From 77e491beea221f3ad2f7b16d2042294d7a4a1b16 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]" <github-actions[bot]@users.noreply.github.com>
Date: Wed, 5 Nov 2025 23:02:25 +0000
Subject: [PATCH] =?UTF-8?q?bump:=20version=200.24.1=20=E2=86=92=200.25.0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 CHANGELOG.md                           | 23 +++++++++++++++++++++++
 charts/nextcloud-mcp-server/Chart.yaml |  4 ++--
 pyproject.toml                         |  2 +-
 uv.lock                                |  2 +-
 4 files changed, 27 insertions(+), 4 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index c092bcb..01ac79f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,26 @@
+## v0.25.0 (2025-11-05)
+
+### BREAKING CHANGE
+
+- All OAuth deployments must be reconfigured to specify
+resource URIs (NEXTCLOUD_MCP_SERVER_URL and NEXTCLOUD_RESOURCE_URI) and
+choose between multi-audience or token exchange mode.
+
+### Feat
+
+- Implement ADR-005 unified token verifier to eliminate token passthrough vulnerability
+
+### Fix
+
+- Implement proper OAuth resource parameters and PRM-based discovery
+- Simplify token verifier to be RFC 7519 compliant
+- Use Keycloak client ID for NEXTCLOUD_RESOURCE_URI in token exchange
+- Correct OAuth token audience validation for multi-audience mode
+
+### Refactor
+
+- Eliminate duplicate validation logic in UnifiedTokenVerifier
+
 ## v0.24.1 (2025-11-04)
 
 ### Fix
diff --git a/charts/nextcloud-mcp-server/Chart.yaml b/charts/nextcloud-mcp-server/Chart.yaml
index 0330f5b..1537807 100644
--- a/charts/nextcloud-mcp-server/Chart.yaml
+++ b/charts/nextcloud-mcp-server/Chart.yaml
@@ -2,8 +2,8 @@ apiVersion: v2
 name: nextcloud-mcp-server
 description: A Helm chart for Nextcloud MCP Server - enables AI assistants to interact with Nextcloud
 type: application
-version: 0.24.1
-appVersion: "0.24.1"
+version: 0.25.0
+appVersion: "0.25.0"
 keywords:
   - nextcloud
   - mcp
diff --git a/pyproject.toml b/pyproject.toml
index d0223e0..188f90b 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -1,6 +1,6 @@
 [project]
 name = "nextcloud-mcp-server"
-version = "0.24.1"
+version = "0.25.0"
 description = "Model Context Protocol (MCP) server for Nextcloud integration - enables AI assistants to interact with Nextcloud data"
 authors = [
     {name = "Chris Coutinho", email = "chris@coutinho.io"}
diff --git a/uv.lock b/uv.lock
index cba465f..871e4ea 100644
--- a/uv.lock
+++ b/uv.lock
@@ -975,7 +975,7 @@ wheels = [
 
 [[package]]
 name = "nextcloud-mcp-server"
-version = "0.24.1"
+version = "0.25.0"
 source = { editable = "." }
 dependencies = [
     { name = "aiosqlite" },