openai/tunnel-client v0.0.7--context-conduit-sapphire

v0.0.7--context-conduit-sapphire

Repository: openai/tunnel-client

Tag: v0.0.7--context-conduit-sapphire

Published: 2026-04-30T18:34:29Z

Prerelease: no

Release notes:

tunnel-client v0.0.7 - Context Conduit Sapphire

Compared with the prior public release v.0.0.5, this release turns tunnel-client from a working operator tool into a packaged, documented, customer-distributable tunnel runtime for MCP and ChatGPT connector workflows.

The headline change is distribution: v0.0.7 publishes platform archives, source-plus-all-binaries bundles, public bucket URLs, and an end-user guide deck. The broader product surface is also much more complete: the bundled Tunnel MCP Codex plugin, runtime profiles, YAML configuration, richer startup diagnostics, safer log exports, and stronger OAuth/MCP compatibility all landed together.

Release Assets

• Combined distribution bundle: `all.zip`
• Combined tarball: `all.tar.gz`
• Platform zips: `darwin-amd64`, `darwin-arm64`, `linux-amd64`, `linux-arm64`, `windows-amd64`, `windows-arm64`
• Public URL manifest: `PUBLIC_URLS.txt`
• Checksums: `SHA256SUMS.txt`
• End-user guide slides: `PDF` and `PPTX`

Distribution and Install

• Added the tagged release pipeline for versioned release tags, public storage uploads, release checksums, and generated public URL manifests.
• Added one-package distribution bundles that include source plus all platform binaries, so customers can receive a single archive instead of choosing platform-specific files up front.
• Improved the release upload path for stable public artifact publication.
• Added the end-user guide rendering/distribution pipeline and attached the current release guide as both PDF and PowerPoint.
• Pinned GitHub Actions workflow references for more reproducible release automation.

Tunnel MCP and Agent Workflows

• Added the bundled tunnel-mcp Codex plugin and iterated it through external-facing install guidance, native runtime configuration, existing-tunnel attach flows, no-tmux fallback handling, uninstall/doctor recovery hints, and safer credential handling.
• Renamed the user-facing command surface from sessions to runtimes, with updated plugin routing, tests, bundled references, and assistant guidance.
• Added runtime profiles and YAML configuration support, including config-file inclusion in support exports and sample enterprise proxy configuration.
• Added agent-first onboarding flow so users can move from binary install to MCP runtime faster.
• Packaged assistant guidance into the binary and improved local MCP discoverability, first-run help, mismatch status guidance, and public binary guidance.

Diagnostics, Supportability, and Admin UX

• Added support export bundles with stable tunnel IDs, metrics snapshots, startup/config snapshots, repro metadata, screenshots, and admin state, while redacting JSON/form secrets and warning before raw unsafe exports.
• Added runtime log-level control in the admin UI and structured admin JSON responses with request_id for easier support correlation.
• Improved startup/readiness reporting: health URL file logging, startup probe auth state, optional OAuth discovery behavior, startup validation guidance, and explicit dynamic health port handling.
• Added terminal forwarding errors back to the control plane and JSON-RPC tunnel connect errors, making failed runtime startup and forwarding issues easier to diagnose from CLI output and support traces.
• Hardened test and runtime shutdown paths around mock MCP servers, broken pipes, poller retries, dispatcher latency, and FastMCP session startup races.

OAuth and MCP Compatibility

• Registered OAuth endpoints on protected-resource hosts and tightened dynamic client registration and protected-resource metadata behavior, including issuer fixes, metadata endpoint handling, and fail-fast behavior when the client is disconnected.
• Added clearer redirect mismatch diagnostics, URL rewrite disambiguation, OAuth discovery waits, and target-list readiness checkpoints.
• Added MCP mTLS client-certificate support in the prior release and extended this release with better MCP request behavior: custom header forwarding, duplicate OAuth auth-header preservation, Accept-aware SSE synthesis, buffered response timeout handling, and clearer upstream failure logging.
• Added preflight validation for stdio script commands and better stdio failure UX in plugin/assistant flows.