Add tools that demonstrate bidirectional MCP tasks where the server
sends requests to the client for async execution:
- trigger-sampling-request-async: Send sampling request with task
params, client creates task and executes LLM call in background,
server polls for completion and retrieves result
- trigger-elicitation-request-async: Same pattern for user input,
useful when user may take time to fill out forms
Both tools:
- Check client capabilities (tasks.requests.sampling/elicitation)
- Accept both CreateTaskResult and direct result responses
- Poll tasks/get for status updates
- Fetch final result via tasks/result
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add tasks capability with list, cancel, and requests.tools.call
- Add InMemoryTaskStore and InMemoryTaskMessageQueue from SDK experimental
- Add simulate-research-query tool demonstrating task lifecycle
- Task demonstrates working -> input_required -> completed status flow
- Uses elicitation for ambiguous queries when client supports it
Closes#3037🦉 Generated with [Claude Code](https://claude.ai/code)
Adds a GitHub Actions workflow that:
- Detects PRs that only modify README.md
- Comments explaining we no longer accept new server additions
- Directs contributors to the MCP registry instead
- Allows updates/removals via /i-promise-this-is-not-a-new-server
- Uses labels (readme: pending / readme: ready for review) for filtering
- Minimizes bot comment after confirmation to reduce clutter
Claude-Generated-By: Claude Code (cli/claude-opus-4-5=100%)
Claude-Steers: 10
Claude-Permission-Prompts: 0
Claude-Escapes: 0
Use Git CLI directly instead of GitPython index API to ensure proper
path validation and prevent option injection. The '--' separator ensures
file paths starting with '-' are handled correctly.
Add validation to ensure file paths are within repository boundaries
before staging. This prevents potential issues with relative paths
and improves overall robustness of the git_add function.
* fix: regenerate uv.lock after version bump in release script
When the release script bumps the version in pyproject.toml, it needs
to also regenerate the uv.lock file. Otherwise the lockfile becomes
out of sync and `uv sync --locked` fails in CI with:
"The lockfile at uv.lock needs to be updated"
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* fix: use --frozen instead of --locked in release workflow
The release script bumps the version in pyproject.toml, which causes
the lockfile to be out of sync (uv includes the package's own version
in the lockfile). Using --frozen skips the lockfile freshness check
while still using pinned dependency versions.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
---------
Co-authored-by: Claude <noreply@anthropic.com>
The update-packages job needs to push tags to the repository but was
missing the required `permissions: contents: write`. This caused the
workflow to fail with a 403 error when trying to push the version tag.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-authored-by: Claude <noreply@anthropic.com>
Import `BadName` from `git.exc` directly instead of accessing it via
`git.exc.BadName`, which pyright doesn't recognize as a valid attribute
access on the `git` module.
This fixes the pyright CI failures introduced by the recent security
patches (GHSA merges).
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
The syncRoots call should be idempotent, requesting roots if they haven't been yet for the session, but always retuning the cached roots otherwise. That could be deferred but setting the handler for roots_list changed note should not.
* In server/roots.ts
- only set the notification handler and call for initial roots list if the roots aren't already cached for this client.
* In server/index.ts
- in the oninitialized handler
- get the sessionId from the transport
- set a 350ms timeout to call syncRoots with the server and sessionId
- this delay cause it to run after the `notifications/initialized` handler finishes, otherwise, the request gets lost.
* All other changes attributable to prettier
Validate that repo_path arguments in tool calls are within the
configured --repository path when the --repository flag is set.
The fix:
- Adds validate_repo_path() that resolves paths and checks
containment using Path.relative_to()
- Resolves symlinks before comparison
- Maintains backward compatibility when --repository is not set
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Paul Carleton <paulc@anthropic.com>
Add validation to reject arguments starting with '-' and verify
arguments resolve to valid git refs via rev_parse before passing
to git CLI commands. This prevents flag-like values from being
interpreted as command-line options (e.g., --output=/path/to/file).
CWE-88: Improper Neutralization of Argument Delimiters in a Command
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-authored-by: Claude <noreply@anthropic.com>
* In server/roots.ts
- in syncRoots, if roots are supported fetch them
* In get-roots-list.ts,
- Don't import and inspect current roots map, just call syncRoots to get the list.
* In how-it-works.md,
- added a section on conditional tool registration
* In server/index.ts
- import registerConditionalTools
- in an oninitialized handler for the server, call registerConditionalTools
- removed clientConnected from ServerFactoryResponse and all mentions in docs
* In tools/index.ts
- export a registerConditionalTools function
- refactor/move calls to registerGetRootsListTool, registerTriggerElicitationRequestTool, and registerTriggerSamplingRequestTool out of registerTools and into registerConditionalTools
* In server/roots.ts
- only act if client supports roots
- remove setInterval from call to requestRoots. It isn't happening during the initialze handshake anymore, so it doesn't interfere with that process if called immediaately
* In get-roots-list.ts, trigger-elicitation-request.ts, and trigger-sampling-request.ts,
- only register tool if client supports capability
* Throughout the rest of the files, removing all references to `clientConnected`
