Skip to content

fix(deps): update dependency @mastra/mcp to v1#50

Open
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/mastra-mcp-1.x
Open

fix(deps): update dependency @mastra/mcp to v1#50
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/mastra-mcp-1.x

Conversation

@renovate

@renovate renovate Bot commented Jan 21, 2026

Copy link
Copy Markdown
Contributor

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Change Age Confidence
@mastra/mcp (source) ^0.11.0^1.0.0 age confidence

Release Notes

mastra-ai/mastra (@​mastra/mcp)

v1.14.0

Compare Source

Minor Changes
  • Add serverlessStreaming option to MCPServer.startHTTP() for request-scoped progress notifications in serverless mode. (#​17927)

    Serverless mode (serverless: true) buffers each request into a single JSON response, which silently drops any notifications/progress a tool emits via extra.sendNotification(). Setting options: { serverless: true, serverlessStreaming: true } now handles the request with request-scoped SSE streaming (enableJsonResponse: false on the transient transport), so progress notifications reach the MCP client's onprogress handler before the final result. An explicit enableJsonResponse is also honored.

    await server.startHTTP({
      url,
      httpPath: '/mcp',
      req,
      res,
      options: { serverless: true, serverlessStreaming: true },
    });

    This is still fully stateless — no mcp-session-id is required or persisted — and the default behavior is unchanged (enableJsonResponse: true), so existing serverless JSON-response users are unaffected. It enables only notifications scoped to the current request, such as progress; elicitation, resource subscriptions, and out-of-request resource/list-change notifications still require session state.

  • Fixed MCP server notifications (resource updates, resource/prompt list changes) not reaching clients connected over streamable HTTP. Notifications are now broadcast to every connected session across all transports. (#​19193)

    Fixed resource subscriptions being shared globally across all clients. Subscriptions are now tracked per session, so resources.notifyUpdated() only notifies sessions that subscribed to the resource URI, and one client unsubscribing no longer removes another client's subscription. Clients that relied on receiving notifications/resources/updated without subscribing must now call resources/subscribe first.

    Added support for the remaining MCP notification features:

    Dynamic tools and tools/list_changed

    Servers can now add and remove tools at runtime and notify clients via notifications/tools/list_changed:

    // Server: manage tools at runtime
    await server.toolActions.add({ myNewTool });
    await server.toolActions.remove(['myNewTool']);
    await server.toolActions.notifyListChanged();

    When the server is registered with a Mastra instance, dynamic add/remove also keeps the Mastra instance's tool registry in sync.

    // Client: react to tool list changes
    await mcp.tools.onListChanged('myServer', async () => {
      const tools = await mcp.listTools();
    });

    Server-side log messages

    Servers can now emit notifications/message log notifications. The minimum level a client sets via logging/setLevel is honored per session:

    // Broadcast to all connected clients
    await server.sendLoggingMessage({ level: 'info', data: { message: 'Sync completed' } });
    
    // From inside a tool, send to the calling client
    await context.mcp.log('debug', 'Fetching weather', { location });

    Progress notifications from tools

    Tools can now report progress to the calling client:

    await context.mcp.progress({ progress: 1, total: 3, message: 'step 1' });
Patch Changes

v1.13.1

Compare Source

Patch Changes

v1.13.0

Compare Source

Minor Changes
  • Fixed MCP tool execution failures being recorded as successes. (#​18482)

    A failing MCP tool used to look like it succeeded. The call was traced and saved as a success, and error handling like retries and Studio error states never ran. For tools with an outputSchema, the error message was thrown away, so neither the model nor the user saw why the call failed.

    This happened because the server reports the failure inside a normal result (with an isError flag), and MCPClient did not check that flag.

    Now isError: true results are surfaced on the failed-tool-call path: the tool throws with the server's error text, so spans, stream chunks, scorers, and persisted messages reflect the failure and the model can self-correct.

    You can opt back into the previous behavior per server with onToolError: 'return', which resolves with the raw result instead of throwing:

    const mcp = new MCPClient({
      servers: {
        weather: {
          url: new URL('https://example.com/mcp'),
          onToolError: 'return', // default is 'throw'
        },
      },
    });
Patch Changes

v1.12.1

Compare Source

Patch Changes

v1.12.0

Compare Source

Minor Changes
  • Added MCPClient.listToolsWithErrors() to return namespaced tools alongside per-server discovery errors. (#​18030)

    Example:

    const { tools, errors } = await mcp.listToolsWithErrors();
    
    new Agent({
      name: 'assistant',
      tools,
    });
    
    if (Object.keys(errors).length > 0) {
      console.error(errors);
    }
Patch Changes

v1.11.0

Compare Source

Minor Changes
Patch Changes

v1.10.0

Compare Source

Minor Changes
  • Added MCP server Fine-Grained Authorization mapping overrides for tool authorization. (#​17529)

    Use the new fga option on MCPServer to customize the resource and permission mappings used for tools/list and tools/call checks without changing the Mastra instance-level tool mapping used by internal agent and workflow tool execution.

    const server = new MCPServer({
      name: 'My Server',
      version: '1.0.0',
      tools: { getData },
      fga: {
        resourceMapping: {
          tool: {
            fgaResourceType: 'user',
            deriveId: ({ user }) => user.id,
          },
        },
        permissionMapping: {
          'tools:execute': 'read',
        },
      },
    });
Patch Changes

v1.9.1

Compare Source

Patch Changes

v1.9.0

Compare Source

Minor Changes
  • Added opt-in MCP server instructions forwarding into agent system prompts. (#​17155)

    When an MCP server advertises instructions during initialization, you can now forward that guidance into the system prompt of agents that use the server's tools. This is opt-in — set forwardInstructions: true per server to enable it. Forwarded instructions are injected into the agent's system prompt, so only enable this for servers you trust.

    const mcp = new MCPClient({
      servers: {
        db: {
          url: new URL('http://localhost:4111/mcp'),
          forwardInstructions: true, // opt in; defaults to false
          instructionsMaxLength: 512, // max chars forwarded per server
        },
      },
    });
    
    const agent = new Agent({
      id: 'db-agent',
      name: 'DB Agent',
      instructions: 'Help with database changes.',
      model,
      tools: await mcp.listTools(),
    });

    You can always inspect cached instructions without forwarding them:

    const instructions = mcp.getServerInstructions();
    // => { db: 'Always validate before migrating.', other: undefined }
  • Added native multimodal tool-result support. Core now converts MCP-style tool results with image and audio content parts into model-native media output when building model prompts, without requiring MCP tools to persist duplicate media payloads in providerMetadata.mastra.modelOutput. (#​16866)

    return {
      content: [
        { type: 'text', text: 'Screenshot captured' },
        { type: 'image', data: base64Png, mimeType: 'image/png' },
      ],
    };
Patch Changes
  • Support conditional, function-based tool approvals. (#​17337)

    • MCP tools that wrap a server-level requireToolApproval function are now honored end-to-end. The per-tool approval function was previously dropped when the agent converted MCP tools (it kept only the boolean flag), so conditional approval silently fell back to always-on. CoreToolBuilder now preserves a needsApprovalFn attached directly to a tool instance.
    • The global requireToolApproval option on agent.stream/agent.generate now accepts a function in addition to a boolean. It is evaluated per tool call with the tool name, arguments, and request context, enabling policies such as regex allowlists on tool names. Returning true requires approval for that call; false allows it. On error the call defaults to requiring approval. When a function policy is set, tool calls run sequentially so approval suspensions don't race. Durable agents and stored agents continue to accept only a boolean (a function degrades to requiring approval for every call, since their options must be serializable).
    // Approve only tool calls whose name is not on an allowlist.
    const allowlist = /^(get|list|search)_/;
    await agent.generate('...', {
      requireToolApproval: ({ toolName }) => !allowlist.test(toolName),
    });
    • Precedence is unchanged from before: a per-tool approval function (createTool({ requireApproval: fn }) or an MCP-derived needsApprovalFn) is authoritative for that tool and overrides the global setting, so a tool can still opt out of approval by returning false even when the global option is on. The only new behavior is that the global option may now be a function in addition to a boolean.
    • The previously implicit, runtime-attached per-tool approval predicate is now a typed contract: @mastra/core exports NeedsApprovalFn and declares the optional needsApprovalFn property on the Tool class. The MCP client and the agent runtime now share this typed contract instead of reaching through any. This is additive — no public API changes.
  • Close the stale MCP transport before reconnecting so SSE connections no longer leak orphaned EventSource instances and accumulate server-side sessions on implicit reconnect. (#​17326)

  • Fixed FGA-enabled MCP servers so OAuth authInfo can be mapped to a Mastra user before tools/list and tools/call authorization. (#​17475)

  • Updated dependencies [fa63872, d779de3, 1750c97, 9283971, f07b646, d8838ae, 40f9297, 19a8658, 850af77, 0f0d1ba, a18775a, 1baf2d1, 8c31bcd, 0e32507, 95b14cd, 07c3de7, 0bf2d93, 7b0d34c, a659a77, aa36be2, 3332be9, 212c635, d8838ae, 9aa5a73, f73c789, 8bd16da, c8630f8, 94dfef6, 47f71dc, 50ceae2, a122f79, 8cdde58, 3a081c1, 49f8abc, 847ff1e, 0c1ed1d, 259d409, 9e16c68, cefca33, d00e8c5, 36fa7e2, 87e9774, 65a72e7, fe9eacd, 4c02027, 0f77241, 849efb9, 92ff509, 3fce5e7, a763592, db79c86, 6855012, 80c7737, 7fef31c, 7fef31c, 3f1cf47]:

v1.8.1

Compare Source

Patch Changes

v1.8.0

Compare Source

Minor Changes
  • Added MCP tool annotations to the requireToolApproval context and exposed them on tools returned from listTools() / listToolsets(). (#​16784)

    The requireToolApproval callback now receives the server-advertised annotations (title, readOnlyHint, destructiveHint, idempotentHint, openWorldHint) alongside toolName and args. This lets you write declarative approval policies instead of hardcoding tool name lists. Annotations are also propagated onto Mastra tools as tool.mcp.annotations so apps can render them in UI.

    Security caveat (per the MCP spec): annotations are hints, not guarantees. Clients MUST treat them as untrusted unless they come from a trusted server. Do not use annotations alone as a security boundary for servers you do not control — set requireToolApproval: true for those. When the server omits annotations entirely, this field is undefined, so policies can distinguish "no annotations" from "annotated as safe".

    import { MCPClient } from '@​mastra/mcp';
    
    // Before — hardcoded tool name lists, server-specific
    const mcp = new MCPClient({
      servers: {
        github: {
          url: new URL('https://example.com/mcp'),
          requireToolApproval: ({ toolName }) => toolName === 'delete_repo',
        },
      },
    });
    
    // After — annotation-driven, works across any trusted MCP server
    const mcp = new MCPClient({
      servers: {
        github: {
          url: new URL('https://example.com/mcp'),
          requireToolApproval: ({ annotations }) => {
            if (!annotations) return true;
            if (annotations.readOnlyHint) return false;
            if (annotations.destructiveHint) return true;
            return false;
          },
        },
      },
    });
    
    // Annotations are also visible on tools returned by listTools()
    const tools = await mcp.listTools();
    for (const tool of Object.values(tools)) {
      console.log(tool.mcp?.annotations);
    }

    Closes #​16766.

Patch Changes
  • Fixed an issue where OAuth token requests dropped client_id and client_secret for confidential clients. The provider previously shipped an empty addClientAuthentication method that satisfied the MCP SDK's existence check and short-circuited its default credential attachment, causing invalid_request errors on token exchange and refresh against confidential-client OAuth servers. The empty stub has been removed so the SDK's built-in client authentication runs again. See #​16854. (#​16862)

  • Close previous SSE transport before accepting a new connection in MCPServer.connectSSE(). Previously, sequential SSE connections to the same server would fail with "Already connected to a transport" because the underlying protocol was never closed when the previous client disconnected. (#​16695)

  • Updated dependencies [452036a, c272d50, 27fd1b7, 5ba7253, 5556cc1, f73980d, 5499303, a702009, 9aee493, [d8692af](https://redirect.github.com/mastra-ai

Note

PR body was truncated to here.


Configuration

📅 Schedule: (UTC)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate
renovate Bot force-pushed the renovate/mastra-mcp-1.x branch from 82fa005 to c918bb0 Compare January 22, 2026 07:20
@renovate
renovate Bot force-pushed the renovate/mastra-mcp-1.x branch 3 times, most recently from 5c7c7a0 to d4cd4dc Compare February 17, 2026 18:41
@renovate
renovate Bot force-pushed the renovate/mastra-mcp-1.x branch 3 times, most recently from e16d39b to 4d05e36 Compare March 4, 2026 15:08
@renovate
renovate Bot force-pushed the renovate/mastra-mcp-1.x branch 3 times, most recently from cadf916 to 944e923 Compare March 12, 2026 04:59
@renovate
renovate Bot force-pushed the renovate/mastra-mcp-1.x branch 3 times, most recently from 5eb4d2a to ce86bb7 Compare March 20, 2026 12:41
@renovate
renovate Bot force-pushed the renovate/mastra-mcp-1.x branch 3 times, most recently from a469e50 to a089d71 Compare April 1, 2026 00:50
@renovate
renovate Bot force-pushed the renovate/mastra-mcp-1.x branch 2 times, most recently from 0d5a094 to b79563b Compare April 12, 2026 12:23
@renovate
renovate Bot force-pushed the renovate/mastra-mcp-1.x branch 2 times, most recently from fb5aeb2 to 86d6d31 Compare April 22, 2026 04:51
@renovate
renovate Bot force-pushed the renovate/mastra-mcp-1.x branch 2 times, most recently from 9244436 to f1a8913 Compare April 29, 2026 00:55
@renovate
renovate Bot force-pushed the renovate/mastra-mcp-1.x branch from f1a8913 to 5b75a61 Compare May 4, 2026 22:47
@renovate
renovate Bot force-pushed the renovate/mastra-mcp-1.x branch 2 times, most recently from 7102a85 to 756c032 Compare May 18, 2026 12:11
@renovate
renovate Bot force-pushed the renovate/mastra-mcp-1.x branch 2 times, most recently from 9a7e82f to 0a43fc9 Compare May 27, 2026 05:43
@renovate
renovate Bot force-pushed the renovate/mastra-mcp-1.x branch 3 times, most recently from 8b3e6ef to 68b731b Compare June 3, 2026 20:13
@renovate
renovate Bot force-pushed the renovate/mastra-mcp-1.x branch 4 times, most recently from 28bbafe to a21c6a6 Compare June 19, 2026 10:36
@renovate
renovate Bot force-pushed the renovate/mastra-mcp-1.x branch from a21c6a6 to 788a827 Compare June 24, 2026 04:59
@renovate
renovate Bot force-pushed the renovate/mastra-mcp-1.x branch 3 times, most recently from e37de0a to 2957aa0 Compare July 6, 2026 18:41
@renovate
renovate Bot force-pushed the renovate/mastra-mcp-1.x branch 2 times, most recently from a4efd99 to 49bdadf Compare July 15, 2026 06:30
@renovate
renovate Bot force-pushed the renovate/mastra-mcp-1.x branch from 49bdadf to 9ce13b7 Compare July 17, 2026 11:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants