Overhaul v3.0 upgrade guide

[jlowin]

The upgrade guide was missing some significant v3 breaking changes and read like a sparse changelog rather than something that helps people actually migrate. This rewrites it to be educational and complete.

What changed:

• Added the removed constructor kwargs section (host, port, log_level, etc.) — this was the biggest gap since FastMCP("server", host="0.0.0.0", port=8080) was probably the most common v2 HTTP pattern
• Added missing deprecations: import_server(), module path changes for proxy/openapi, FastMCPOpenAPI class
• Removed items incorrectly listed as deprecations that are actually hard TypeErrors (include_tags, exclude_tags, tool_serializer)
• Fixed components=["tool"] → components={"tool"} to match actual type annotation
• Clarified that include_fastmcp_meta removal means metadata can no longer be suppressed
• Each breaking change now explains why the API changed, not just what to search-and-replace
• Flattened heading structure so the TOC shows sections (Breaking Changes / Behavior Changes / Deprecated Features) rather than every individual item

LLM migration prompt:

Added a <Prompt> component (Mintlify's copyable prompt widget) at the top of the v3 section. Users can copy it into any LLM alongside their server code for automated migration guidance. The prompt is self-contained with numbered categories, inline fix instructions, and a link to the full guide for edge cases.

Summary by CodeRabbit

• Documentation
  • Revamped v3.0.0 upgrade guide with a prominent BREAKING CHANGES section and an automated-migration prompt to assist bulk updates.
  • Expanded and reorganized breaking changes into detailed, enumerated migration steps with before/after examples for constructors, transports, providers, decorators, prompts, metadata, storage, and provider flows.
  • Added a comprehensive DEPRECATIONS section and updated examples throughout.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 7910d62241

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Route message_path migration to env var, not run kwargs

This guidance groups message_path with kwargs that should be passed to run()/run_http_async(), but run_http_async does not accept a message_path parameter (src/fastmcp/server/mixins/transport.py, signature at run_http_async), and the library’s own removal hint for constructor message_path says to set FASTMCP_MESSAGE_PATH (src/fastmcp/server/server.py, _REMOVED_KWARGS). For users migrating v2 SSE servers with a custom message path, following this text will raise TypeError instead of preserving behavior.

Useful? React with 👍 / 👎.

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

📝 Walkthrough

Walkthrough

Replaces docs/development/upgrade-guide.mdx with a complete rewrite: adds an LLM-assisted PROMPT block, expands BREAKING CHANGES into a numbered multi-item section with before/after examples, adds a DEPRECATIONS section, and updates examples to reflect v3 API and provider-based migrations.

Changes

Cohort / File(s)	Summary
Upgrade guide (docs) docs/development/upgrade-guide.mdx	Full replacement: new top-level PROMPT for automated migration, reordered and expanded BREAKING CHANGES (constructor kwarg removals; transport/provider/OpenAPI migrations; decorator/Prompt API changes; metadata/env var renames; OAuth storage changes); expanded DEPRECATIONS with migration snippets and many updated code examples.

Sequence Diagram(s)

(omitted)

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• Prepare docs for v3.0 beta release #2954: Another rewrite of docs/development/upgrade-guide.mdx with overlapping reorganization of breaking changes and migration prompts.
• Add v3.0 feature tracking document #2822: Related provider-based architecture and breaking-change documentation for component, provider/OpenAPI, and prompt/type migrations.
• Add missing v3 features to tracking docs #2888: Documents the decorator behavior change where decorators return the original function instead of component objects.

Poem

🐰
I hopped through lines of docs and cheer,
Rewrote the path for upgrades near.
Prompts and transports set anew,
Carrots of examples in tidy view.
Hop along — the migration's clear.

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and concisely summarizes the main change: a comprehensive rewrite of the v3.0 upgrade guide documentation.
Description check	✅ Passed	The description thoroughly details what changed, why, and provides a clear explanation of the rewrite's scope; however, it does not include the required Contributors/Review Checklists from the template.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch docs/upgrade-guide-v3

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 4

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

docs/development/upgrade-guide.mdx (1)

196-207: ⚠️ Potential issue | 🟡 Minor

"After" block is missing required imports.

httpx and OpenAPIProvider are used but never imported, making the example non-runnable. The import path for OpenAPIProvider should also match the new module location introduced in the deprecations section (fastmcp.server.providers.openapi). As per coding guidelines, code examples must include all necessary imports for full runnable blocks.

✏️ Proposed fix

 # After
+import httpx
+from fastmcp.server.providers.openapi import OpenAPIProvider
+
 client = httpx.AsyncClient(base_url="https://api.example.com", timeout=60)
 provider = OpenAPIProvider(spec, client)

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@docs/development/upgrade-guide.mdx` around lines 196 - 207, The code example
is missing imports; update the "After" block to include importing httpx and
OpenAPIProvider from its new module path (fastmcp.server.providers.openapi) so
the snippet is runnable: add an import for httpx (or httpx.AsyncClient) and an
import for OpenAPIProvider (from fastmcp.server.providers.openapi) before
creating the client and provider, and ensure the example uses those imported
symbols (httpx.AsyncClient and OpenAPIProvider).

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@docs/development/upgrade-guide.mdx`:
- Around line 192-194: Add a concrete before-and-after code example showing how
to migrate from WSTransport to StreamableHttpTransport: insert a runnable
snippet that imports WSTransport and demonstrates creating the old transport
(e.g., WSTransport("ws://localhost:8000/ws")), then the corresponding "After"
snippet that imports StreamableHttpTransport and constructs it (e.g.,
StreamableHttpTransport("http://localhost:8000/mcp")), ensuring the example is
complete and consistent with the surrounding MDX code style and fenced code
block formatting so readers can copy and run it directly; reference the symbols
WSTransport and StreamableHttpTransport when editing the docs.
- Around line 100-102: Wrap the sentence that warns about re-introducing the
vulnerable diskcache package (the line mentioning opting into DiskStore via "pip
install 'py-key-value-aio[disk]'" and the note that it "re-introduces the
vulnerable `diskcache` package") inside the MDX <Warning> callout component;
specifically locate the mention of DiskStore and FileTreeStore and replace the
inline prose with a <Warning> block that clearly states this is a
security-sensitive action and the CVE risk, preserving the existing text "pip
install 'py-key-value-aio[disk]'" and references to DiskStore/FileTreeStore so
readers and link targets remain unchanged.
- Around line 265-279: The docs note that FastMCPOpenAPI is deprecated but lack
a concrete migration example; add a before/after runnable code block
demonstrating how callers of FastMCPOpenAPI(spec, client, name=...) should
migrate to using FastMCP with an OpenAPIProvider: show the deprecated import and
instantiation of FastMCPOpenAPI for the "Before" snippet, and in the "After"
snippet import OpenAPIProvider and FastMCP, create an OpenAPIProvider(spec,
httpx.AsyncClient(...)) (or equivalent client), and pass it into FastMCP(name,
providers=[provider]) so readers can copy a complete working pattern; reference
the symbols FastMCPOpenAPI, OpenAPIProvider, and FastMCP in the example and
ensure it's runnable (includes creating the HTTP client) and placed immediately
after the existing note about deprecation.
- Around line 15-69: Replace the undefined <Prompt> callout with a standard
Mintlify callout like <Note> for the block (lines ~15–69) so the component
renders; update the ToolTransform example to use the correct constructor shape
by importing ToolTransform and ToolTransformConfig and calling
mcp.add_transform(ToolTransform({ "my_tool": ToolTransformConfig(...) }))
instead of the invalid ToolTransform({"name": config}) pattern; add a concise
before/after code snippet showing removal of WSTransport and the recommended
replacement StreamableHttpTransport (referencing WSTransport and
StreamableHttpTransport) in the WSTransport section; add the missing imports and
usage for httpx.AsyncClient and OpenAPIProvider (import httpx and from
fastmcp.server.providers.openapi import OpenAPIProvider and pass the AsyncClient
to OpenAPIProvider) in the OpenAPI timeout example; and append a visible warning
callout next to the OAuth STORAGE disk cache note when suggesting pip install
'py-key-value-aio[disk]' and reference DiskStore and FileTreeStore so readers
see the security implication and the safer default.

---

Outside diff comments:
In `@docs/development/upgrade-guide.mdx`:
- Around line 196-207: The code example is missing imports; update the "After"
block to include importing httpx and OpenAPIProvider from its new module path
(fastmcp.server.providers.openapi) so the snippet is runnable: add an import for
httpx (or httpx.AsyncClient) and an import for OpenAPIProvider (from
fastmcp.server.providers.openapi) before creating the client and provider, and
ensure the example uses those imported symbols (httpx.AsyncClient and
OpenAPIProvider).

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Check for Prompt component definition and examine the actual file

echo "=== Checking for custom component definitions ==="
find docs -type f \( -name "*.json" -o -name "*.ts" -o -name "*.tsx" -o -name "*.js" \) | head -20 | xargs grep -l "Prompt" 2>/dev/null || echo "No component defs found"

echo ""
echo "=== Checking docs configuration files ==="
find docs -maxdepth 2 \( -name "*.json" -o -name "*.config.*" \) -exec ls -la {} \;

echo ""
echo "=== Reading the upgrade-guide.mdx file ==="
wc -l docs/development/upgrade-guide.mdx
head -80 docs/development/upgrade-guide.mdx

Repository: jlowin/fastmcp

Length of output: 5068

---

🏁 Script executed:

#!/bin/bash
# Search for Prompt usage and component files in the project

echo "=== All MDX files in docs ==="
find docs -name "*.mdx" -o -name "*.md" | head -20

echo ""
echo "=== Search for Prompt component usage ==="
rg '<Prompt' --include="*.mdx" --include="*.md" -n

echo ""
echo "=== Check for custom component registration ==="
rg -n 'components\|Prompt\|<' docs -t json | head -30

echo ""
echo "=== Check ToolTransform usage in source ==="
fd -t f -e py | xargs rg 'ToolTransform' -A 3 2>/dev/null | head -50

Repository: jlowin/fastmcp

Length of output: 4756

---

🏁 Script executed:

#!/bin/bash
# Extract specific lines from the upgrade guide to verify code examples

echo "=== Lines 192-210 (WSTransport and OpenAPI sections) ==="
sed -n '192,210p' docs/development/upgrade-guide.mdx

echo ""
echo "=== Lines 280-295 (ToolTransform section) ==="
sed -n '280,295p' docs/development/upgrade-guide.mdx

echo ""
echo "=== Lines 98-110 (CVE-2025-69872 reference) ==="
sed -n '98,110p' docs/development/upgrade-guide.mdx

Repository: jlowin/fastmcp

Length of output: 2349

---

🏁 Script executed:

#!/bin/bash
# Find ToolTransform and ToolTransformConfig definitions

echo "=== Search for ToolTransform class definition ==="
fd -t f -e py | xargs grep -l 'class ToolTransform' | head -5

echo ""
echo "=== Extract ToolTransform constructor ==="
fd -t f -e py | xargs grep -A 10 'class ToolTransform' 2>/dev/null | head -30

echo ""
echo "=== Search for ToolTransformConfig ==="
fd -t f -e py | xargs grep -l 'class ToolTransformConfig' | head -5

echo ""
echo "=== Extract ToolTransformConfig constructor ==="
fd -t f -e py | xargs grep -A 10 'class ToolTransformConfig' 2>/dev/null | head -40

Repository: jlowin/fastmcp

Length of output: 2853

---

🏁 Script executed:

#!/bin/bash
# Check docs configuration and component definitions

echo "=== Read docs.json for configuration ==="
head -100 docs/docs.json

echo ""
echo "=== Search for any custom component files ==="
find docs -type f \( -name "*.tsx" -o -name "*.ts" -o -name "*.jsx" -o -name "*.js" \)

echo ""
echo "=== Check if Prompt is defined as HTML/React component ==="
fd -t f \( -name "*.mdx" -o -name "*.tsx" -o -name "*.jsx" \) | xargs grep -l 'export.*Prompt\|function.*Prompt\|const.*Prompt' 2>/dev/null

Repository: jlowin/fastmcp

Length of output: 2863

---

🏁 Script executed:

#!/bin/bash
# Verify the imports needed for OpenAPI and ToolTransform examples

echo "=== Check imports in fastmcp server module ==="
fd -t f -e py -path "*/fastmcp/server*" | xargs grep -n 'from.*ToolTransform\|import.*ToolTransform' 2>/dev/null | head -20

echo ""
echo "=== Check OpenAPIProvider imports ==="
fd -t f -e py | xargs grep -l 'class OpenAPIProvider' | head -3

echo ""
echo "=== Check imports/exports in __init__ files ==="
fd -t f -name "__init__.py" -path "*/fastmcp/server*" -exec cat {} \;

Repository: jlowin/fastmcp

Length of output: 658

---

🏁 Script executed:

#!/bin/bash
# Get full ToolTransform constructor signature

echo "=== Full ToolTransform class definition ==="
sed -n '/^class ToolTransform/,/^class /p' src/fastmcp/server/transforms/tool_transform.py | head -40

echo ""
echo "=== Look for __init__ method ==="
grep -A 20 'def __init__' src/fastmcp/server/transforms/tool_transform.py

echo ""
echo "=== Check OpenAPIProvider location and imports ==="
cat src/fastmcp/server/providers/openapi/provider.py | head -50

echo ""
echo "=== Look for standard Mintlify callout components in docs ==="
grep -r '<Note\|<Warning\|<Info\|<Tip\|<Check\|<Callout' docs --include="*.mdx" | head -10

Repository: jlowin/fastmcp

Length of output: 4343

---

🏁 Script executed:

#!/bin/bash
# Check what components are actually used in the upgrade guide

echo "=== All components used in upgrade-guide.mdx ==="
grep -o '<[A-Z][a-zA-Z]*' docs/development/upgrade-guide.mdx | sort | uniq -c

echo ""
echo "=== Check Mintlify documentation for available components ==="
web_search "Mintlify components list official documentation"

Repository: jlowin/fastmcp

Length of output: 253

---

🏁 Script executed:

#!/bin/bash
# Examine the actual section with ToolTransform in the upgrade guide

echo "=== Full Deprecations section with ToolTransform ==="
sed -n '270,300p' docs/development/upgrade-guide.mdx

echo ""
echo "=== Check what add_transform expects ==="
fd -t f -e py -path "*/fastmcp/server*" | xargs grep -B 2 -A 10 'def add_transform' 2>/dev/null | head -50

echo ""
echo "=== Verify httpx and OpenAPIProvider are imported in the codebase ==="
head -30 src/fastmcp/server/providers/openapi/provider.py

Repository: jlowin/fastmcp

Length of output: 1999

---

🏁 Script executed:

#!/bin/bash
# Final verification: check if <Prompt> is registered anywhere in the project

echo "=== Search for Prompt component registration in entire docs ==="
grep -r 'Prompt' docs --include="*.json" --include="*.ts" --include="*.tsx" --include="*.js" --include="*.jsx" 2>/dev/null | grep -v node_modules | head -20

echo ""
echo "=== Check all MDX files that use Prompt ==="
grep -r '<Prompt' docs --include="*.mdx" | head -20

Repository: jlowin/fastmcp

Length of output: 319

---

🌐 Web query:

Mintlify custom components guide documentation

💡 Result:

Key Mintlify docs for custom components (React/JSX in MDX):

• React components in MDX (how to write components directly in an .mdx page, plus rules around importing reusable components from the snippets/ folder). [1]
• Reusable snippets / JSX snippets (how to create reusable .mdx snippets and reusable .jsx “JSX snippets” in snippets/, then import and render them in pages). [2]
• Built-in component library overview (what you can use without custom code: Tabs, Steps, Cards, Callouts, etc.). [3]
• Custom scripts (custom CSS/JS + Tailwind styling notes) (how to add site-wide styling and scripts; Tailwind v3 classes; when to use style prop). [4]

Typical pattern: put reusable React components in snippets/*.jsx, export them, then import { MyComponent } from '/snippets/MyComponent.jsx' and render <MyComponent /> in your MDX page. [1][2]

Sources: [1][2][3][4]

---

Replace <Prompt> with a standard callout component (e.g., <Note> or <Info>), verify ToolTransform API usage, and add missing imports and code examples.

The <Prompt> component used on line 15 is not defined in the Mintlify component registry or anywhere in the project. It will fail to build or render as unstyled text, causing lines 15–69 to display incorrectly. Use a standard Mintlify callout like <Note> instead.

The add_tool_transformation() → add_transform() deprecation code is incorrect. The example shows ToolTransform({"name": config}) but the actual constructor signature is ToolTransform(transforms: dict[str, ToolTransformConfig]), where keys are original tool names and values are ToolTransformConfig objects. Correct it to:

# New
from fastmcp.server.transforms import ToolTransform
from fastmcp.tools.tool_transform import ToolTransformConfig

mcp.add_transform(ToolTransform({
    "my_tool": ToolTransformConfig(name="renamed_tool")
}))

The WSTransport removed section (lines 192–194) provides only text description with no code example. Add a before/after block showing the removal.

The OpenAPI timeout parameter removed code example (lines 200–207) uses httpx.AsyncClient and OpenAPIProvider without importing them. Add imports at the top:

import httpx
from fastmcp.server.providers.openapi import OpenAPIProvider

# After
client = httpx.AsyncClient(base_url="https://api.example.com", timeout=60)
provider = OpenAPIProvider(spec, client)

Add a warning callout in the OAUTH STORAGE section (line 102) when mentioning pip install 'py-key-value-aio[disk]' to re-introduce the vulnerable diskcache package.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@docs/development/upgrade-guide.mdx` around lines 15 - 69, Replace the
undefined <Prompt> callout with a standard Mintlify callout like <Note> for the
block (lines ~15–69) so the component renders; update the ToolTransform example
to use the correct constructor shape by importing ToolTransform and
ToolTransformConfig and calling mcp.add_transform(ToolTransform({ "my_tool":
ToolTransformConfig(...) })) instead of the invalid ToolTransform({"name":
config}) pattern; add a concise before/after code snippet showing removal of
WSTransport and the recommended replacement StreamableHttpTransport (referencing
WSTransport and StreamableHttpTransport) in the WSTransport section; add the
missing imports and usage for httpx.AsyncClient and OpenAPIProvider (import
httpx and from fastmcp.server.providers.openapi import OpenAPIProvider and pass
the AsyncClient to OpenAPIProvider) in the OpenAPI timeout example; and append a
visible warning callout next to the OAuth STORAGE disk cache note when
suggesting pip install 'py-key-value-aio[disk]' and reference DiskStore and
FileTreeStore so readers see the security implication and the safer default.

[coderabbitai]

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Duplicate comments:
In `@docs/development/upgrade-guide.mdx`:
- Around line 214-221: The "After" example is missing imports for httpx and
OpenAPIProvider which makes the snippet non-runnable; add imports for httpx and
for OpenAPIProvider (e.g., from fastmcp.server.providers.openapi import
OpenAPIProvider) at the top of the code block so the used symbols
httpx.AsyncClient and OpenAPIProvider(spec, client) are defined alongside the
existing spec and client variables.
- Around line 15-69: The MDX uses a custom JSX component <Prompt> but there is
no import or definition for Prompt, which will break the build or render as
plain text; fix by either creating and exporting a Prompt component (e.g.,
export default or named export Prompt in your snippets file) or import the
existing component at the top of the MDX (e.g., add an import like import {
Prompt } from '/snippets/Prompt.jsx' or the correct snippet path), and ensure
any usages of <Prompt> match the exported name (Prompt) so the component is
resolvable during build.
- Around line 306-315: The example for the ToolTransform migration is ambiguous
and non-runnable: replace the placeholder usage of "name" and undefined config
with a concrete ToolTransformConfig import and a real config object, e.g. import
ToolTransform and ToolTransformConfig, then call
mcp.add_transform(ToolTransform({"my_tool":
ToolTransformConfig(name="renamed_tool")})) so the example includes all
necessary imports and a clear tool key; update the code snippet to import
ToolTransform from fastmcp.server.transforms and ToolTransformConfig from its
module and show mcp.add_transform usage instead of add_tool_transformation.