Release notes

This page summarizes notable changes to the MergeGuide CLI, MCP server, and IDE extension. For the exact installed versions, run mergeguide --version and check your package manager.

Release notes are maintained alongside each release. The entries below describe the current shipping surface; detailed per-release entries are added as releases publish.

Current versions

Component	Package	Latest version
CLI	`mergeguide` (PyPI)	2.1.3
MCP server	`@mergeguide/mcp-server` (npm)	2.2.1
IDE extension	`MergeGuide.mergeguide-vscode` (Visual Studio Marketplace)	2.1.4

Always confirm what you have installed with mergeguide --version, npx @mergeguide/mcp-server --version, and the Extensions view in your editor.

Current release

The current MergeGuide surface includes:

CLI — the mergeguide command, installed with pip install mergeguide (Python 3.11+). Top-level commands include check, init, bootstrap, policies, completions, doctor, login, install, and verify-evidence, plus the auth, config, hooks, sbom, and scan command groups. See the CLI reference.
MCP server — @mergeguide/mcp-server, run with npx @mergeguide/mcp-server (Node 18+), so an AI assistant checks changes against your policies as it works. See Install the MCP server.
IDE extension — the MergeGuide extension for VS Code and compatible editors, published under the identifier MergeGuide.mergeguide-vscode. See Install the IDE extension.
Scanners — dependency vulnerability scanning (scan vuln) and IaC misconfiguration scanning (scan iac) for Terraform, CloudFormation, Kubernetes, and Helm.
Evidence — NIST OSCAL export (component definition, assessment results, POA&M, catalog) and CycloneDX / SPDX SBOM generation, with signed-artifact verification via verify-evidence.
Integrations — GitHub, GitLab, Bitbucket, and Azure DevOps.

Current versions

Current release

Next steps

Quickstart

CLI reference

​Current versions

​Current release

​Next steps

Quickstart

CLI reference

Current versions

Current release

Next steps