Update module github.com/stacklok/toolhive to v0.19.0

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
github.com/stacklok/toolhive	v0.17.0 → v0.19.0

---

Release Notes

stacklok/toolhive (github.com/stacklok/toolhive)

v0.19.0

Compare Source

Breaking Changes

Action required before upgrading. Review each item and apply the migration steps.

[Operator] Remove enforceServers and image validation from MCPRegistry (#​4776)

The enforceServers feature and its image validation logic have been removed from the MCPRegistry CRD. This feature was silently non-functional since PR #​2568 removed the backing data sources — the registry-storage ConfigMap it depended on was never populated, so every image check returned false. The entire surface area has been cleaned up rather than fixed.

What changed:

• MCPRegistrySpec.enforceServers field removed from the CRD
• ConditionImageValidated status condition removed
• image_validation.go deleted along with its tests

Migration steps:

1. Remove any enforceServers: true (or false) field from your MCPRegistry manifests.
2. Remove any automation or alerting that watches the ImageValidated condition — it will no longer appear in status.
3. Re-apply or upgrade the CRD manifest before upgrading the operator.

---

[Operator] Rename remoteURL / externalURL JSON tags to camelCase (#​4775)

The JSON field names on MCPRemoteProxy and MCPServerEntry resources have been corrected to match Kubernetes API conventions and the rest of the codebase.

Resource	Old field name	New field name
MCPRemoteProxySpec	remoteURL	remoteUrl
MCPRemoteProxyStatus	externalURL	externalUrl
MCPServerEntrySpec	remoteURL	remoteUrl

Migration steps:

1. Update all MCPRemoteProxy and MCPServerEntry YAML manifests to use the new lowercase field names.
2. Update any tooling, scripts, or JSONPath queries (e.g. kubectl get ... -o jsonpath='{.spec.remoteUrl}') that reference these fields.
3. Apply the updated CRD manifests before re-applying your resources.

---

[Operator] Rename BackendAuthType enum value external_auth_config_ref → externalAuthConfigRef (#​4563)

The backendAuthType discriminator on VirtualMCPServer previously used snake_case for the external_auth_config_ref value, inconsistent with all other enum values (tokenExchange, headerInjection, bearerToken, etc.). It is now externalAuthConfigRef.

Backwards compatibility: The old value external_auth_config_ref is still accepted but deprecated. A deprecation warning will be logged when it is detected. It will be removed in a future release.

Migration steps:

1. Update VirtualMCPServer manifests to use backendAuthType: externalAuthConfigRef.
2. Watch operator logs for deprecation warnings and migrate before the next major version.

---

[API] Skills install endpoint: client field replaced by clients (#​4732)

The request body for the skills install endpoint has changed. The single-value client string field is replaced by a clients string array to support multi-client installation.

Migration steps:

• Update any API clients or scripts calling the skills install endpoint to send "clients": ["<client-name>"] instead of "client": "<client-name>".

---

New Features

Webhook middleware: CLI configuration support (#​4410)

Phase 4 of the webhook middleware integration adds full CLI support for configuring webhooks directly via thv run flags. Webhooks let you delegate MCP tool call authorization to an external HTTP service.

New flags on thv run:

• --webhook-url — URL of the external webhook endpoint
• --webhook-timeout — request timeout (supports JSON duration format)
• --webhook-failure-policy — fail (default) or ignore on connectivity errors

See docs/examples/webhooks.json for a configuration example.

---

Skills API v0.1 endpoints (#​4753)

Two new API endpoints are available for browsing and fetching skills from the registry:

• GET /registry/{name}/v0.1/skills — paginated, searchable list of available skills
• GET /registry/{name}/v0.1/skills/{namespace}/{skillName} — fetch a single skill by name

---

Multi-client and all-clients skill installation (#​4732)

thv skills install now supports installing a skill to multiple clients in a single command. You can specify multiple --client flags or use --all-clients to target every configured client at once. Writes are atomic with rollback on failure.

---

Cursor support for skills (#​4762)

Cursor is now recognized as a skill-supporting client. Skills can be installed directly to Cursor alongside Claude Desktop and other supported clients.

---

TelemetryConfigRef support on MCPRemoteProxy (#​4719)

MCPRemoteProxy now supports the telemetryConfigRef field, bringing it to parity with MCPServer. You can reference a shared MCPTelemetryConfig resource instead of inlining telemetry configuration. Mutual exclusivity with the (deprecated) inline telemetry field is enforced via CEL validation.

---

Improvements

Proxy returns 503 on expired OAuth token (#​4722)

When the proxy's OAuth token source fails (e.g. an expired token), it previously returned 401 Unauthorized. MCP clients interpret 401 as an authentication challenge and may retry indefinitely. The proxy now returns 503 Service Unavailable, which correctly signals a transient backend fault.

---

Webhook 422 treated as unconditional deny (#​4703)

A 422 Unprocessable Entity response from a webhook endpoint is now treated as an unconditional deny, regardless of the failurePolicy setting. This prevents malformed webhook requests from accidentally being allowed through.

---

Non-registry-server policy correctly enforced for remote URLs (#​4752)

Three gaps allowed the non_registry_servers policy (enforced: true, value: false) to be bypassed when running remote MCP servers by URL. All three call sites now enforce the policy gate before the server is started.

---

LRU eviction added to ValidatingCache (#​4731)

ValidatingCache now supports bounded LRU capacity and a storage Update method, preventing unbounded memory growth in long-running deployments.

---

Enterprise config provider respected in thv run (#​4755, #​4754, #​4740)

Several code paths in thv run and the HTTP handler setup were calling config.NewDefaultProvider() directly, bypassing the registered enterprise provider factory. These are now consistently routed through cfg.NewProvider(), ensuring enterprise configuration overrides are applied correctly.

---

runtime_config API semantics and validation tightened (#​4435)

The workload API's runtime_config handling now validates inputs at the boundary and keeps merge behavior scoped to the API layer, preventing invalid configurations from propagating to the image build step.

---

Dependency Updates

Module	Version
github.com/stacklok/toolhive-catalog	v0.20260413.0
github.com/google/go-containerregistry	v0.21.5
golang.org/x/exp/jsonrpc2	746e56f

---

Full Changelog

v0.18.0...v0.19.0

What's Changed

• Fix runtime_config API semantics and validation by @​slyt3 in #​4435
• Fix flaky TestForEachStep_ErrorAbort by @​jerm-dro in #​4739
• Fix GetDefaultProvider bypassing registered config factory by @​reyortiz3 in #​4740
• Add deflake skill for finding and fixing flaky tests by @​jerm-dro in #​4746
• Fix stale config in registry routes and WorkloadService by @​reyortiz3 in #​4751
• Enforce non-registry-server policy gate for remote URL workloads by @​reyortiz3 in #​4752
• Add v0.1 skills API endpoints by @​rdimitrov in #​4753
• honor webhook http 422 as unconditional deny by @​Sanskarzz in #​4703
• Fix NewHandler using config.NewDefaultProvider instead of config.NewProvider by @​reyortiz3 in #​4754
• Update golang.org/x/exp/jsonrpc2 digest to 746e56f by @​renovate[bot] in #​4750
• Update anthropics/claude-code-action digest to b47fd72 by @​renovate[bot] in #​4749
• Update module github.com/google/go-containerregistry to v0.21.5 by @​renovate[bot] in #​4757
• Wait for running state before deleting in lifecycle E2E test by @​jerm-dro in #​4745
• Add skills system architecture documentation by @​JAORMX in #​4758
• Support multi-client and all-clients skill installation by @​samuv in #​4732
• Add LRU capacity to ValidatingCache, remove sentinel pattern, add storage Update by @​yrobla in #​4731
• Use cfg.NewProvider() in run flags to respect enterprise provider factory by @​reyortiz3 in #​4755
• Return 503 for expired proxy tokens by @​gkatz2 in #​4722
• Add Cursor as a skill-supporting client by @​samuv in #​4762
• Webhook Middleware Phase 4: CLI configuration support by @​Sanskarzz in #​4410
• Fix accuracy issues in skills architecture documentation by @​rdimitrov in #​4759
• Update module github.com/stacklok/toolhive-catalog to v0.20260413.0 by @​renovate[bot] in #​4666
• Add TelemetryConfigRef support to MCPRemoteProxy by @​ChrisJBurns in #​4719
• Rename remoteURL and externalURL JSON tags to standard camelCase by @​ChrisJBurns in #​4775
• Add implementation plan section to PR template by @​jerm-dro in #​4737
• fix(operator): rename BackendAuthType enum value to camelCase by @​tmchow in #​4563
• Add integration tests for authServerRef on MCPServer and MCPRemoteProxy by @​tgrunnagle in #​4708
• Remove enforceServers and image validation from MCPRegistry by @​ChrisJBurns in #​4776
• Release v0.19.0 by @​stacklokbot in #​4785

Full Changelog: stacklok/toolhive@v0.18.0...v0.19.0

v0.18.0

Compare Source

What's Changed

• Add per-user rate limit types and limiter support by @​jerm-dro in #​4692
• Route MCP sessions to the originating backend pod using httptrace by @​yrobla in #​4673
• Fix health-check close failing auth in vMCP BackendClient by @​yrobla in #​4613
• Add LRU capacity to ValidatingCache, remove sentinel pattern, add storage Update by @​yrobla in #​4669
• Revert "Add LRU capacity to ValidatingCache, remove sentinel pattern, add storage Update" by @​yrobla in #​4730
• Make transparent proxy health check parameters configurable by @​gkatz2 in #​4108
• Return registry type on error for accurate user-facing messages by @​aponcedeleonch in #​4733
• Remove deprecated legacy typed fields from MCPRegistry CRD by @​ChrisJBurns in #​4705
• Replace flaky proxy-restart test with cross-proxy routing by @​jerm-dro in #​4723
• refactor: rename McpPort to MCPPort for Go naming conventions by @​mvanhorn in #​4589
• Move CheckCreateServer policy check before image download by @​aponcedeleonch in #​4734
• Follow HTTP redirects in transparent proxy by @​gkatz2 in #​4454
• Wire per-user identity into rate limit middleware by @​jerm-dro in #​4718
• Release v0.18.0 by @​stacklokbot in #​4735

New Contributors

• @​mvanhorn made their first contribution in #​4589

Full Changelog: stacklok/toolhive@v0.17.0...v0.18.0

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

ℹ️ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 9 additional dependencies were updated

Details:

Package	Change
github.com/docker/cli	v29.3.1+incompatible -> v29.4.0+incompatible
github.com/google/go-containerregistry	v0.21.4 -> v0.21.5
github.com/moby/moby/api	v1.54.0 -> v1.54.1
github.com/moby/moby/client	v0.3.0 -> v0.4.0
golang.org/x/exp/event	v0.0.0-20260218203240-3dfff04db8fa -> v0.0.0-20260312153236-7ab1446f8b90
golang.org/x/exp/jsonrpc2	v0.0.0-20260312153236-7ab1446f8b90 -> v0.0.0-20260410095643-746e56fc9e2f
golang.org/x/mod	v0.34.0 -> v0.35.0
golang.org/x/net	v0.52.0 -> v0.53.0
golang.org/x/tools	v0.43.0 -> v0.44.0