You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This commit was created on GitHub.com and signed with GitHub’s verified signature.
Changes since 1.6.0
Features
App.registerTool() / sendToolListChanged() — Views can expose tools for the Host to call (WebMCP-style) (#72)
App.createSamplingMessage() — sampling support via stock SDK types (#530)
Handshake-ordering guards (console.warn, or throw with AppOptions.strict): App host-bound methods warn when called before connect() completes; one-shot event handlers (ontoolinput/ontoolresult/etc.) warn when first registered after connect(); AppBridge warns when it receives requests before ui/notifications/initialized (#623, #629, #625, #630, #631)
AppOptions.allowUnsafeEval (default false) — App constructor sets z.config({ jitless: true }) so Views run under strict CSP without unsafe-eval; opt out for the faster JIT path (#618)
useApp() forwards autoResize and strict to the underlying App (#622)
Fixes
useApp effect cleanup now closes the App, so React StrictMode's dev double-invoke doesn't leave a zombie PostMessageTransport listener receiving every host message alongside the live instance (#631)
csp / permissions typed ?: never on McpUiToolMeta so misplaced declarations fail at compile time (#624)
Drop stale resourceUri JSDoc that referenced the deprecated flat _meta["ui/resourceUri"] key (#626)
Chore
npm run bump script for version bumps across root + workspaces; npm-publish jobs now approve in a single click; prereleases publish under --tag beta (#568)
Pre-commit hook: skip link-self when target is a symlink; --diff-filter=d so re-stage doesn't fail on deletions (#621)
Bump vite / hono / @hono/node-server to patched versions (#616)
