fix(deps): update module github.com/stacklok/toolhive to v0.3.8

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
github.com/stacklok/toolhive	v0.3.7 -> v0.3.8

---

Release Notes

stacklok/toolhive (github.com/stacklok/toolhive)

v0.3.8

Compare Source

🚀 ToolHive v0.3.8 is here!

This release focuses on expanding authentication capabilities, improving MCP support, and strengthening test coverage across the platform.

Authentication & Security

• OAuth 2.0 Token Exchange (RFC 8693) is now supported, enabling secure token acquisition for external authentication
• Token exchange middleware allows automatic swapping of downstream tickets for upstream credentials
• Client secrets for token exchange can now be configured via environment variables for better security practices

MCP (Model Context Protocol) Enhancements

• MCP parser updated to support the latest specification
• Secrets management is now available in the ToolHive MCP server for handling sensitive data
• MCPRegistry feature promoted to stable status with full documentation and e2e test coverage
• Telemetry failures no longer interfere with MCP responses, improving reliability

Session Management

• New pluggable storage backend system gives you flexibility in how sessions are stored and managed

Testing & Quality

• Integration tests added for the ToolHive Operator
• New e2e tests for MCPRegistry functionality
• Improved test isolation with dynamic port allocation in proxy tests

Documentation & Examples

• New Runtime Authoring Guide to help you build custom runtimes
• Updated middleware documentation with comprehensive coverage
• Kubernetes examples now use thv run consistently
• Removed deprecated permissionProfile from K8s examples

Infrastructure & Fixes

• Updated Podman socket path for macOS compatibility
• Corrected content length handling when mutating API calls
• Test utilities reorganized under test directory for better structure
• Upgraded to Go 1.25.2
• Multiple dependency updates (controller-runtime v0.22.3, golang.org/x/oauth2 v0.32.0, jsonschema v6, and more)

👋 Welcome to our newest contributor @​abhiii71! 🎉

🔗 Full changelog: stacklok/toolhive@v0.3.7...v0.3.8

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: go.sum

Command failed: go get -t ./...
go: module github.com/stacklok/[email protected] requires go >= 1.25.2; switching to go1.25.3
go: downloading go1.25.3 (linux/amd64)
go: download go1.25.3: golang.org/[email protected]: verifying module: checksum database disabled by GOSUMDB=off