fix(deps): update module github.com/stacklok/toolhive to v0.2.9

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
github.com/stacklok/toolhive	v0.2.7 -> v0.2.9

---

Release Notes

stacklok/toolhive (github.com/stacklok/toolhive)

v0.2.9

Compare Source

What's Changed

• adds claude triage action and doc for operator chart by @​ChrisJBurns in https://github.com/stacklok/toolhive/pull/1465
• gives the GH_TOKEN to claude code so that gh commands work by @​ChrisJBurns in https://github.com/stacklok/toolhive/pull/1468
• Registry schema: normalize tags for server and remote_server by @​danbarr in https://github.com/stacklok/toolhive/pull/1476
• Fix workflow triggers for docs updates by @​danbarr in https://github.com/stacklok/toolhive/pull/1477
• chore(deps): update toolhive images to v0.2.8 by @​renovate[bot] inhttps://github.com/stacklok/toolhive/pull/14744
• Revert "Fix workflow triggers for docs updates" by @​danbarr in https://github.com/stacklok/toolhive/pull/1479
• Refresh registry data - pulls, stars, etc. by @​github-actions[bot] inhttps://github.com/stacklok/toolhive/pull/14800
• fix(deps): update module golang.ngrok.com/ngrok/v2 to v2.1.0 by @​renovate[bot] inhttps://github.com/stacklok/toolhive/pull/14755
• chore(deps): update actions/checkout action to v5 by @​renovate[bot] inhttps://github.com/stacklok/toolhive/pull/14666
• fix(deps): update module github.com/santhosh-tekuri/jsonschema/v5 to v6 by @​renovate[bot] inhttps://github.com/stacklok/toolhive/pull/14644
• Pass allowPrivateIP into createOIDCConfig by @​jhrozek in https://github.com/stacklok/toolhive/pull/1470
• Disable validating transport if INSECURE_DISABLE_URL_VALIDATION is set by @​jhrozek in https://github.com/stacklok/toolhive/pull/1471
• Lazily register JWKS endpoint with a 5 second timeout instead of on s… by @​jhrozek in https://github.com/stacklok/toolhive/pull/1472
• registry types: Add omitempty option to repository_ref field by @​JAORMX in https://github.com/stacklok/toolhive/pull/1481
• Add a new POST edit Workload endpoint and update the GET by @​lujunsan in https://github.com/stacklok/toolhive/pull/1392
• Enable groups by @​eleftherias in https://github.com/stacklok/toolhive/pull/1460
• Remove unused JWKSAllowPrivateIP from the runConfig struct by @​jhrozek in https://github.com/stacklok/toolhive/pull/1473
• Provide documentation for new middleware interfaces by @​dmjb in https://github.com/stacklok/toolhive/pull/1447
• chore: update OpenShift values to use toolhive v0.2.8 by @​JAORMX in https://github.com/stacklok/toolhive/pull/1484
• Update the API docs with the latest Workload API changes by @​lujunsan in https://github.com/stacklok/toolhive/pull/1489
• Continuously check if group migration is needed by @​eleftherias in https://github.com/stacklok/toolhive/pull/1485
• feat: enhance thv mcp list to accept server names in addition to URLs by @​JAORMX in https://github.com/stacklok/toolhive/pull/1488
• Check that the API docs are up to date on CI by @​lujunsan in https://github.com/stacklok/toolhive/pull/1490
• Issues/1449 - Improve Linux Keyring Support with Keyctl Fallback by @​mauriciocoder in https://github.com/stacklok/toolhive/pull/1451
• Default to SSE proxy mode in API by @​eleftherias in https://github.com/stacklok/toolhive/pull/1495
• Updated the operator deployment README with a custom example. Include 0.2.8. by @​RoddieKieley in https://github.com/stacklok/toolhive/pull/1487
• Refresh registry data - pulls, stars, etc. by @​github-actions[bot] inhttps://github.com/stacklok/toolhive/pull/15022
• chore(deps): update azure/setup-helm action to v4.3.1 by @​renovate[bot] inhttps://github.com/stacklok/toolhive/pull/15011
• Fix listing and removing workloads in inconsistent state by @​eleftherias in https://github.com/stacklok/toolhive/pull/1503
• fix(deps): update module github.com/mark3labs/mcp-go to v0.38.0 by @​renovate[bot] inhttps://github.com/stacklok/toolhive/pull/15044
• fix(deps): update golang.org/x/exp/jsonrpc2 digest to 8b4c13b by @​renovate[bot] inhttps://github.com/stacklok/toolhive/pull/14988
• Add env files support by @​jhrozek in https://github.com/stacklok/toolhive/pull/1499
• Fix group migration when runconfig is corrupt by @​eleftherias in https://github.com/stacklok/toolhive/pull/1506

Full Changelog: stacklok/toolhive@v0.2.8...v0.2.9

v0.2.8

Compare Source

What's Changed

• Consistently use maps instead of slices for env vars by @​dmjb in https://github.com/stacklok/toolhive/pull/1398
• Add CONTRIBUTING.md to CLAUDE.md by @​dmjb in https://github.com/stacklok/toolhive/pull/1400
• fix(deps): update golang.org/x/exp/jsonrpc2 digest to 42675ad by @​renovate[bot] inhttps://github.com/stacklok/toolhive/pull/14011
• fix(deps): update k8s.io/utils digest to 4c0f3b2 by @​renovate[bot] inhttps://github.com/stacklok/toolhive/pull/14044
• Add e2e for telemetry middleware by @​dmjb in https://github.com/stacklok/toolhive/pull/1399
• adds basic claude code pr action by @​ChrisJBurns in https://github.com/stacklok/toolhive/pull/1405
• chore(deps): update actions/checkout action to v5 by @​renovate[bot] inhttps://github.com/stacklok/toolhive/pull/14099
• Use Infof for formatted logging message by @​rvarun11 in https://github.com/stacklok/toolhive/pull/1414
• Add provenance information for sqlite MCP by @​JAORMX in https://github.com/stacklok/toolhive/pull/1416
• Fix mcp-server-box container image tag by @​JAORMX in https://github.com/stacklok/toolhive/pull/1417
• Ensure all dockyard containers have provenance info set. by @​JAORMX in https://github.com/stacklok/toolhive/pull/1418
• fix(deps): update kubernetes packages to v0.33.4 by @​renovate[bot] inhttps://github.com/stacklok/toolhive/pull/14155
• chore(deps): update golang docker tag to v1.25 by @​renovate[bot] inhttps://github.com/stacklok/toolhive/pull/14100
• Extract MCP server logic into dedicated package by @​JAORMX in https://github.com/stacklok/toolhive/pull/1403
• Add file locking for List workloads by @​dmjb in https://github.com/stacklok/toolhive/pull/1420
• Ensure that failed starts/restarts are cleaned up properly by @​dmjb in https://github.com/stacklok/toolhive/pull/1421
• Implement new middleware interfaces for all middleware by @​dmjb in https://github.com/stacklok/toolhive/pull/1422
• fix: throw error when there is a duplicate workload name by @​yrobla in https://github.com/stacklok/toolhive/pull/1395
• Add schema version field to run config by @​dmjb in https://github.com/stacklok/toolhive/pull/1424
• Add copilot_instructions.md for GitHub Copilot PR reviews by @​ChrisJBurns in https://github.com/stacklok/toolhive/pull/1412
• Expose resource-url parameter through MCPServer CRD by @​ChrisJBurns in https://github.com/stacklok/toolhive/pull/1426
• Ensure groups are removed from clients correctly by @​eleftherias in https://github.com/stacklok/toolhive/pull/1428
• Take groups into account when listing clients by @​eleftherias in https://github.com/stacklok/toolhive/pull/1430
• chore(deps): update goreleaser/goreleaser-action digest to e435ccd by @​renovate[bot] inhttps://github.com/stacklok/toolhive/pull/14277
• chore(deps): update anchore/sbom-action action to v0.20.5 by @​renovate[bot] inhttps://github.com/stacklok/toolhive/pull/14322
• e2e test for audit middleware by @​dmjb in https://github.com/stacklok/toolhive/pull/1425
• Update GitHub configuration and toolsets by @​danbarr in https://github.com/stacklok/toolhive/pull/1435
• Allow two-character tags in registry schema by @​danbarr in https://github.com/stacklok/toolhive/pull/1436
• Fix network host subdomain entries by @​danbarr in https://github.com/stacklok/toolhive/pull/1437
• Fix flaky test race condition in TestFindClientConfigs by @​ChrisJBurns in https://github.com/stacklok/toolhive/pull/1434
• do not check duplicate names when name is empty by @​yrobla in https://github.com/stacklok/toolhive/pull/1440
• Update client config when workload group changes by @​eleftherias in https://github.com/stacklok/toolhive/pull/1442
• Add dolt MCP server to registry by @​JAORMX in https://github.com/stacklok/toolhive/pull/1443
• Return registered groups from API by @​eleftherias in https://github.com/stacklok/toolhive/pull/1444
• Wireup middleware with new interfaces by @​dmjb in https://github.com/stacklok/toolhive/pull/1394
• Add operator-specific instructions for Claude Code by @​jhrozek in https://github.com/stacklok/toolhive/pull/1441
• Add JSON schema validation for registry.json by @​danbarr in https://github.com/stacklok/toolhive/pull/1438
• Deploy ToolHive Operator into OpenShift (#​1063) by @​RoddieKieley in https://github.com/stacklok/toolhive/pull/1253
• fix(deps): update module github.com/santhosh-tekuri/jsonschema/v5 to v6 by @​renovate[bot] inhttps://github.com/stacklok/toolhive/pull/14455
• Add group flag to stop command by @​eleftherias in https://github.com/stacklok/toolhive/pull/1446
• Fix protocol scheme workload name validation issue by @​JAORMX in https://github.com/stacklok/toolhive/pull/1457
• adds a ServiceAccount attribute to the MCPServer CRD by @​ChrisJBurns in https://github.com/stacklok/toolhive/pull/1453
• fix(deps): update module github.com/lestrrat-go/httprc/v3 to v3.0.1 by @​renovate[bot] inhttps://github.com/stacklok/toolhive/pull/14611
• fix(deps): update module github.com/santhosh-tekuri/jsonschema/v5 to v6 by @​renovate[bot] inhttps://github.com/stacklok/toolhive/pull/14488
• chore(deps): update toolhive images to v0.2.7 by @​renovate[bot] inhttps://github.com/stacklok/toolhive/pull/14022
• fix(deps): update module go.uber.org/mock to v0.6.0 by @​renovate[bot] inhttps://github.com/stacklok/toolhive/pull/14633
• fix(deps): update module github.com/onsi/ginkgo/v2 to v2.24.0 by @​renovate[bot] inhttps://github.com/stacklok/toolhive/pull/14622

New Contributors

• @​rvarun11 made their first contribution in https://github.com/stacklok/toolhive/pull/1414
• @​RoddieKieley made their first contribution in https://github.com/stacklok/toolhive/pull/1253

Full Changelog: stacklok/toolhive@v0.2.7...v0.2.8

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 10 additional dependencies were updated

Details:

Package	Change
github.com/lestrrat-go/httprc/v3	v3.0.0 -> v3.0.1
github.com/mark3labs/mcp-go	v0.37.0 -> v0.38.0
golang.ngrok.com/ngrok/v2	v2.0.0 -> v2.1.0
golang.org/x/exp/jsonrpc2	v0.0.0-20250811191247-51f88131bc50 -> v0.0.0-20250819193227-8b4c13bb791b
golang.org/x/net	v0.42.0 -> v0.43.0
golang.org/x/text	v0.27.0 -> v0.28.0
k8s.io/api	v0.33.3 -> v0.33.4
k8s.io/apimachinery	v0.33.3 -> v0.33.4
k8s.io/client-go	v0.33.3 -> v0.33.4
k8s.io/utils	v0.0.0-20241104100929-3ea5e8cea738 -> v0.0.0-20250604170112-4c0f3b243397

[github-actions]

🔒 MCP Security Scan Results

✅ adb-mysql-mcp-server

• Status: Passed
• Tools scanned: 3
• Result: No security issues detected

✅ agentql-mcp

• Status: Passed
• Tools scanned: 0
• Result: No security issues detected

✅ arxiv-mcp-server

• Status: Passed
• Tools scanned: 4
• Result: No security issues detected

✅ astra-db-mcp

• Status: Passed
• Tools scanned: 16
• Result: No security issues detected

✅ aws-diagram-mcp-server

• Status: Passed
• Tools scanned: 3
• Result: No security issues detected

✅ aws-documentation-mcp-server

• Status: Passed
• Tools scanned: 3
• Result: No security issues detected

✅ blender-mcp

• Status: Passed
• Tools scanned: 17
• Result: No security issues detected

✅ brightdata-mcp

• Status: Passed
• Tools scanned: 0
• Result: No security issues detected

✅ browserbase-mcp-server

• Status: Passed
• Tools scanned: 14
• Result: No security issues detected

✅ chroma-mcp

• Status: Passed
• Tools scanned: 13
• Result: No security issues detected

✅ context7

• Status: Passed
• Tools scanned: 2
• Result: No security issues detected

✅ graphlit-mcp-server

• Status: Passed
• Tools scanned: 0
• Result: No security issues detected

✅ heroku-mcp-server

• Status: Passed
• Tools scanned: 0
• Result: No security issues detected

✅ ida-pro-mcp

• Status: Passed
• Tools scanned: 0
• Result: No security issues detected

✅ magic-mcp

• Status: Passed
• Tools scanned: 0
• Result: No security issues detected

✅ mcp-clickhouse

• Status: Passed
• Tools scanned: 0
• Result: No security issues detected

✅ mcp-jetbrains

• Status: Passed
• Tools scanned: 0
• Result: No security issues detected

✅ mcp-neo4j-aura-manager

• Status: Passed
• Tools scanned: 0
• Result: No security issues detected

✅ mcp-neo4j-cypher

• Status: Passed
• Tools scanned: 3
• Result: No security issues detected

✅ mcp-neo4j-memory

• Status: Passed
• Tools scanned: 0
• Result: No security issues detected

✅ mcp-server-box

• Status: Passed
• Tools scanned: 0
• Result: No security issues detected

✅ mcp-server-circleci

• Status: Passed
• Tools scanned: 16
• Result: No security issues detected

✅ mcp-server-neon

• Status: Passed
• Tools scanned: 0
• Result: No security issues detected

✅ onchain-mcp

• Status: Passed
• Tools scanned: 10
• Result: No security issues detected

✅ phoenix-mcp

• Status: Passed
• Tools scanned: 19
• Result: No security issues detected

✅ sentry-mcp-server

• Status: Passed
• Tools scanned: 0
• Result: No security issues detected

✅ supabase-mcp-server

• Status: Passed
• Tools scanned: 0
• Result: No security issues detected

✅ tavily-mcp

• Status: Passed
• Tools scanned: 0
• Result: No security issues detected

---

Summary: Scanned 28 MCP server(s), all passed security checks. ✅