Skip to content

release: 3.0.0-rc.2#241

Open
stainless-app[bot] wants to merge 5 commits intomainfrom
release-please--branches--main--changes--next--components--writer-sdk
Open

release: 3.0.0-rc.2#241
stainless-app[bot] wants to merge 5 commits intomainfrom
release-please--branches--main--changes--next--components--writer-sdk

Conversation

@stainless-app
Copy link
Copy Markdown
Contributor

@stainless-app stainless-app Bot commented Apr 17, 2026
edited
Loading

Automated Release PR

3.0.0-rc.2 (2026-04-24)

Full Changelog: v3.0.0-rc.1...v3.0.0-rc.2

Chores

  • internal: more robust bootstrap script (af77915)
  • internal: update docs ordering (dec3f3d)
  • restructure docs search code (6eeaf25)
  • tests: bump steady to v0.22.1 (3a42ea2)

This pull request is managed by Stainless's GitHub App.

The semver version number is based on included commit messages. Alternatively, you can manually set the version number in the title of this pull request.

For a better experience, it is recommended to use either rebase-merge or squash-merge when merging this pull request.

🔗 Stainless website
📚 Read the docs
🙋 Reach out for help or questions

@stainless-app stainless-app Bot force-pushed the release-please--branches--main--changes--next--components--writer-sdk branch from 4f4406c to f32be2d Compare April 22, 2026 10:34
@hackerone-code
Copy link
Copy Markdown

hackerone-code Bot commented Apr 22, 2026
edited
Loading

HackerOne Code Security Review

🟢 Scan Complete: 1 Issue(s)
🟢 Validation Complete: Any Issues detected were validated by one of our engineers. None were determined to require immediate action.

Here's how the code changes were interpreted and info about the tools used for scanning.

📖 Summary of Changes The repository has been updated to version 3.0.0-rc.2, with consistent version bumps across multiple configuration and source files. Changes include updating version numbers in manifest files, package.json, and source code. The changelog reflects minor internal updates, and a script dependency was also upgraded from 0.20.2 to 0.22.1.
File Summary
.release-please-manifest.json The version number in the file has been updated from 3.0.0-rc.1 to 3.0.0-rc.2, indicating a minor release candidate update.
CHANGELOG.md The changelog has been updated with a new version 3.0.0-rc.2, which includes minor internal updates such as updating docs ordering and bumping the steady test dependency to version 0.22.1.
packages/mcp-server/package.json The package version was updated from 3.0.0-rc.1 to 3.0.0-rc.2, with no other changes observed in the package.json file.
packages/mcp-server/manifest.json The only change is the version number, which was updated from "3.0.0-rc.1" to "3.0.0-rc.2" in the package configuration file.
packages/mcp-server/src/server.ts The version number for the 'writer_sdk_api' in the newMcpServer function was updated from '3.0.0-rc.1' to '3.0.0-rc.2', which is the only observable change in this file.
scripts/mock The script's only change is updating the @stdy/cli package version from 0.20.2 to 0.22.1 in both npm exec commands and the version check command.
src/version.ts The version number has been incremented from '3.0.0-rc.1' to '3.0.0-rc.2', indicating a minor release candidate update.
ℹ️ Issues Detected

NOTE: These may not require action!

Below are unvalidated results from the Analysis Tools that ran during the latest scan for transparency. We investigate each of these for accuracy and relevance before surfacing them as a potential problem.

How will I know if something is a problem?
When validation completes, any concerns that warrant attention prior to merge will be posted as inline comments. These will show up in 2 ways:

  • Expert review (most cases): Issues will be posted by experts who manually reviewed and validated them. These are real HackerOne engineers (not bots) reviewing through an integrated IDE-like tool. You can communicate with them like any other reviewer. They'll stay assigned and get notified with commit & comment updates.
  • Automatically: In cases where our validation checks have highest confidence the problem is legitimate and urgent. These will include a description of contextual reasoning why & actionable next steps.
File & Line Issue
packages/mcp-server/src/local-docs-search.ts Line 1186 Using HTTP URLs is discouraged in favor of HTTPS secured addresses. Even with redirect protocols in place to automatically redirect users to HTTPS, the initial URL fetch poses a security threat and is vulnerable to man in the middle attacks.
🧰 Analysis tools

⏱️ Latest scan covered changes up to commit f32be2d (latest)

@hackerone-code
Copy link
Copy Markdown

hackerone-code Bot commented Apr 22, 2026

✅ Jacques reviewed all the included code changes and associated automation findings and determined that there were no immediately actionable security flaws. Note that they will continue to be notified of any new commits or comments and follow up as needed throughout the duration of this pull request's lifecycle.

Image of Jacques Jacques

Reviewed with ❤️ by HackerOne Code

@stainless-app stainless-app Bot force-pushed the release-please--branches--main--changes--next--components--writer-sdk branch from f32be2d to ea4cc88 Compare April 22, 2026 14:00
@stainless-app stainless-app Bot force-pushed the release-please--branches--main--changes--next--components--writer-sdk branch from ea4cc88 to 32c051b Compare April 24, 2026 13:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

autorelease: pending

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants