mcpfold logomcpfold

Changelog

Per-package changelogs are generated by Changesets and live next to each package (packages/*/CHANGELOG.md) — this file is the human-readable summary of notable releases.

Unreleased — v0.1.0 (initial public release)

The local-first wedge:

  • Canonical format — one neutral mcp.config.jsonc (versioned, JSON-Schema-backed) as the single source of truth, with ${provider:path} secret references.
  • Six client adapters — Cursor, Claude Desktop, Claude Code, VS Code (root key servers, ${input:} secrets), Windsurf (mcp-remote wrapping), and Zed (context_servers).
  • CLIinit, import, add, sync (backups + atomic writes), diff (CI-gateable drift), doctor (catches the silent-failure footguns), migrate, and the run shim launcher.
  • Secrets off disk — fail-closed resolution across env / dotenv / Infisical / OS keychain / 1Password, with per-adapter strategies (shim / native-input / inline) so a plaintext token never lands in a client file. Machine-verified by a suite-wide leak harness.
  • Tool-curation proxy — trims each server's tools/list to an allow/deny set, cutting tool-schema context by ~80% in the benchmark (45 tools → 9; 7,476 → 1,497 tokens).
  • Contracts — stable --json envelope + exit codes, deterministic output with sync --check, redaction-safe diagnostics, schema versioning + migrate, and a defined offline/degraded mode.

Publishing is gated on the NPM_TOKEN repo secret; see docs/launch.md.