mcp-synology-container/CHANGELOG.md

Changelog

All notable changes to this project will be documented in this file.

[0.2.9] - 2026-05-18

Fixed

• __version__ is now derived from package metadata via importlib.metadata.version(), eliminating the drift between pyproject.toml and src/mcp_synology_container/__init__.py (was stuck at 0.1.0 since the initial release).
• compose.py: reject project names that contain path separators or other unsafe characters before they reach _find_compose_path. Previously a name like "../../etc" could traverse out of compose_base_path when the project was not yet registered with Container Manager. The new _validate_project_name helper enforces ^[a-zA-Z0-9_-]+$ and is applied to read_compose, update_compose, update_image_tag, and update_env_var. Addresses M-3 from the v0.2.8 review.

Docs

• CHANGELOG.md backfilled for releases 0.2.7 and 0.2.8 (entries had been missed during those releases).

[0.2.8] - 2026-04-21

Added

• tests/test_dsm_client.py — comprehensive offline test suite for DsmClient:
  • _scrub_url and _error_message pure helpers.
  • request() happy-path, API-not-cached, _sid scrubbing in HTTPStatusError, sensitive-param log masking.
  • Session re-auth retry: single-retry semantics, auth-manager-absent path, re-auth failure path, thundering-herd (login called once under concurrent 106 responses).
  • trigger_build_stream: SSE fire-and-forget, JSON error detection, ReadTimeout swallowing, HTTP-error scrubbing.
  • upload_text and download_text happy-path + error-response branches.
  • _ensure_initialized double-checked locking and negative-cache cooldown behavior.

Fixed

• DsmClient._ensure_initialized: cache failed init outcomes for 60 s so that repeated tool calls during a credential outage (wrong password, IP-blocked 407, DNS failure) do not keep hammering DSM. Each caller receives the cached exception until the cooldown window expires, after which a fresh attempt is made. Adds INIT_ERROR_COOLDOWN module constant and _init_error / _init_error_until state. Addresses M4 from the 0.2.7 review.

[0.2.7] - 2026-04-21

Fixed

• DsmClient: scrub _sid query-parameter values from URLs embedded in httpx.HTTPStatusError messages so the raw DSM session ID never reaches log output or MCP tool responses (C1).
• DsmClient: re-auth lock now snapshots _sid before entering the lock and skips the redundant login if another task has already refreshed the session, eliminating duplicate logins on concurrent 106/107/119 responses (M3).
• DsmClient.trigger_build_stream: re-instates immediate JSON-error detection (regression from 0.2.6). Inspects the Content-Type header and reads a small capped prefix of the body for application/json responses to surface DSM error codes without forcing the caller into a multi-minute polling timeout. SSE responses remain fire-and-forget (C2/M8).
• compose.update_env_var: parenthesise the apply-branch match condition so (isinstance AND startswith) OR (entry == var_name) no longer evaluates the equality branch for non-string entries — aligns the apply side with the preview-side detection logic (M1).

Changed

• All 23 @mcp.tool() functions: strip -> str return annotations and trim docstrings to a single line (≤100 chars). FastMCP generates an outputSchema entry for every annotated tool, which roughly doubles the tools/list payload size; multi-line docstrings with Args:/Returns: sections add further bulk that Claude Desktop must parse on every connection.

Chore

• uv.lock resynced (was stale at 0.2.2).
• .gitignore: exclude .claude/ per-user Claude Code settings.
• Mechanical ruff check --fix + ruff format cleanup (import sorting, unused-import removal). No functional change.

[0.2.6] - 2026-04-21

Fixed

• DsmClient.trigger_build_stream: Claude Desktop aborts tool calls after ~4 minutes. The previous implementation read the first SSE chunk before returning, which could block for the entire duration of an image pull. Fixed by making the call truly fire-and-forget: the HTTP request is sent, response headers are received (HTTP status check only), then the connection is closed immediately without reading any SSE events. DSM continues the build server-side regardless. The _json import added in 0.2.5 is removed.

[0.2.5] - 2026-04-21

Changed

• redeploy_project: Replaced the delete-before-start image workaround with SYNO.Docker.Project/build_stream — the programmatic equivalent of the DSM "Erstellen" (Build) button, confirmed via browser DevTools capture. New 3-step flow for all project states:
  1. Stop (skipped for STOPPED; error-suppressed for BUILD_FAILED)
  2. build_stream — DSM pulls updated images and starts the project via SSE
  3. Poll for RUNNING (timeout raised from 30 s to 5 min to accommodate image pulls) build_stream errors are now fatal (abort the redeploy with a clear message).

Added

• DsmClient.trigger_build_stream(project_id) — fires a streaming GET to SYNO.Docker.Project/build_stream, reads the first SSE chunk to confirm DSM accepted the request, then closes the connection. The build continues server-side. Handles immediate JSON error responses; swallows ReadTimeout (stream still open = build running).

[0.2.4] - 2026-04-21

Changed

• redeploy_project: Replaced broken SYNO.Docker.Image/pull with a delete-before-start workaround. The tool now reads image tags from the project's compose file via FileStation, deletes each cached image before calling start (so DSM auto-pulls the latest version), then polls for RUNNING. Image deletion is non-fatal — if it fails the project still starts. Unified 4-step flow for all project states (RUNNING, STOPPED, BUILD_FAILED).

Added

• update_image_tag: Auto-updates environment variables whose value equals the numeric version prefix of the old tag when the new tag shares the same <digits>-<suffix> pattern. For example, changing 2.558-jdk21 → 2.560-jdk21 automatically updates JENKINS_VERSION=2.558 to JENKINS_VERSION=2.560. The preview (unconfirmed call) now lists which env vars will be updated. Only triggers when the variable exists and the pattern matches; no change for plain tags like latest.

[0.2.3] - 2026-04-21

Changed

• CLAUDE.md rewritten: removed all operator-specific infrastructure details (hostnames, container names, image tags, personal notes). Kept DSM API quirks, implementation rules, and tool inventory.

[0.2.2] - 2026-04-21

Fixed

• redeploy_project (BUILD_FAILED): Pull errors are no longer silently suppressed. If the image pull fails (e.g. the tag in compose.yaml does not exist on the registry), redeploy aborts immediately with a clear message pointing to update_image_tag.

[0.2.1] - 2026-04-21

Fixed

• redeploy_project: After issuing start, the tool now polls the project status every 2 seconds for up to 30 seconds until the project reaches RUNNING. Previously DSM returned immediately while containers were still starting, causing the project to appear as exited when checked right after redeploy. On timeout a warning is returned instead of an error.
• delete_image: Now distinguishes between running and stopped container references. A stopped container holding the image produces a clear hint to use delete_container or system_prune instead of a generic "in use" error.
• redeploy_project (BUILD_FAILED path): Added explicit image pull step before restart (stop → pull → start). Previously the old cached image could be reused.

Added

• delete_container — delete a stopped container by name; refuses if container is still running; requires confirmed=True.

[0.2.0] - 2026-04-14

Added

Images

• list_images — list local images sorted by size; marks images in use and with available updates
• delete_image — delete image by name:tag or hash; refuses if image is used by a container

Container

• container_stats — live CPU %, RAM used/limit, network I/O, block I/O

System

• system_df — Docker disk usage: image count/size, running/stopped containers, reclaimable space
• system_prune — remove dangling images, stopped containers, and unused networks

Networks

• list_networks — list all Docker networks with driver, subnet, gateway, attached containers
• create_network — create a new bridge (or other driver) network
• delete_network — delete a network; refuses if any container is still attached

Fixed

• get_container_status now reads the correct DSM response fields (details.State for status/running, profile.image for image name) and displays IP addresses, port bindings, and mounts
• redeploy_project is now status-aware: RUNNING → stop + start; STOPPED → start directly; BUILD_FAILED → force-stop + start; unknown status returns a clear error with workaround hint
• Container names with hash prefix (e.g. f93cb8b504f7_jenkins) are now transparently stripped in list_containers, container_stats, get_container_status, get_container_logs, and exec_in_container

Changed

• DsmClient gained a post_request() method for form-encoded POST operations required by image delete, network create/delete

[0.1.0] - 2026-04-13

Added

• Initial implementation
• Projects: list_projects, get_project_status, start_project, stop_project, redeploy_project
• Containers: list_containers, get_container_status, get_container_logs, exec_in_container
• Compose: read_compose, update_compose, update_image_tag, update_env_var
• Images: check_image_updates
• DSM session management with auto re-authentication on session timeout
• OS keyring integration for secure credential storage
• 2FA / device token support
• Interactive setup wizard and check connectivity command