1.7.2

Author: ihor-sokoliuk

.mcp/server.json

@@ -7,12 +7,12 @@
     "url": "https://github.com/ihor-sokoliuk/mcp-searxng",
     "source": "github"
   },
-  "version": "1.7.1",
+  "version": "1.7.2",
   "packages": [
     {
       "registryType": "npm",
       "identifier": "mcp-searxng",
-      "version": "1.7.1",
+      "version": "1.7.2",
       "transport": {
         "type": "stdio"
       },

CHANGELOG.md

@@ -3,6 +3,12 @@
 All notable changes to mcp-searxng are documented here.
 Versions follow [Semantic Versioning](https://semver.org/).
 
+## [1.7.2] - 2026-06-20
+
+### Security
+
+- **Container image now runs as a non-root user (UID 1000):** The published Docker image previously ran as `root`, so Kubernetes deployments using the `runAsNonRoot: true` pod security context were rejected at admission. The image now sets a numeric `USER 1000` (the `node` account already present in the `node:lts-alpine` base), which satisfies `runAsNonRoot` without an additional `runAsUser` override and reduces the container's blast radius. No configuration change is required. (Reported by @nogweii, [#122](https://github.com/ihor-sokoliuk/mcp-searxng/issues/122))
+
 ## [1.7.1] - 2026-06-18
 
 ### Security

package-lock.json

@@ -1,6 +1,6 @@
 {
     "name": "mcp-searxng",
-    "version": "1.7.1",
+    "version": "1.7.2",
     "mcpName": "io.github.ihor-sokoliuk/mcp-searxng",
     "description": "MCP server for SearXNG integration",
     "license": "MIT",

package.json

@@ -1 +1 @@
-export const packageVersion = "1.7.1";
+export const packageVersion = "1.7.2";