Reorder docs/server.md sections for a clearer overview narrative

Move DNS rebinding protection and multi-node deployment patterns into a
new `## Deployment` umbrella near the end — they were splitting the flow
between Transports and core primitives. Promote Logging from a `####`
under Tools to a `###` peer of Tools/Resources/Prompts, since
`ctx.mcpReq.log()` is available in any handler, not just tools. Add a
brief `#### Tool annotations` subsection under Tools (previously only in
the catch-all table). Remove the Tool annotations row from the
`More server features` table and drop the cross-link to client.md from
the Completions section.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: jonathanhefner

docs/server.md

@@ -92,30 +92,6 @@ const transport = new StdioServerTransport();
 await server.connect(transport);
 ```
 
-## DNS rebinding protection
-
-MCP servers running on localhost are vulnerable to DNS rebinding attacks. Use `createMcpExpressApp()` from `@modelcontextprotocol/express` to create an Express app with DNS rebinding protection enabled by default:
-
-```ts source="../examples/server/src/serverGuide.examples.ts#dnsRebinding_basic"
-// Default: DNS rebinding protection auto-enabled (host is 127.0.0.1)
-const app = createMcpExpressApp();
-
-// DNS rebinding protection also auto-enabled for localhost
-const appLocal = createMcpExpressApp({ host: 'localhost' });
-
-// No automatic protection when binding to all interfaces
-const appOpen = createMcpExpressApp({ host: '0.0.0.0' });
-```
-
-When binding to `0.0.0.0` / `::`, provide an allow-list of hosts:
-
-```ts source="../examples/server/src/serverGuide.examples.ts#dnsRebinding_allowedHosts"
-const app = createMcpExpressApp({
-    host: '0.0.0.0',
-    allowedHosts: ['localhost', '127.0.0.1', 'myhost.local']
-});
-```
-
 ## Tools, resources, and prompts
 
 ### Tools
@@ -185,37 +161,12 @@ server.registerTool(
 > [!NOTE]
 > For a full runnable example with `ResourceLink` outputs, see [`simpleStreamableHttp.ts`](https://github.com/modelcontextprotocol/typescript-sdk/blob/main/examples/server/src/simpleStreamableHttp.ts).
 
-#### Logging
-
-Use `ctx.mcpReq.log(level, data)` (from {@linkcode @modelcontextprotocol/server!index.ServerContext | ServerContext}) inside a tool handler to send structured log messages to the client. The server must declare the `logging` capability:
-
-```ts source="../examples/server/src/serverGuide.examples.ts#logging_capability"
-const server = new McpServer({ name: 'my-server', version: '1.0.0' }, { capabilities: { logging: {} } });
-```
+#### Tool annotations
 
-Then log from any tool callback:
-
-```ts source="../examples/server/src/serverGuide.examples.ts#registerTool_logging"
-server.registerTool(
-    'fetch-data',
-    {
-        description: 'Fetch data from an API',
-        inputSchema: z.object({ url: z.string() })
-    },
-    async ({ url }, ctx): Promise<CallToolResult> => {
-        await ctx.mcpReq.log('info', `Fetching ${url}`);
-        const res = await fetch(url);
-        await ctx.mcpReq.log('debug', `Response status: ${res.status}`);
-        const text = await res.text();
-        return { content: [{ type: 'text', text }] };
-    }
-);
-```
+Tools can include annotations that hint at their behavior — for example, whether a tool is read‑only, destructive, or idempotent. Annotations help clients present tools appropriately without changing their execution semantics.
 
 > [!NOTE]
-> For logging in a full server, see [`simpleStreamableHttp.ts`](https://github.com/modelcontextprotocol/typescript-sdk/blob/main/examples/server/src/simpleStreamableHttp.ts) and [`jsonResponseStreamableHttp.ts`](https://github.com/modelcontextprotocol/typescript-sdk/blob/main/examples/server/src/jsonResponseStreamableHttp.ts).
->
-> For protocol details, see [Logging](https://modelcontextprotocol.io/specification/latest/server/utilities/logging) in the MCP specification.
+> For tool annotations in a full server, see [`simpleStreamableHttp.ts`](https://github.com/modelcontextprotocol/typescript-sdk/blob/main/examples/server/src/simpleStreamableHttp.ts).
 
 ### Resources
 
@@ -337,7 +288,37 @@ server.registerPrompt(
 );
 ```
 
-For client-side completion usage, see the [Client guide](client.md).
+### Logging
+
+Unlike tools, resources, and prompts, logging is not a registered primitive — it is a handler-level API available inside any callback. Use `ctx.mcpReq.log(level, data)` (from {@linkcode @modelcontextprotocol/server!index.ServerContext | ServerContext}) to send structured log messages to the client. The server must declare the `logging` capability:
+
+```ts source="../examples/server/src/serverGuide.examples.ts#logging_capability"
+const server = new McpServer({ name: 'my-server', version: '1.0.0' }, { capabilities: { logging: {} } });
+```
+
+Then log from any handler callback:
+
+```ts source="../examples/server/src/serverGuide.examples.ts#registerTool_logging"
+server.registerTool(
+    'fetch-data',
+    {
+        description: 'Fetch data from an API',
+        inputSchema: z.object({ url: z.string() })
+    },
+    async ({ url }, ctx): Promise<CallToolResult> => {
+        await ctx.mcpReq.log('info', `Fetching ${url}`);
+        const res = await fetch(url);
+        await ctx.mcpReq.log('debug', `Response status: ${res.status}`);
+        const text = await res.text();
+        return { content: [{ type: 'text', text }] };
+    }
+);
+```
+
+> [!NOTE]
+> For logging in a full server, see [`simpleStreamableHttp.ts`](https://github.com/modelcontextprotocol/typescript-sdk/blob/main/examples/server/src/simpleStreamableHttp.ts) and [`jsonResponseStreamableHttp.ts`](https://github.com/modelcontextprotocol/typescript-sdk/blob/main/examples/server/src/jsonResponseStreamableHttp.ts).
+>
+> For protocol details, see [Logging](https://modelcontextprotocol.io/specification/latest/server/utilities/logging) in the MCP specification.
 
 ## Server‑initiated requests
 
@@ -453,6 +434,32 @@ Task-based execution enables "call-now, fetch-later" patterns for long-running o
 > [!WARNING]
 > The tasks API is experimental and may change without notice.
 
+## Deployment
+
+### DNS rebinding protection
+
+MCP servers running on localhost are vulnerable to DNS rebinding attacks. Use `createMcpExpressApp()` from `@modelcontextprotocol/express` to create an Express app with DNS rebinding protection enabled by default:
+
+```ts source="../examples/server/src/serverGuide.examples.ts#dnsRebinding_basic"
+// Default: DNS rebinding protection auto-enabled (host is 127.0.0.1)
+const app = createMcpExpressApp();
+
+// DNS rebinding protection also auto-enabled for localhost
+const appLocal = createMcpExpressApp({ host: 'localhost' });
+
+// No automatic protection when binding to all interfaces
+const appOpen = createMcpExpressApp({ host: '0.0.0.0' });
+```
+
+When binding to `0.0.0.0` / `::`, provide an allow-list of hosts:
+
+```ts source="../examples/server/src/serverGuide.examples.ts#dnsRebinding_allowedHosts"
+const app = createMcpExpressApp({
+    host: '0.0.0.0',
+    allowedHosts: ['localhost', '127.0.0.1', 'myhost.local']
+});
+```
+
 ## More server features
 
 The sections above cover the essentials. The table below links to additional capabilities demonstrated in the runnable examples.
@@ -463,5 +470,4 @@ The sections above cover the essentials. The table below links to additional cap
 | Session management | Per-session transport routing, initialization, and cleanup | [`simpleStreamableHttp.ts`](https://github.com/modelcontextprotocol/typescript-sdk/blob/main/examples/server/src/simpleStreamableHttp.ts) |
 | Resumability | Replay missed SSE events via an event store | [`inMemoryEventStore.ts`](https://github.com/modelcontextprotocol/typescript-sdk/blob/main/examples/server/src/inMemoryEventStore.ts) |
 | CORS | Expose MCP headers (`mcp-session-id`, etc.) for browser clients | [`simpleStreamableHttp.ts`](https://github.com/modelcontextprotocol/typescript-sdk/blob/main/examples/server/src/simpleStreamableHttp.ts) |
-| Tool annotations | Hint whether tools are read-only, destructive, etc. | [`simpleStreamableHttp.ts`](https://github.com/modelcontextprotocol/typescript-sdk/blob/main/examples/server/src/simpleStreamableHttp.ts) |
 | Multi‑node deployment | Stateless, persistent‑storage, and distributed routing patterns | [`examples/server/README.md`](https://github.com/modelcontextprotocol/typescript-sdk/blob/main/examples/server/README.md#multi-node-deployment-patterns) |