[Snyk] Upgrade @modelcontextprotocol/sdk from 1.15.1 to 1.20.0 #279
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade @modelcontextprotocol/sdk from 1.15.1 to 1.20.0. See this package in npm: @modelcontextprotocol/sdk See this project in Snyk: https://app.snyk.io/org/ifuryst/project/98f029b3-c19c-4d43-a11e-dabb5cc0c815?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade @modelcontextprotocol/sdk from 1.15.1 to 1.20.0.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 12 versions ahead of your current version.
The recommended version was released 24 days ago.
Issues fixed by the recommended upgrade:
SNYK-JS-AXIOS-12613773
SNYK-JS-FORMDATA-10841150
Release notes
Package name: @modelcontextprotocol/sdk
-
1.20.0 - 2025-10-09
- docs: improve main README with better quick start, include examples of stateless HTTP, explain tools v resources v prompts by @ domdomegg in #980
- chore: add lint:fix script by @ mattzcarey in #1013
- Default to S256 code challenge if not specified in authorization server metadata by @ LucaButBoring in #992
- @ mattzcarey made their first contribution in #1013
-
1.19.1 - 2025-10-02
-
1.18.2 - 2025-09-25
- Updates the sampling code example in the README by @ viniciuscsouza in #958
- Use redirect Uri passed in in
- fix(auth-router): correct Protected Resource Metadata for pathful RS and add explicit resourceServerUrl (RFC 9728) by @ blustAI in #858
- chore: update version to 1.18.2 for weekly release by @ felixweinberger in #970
- @ viniciuscsouza made their first contribution in #958
- @ TylerLeonhardt made their first contribution in #931
- @ blustAI made their first contribution in #858
-
1.18.1 - 2025-09-18
- fix: prevent streamable http wite after end from crashing the node process by @ MQ37 in #933
- chore: update version to 1.18.1 for weekly release by @ felixweinberger in #950
- @ MQ37 made their first contribution in #933
-
1.18.0 - 2025-09-11
- mcp: update SDK for SEP 973 + add to example server by @ jesselumarie in #904
- feat: add _meta field support to tool definitions by @ knguyen-figma in #922
- Fix automatic log level handling for sessionless connections by @ cliffhall in #917
- 1.17.6 by @ ihrpr in #936
- 1.18.0 by @ ihrpr in #937
- ignore icons for now by @ ihrpr in #938
- @ jesselumarie made their first contribution in #904
- @ knguyen-figma made their first contribution in #922
-
1.17.5 - 2025-09-02
- Automatic handling of logging level by @ cliffhall in #882
- Fix the SDK vs Spec types test that is breaking CI by @ cliffhall in #908
-
1.17.4 - 2025-08-22
- feature(middleware): Composable fetch middleware for auth and cross‑cutting concerns by @ m-paternostro in #485
- restrict url schemes allowed in oauth metadata by @ pcarleton in #877
- [auth] OAuth protected-resource-metadata: fallback on 4xx not just 404 by @ pcarleton in #879
- chore: bump version to 1.17.4 by @ felixweinberger in #894
-
1.17.3 - 2025-08-14
-
1.17.2 - 2025-08-07
-
1.17.1 - 2025-07-31
-
1.17.0 - 2025-07-24
-
1.16.0 - 2025-07-17
-
1.15.1 - 2025-07-10
from @modelcontextprotocol/sdk GitHub release notesWhat's Changed
New Contributors 🙏
Full Changelog: 1.19.0...1.20.0
What's Changed
demoInMemoryOAuthProviderby @ TylerLeonhardt in #931New Contributors
Full Changelog: 1.18.1...1.18.2
What's Changed
New Contributors
Full Changelog: 1.18.0...1.18.1
What's Changed
New Contributors
Full Changelog: 1.17.5...1.18.0
What's Changed
Full Changelog: 1.17.4...1.17.5
What's Changed
Full Changelog: 1.17.3...1.17.4
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information: