From 29adde990f7cae2f8d976bba2628966c07041054 Mon Sep 17 00:00:00 2001
From: fyzanshaik-atlan <faizan.shaik@atlan.com>
Date: Tue, 17 Feb 2026 16:15:18 +0530
Subject: [PATCH 1/2] Bump MCP server version to 0.3.3 for release

---
 CHANGELOG.md                    | 14 ++++++++++++++
 modelcontextprotocol/version.py |  2 +-
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 2e896b6..784d911 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,20 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [0.3.3] - 2026-02-17
+
+### Fixed
+- Eliminated multi-stage builder and venv from Dockerfile, now installing directly to system python using uv
+- Removed Python venv and broken symlink workaround from #206
+- Eliminated bundled pip/setuptools/wheel and their vendored dependencies which carried 2 HIGH vulnerabilities:
+  - jaraco.context 5.3.0 (CVE-2026-23949)
+  - wheel 0.45.1 (CVE-2026-24049)
+
+### Security
+- Trivy scan: 0 HIGH/CRITICAL vulnerabilities on the resulting Docker image
+- The pyatlan base image already provides pyatlan, pydantic, httpx, cryptography, authlib, h11, anyio, and other common packages at the system level
+- Only MCP-specific packages (fastmcp, uvicorn, and their transitive deps) are now installed on top
+
 ## [0.3.2] - 2026-02-13
 
 ### Fixed
diff --git a/modelcontextprotocol/version.py b/modelcontextprotocol/version.py
index 751df6f..daa1224 100644
--- a/modelcontextprotocol/version.py
+++ b/modelcontextprotocol/version.py
@@ -1,3 +1,3 @@
 """Version information."""
 
-__version__ = "0.3.2"
+__version__ = "0.3.3"

From 68c49404b489b75033d58c8d73051c3f42b99210 Mon Sep 17 00:00:00 2001
From: fyzanshaik-atlan <faizan.shaik@atlan.com>
Date: Tue, 17 Feb 2026 16:25:23 +0530
Subject: [PATCH 2/2] Merge changelog lines per review feedback

---
 CHANGELOG.md | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 784d911..140b542 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,8 +8,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ## [0.3.3] - 2026-02-17
 
 ### Fixed
-- Eliminated multi-stage builder and venv from Dockerfile, now installing directly to system python using uv
-- Removed Python venv and broken symlink workaround from #206
+- Eliminated multi-stage builder and venv from Dockerfile, now installing directly to system python using uv, removing the broken symlink workaround from #206
 - Eliminated bundled pip/setuptools/wheel and their vendored dependencies which carried 2 HIGH vulnerabilities:
   - jaraco.context 5.3.0 (CVE-2026-23949)
   - wheel 0.45.1 (CVE-2026-24049)