Bump the all-dependencies group with 3 updates#46
Open
dependabot[bot] wants to merge 1 commit intomainfrom
Open
Bump the all-dependencies group with 3 updates#46dependabot[bot] wants to merge 1 commit intomainfrom
dependabot[bot] wants to merge 1 commit intomainfrom
Conversation
Bumps Microsoft.NET.Test.Sdk from 18.3.0 to 18.4.0 Bumps ModelContextProtocol from 1.1.0 to 1.2.0 Bumps YamlDotNet from 16.3.0 to 17.0.1 --- updated-dependencies: - dependency-name: Microsoft.NET.Test.Sdk dependency-version: 18.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-dependencies - dependency-name: ModelContextProtocol dependency-version: 1.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-dependencies - dependency-name: YamlDotNet dependency-version: 17.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
.NET
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Updated Microsoft.NET.Test.Sdk from 18.3.0 to 18.4.0.
Release notes
Sourced from Microsoft.NET.Test.Sdk's releases.
18.4.0
What's Changed
Add LoongArch64 support by @stdmnpkg in Add LoongArch64 support microsoft/vstest#15359
Refactor Condition evaluation by @Youssef1313 in Refactor Condition evaluation microsoft/vstest#15357
Adding info on extensions points part 1 by @nohwnd in Adding info on extensions points part 1 microsoft/vstest#15360
Add option to ask for uploading code QL before the standard window ends by @nohwnd in Add option to ask for uploading code QL before the standard window ends microsoft/vstest#15373
Update runtime versions by @nohwnd in Update runtime versions microsoft/vstest#15372
Fix .NET 10 regression for traits by @Youssef1313 in Fix .NET 10 regression for traits microsoft/vstest#15370
Update target frameworks to net10.0 and net11.0 by @dotnet-maestro[bot] in Update target frameworks to net10.0 and net11.0 microsoft/vstest#15349
Fix names in pipeline matrix so we don't have to align them by @nohwnd in Fix names in pipeline matrix so we don't have to align them microsoft/vstest#15365
Update SECURITY.md by @Youssef1313 in Update SECURITY.md microsoft/vstest#15342
New Contributors
Full Changelog: microsoft/vstest@v18.3.0...v18.4.0
Commits viewable in compare view.
Updated ModelContextProtocol from 1.1.0 to 1.2.0.
Release notes
Sourced from ModelContextProtocol's releases.
1.2.0
This release improves stateless HTTP transport defaults and documentation with a breaking behavioral change that we are considering as a server reliability fix and therefore not bumping the major version with this release. Legacy SSE endpoints are now disabled by default with a new
HttpServerTransportOptions.EnableLegacySseproperty available to opt back into responding to the SSE endpoints; the property is marked as an[Obsolete]warning as we expect to remove this property in a future major version.A warning-level
[Obsolete]attribute is also applied to theRequestContext(McpServer, JsonRpcRequest)constructor, and theRequestContext(McpServer, JsonRpcRequest, TParams)overload should be used instead. This change contributes to fixes including DI scope lifetime in task-augmented tools, meta/progress combination failures, and outgoing message filter routing. We plan to remove the obsolete overload in a future major version.Breaking Changes
Refer to the C# SDK Versioning documentation for details on versioning and breaking change policies.
1. Disable legacy SSE by default #1468
MapMcp()no longer maps/sseand/messageendpoints by default. Servers whose clients connect via SSE will find those endpoints removed.Migrating from legacy SSE
If your clients connect to a
/sseendpoint (e.g.,https://my-server.example.com/sse), they were using the legacy SSE transport--if not running inStatelessmode. The/sseand/messageendpoints are now disabled by default (EnableLegacySseisfalseand marked[Obsolete]with diagnosticMCP9004). Upgrading the server SDK without updating clients will break SSE connections.Client-side migration. Change the client
Endpointfrom the/ssepath to the root MCP endpoint — the same URL your server passes toMapMcp(). For example:With the default
HttpTransportMode.AutoDetecttransport mode, the client automatically tries Streamable HTTP first. You can also setTransportMode = HttpTransportMode.StreamableHttpexplicitly if you know the server supports it.Server-side migration. If you previously relied on
/ssebeing mapped automatically, you now needEnableLegacySse = true(suppressing theMCP9004warning) to keep serving those endpoints. The recommended path is to migrate all clients to Streamable HTTP and then removeEnableLegacySse.Transition period. If some clients still need SSE while others have already migrated to Streamable HTTP, set
EnableLegacySse = truewithStateless = false. Both transports are served simultaneously byMapMcp()— Streamable HTTP on the root endpoint and SSE on/sseand/message. Once all clients have migrated, removeEnableLegacySseand optionally switch toStateless = true.SSE (legacy — opt-in only)
Legacy SSE endpoints are now disabled by default and must be explicitly enabled via
HttpServerTransportOptions.EnableLegacySse. This is the primary reason they are disabled — the SSE transport has no built-in HTTP-level backpressure.The legacy SSE transport separates the request and response channels: clients POST JSON-RPC messages to
/messageand receive responses through a long-lived GET SSE stream on/sse. The POST endpoint returns 202 Accepted immediately after queuing the message — it does not wait for the handler to complete. This means there is no HTTP-level backpressure on handler concurrency, because each POST frees its connection immediately regardless of how long the handler runs.Internally, handlers are dispatched with a fire-and-forget pattern. A client can send unlimited POST requests to
/messagewhile keeping the GET stream open, and each one spawns a concurrent handler with no built-in limit.The GET stream does provide session lifetime bounds: handler cancellation tokens are linked to the GET request's
HttpContext.RequestAborted, so when the client disconnects the SSE stream, all in-flight handlers are cancelled. This is similar to SignalR's connection-bound lifetime model — but unlike SignalR, there is no per-client concurrency limit likeMaximumParallelInvocationsPerClient. The GET stream provides cleanup on disconnect, not rate-limiting during the connection.2. Obsolete 2-arg RequestContext constructor #1462
The
RequestContext(McpServer, JsonRpcRequest)constructor is now[Obsolete]with diagnosticMCP9003, producing build warnings. TheParamsproperty is also changed fromTParams?toTParams.Migration: Use the new 3-arg constructor:
new RequestContext(server, request, parameters).What's Changed
... (truncated)
Commits viewable in compare view.
Updated YamlDotNet from 16.3.0 to 17.0.1.
Release notes
Sourced from YamlDotNet's releases.
17.0.0
What's Changed
New Contributors
Full Changelog: aaubry/YamlDotNet@v16.3.0...v17.0.0
Commits viewable in compare view.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions