v2.0.0 - Major Release with Breaking Changes

v2.0.0 - Major Release with Breaking Changes

⚠ BREAKING CHANGES

• Major security hardening with critical vulnerability fixes
• Enhanced MCP architecture with improved streaming capabilities
• Updated testing infrastructure requirements

🚀 Features

• Add automated release workflow and documentation
• Implement comprehensive testing infrastructure with hang prevention
• Add Gemini MCP slash commands and enhanced configuration
• Implement slim Gemini CLI integration via MCP server
• Add comprehensive CI/CD infrastructure

🐛 Bug Fixes

• Configure release-please to use existing changelog path
• Correct indentation and add issue write permission to release workflow
• Correct YAML syntax error in test workflow
• Fix security test path and improve coverage handling

📚 Documentation

• Comprehensive documentation update for Gemini MCP integration
• Add development setup instructions and contribution guidelines
• Update README with badges and improved structure
• Add setup and slash commands guide links

🧪 Testing

• Add comprehensive test suite with 75+ tests
• Implement E2E, integration, and unit testing
• Add security scanning and vulnerability checks
• Ensure all tests pass with proper mocking

🔧 CI/CD

• Add coverage XML path config for PR coverage reporting
• Implement automated dependency submission
• Add security scanning workflow
• Configure release automation

For full details, see the CHANGELOG.

v1.3.1 - E2E Test Async Mocking Fixes

E2E Test Async Mocking Fixes

Fixed

• E2E Test Async Mocking Issues - Fixed critical async mocking problems that were causing CI failures
• Resolved MagicMock can't be used in await expression Error - Properly configured async function mocking using AsyncMock and side_effect parameters
• Improved Test Reliability - All E2E tests now pass consistently when TEST_WITH_REAL_API=true and TEST_GOOGLE_API_KEY is set

Technical Improvements

• Added proper async mocking with AsyncMock import for better async function testing
• Updated test_real_quick_query to use proper async mock with side_effect parameter
• Updated test_real_code_analysis to mock API response about performance issues
• Updated test_real_api_rate_limiting to mock varied API responses for concurrent requests
• Applied pytest-asyncio best practices for async test mocking based on official documentation

Testing

• All 75 tests pass with 3 properly skipped (as expected)
• Fixed the specific CI failure that was blocking deployments
• Maintained test isolation and proper cleanup across all test suites

v1.3.0 - Comprehensive Testing Suite

Comprehensive Testing Suite

Added

• Comprehensive Testing Suite - 1,540+ lines of unit, integration, and end-to-end tests with timeout protection
• CI/CD Pipeline - 3 GitHub Actions workflows for automated testing, security scanning, and dependency checks
• Multi-Environment Support - Python 3.10-3.12 compatibility testing
• Development Workflow - Pre-commit hooks, Makefile automation, and setup script
• Code Quality Tools - MyPy type checking, Black/isort formatting, and coverage reporting

Security

• Bandit Integration - Automated security scanning with custom configuration
• GitLeaks Integration - Secret detection and prevention in codebase
• Custom Hardening Tests - Additional security validation beyond standard tools
• Enhanced Error Handling - Improved MCP server robustness and security

Testing Infrastructure

• Unit Tests - Core functionality testing with mocked dependencies
• Integration Tests - API and CLI fallback testing with real interactions
• End-to-End Tests - Full workflow validation including MCP server operations
• Security Tests - Vulnerability scanning and hardening validation
• Timeout Protection - Prevents hanging tests in CI/CD environments

Development Improvements

• Automated Setup - One-command development environment setup (./setup-dev.sh)
• Pre-commit Hooks - Automatic code quality checks before commits
• Makefile Commands - Streamlined development workflow automation
• Enhanced Documentation - Updated testing, setup, and security guides

Changed

• Project Structure - 40 files changed with 5,536 lines added and 1,012 removed
• Reorganized test structure with proper separation of concerns
• Enhanced project configuration with pyproject.toml
• Improved dependency management with development requirements

Potentially Breaking Changes

• Updated minimum Python version requirements (backward compatibility maintained)
• Reorganized project structure for better maintainability
• Enhanced development setup process (existing setups continue to work)

Verification

• All tests pass across Python 3.10-3.12
• Security scans pass with zero critical vulnerabilities
• Type checking passes with MyPy
• Code formatting enforced with Black/isort
• Existing installations continue to work without changes

v0.1.0

What's Changed

• fix: Pass GOOGLE_CLOUD_PROJECT env var to Gemini CLI subprocess by @jskorlol in #1
• Feature/testing infrastructure by @cmdaltctr in #2
• Fix CI issues: bandit configuration and test imports by @cmdaltctr in #3

New Contributors

• @jskorlol made their first contribution in #1
• @cmdaltctr made their first contribution in #2

Full Changelog: https://github.com/cmdaltctr/claude-gemini-mcp-slim/commits/v0.1.0

v1.2.0 - Enhanced Documentation

Enhanced Documentation

Added

• Enhanced Documentation Structure - Improved README with table of contents and architecture overview
• Streamlined User Experience - Better organization of setup and usage instructions
• Improved Issue Reporting - Added detailed guidance for submitting issues with labels

Documentation

• Added comprehensive architecture diagrams and explanations
• Restructured documentation for better navigation and user experience
• Enhanced Need Help section with better issue submission guidance
• Added link to GitHub labels for better issue categorization

v1.1.0 - Streamlined Slash Commands

Streamlined Slash Commands

Added

• Streamlined Slash Commands - Simplified implementation with individual command files
• Enhanced Command Organization - Individual markdown files for each command in .claude/commands/
• Better Documentation - Comprehensive slash commands guide with examples

Slash Commands Added

• Core: /gemini, /g, /analyze, /a, /codebase, /c
• Focus: /security, /s, /performance, /p, /architecture, /arch
• Assistance: /explain, /e, /debug, /d, /review, /r, /research
• Improvement: /optimize, /test, /fix
• Utilities: /help, /status, /models

Changed

• Improved Command Structure - Removed legacy slash_commands.py and slash-commands.json in favor of modular approach

Technical Improvements

• Modular command architecture for easier maintenance and updates
• Direct markdown-based command definitions
• Simplified implementation with reduced dependencies
• Improved error handling with helpful messages and usage hints

v1.0.0 - Security Hardened Production Version

Security Hardened Production Version

Added

• Complete MCP server implementation with three core tools
• Smart model selection (Gemini Flash for speed, Pro for depth)
• Real-time streaming output with progress indicators
• Shared MCP architecture supporting multiple AI clients
• API-first approach with CLI fallback
• Comprehensive hook system for automated workflows

Security

• CRITICAL: Fixed command injection vulnerabilities (CWE-78)
• CRITICAL: Fixed path traversal vulnerabilities (CWE-22)
• CRITICAL: Fixed prompt injection vulnerabilities (CWE-94)
• CRITICAL: Fixed secrets exposure issues (CWE-200)
• CRITICAL: Enhanced input validation (CWE-20)
• Implemented defense-in-depth security architecture
• Added comprehensive security testing suite
• Created detailed security documentation

Technical Improvements

• Replaced all shell=True usage with secure subprocess execution
• Added path validation and directory boundary enforcement
• Implemented input sanitization for all user inputs
• Added API key redaction in error handling
• Enhanced error handling with fail-safe defaults
• Optimized for production deployment

Documentation

• Complete setup guide with 5-minute quick start
• Comprehensive security documentation
• Architecture diagrams and code examples
• Troubleshooting guides and best practices
• Professional deployment patterns

Breaking Changes

• Removed vulnerable test files and insecure code patterns
• Enhanced security may reject previously accepted inputs
• File access restricted to current directory tree only