v3.2.4: Patch Me If You Can

A grab bag of fixes, hardening, and polish.

The headline behavior change: background tasks are now scoped to the authorization context rather than the MCP session, so a task kicked off by an authenticated user survives session churn and stays tied to who started it. This is a breaking change for anyone relying on the old session-scoped semantics.

Security got three meaningful upgrades. FileUpload now validates actual decoded base64 size instead of trusting the client-reported number, so an attacker can't claim "10 bytes" and deliver 10MB. The proxy client stops forwarding inbound HTTP headers to unrelated remote servers — previously a header meant for server A could leak to server B. And AuthKit now auto-binds token audience to the resource URL per RFC 8707, closing a token-reuse gap across MCP resources.

Schema handling had a rough-edges pass. json_schema_to_type no longer crashes on Python keywords, boolean schemas, empty enums, or name collisions, and we added a 232K-schema crash test from APIs.guru to keep it honest. Gemini 2.5 Flash compatibility is fixed by stripping title fields the model rejects. Parameter descriptions are now extracted from docstrings automatically, so your tool signatures document themselves.

Plus a Keycloak OAuth provider for enterprise auth, improvements to ctx.elicit() (new response_title/response_description, deprecation warning when called without response_type), and dozens of smaller fixes across transforms, retry middleware, resource templates, and client disconnect handling.

What's Changed

Breaking Changes ⚠️

• Scope tasks to authorization context, not session by @chrisguidry in #3800

Enhancements ✨

• Bump pydocket>=0.19.0, drop fakeredis pin by @chrisguidry in #3822
• Add real-world schema crash test (232K schemas from APIs.guru) by @strawgate in #3826
• Enable 7 zero-violation ruff rules by @strawgate in #3841
• Promote 7 ty rules from ignore to warn by @strawgate in #3852
• Replace ___ with hash-based backend tool routing and per-tool prefab resources by @jlowin in #3824
• Enable 4 ruff rules (DTZ, ERA, ISC, INP) and fix 9 violations by @strawgate in #3842
• Extract parameter descriptions from docstrings by @jlowin in #3872
• ci: speed up schema crash test (CSafeLoader + xdist-safe aggregation) by @jlowin in #3873
• test: bump OpenAPI init perf threshold to 200ms for Windows CI by @jlowin in #3879
• refactor: unify object-schema conversion through _object_schema_to_type by @jlowin in #3884
• Add Keycloak OAuth Provider for Enterprise Authentication and local dev by @stephaneberle9 in #1937
• Allow auth providers to override protected resource base URLs by @aaazzam in #3900
• Enable PERF and T20 ruff rules by @strawgate in #3845
• Add response_title and response_description to ctx.elicit() by @jlowin in #3912
• Deprecate ctx.elicit() without response_type by @jlowin in #3916

Security 🔒

• Validate actual base64 data size in FileUpload, not client-reported size by @strawgate in #3816
• Stop forwarding inbound HTTP headers to unrelated remote servers by @jlowin in #3837
• AuthKit: auto-bind token audience to resource URL (RFC 8707) by @jlowin in #3905

Fixes 🐞

• Version-check is_docket_available() to avoid transitive pydocket crash by @jlowin in #3807
• fix: materialize generators before result conversion, handle bytes gracefully by @strawgate in #3830
• Fix json_schema_to_type crashes on keywords, boolean schemas, empty enums, and name collisions by @strawgate in #3818
• fix: replace or with is not None checks for config/override merging by @strawgate in #3833
• fix: TransformedTool sync fn crash and schema mutation by @strawgate in #3823
• fix: cross-provider duplicate detection, error visibility, mask propagation by @strawgate in #3827
• fix: don't pass HTTP kwargs when transport is unspecified by @strawgate in #3838
• fix: strip title fields from tool schemas for Gemini 2.5 Flash compatibility by @strawgate in #3861
• fix: retry when LLM returns text instead of calling final_response by @strawgate in #3850
• Raise on unhandled content types in sampling handler dispatch chains by @strawgate in #3857
• Fix broken code examples in docs by @strawgate in #3869
• fix: GoogleGenaiSamplingHandler leaks thought parts and gives unhelpful errors on empty responses by @strawgate in #3849
• fix: cap consecutive final_response validation retries by @strawgate in #3851
• Fix test quality issues by @strawgate in #3854
• Fix MCP tool on docs welcome page by @lkiesow in #3874
• Fix CIMD clients getting required_scopes instead of valid_scopes by @jlowin in #3836
• Rename filesystem-provider example dir to avoid mcp/ collision by @jlowin in #3878
• fix: drop configurable dedupe from AggregateProvider, always warn by @jlowin in #3877
• fix: resolve list[dict] return type producing Root() instead of dicts by @KeWang0622 in #3880
• fix: strip titles from bare-metadata nodes (Gemini 2.5 Flash) by @jlowin in #3881
• Fix wildcard resource template params in mounted servers by @jlowin in #3899
• Harden forced client disconnect cleanup by @vonbai in #3885
• fix: elicitation scalar return, resource auto-serialization, Client.new() state, prompt errors by @strawgate in #3859
• fix: task.wait() hangs indefinitely when task enters input_required by @mrishav in #3798
• Fix RetryMiddleware not retrying tool errors by @strawgate in #3858
• Stop pydantic 2.13 from leaking _WrappedResult docstring into tool output schemas by @jlowin in #3918

Docs 📚

• Note generate-notes API in release workflow docs by @jlowin in #3806
• docs: require agents to respect DNM markers on PRs by @jlowin in #3871
• docs: add uv-managed dependencies and uvx examples to mcp-json configuration by @vincent067 in #3843
• docs: link fastmcp-keycloak-local companion project from Keycloak integration page by @stephaneberle9 in #3904
• Overhaul apps docs by @jlowin in #3915

Dependencies 📦

• chore(deps): bump extractions/setup-just from 3 to 4 by @dependabot[bot] in #3863
• chore(deps): bump astral-sh/setup-uv from 6 to 7 by @dependabot[bot] in #3865
• chore(deps): bump actions/checkout from 4 to 6 by @dependabot[bot] in #3864
• chore(deps-dev): bump pydantic-monty from 0.0.9 to 0.0.10 by @dependabot[bot] in #3809
• chore(deps): bump the uv group across 2 directories with 1 update by @dependabot[bot] in #3913

New Contributors

• @lkiesow made their first contribution in #3874
• @KeWang0622 made their first contribution in #3880
• @vonbai made their first contribution in #3885

Full Changelog: v3.2.3...v3.2.4

v2.14.7: Fake It Till You Break It

What's Changed

Fixes 🐞

• fix(deps): cap fakeredis to <2.35.0 to prevent startup crash on 2.x by @vincent067 in #3883

Full Changelog: v2.14.6...v2.14.7

v3.2.3: Redis or Not

fakeredis 2.35.0 shipped an undocumented rename (FakeConnection → FakeAsyncRedisConnection) that broke pydocket's memory:// backend, causing fastmcp[tasks] installs to fail at startup with an ImportError. This pins fakeredis<2.35.0 in the tasks extra as a stopgap until a fixed pydocket ships.

What's Changed

Fixes 🐞

• Pin fakeredis<2.35.0 in tasks extra by @jlowin in #3804

Docs 📚

• Document session state isolation across mount boundaries by @jlowin in #3801

Full Changelog: v3.2.2...v3.2.3

v3.2.2: Audience Appreciation

The Azure audience fix in 3.2.1 overcorrected: it switched token validation from client_id to identifier_uri, which fixed custom Application ID URIs but broke the default case where Azure AD v2 tokens set aud to the bare client ID GUID. Both formats are now accepted.

What's Changed

Fixes 🐞

• fix: accept both client_id and identifier_uri as Azure audience by @jlowin in #3797

Dependencies 📦

• chore(deps): bump the uv group across 2 directories with 1 update by @dependabot[bot] in #3795

Full Changelog: v3.2.1...v3.2.2

v3.2.1: Audience Participation

Most of the fixes in this patch are about auth providers getting audience validation wrong. Cognito token verification was checking the aud JWT claim, but Cognito access tokens don't include one; they use client_id instead. Azure was hardcoding the raw client ID as the expected audience, ignoring the identifier_uri parameter even though Entra v2.0 tokens use the Application ID URI as aud. Both now validate correctly without changing the provider API. Consent cookies also had an unbounded growth problem in high-DCR-client environments, eventually blowing past reverse proxy header limits; they're now capped as an LRU.

On the OpenAPI side, nullable: true fields from 3.0 specs were leaking into tool input schemas as-is instead of being converted to JSON Schema's type: ["string", "null"]. Server variable templates in base URLs (like https://{region}.api.example.com) were also being passed through raw instead of substituted with their defaults.

Smaller fixes: form submissions from Prefab UI now correctly handle unchecked boolean checkboxes, the client no longer crashes on error responses with empty or non-text content from third-party servers, and asyncio.iscoroutinefunction no longer emits deprecation warnings on Python 3.14.

What's Changed

Breaking Changes ⚠️

• fix(google): use sub (user ID) for client_id instead of aud (app ID) by @shigechika in #3722
• fix: remove CSP from tool metadata, keep on resource only by @jlowin in #3754

Enhancements ✨

• [codex] Add FastMCP docs telemetry by @aaazzam in #3727
• chore: split SDK navigation into standalone $ref file by @jlowin in #3773
• fix: bump ty to >=0.0.29 and suppress new false positives by @jlowin in #3790

Fixes 🐞

• fix: use explicit None checks for JWT exp validation by @jlowin in #3724
• Unify background task context forwarding, fix concurrent dependency bugs by @chrisguidry in #3710
• fix: add proxy timeouts and modernize networking in apps dev by @mateeaaa in #3741
• fix: ResponseLimitingMiddleware no longer breaks outputSchema tools by @jlowin in #3756
• fix: substitute server variable defaults when building base URL from OpenAPI spec by @mrishav in #3770
• fix: FastAPI TestClient compatibility and lifespan re-initialization by @kvdhanush06 in #3736
• fix: propagate upstream_claims in load_access_token by @kvdhanush06 in #3750
• Remove deprecated asyncio.iscoroutinefunction fallback by @kaiisfree in #3767
• fix: changeable allowed_client_redirect_uris on OAuthProxy by @fengarix in #3772
• fix: broken link in changelog by @jlowin in #3775
• fix(docs): correct FastMCP tool name in welcome docs by @buyua9 in #3781
• fix: cap consent cookie size to prevent header overflow by @jlowin in #3784
• Fix boolean property schemas in JSON Schema parsing by @jlowin in #3785
• Fix OpenAPI 3.0 nullable fields in tool input schemas by @kvdhanush06 in #3768
• fix: Cognito token verification checks client_id instead of aud by @jlowin in #3786
• fix: use identifier_uri as audience for Azure token validation by @jlowin in #3787
• Harden client tool result error handling by @aimable100 in #3778

Docs 📚

• Github integraiton documentation fix: use result.data otherwise CallToolResult not scriptable by @c4jquick in #3753
• chore: split v2 docs navigation into separate file by @jlowin in #3762
• docs: document forward_resource parameter on OAuthProxy by @jlowin in #3788

Examples & Contrib 💡

• fix: boolean false values dropped in form submissions by @jlowin in #3776

Dependencies 📦

• chore(deps): bump fastmcp from 3.1.1 to 3.2.0 in /examples/testing_demo in the uv group across 1 directory by @dependabot[bot] in #3728
• chore(deps): bump anthropic from 0.86.0 to 0.87.0 in the uv group across 1 directory by @dependabot[bot] in #3742

New Contributors

• @c4jquick made their first contribution in #3753
• @mateeaaa made their first contribution in #3741
• @mrishav made their first contribution in #3770
• @kvdhanush06 made their first contribution in #3736
• @kaiisfree made their first contribution in #3767
• @fengarix made their first contribution in #3772
• @buyua9 made their first contribution in #3781
• @aimable100 made their first contribution in #3778

Full Changelog: v3.2.0...v3.2.1

v3.2.0: Show Don't Tool

FastMCP 3.2 is the Apps release. The 3.0 architecture gave you providers and transforms; 3.1 shipped Code Mode for tool discovery. 3.2 puts a face on it: your tools can now return interactive UIs — charts, dashboards, forms, maps — rendered right inside the conversation.

FastMCPApp

FastMCPApp is a new provider class for building interactive applications inside MCP. It separates the tools the LLM sees (@app.ui()) from the backend tools the UI calls (@app.tool()), manages visibility automatically, and gives tool references stable identifiers that survive namespace transforms and server composition — without requiring host cooperation.

from fastmcp import FastMCP, FastMCPApp
from prefab_ui.actions.mcp import CallTool
from prefab_ui.components import Column, Form, Input, Button, ForEach, Text

app = FastMCPApp("Contacts")

@app.tool()
def save_contact(name: str, email: str) -> list[dict]:
    db.append({"name": name, "email": email})
    return list(db)

@app.ui()
def contact_manager() -> PrefabApp:
    with PrefabApp(state={"contacts": list(db)}) as view:
        with Column(gap=4):
            ForEach("contacts", lambda c: Text(c.name))
            with Form(on_submit=CallTool("save_contact")):
                Input(name="name", required=True)
                Input(name="email", required=True)
                Button("Save")
    return view

mcp = FastMCP("Server", providers=[app])

The UI is built with Prefab, a Python component library that compiles to interactive UIs. You write Python; the user sees charts, tables, forms, and dashboards. FastMCP handles the MCP Apps protocol machinery — renderer resources, CSP configuration, structured content serialization — so you don't have to.

For simpler cases where you just want to visualize data without server interaction, set app=True on any tool and return Prefab components directly:

@mcp.tool(app=True)
def revenue_chart(year: int) -> PrefabApp:
    with PrefabApp() as app:
        BarChart(data=revenue_data, series=[ChartSeries(data_key="revenue")])
    return app

Built-in Providers

Five ready-made providers you add with a single add_provider() call:

• FileUpload — drag-and-drop file upload with session-scoped storage
• Approval — human-in-the-loop confirmation gates
• Choice — clickable option selection
• FormInput — generate validated forms from Pydantic models
• GenerativeUI — the LLM writes Prefab code at runtime and the result streams to the user as it's generated

Dev Server

fastmcp dev apps launches a browser-based preview for your app tools — pick a tool, provide arguments, and see the rendered UI without connecting to an MCP host. Includes an MCP message inspector for debugging the protocol traffic.

Security

This release includes a significant security hardening pass: SSRF/path traversal prevention, JWT algorithm restrictions, OAuth scope enforcement, CSRF fixes, and more. See the changelog for the full list.

Everything Else

forward_resource flag on all OAuth providers for IdPs that don't support RFC 8707. Clerk auth provider. FileResource encoding parameter. SSL verify parameter. client_log_level setting. MCP conformance tests in CI. And contributions from 13 new contributors.

What's Changed

New Features 🎉

• Add FastMCPApp — a Provider for composable MCP applications by @jlowin in #3385
• Add fastmcp dev apps command with browser UI preview by @jlowin in #3489
• Add GenerativeUI provider, bump prefab-ui 0.14.0 by @jlowin in #3647
• Add FileUpload provider by @jlowin in #3669
• Add Approval and Choice providers by @jlowin in #3686
• Add FormInput provider, bump prefab-ui to 0.15.0 by @jlowin in #3687

Breaking Changes ⚠️

• Route app tool calls via ___-prefixed names by @jlowin in #3667

Enhancements ✨

• feat: add --config-path flag to claude-desktop install command by @Sumanshu-Nankana in #3380
• Support ImageContent and AudioContent in Message class by @ericrobinson-indeed in #3396
• Deprecate PromptToolMiddleware and ResourceToolMiddleware by @jlowin in #3389
• Block HS* algorithms when JWTVerifier is configured with JWKS by @jlowin in #3419
• Remove prek from Marvin workflows by @jlowin in #3444
• Add dependency version compatibility guidance to code-review skill by @jlowin in #3475
• Remove "good first issue" label by @jlowin in #3482
• Cache component lists in ProxyProvider by @jlowin in #3479
• Support logging/setLevel and add client_log_level by @jlowin in #3491
• Propagate x-fastmcp-wrap-result in tool result _meta by @jlowin in #3490
• feat(auth): add external_consent param to suppress misleading warning by @mtthidoteu in #3473
• Add verify parameter for SSL certificate configuration by @jlowin in #3487
• Expose minimum_check_interval, reduce task pickup latency by @jlowin in #3500
• Fix test timeouts, suppress deprecation warnings, speed up auth tests by @jlowin in #3504
• Auto-close upgrade check issue when build passes by @jlowin in #3505
• feat: make upstream_client_secret optional in OAuthProxy by @jlowin in #3486
• Add security label to triage workflow and release notes by @jlowin in #3516
• Claude/review contributor guidelines by @jlowin in #3517
• pin pydantic-monty to 0.0.8 by @jlowin in #3539
• Support ImageContent and AudioContent in sampling handlers by @jlowin in #3550
• Graceful degradation for multi-server proxy setup by @jlowin in #3546
• Extract TokenCache utility, add caching to GitHubTokenVerifier by @jlowin in #3547
• Add review-pr skill for Codex bot workflow by @jlowin in #3552
• Add MCP message inspector to dev apps UI by @jlowin in #3570
• Comprehensive MCP Apps docs, string CallTool resolution by @jlowin in #3575
• Replace UUID global keys with (app_name, tool_name) registry by @jlowin in #3585
• Route app tool calls through provider chain by @jlowin in #3587
• Dev apps: show more/less for long tool descriptions by @jlowin in #3600
• Apps Phase 1: docs, examples, app-only tool filtering by @jlowin in #3593
• Forward enable_cimd to OAuthProxy in all provider subclasses by @jlowin in #3608
• Tune too-long triage heuristic by @jlowin in #3610
• Update ty ignore comments for 0.0.25 compatibility by @jlowin in #3614
• Move app modules to fastmcp.apps package by @jlowin in #3616
• Tighten too-long heuristic for design-document issues by @jlowin in #3620
• Run MCP conformance tests by @strawgate in #3628
• Add PrefabAppConfig for customizable Prefab tool setup by @jlowin in #3648
• Clean error when dev apps ports are in use by @jlowin in #3658
• Add Clerk OAuth provider by @mostafa6765 in #3677
• Add interactive map example with geocoding by @jlowin in #3702
• Bump pydantic-monty to 0.0.9 by @jlowin in #3707
• Add forward_resource flag to OAuthProxy by @jlowin in #3711

Security 🔒

• fix: enforce per-tool auth checks in sampling tool wrapper by @jlowin in #3494
• fix: handle re.error from malformed URI templates by @jlowin in #3501
• fix: reject empty/OIDC-only required_scopes in AzureProvider by @jlowin in #3503
• fix: restrict $ref resolution to local refs only (SSRF/LFI) by @jlowin in #3502
• fix: URL-encode path params to prevent SSRF/path traversal (GHSA-vv7q-7jx5-f767) by @jlowin in #3507
• fix: prevent path traversal in skill download by @jlowin in #3493
• fix: prefer IdP-granted scopes over client-requested scopes in OAuthProxy by @jlowin in #3492
• fix: remove forced follow_redirects from httpx_client_factory calls by @jlowin in #3496
• Bump PyJWT >= 2.12.0 (CVE-2026-32597) by @jlowin in https://github.com/Prefec...

v3.1.1: 'Tis But a Patch

Pins pydantic-monty<0.0.8 to fix a breaking change in Monty that affects code mode. Monty 0.0.8 removed the external_functions constructor parameter, causing MontySandboxProvider to fail. This patch caps the version so existing installs work correctly.

What's Changed

Fixes 🐞

• Pin pydantic-monty<0.0.8 to fix code mode by @jlowin in #3497

Full Changelog: v3.1.0...v3.1.1

v3.1.0: Code to Joy

FastMCP 3.1 is the Code Mode release. The 3.0 architecture introduced providers and transforms as the extensibility layer — 3.1 puts that architecture to work, shipping the most requested capability since launch: servers that can find and execute code on behalf of agents, without requiring clients to know what tools exist.

Code Mode

Standard MCP has two scaling problems. The entire tool catalog loads into context upfront — with a large server, that's tens of thousands of tokens before the LLM reads a single word of the user's request. And every tool call is a round-trip: the LLM calls a tool, the result flows back through the context window, the LLM reasons about it, calls another tool, and so on. Intermediate results that only exist to feed the next step still burn tokens every time.

CodeMode is an experimental transform that solves both. Instead of seeing your tool catalog directly, the LLM gets meta-tools: it searches for relevant tools on demand (using BM25), inspects their schemas, then writes Python that chains call_tool() calls in a sandbox and returns a final answer. Discovery is staged and targeted; intermediate results never touch the model's context window.

from fastmcp import FastMCP
from fastmcp.experimental.transforms.code_mode import CodeMode

mcp = FastMCP("Server", transforms=[CodeMode()])

Your existing tools don't change — CodeMode wraps them. The default three-stage flow (search → get schemas → execute) is configurable: collapse it to two stages for smaller catalogs, skip discovery entirely for tiny ones. The sandbox supports resource limits on time, memory, and recursion depth.

Read the docs here.

Search Transforms

Code Mode's discovery layer is also available as a standalone transform. SearchTools adds BM25 text search to any server — clients can query against tool names and descriptions and receive ranked results, without needing to know tool names upfront. This is useful anywhere the tool catalog is large, dynamic, or not known in advance.

Prefab Apps

3.1 adds early integration with Prefab, a frontend framework with a Python DSL that compiles to React. The vision: Python developers building MCP servers shouldn't have to leave Python to ship a proper UI. Prefab is still under very active development (their words: "probably shouldn't use it yet"), but the integration is here, the pieces are aligning, and 3.2 is where this gets interesting.

Auth Additions

MultiAuth lets you compose multiple token verification sources into a single auth layer — useful when you need to accept tokens from more than one provider (e.g., internal JWTs alongside a third-party OAuth provider). This release also adds out-of-the-box support for PropelAuth and a Google GenAI sampling handler.

Under the Hood

Heavy imports are now lazy-loaded, meaningfully reducing startup time for servers that don't use every feature. fastmcp run and dev inspector gain a -m/--module flag for module-style invocation, MCPConfigTransport now correctly persists sessions across tool calls, and search_result_serializer gives you a hook to customize how search results are serialized for markdown output. Eight new contributors, and the usual round of fixes.

What's Changed

New Features 🎉

• feat: Search transforms for tool discovery by @jlowin in #3154
• Add experimental CodeMode transform by @aaazzam in #3297
• Add Prefab Apps integration for MCP tool UIs by @jlowin in #3316

Enhancements 🔧

• Lazy-load heavy imports to reduce import time by @jlowin in #3295
• Add http_client parameter to all token verifiers for connection pooling by @jlowin in #3300
• Add in-memory caching for token introspection results by @jlowin in #3298
• Add SessionStart hook to install gh CLI in cloud sessions by @jlowin in #3308
• Fix ty 0.0.19 type errors by @jlowin in #3310
• Code Mode: Add resource limits to MontySandboxProvider by @jlowin in #3326
• Accept transforms as FastMCP init kwarg by @jlowin in #3324
• Split large test files to comply with loq line limit by @jlowin in #3328
• Add -m/--module flag to fastmcp run and dev inspector by @dgenio in #3331
• Add search_result_serializer hook and serialize_tools_for_output_markdown by @MagnusS0 in #3337
• Add MultiAuth for composing multiple token verification sources by @jlowin in #3335
• Adds PropelAuth as an AuthProvider by @andrew-propelauth in #3358
• Replace vendored DI with uncalled-for by @chrisguidry in #3301
• Decompose CodeMode into composable discovery tools by @jlowin in #3354
• feat(contrib): auto-sync MCPMixin decorators with from_function signatures by @AnkeshThakur in #3323
• Add Google GenAI Sampling Handler by @strawgate in #2977
• Add ListTools, search limit, and catalog size annotation to CodeMode by @jlowin in #3359
• Allow configuring FastMCP transport setting in the same way as other configuration by @jvdmr in #1796
• Add include_unversioned option to VersionFilter by @yangbaechu in #3349

Fixes 🐞

• Fix docs banner pushing nav down by @jlowin in #3282
• fix: Replace hardcoded TTL with DEFAULT_TTL_MS - issue #3279 by @cedric57 in #3280
• fix: stop suppressing server stderr in fastmcp call by @jlowin in #3283
• fix: skip max_completion_tokens when maxTokens is None by @eon01 in #3284
• OpenAPI: rewrite $ref under propertyNames and patternProperties in _replace_ref_with_defs; add regression test for dict[StrEnum, Model] by @manojPal23234 in #3306
• Remove stale add_resource() key parameter from docs by @jlowin in #3309
• Handle AuthorizationError as exclusion in AuthMiddleware list hooks by @yangbaechu in #3338
• Fix flaky OpenAPI performance test threshold by @jlowin in #3355
• Fix flaky SSE timeout test by @jlowin in #3343
• Remove system role references from docs by @jlowin in #3356
• Fix session persistence across tool calls in multi-server MCPConfigTransport by @jer805 in #3330

Docs 📚

• Add v3.0.2 release notes by @jlowin in #3276
• Fix "FastMCP Constructor Parameters" in documentation server.mdx (Remove old parameters & Add new parameter) by @wangyy04 in #3317
• Fix stale docs: tag filtering API and missing output_schema param by @jlowin in #3322
• Narrate search example clients by @jlowin in #3321
• Code Mode: Document resource limits and fix docs formatting by @jlowin in #3327
• Add reverse proxy (nginx) section to HTTP deployment docs by @dgenio in #3344
• Restructure docs navigation: CLI section, Composition, More by @jlowin in #3361

Other Changes 🦾

• Don't advertise sampling.tools capability by default by @jlowin in #3334

New Contributors

• @cedric57 made their first contribution in #3280
• @eon01 made their first contribution in #3284
• @manojPal23234 made their first contribution in #3306
• @wangyy04 made their first contribution in #3317
• @yangbaechu made their first contribution in #3338
• @andrew-propelauth made their first contribution in #3358
• @jer805 made their first contribution in #3330
• @jvdmr made their first contribution in #1796

Full Changelog: v3.0.2...v3.1.0

v3.0.2: Threecovery Mode II

Two community-contributed fixes: auth headers from MCP transport no longer leak through to downstream OpenAPI APIs, and background task workers now correctly receive the originating request ID. Plus a new docs example for context-aware tool factories.

What's Changed

Fixes 🐞

• fix: prevent MCP transport auth header from leaking to downstream OpenAPI APIs (#3260) by @stakeswky in #3262
• fix: propagate origin_request_id to background task workers by @gfortaine in #3175

Docs 📚

• Add v3.0.1 release notes by @jlowin in #3259
• docs: add context-aware tool factory example by @machov in #3264

New Contributors

• @stakeswky made their first contribution in #3262
• @machov made their first contribution in #3264

Full Changelog: v3.0.1...v3.0.2

v3.0.1: Threecovery Mode

First patch after 3.0 — mostly smoothing out rough edges discovered in the wild. The big ones: middleware state that wasn't surviving the trip to tool handlers now does, Tool.from_tool() accepts callables again, OpenAPI schemas with circular references no longer crash discovery, and decorator overloads now return the correct types in function mode. Also adds verify_id_token to OIDCProxy for providers (like some Azure AD configs) that issue opaque access tokens but standard JWT id_tokens.

What's Changed

Enhancements 🔧

• Add verify_id_token option to OIDCProxy by @jlowin in #3248

Fixes 🐞

• Fix v3.0.0 changelog compare link by @jlowin in #3223
• Fix MDX parse error in upgrade guide prompts by @jlowin in #3227
• Fix non-serializable state lost between middleware and tools by @jlowin in #3234
• Accept callables in Tool.from_tool() by @jlowin in #3235
• Preserve skill metadata through provider wrapping by @jlowin in #3237
• Fix circular reference crash in OpenAPI schemas by @jlowin in #3245
• Fix NameError with future annotations and Context/Depends parameters by @jlowin in #3243
• Fix ty ignore syntax in OpenAPI provider by @jlowin in #3253
• Use max_completion_tokens instead of deprecated max_tokens in OpenAI handler by @jlowin in #3254
• Fix ty compatibility with upgraded deps by @jlowin in #3257
• Fix decorator overload return types for function mode by @jlowin in #3258

Docs 📚

• Sync README with welcome.mdx, fix install count by @jlowin in #3224
• Document dict-to-Message prompt migration in upgrade guides by @jlowin in #3225
• Fix v2 upgrade guide: remove incorrect v1 import advice by @jlowin in #3226
• Animated banner by @jlowin in #3231
• Document mounted server state store isolation in upgrade guide by @jlowin in #3236

Full Changelog: v3.0.0...v3.0.1