgate.de/changelog/

Docker: docker pull mcpgate/mcpgate:2.0.1553

v2.0.1549

1 July 2026

🔧 Improvements

  • Shared automations return their result.

🐛 Fixes

  • Cleaner HTML handling in table and document conversion.
  • Line breaks in table cells.

Full changelog: https://mcpgate.de/changelog/

Docker: docker pull mcpgate/mcpgate:2.0.1549

v2.0.1546

29 June 2026

✨ Features

  • Added a Google Cloud Logging connector.

🔧 Improvements

  • Proxied MCP tools validate required arguments before forwarding.
  • Discover runnable shared automations.
  • Audits every shared-automation run attempt.
  • Backend-dependent services stay hidden until their engine is wired.

🐛 Fixes

  • Backend-dependent service toggles stay inert until their engine is wired.

Full changelog: https://mcpgate.de/changelog/

Docker: docker pull mcpgate/mcpgate:2.0.1546

v2.0.1540

28 June 2026

🐛 Fixes

  • The shared-automation tool now answers capabilities.
  • Shared-automation visibility is managed through the gateway's existing interfaces, not a separate page.

Full changelog: https://mcpgate.de/changelog/

Docker: docker pull mcpgate/mcpgate:2.0.1540

v2.0.1538

28 June 2026

✨ Features

  • Share UI for your automations.
  • Creator-controlled visibility for shared automations.
  • Governance audit trail for delegation.
  • Register shared automations and who may run them.
  • Shared automations are now runnable from your AI client.
  • Run-as-invoker orchestration for shared automations.
  • Admin-set Windmill trigger token for shared automations.
  • Run-as-invoker grant minter for shared automations.
  • Shared-automation building blocks: connection recognizer + invoker allow-list.
  • Hook Builder shows what built-in hooks actually do.
  • Project write-conventions delivered when creating Jira issues.
  • Hook Builder now lists built-in hooks.
  • Regenerate a service account's client secret.
  • Service accounts: one-click provider-token creation + deep links.
  • Service-account credentials can self-renew via a GitHub App.
  • Service-account tokens are managed and auto-rotated from the admin UI.
  • Service accounts can hold their own provider token.
  • Extends the OTOBO connector with ticket creation and customer replies.
  • Adds an OTOBO helpdesk connector.

🔧 Improvements

  • Tighter isolation for delegated shared-automation runs.
  • Self-heal engine routing is governed by one shared rule.
  • GitLab file deletion is discoverable from the write-tool description.
  • Revoked service-account credentials are rejected at every authentication check.
  • Tightens connector and hook configuration guards.
  • Safer defaults for write actions across connectors.
  • Clearer self-heal startup log.
  • Self-heal runtime is selectable per instance.
  • Self-heal runtime routing.
  • Adds a numeric clamp() bounds helper.
  • Self-healing is configurable per runtime.
  • Self-healing is now one process that runs anywhere.
  • Self-healing orchestration now runs through the runtime-agnostic core.
  • Retired superseded Jira workflow config.
  • Self-healing gains a gateway-transport runtime for its decoupled core.
  • Declarative hooks (Hook Builder) support compound AND/OR conditions.
  • Self-healing ports now fit the full orchestration surface.
  • Frontend Jira issue conventions move to the editable Context Map too.
  • Self-healing orchestration gains characterization-test coverage.
  • Self-healing decision logic moves into a runtime-agnostic core.
  • Jira issue write-conventions are now editable in the Context Map.
  • Self-heal port contracts now declare their async shape.
  • Self-healing gains a GitLab/direct-token adapter for its decoupled core.
  • OAuth refresh tells a brief outage apart from an expired login.
  • Self-healing is moving to a runtime-agnostic core.
  • More robust issue-enrichment test coverage.
  • Clearer service-account token state.
  • Service-account rotation actions follow the house layout.
  • Service-account token owner accepts a bare group name.
  • Connected clients list collapses to the most recent.
  • Service-account setup: create the token where you configure it.
  • Service-account admin setup is fully integrated.
  • Service-account token controls are discoverable when none exist yet.
  • High-risk action toggle updates the row state in one step.
  • OTOBO instance config is now set in the admin UI.
  • Tagged releases reliably trigger their build and publish pipeline.
  • The release pipeline keeps version, tag and changelog in lockstep.
  • Changelog authoring moves to per-change fragments.
  • Hook validation now names the allowed step types.
  • Audit rows for proxied tool failures now show the upstream reason.
  • The self-healing review gate is hardened.
  • is_localhost_url() does not recognize bare IPv6 loopback ::1.
  • denormalize_email() can return None instead of a string fallback.

🐛 Fixes

  • Connection precheck recognises credential-based services.
  • Gateway-internal services without upstream credentials enable cleanly.
  • Self-heal review gate fails closed when its base revision is unavailable.
  • Self-heal CI engine's default issue filter follows the runner switch.
  • Self-healing review gate inspects the proposed fix uniformly across runtimes.
  • Credential-storage redundancy detection now distinguishes gateway-managed config from deployment-pinned env.
  • Auto-fix runner selector reflects the active runtime.
  • Jira issue descriptions stay as authored.
  • Revoking a service account now cleans up every linked provider.
  • Service-account provider tokens handle nested GitLab group and project paths.
  • Admin service detail: group headers no longer overlap the first action row.
  • Service-account setup: per-service credential blocks and a correctly-rendered toggle.
  • Service-account setup: icon picker and shared toggle.
  • Clearer error when a helpdesk operation isn't routed.
  • Tidier release pipeline history.
  • Concurrent releases no longer drop one of their deploys.
  • Removing an action from high-risk restores its real default classification.
  • Service visibility changes propagate reliably across all workers.

Full changelog: https://mcpgate.de/changelog/

Docker: docker pull mcpgate/mcpgate:2.0.1538

v2.0.1461

25 June 2026

✨ Features

  • Supernova design systems are now reachable over their native MCP server.
  • Admins can review and revoke every active delegation, across all users.
  • Delegated Access is configured entirely from the admin UI.
  • Delegated access for Windmill flows (Beta, off by default).

🔧 Improvements

  • The Supernova MCP session hint now reaches every install.
  • MCP-proxy tool previews refreshed and easier to keep current.
  • The Supernova MCP connector is read-only and tells clients what it serves.
  • Connection verify now resolves templated MCP endpoint URLs.
  • Self-registering connectors that still need one operator value stay hidden until it is set.
  • Guest invites can now include dual-auth gateway services.
  • Plan-gated MCP-proxy tools now point to a working alternative.
  • Delegated access enforces its high-risk policy uniformly across every execution path.

Full changelog: https://mcpgate.de/changelog/

Docker: docker pull mcpgate/mcpgate:2.0.1461

v2.0.1450

24 June 2026

🐛 Fixes

  • Service connections bind to the signed-in account for every provider.

Full changelog: https://mcpgate.de/changelog/

Docker: docker pull mcpgate/mcpgate:2.0.1450

v2.0.1449

23 June 2026

🔧 Improvements

  • Action search now signals when more matches exist beyond the shown page.

Full changelog: https://mcpgate.de/changelog/

Docker: docker pull mcpgate/mcpgate:2.0.1449

v2.0.1448

23 June 2026

🔧 Improvements

  • Leaner capabilities response for large service catalogues.
  • Newly-exposed services reach connected clients without a reconnect.

Full changelog: https://mcpgate.de/changelog/

Docker: docker pull mcpgate/mcpgate:2.0.1448

v2.0.1446

23 June 2026

✨ Features

  • MCP OAuth conformance hardening.

🔧 Improvements

  • Quieter logs when a proxied MCP server drops a long-running call.

Full changelog: https://mcpgate.de/changelog/

Docker: docker pull mcpgate/mcpgate:2.0.1446

v2.0.1444

23 June 2026

✨ Features

  • Make added as a one-click quick-add redirect host.

🐛 Fixes

  • Visible scrollbar on the admin panel.
  • Higher-contrast section headings on service pages.

Full changelog: https://mcpgate.de/changelog/

Docker: docker pull mcpgate/mcpgate:2.0.1444

v2.0.1442

23 June 2026

✨ Features

  • Spec-compliant MCP authorization handshake.
  • Conformant Dynamic Client Registration.
  • Broader MCP-client compatibility (Zapier and other strict RFC 9728 clients).
  • PKCE is now required for every OAuth client.

Full changelog: https://mcpgate.de/changelog/

Docker: docker pull mcpgate/mcpgate:2.0.1442

v2.0.1440

22 June 2026

✨ Features

  • Unified Clients admin page.
  • Service accounts (client_credentials).
  • Admin-managed OAuth redirect-host allowlist.
  • Connected-client visibility and revocation.
  • Delegation grants now slide on use.
  • Grant-as-primary authentication.
  • Delegated access for unattended workflow callers (BETA, default off).

🐛 Fixes

  • Broader OAuth state values for MCP client connect.

Full changelog: https://mcpgate.de/changelog/

Docker: docker pull mcpgate/mcpgate:2.0.1440

v2.0.1437

22 June 2026

🔧 Improvements

  • Service detail action list follows the admin panel's scroll.

🐛 Fixes

  • Leaner import-scan for very large connector specs.

Full changelog: https://mcpgate.de/changelog/

Docker: docker pull mcpgate/mcpgate:2.0.1437

v2.0.1435

22 June 2026

✨ Features

  • Microsoft 365 full-text search over calendar and mail.

🔧 Improvements

  • Service detail tables scale to very large connectors.
  • Actions can flag query parameters the upstream silently ignores.
  • Quieter production logs.
  • Reporter close notifications are reliable again, with their full context.
  • Reporter notifications fire when the fix is verified live, with the correct version.
  • Dependency locks resolve across the full supported Python range.
  • Reproducible, pinned dependency builds.
  • Continuous dependency vulnerability scanning.
  • Context Map: concurrent syncs and writes are now serialized so the served index can't briefly diverge from git.
  • Audit: warns when pseudonyms would be stored unkeyed.

🐛 Fixes

  • Reporters are notified as soon as their issue is closed.
  • MCP proxy connectors now report the real reason when a tool catalog can't be loaded.
  • App Store Connect write actions now work end-to-end.
  • Context Map: the write-time secret guard now also catches private keys and GitLab tokens.
  • Context Map: auto-discovery now includes repos whose default branch isn't main.
  • Context Map: a transient discovery error no longer hides repos for an hour.
  • Context Map: the configured git ref is validated before use.

Full changelog: https://mcpgate.de/changelog/

Docker: docker pull mcpgate/mcpgate:2.0.1435

v2.0.1422

21 June 2026

✨ Features

  • Context Map federation: group auto-discovery is now the lead path.

🐛 Fixes

  • Context Map admin: expanding a page now shows its content directly.
  • Context Map admin: the save confirmation now stays in view.

Full changelog: https://mcpgate.de/changelog/

Docker: docker pull mcpgate/mcpgate:2.0.1422

v2.0.1420

21 June 2026

✨ Features

  • Clearer names for the company-knowledge tools.
  • Grafana: query Prometheus metrics with PromQL.
  • Context Map: the index is now in context from the first message.

🔧 Improvements

  • Context Map: the freshness beacon now also rides the spec-reserved _meta channel.
  • Context Map: retrieval quality is now guarded by an automated relevance check.

🐛 Fixes

  • Company-context guidance now ships to every deployment.
  • The Context Map index digest now honours its size budget.
  • Grafana: generic api_post/api_put/api_patch now send the request body.
  • Context Map: the freshness beacon now points at the page about your topic.

Full changelog: https://mcpgate.de/changelog/

Docker: docker pull mcpgate/mcpgate:2.0.1420

v2.0.1414

21 June 2026

✨ Features

  • Context Map: stronger guidance to consult the Map before answering.
  • Context Map: discovered repos group cleanly and lead with real signal.
  • Context Map auto-discovery now recognises existing AI-context files.
  • Context Map admin page is now operator-centric.
  • Context Map: one instance webhook can now drive the whole Map.
  • Context Map: auto-discovery of source repos.
  • Context Map: the push webhook only re-syncs for repos it actually reads.
  • Context Map: federation now scales to many source repos.
  • Context Map: pushed content now persists in the repo, not just the gateway.
  • Context Map: the federated mirror namespace is now write-protected.
  • Context Map: push webhooks now set themselves up on secret rotation.
  • Context Map: admin now shows when a refresh last fired and by what.
  • Context Map: clearer populate guidance + webhook visibility.
  • Context Map: the assistant proactively offers to populate it.
  • Context Map: one-click setup for a new git-backed Map.
  • Context Map: the assistant can populate the Map from your repos.
  • Windmill connector (MCP).
  • OAuth services can target self-hosted, audience-bound endpoints.
  • Context Map: repos light up from files they already have.
  • Context Map: the list of federated repos is now composition-as-code.
  • Context Map: the L0 index now builds itself as a table of contents.
  • Context Map: federate asset pages from other repos.
  • Context Map: simpler authoring.

🐛 Fixes

  • Audit log: the page loads without scanning every active session.
  • Audit log: filtering by event type is now resolved in the database.
  • Audit log: in-flight requests are superseded on filter change.
  • Context Map: writes are serialized against the background sync.
  • Context Map: "Set up repo" refuses a repository that isn't a fresh Map.
  • Context Map: the "Set up repo" button now shows progress.
  • Self-registering connectors now turn green only once a connection is verified.
  • Context Map admin page uses the canonical sticky action bar.
  • Context Map: template starter files are no longer served as pages.
  • Context Map: quieter poll-sync logging.

Full changelog: https://mcpgate.de/changelog/

Docker: docker pull mcpgate/mcpgate:2.0.1414

v2.0.1388

20 June 2026

✨ Features

  • Context Map now records the questions it couldn't answer (gap-harvest, gateway side).
  • Context Map map_write now writes through to git in repo mode.
  • Context Map now keeps long sessions fresh and is writable by agents (Tier 2, in progress).
  • Context Map — your AI clients can now read a curated map of your systems (Tier 1).
  • Calendar event creation now honors attendee_emails and attendee_names.

🐛 Fixes

  • Context Map freshness beacon now rides every tool response (coverage fix).
  • Context Map map_write (git/repo mode) now reliably updates the served copy.

Full changelog: https://mcpgate.de/changelog/

Docker: docker pull mcpgate/mcpgate:2.0.1388

v2.0.1379

19 June 2026

🔧 Improvements

  • Stream large GitLab repository files instead of inlining them.
  • Gmail attachment downloads now stream via the transfer protocol.

🐛 Fixes

  • Stream text repository files without a false binary-error.
  • Expose file path and ref on the transfer tool so GitLab file streaming is callable.

🛠 Behind the scenes

  • Project-log queries now honor the explicit from/to time range.
  • Failed tool calls now record a machine-readable reason code.
  • Data Usage view now shows the acting user in full.
  • Admin audit view now shows the acting user in full.
  • Audit pseudonyms are now keyed.

Full changelog: https://mcpgate.de/changelog/

Docker: docker pull mcpgate/mcpgate:2.0.1379

v2.0.1370

18 June 2026

✨ Features

  • HubSpot CRM connector.
  • Pipedrive now exposes its full v2 API surface via search.
  • Adds a Pipedrive CRM connector.
  • The support chat now signals support activity, not just replies.

🔧 Improvements

  • Shared gateway links now unfurl with a proper preview.
  • The "+ Add service" page no longer flags unconfigured optional services.
  • Clearer MCP-proxy service detail page.
  • Pipedrive note and activity actions expose their optional targets.
  • Jira issue creation documents its project field.
  • Cleaner service load diagnostics.
  • Calendar events now return attendee names, not just email addresses.
  • Pipedrive shows its official brand mark on the connections page.
  • Pipedrive requests now route to the connected company's own host and v2 API.
  • More deterministic test suite under parallel execution.
  • Steadier parallel test runs.
  • A connected service is owned by the gateway user who connects it.
  • Connectors can target a tenant-specific host resolved per connected user.
  • List responses can surface a collection nested under a dotted key.
  • Egress confinement supports subdomain wildcards.
  • Meeting-room listings now return a usable room identifier and a bookable flag.
  • More reliable new-message sound in long support sessions.

Full changelog: https://mcpgate.de/changelog/

Docker: docker pull mcpgate/mcpgate:2.0.1370

v2.0.1356

17 June 2026

✨ Features

  • Startup identity seeding now also covers external OAuth clients.
  • Audit and usage views resolve existing history to a person on startup.
  • Audit log now attributes every action to a durable, encrypted identity.

🔧 Improvements

  • Hardens encryption-key handling on self-hosts that don't set their own keys.
  • Attachment uploads now point callers to the reference-based transfer path.
  • CHANGELOG bullets now require a bold-headline prefix at commit time.
  • Constrains where the built-in OAuth authorization server may deliver an authorization code: the redirect target must now be loopback, the deployment's own origin, a known MCP-client domain, or a host the operator allows via OAUTH_ALLOWED_REDIRECT_HOSTS. Applies to both authorization entry points, refuses URLs that use backslashes or embedded credentials, and records every refusal in the audit log so operators can see attempted redirections.
  • The release publishing pipeline now emits a scannable summary for every version range.

🛠 Behind the scenes

  • Hardens the Jira end-to-end test suite.
  • Tool-call logging now records argument names only, never their values.
  • Stabilises the file-transfer test suite under parallel CI runs.

Full changelog: https://mcpgate.de/changelog/

Docker: docker pull mcpgate/mcpgate:2.0.1356