fix(deps): update module github.com/stacklok/toolhive to v0.6.8

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
github.com/stacklok/toolhive	v0.6.7 -> v0.6.8

---

Release Notes

stacklok/toolhive (github.com/stacklok/toolhive)

v0.6.8

Compare Source

What's Changed

• Add OAuth authorization server fallback for registration endpoint discovery by @​amirejaz in #​2711
• Add schema test ensuring the correct version by @​rdimitrov in #​2738
• Update registry from toolhive-registry release v2025.11.26 by @​github-actions[bot] in #​2739
• Add build environment configuration and validation by @​JAORMX in #​2740
• Add header injection authentication support by @​yrobla in #​2730
• fix: follow up for removing not needed value on secrets by @​yrobla in #​2744
• Remove redundant best_effort failure mode from composer by @​jhrozek in #​2746
• adds multi-configmap data source for registry by @​ChrisJBurns in #​2745
• removes unused registry helper functions by @​ChrisJBurns in #​2748
• Add new diagram to README by @​danbarr in #​2743
• Remove NewUpstreamRegistryFromUpstreamServers by @​rdimitrov in #​2752
• Update module github.com/cedar-policy/cedar-go to v1.3.1 by @​renovate[bot] in #​2751
• Update golang.org/x/exp/jsonrpc2 digest to 87e1e73 by @​renovate[bot] in #​2735
• Add CLI commands and template integration for build environment by @​JAORMX in #​2742
• adds dedicated podtemplatespec builder for registry server deployment by @​ChrisJBurns in #​2754
• Update registry from toolhive-registry release v2025.11.27 by @​github-actions[bot] in #​2756
• Implement discovered mode for vMCP authentication by @​yrobla in #​2747
• Remove unimplemented pass_through auth strategy by @​jhrozek in #​2753
• fix: fail when discover of auth creds fail by @​yrobla in #​2758
• Remove local incoming auth type from operator CRDs by @​jhrozek in #​2759

Full Changelog: stacklok/toolhive@v0.6.7...v0.6.8

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 2 additional dependencies were updated

Details:

Package	Change
github.com/cedar-policy/cedar-go	v1.3.0 -> v1.3.1
golang.org/x/exp/jsonrpc2	v0.0.0-20251113190631-e25ba8c21ef6 -> v0.0.0-20251125195548-87e1e737ad39

[github-actions]

🔒 MCP Security Scan Results

✅ adb-mysql-mcp-server

• Status: Passed
• Tools scanned: 3
• Result: No security issues detected

✅ agentql-mcp

• Status: Passed
• Tools scanned: 0
• Result: No security issues detected

✅ arxiv-mcp-server

• Status: Passed
• Tools scanned: 4
• Result: No security issues detected

✅ astra-db-mcp

• Status: Passed
• Tools scanned: 16
• Result: No security issues detected

✅ aws-diagram

• Status: Passed
• Tools scanned: 3
• Result: No security issues detected

✅ aws-documentation

• Status: Passed
• Tools scanned: 3
• Result: No security issues detected

✅ blender-mcp

• Status: Passed
• Tools scanned: 21
• Result: No security issues detected

✅ brightdata-mcp

• Status: Passed
• Tools scanned: 0
• Result: No security issues detected

✅ browserbase-mcp-server

• Status: Passed
• Tools scanned: 9
• Result: No security issues detected

✅ chroma-mcp

• Status: Passed
• Tools scanned: 13
• Result: No security issues detected

✅ chrome-devtools-mcp

• Status: Passed
• Tools scanned: 26
• Result: No security issues detected

✅ context7

• Status: Passed
• Tools scanned: 2
• Result: No security issues detected

✅ graphlit-mcp-server

• Status: Passed
• Tools scanned: 0
• Result: No security issues detected

✅ heroku-mcp-server

• Status: Passed
• Tools scanned: 0
• Result: No security issues detected

✅ ida-pro-mcp

• Status: Passed
• Tools scanned: 48
• Result: No security issues detected

✅ launchdarkly-mcp-server

• Status: Passed
• Tools scanned: 0
• Result: No security issues detected

✅ magic-mcp

• Status: Passed
• Tools scanned: 0
• Result: No security issues detected

✅ mcp-clickhouse

• Status: Passed
• Tools scanned: 0
• Result: No security issues detected

✅ mcp-jetbrains

• Status: Passed
• Tools scanned: 0
• Result: No security issues detected

✅ mcp-neo4j-aura-manager

• Status: Passed
• Tools scanned: 0
• Result: No security issues detected

✅ mcp-neo4j-cypher

• Status: Passed
• Tools scanned: 3
• Result: No security issues detected

✅ mcp-neo4j-memory

• Status: Passed
• Tools scanned: 0
• Result: No security issues detected

✅ mcp-server-box

• Status: Passed
• Tools scanned: 0
• Result: No security issues detected

✅ mcp-server-circleci

• Status: Passed
• Tools scanned: 16
• Result: No security issues detected

✅ mcp-server-neon

• Status: Passed
• Tools scanned: 0
• Result: No security issues detected

✅ netbird

• Status: Passed
• Tools scanned: 0
• Result: No security issues detected

✅ notion

• Status: Passed
• Tools scanned: 19
• Result: No security issues detected

✅ onchain-mcp

• Status: Passed
• Tools scanned: 10
• Result: No security issues detected

✅ phoenix-mcp

• Status: Passed
• Tools scanned: 19
• Result: No security issues detected

✅ playwright-mcp

• Status: Passed
• Tools scanned: 22
• Result: No security issues detected

✅ sentry-mcp-server

• Status: Passed
• Tools scanned: 0
• Result: No security issues detected

✅ supabase-mcp-server

• Status: Passed
• Tools scanned: 0
• Result: No security issues detected

✅ tavily-mcp

• Status: Passed
• Tools scanned: 0
• Result: No security issues detected

---

Summary: Scanned 33 MCP server(s), all passed security checks. ✅