Skip to content

Releases: modelcontextprotocol/go-sdk

v1.5.0-pre.1

31 Mar 11:45
@maciej-kisiel maciej-kisiel
v1.5.0-pre.1
This tag was signed with the committer’s verified signature.
maciej-kisiel Maciej Kisiel
SSH Key Fingerprint: KqPZd4n3AN05jyvoqCVz5TeysdqkO8uI2QcsGsy9Nvk
Verified
Learn about vigilant mode.
d3fd25b
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.5.0-pre.1 Pre-release
Pre-release

In this release we introduce important enhancements to the client-side OAuth flows. We also introduce several smaller fixes and improvements.

Stabilization of client-side OAuth APIs

As previously communicated, we're stabilizing the client-side OAuth APIs in v1.5.0. This means that the mcp_go_client_oauth build tag will no longer be required to compile the functionality and standard backward compatibility guarantees apply from now on.

Compared to the experimental support published in v1.4.0, we made some backwards incompatible changes:

  • auth.AuthorizationCodeHandlerConfig.AuthorizationCodeFetcher's type was changed from func(context.Context, *auth.AuthorizationArgs) (*auth.AuthorizationResult, error) to auth.AuthorizationCodeFetcher which is a reusable definition carrying the same underlying function type.
  • auth.AuthorizationCodeHandlerConfig.PreregisteredClientConfig was removed and replaced with auth.AuthorizationCodeHandlerConfig.PreregisteredClient which uses a newly introduced oauthex.ClientCredentials type. The type used previously (auth.PreregisteredClientConfig) has been removed.
  • Deprecated functionality has been removed from both auth and oauthex packages.

Enterprise Managed Authorization support added

Support for Enterprise Managed Authorization has been added to auth/extauth package. Huge thanks to @radar07 for the implementation!

Note: this support is part of an official MCP extension and is not part of the core protocol. The support of this functionality is not covered by the principles defined in SDK tiers.

Other changes to the SDK

New Contributors

Full Changelog: v1.4.1...v1.5.0-pre.1

Contributors

toofishes, ravyg, and 8 other contributors
Loading

v1.4.1

13 Mar 11:04
@maciej-kisiel maciej-kisiel
v1.4.1
This tag was signed with the committer’s verified signature.
maciej-kisiel Maciej Kisiel
SSH Key Fingerprint: KqPZd4n3AN05jyvoqCVz5TeysdqkO8uI2QcsGsy9Nvk
Verified
Learn about vigilant mode.
580f2a0
This commit was signed with the committer’s verified signature.
maciej-kisiel Maciej Kisiel
SSH Key Fingerprint: KqPZd4n3AN05jyvoqCVz5TeysdqkO8uI2QcsGsy9Nvk
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.4.1 Latest
Latest

This release is a patch release for v1.4.0.

It contains cherry-picks for several security improvements. Security advisories will follow.

Fixes

Update of the segmentio/encoding module version

The JSON parsing library that was adopted to avoid attacks taking advantage of the Go's standard parser being case insensitive turned out to contain an issue itself. We have submitted the fix upstream and this release updates the dependency to the patched version.

Cross-origin requests protection

We have added additional protection against cross origin requests. From now on, we verify that Content-Type for JSON-RPC POST requests is set to application/json and use the new http.CrossOriginProtection functionality to verify the origin of the request. Usage of this functionality required increasing the required Go version to 1.25, which is in line with our Go version policy of supporting two newest Go versions. The behavior can be customized by passing a configured http.CrossOriginProtection object to StreamableHTTPOptions.

Since this is a behavior change, we introduced a compatibility parameter disablecrossoriginprotection that will allow to temporarily disable it. It will be removed in v1.6.0 version of the SDK. See here for more details about behavior changes and a history of compatibility parameters across SDK versions.

Allowing customization of http.Client for client-side OAuth

We have introduced an optional http.Client parameter to AuthorizationCodeHandlerConfig. This allows customization of the transport, for example implementing environment specific protection against Server-Side Request Forgery.

Pull requests

Full Changelog: v1.4.0...v1.4.1

Contributors

maciej-kisiel
Assets 2
Loading

v1.4.0

27 Feb 14:35
@maciej-kisiel maciej-kisiel
v1.4.0
This tag was signed with the committer’s verified signature.
maciej-kisiel Maciej Kisiel
SSH Key Fingerprint: KqPZd4n3AN05jyvoqCVz5TeysdqkO8uI2QcsGsy9Nvk
Verified
Learn about vigilant mode.
c9317fb
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.4.0

This release marks the completion of the full 2025-11-25 specification implementation, by introducing the support for Sampling with Tools and experimental client-side OAuth support. It also contains multiple bug fixes and improvements. Thanks to all contributors!

Client-side OAuth support

This release introduces experimental support for OAuth on the client side of the SDK. It aims to support the full scope of the current MCP specification for authorization. To use it, you need to compile the SDK with the -tags mcp_go_client_oauth flag. Some changes may still be applied to this new API, based on developer feedback. The functionality is planned to become stable in v1.5.0 release, expected by the end of March 2026. More details can be found at https://github.com/modelcontextprotocol/go-sdk/blob/main/docs/protocol.md#client.

Sampling with Tools

Starting from this release, the server use the new CreateMessageWithTools method to create a sampling request to the client that contains tools that can be used by the client. On the client side, CreateMessageWithToolsHandler may be used to handle such requests and issue ToolUse responses to the server.

Behavior changes

We have two important behavior changes that were introduced to fix a bug or improve security posture. They can be temporarily turned off by specifying a special MCPGODEBUG environment variable when running the SDK. Different options can be added together, separated by a comma.

Introduced DNS rebinding protection

The requests arriving via a localhost address (127.0.0.1, [::1]) that have a non-localhost Host header will be rejected to protect against DNS rebinding attacks. The protection can be disabled by specifying StreamableHTTPOptions.DisableLocalhostProtection, but it should be done only if security implications are understood (see documentation for the option).

This protection is a behavior change, as the protection is now enabled by default. Because of that, we have introduced an MCPGODEBUG option to bring back the previous default behavior for users that need more time to adjust. However, if possible, we recommend specifying DisableLocalhostProtection described above, as it is a more future-proof solution. The MCPGODEBUG option to remove this protection (disablelocalhostprotection=1) will be removed in v1.6.0.

  • feat: add automatic DNS rebinding protection for localhost servers by @pcarleton in #760

Removed JSON content escaping when marshaling

By default encoding/json escapes the contents of the objects, which causes some servers to fail. We switched to no escaping by default, to be consistent with other SDKs. Since this is a behavior change, we introduced an MCPGODEBUG option to bring back the previous behavior for users that need more time to adjust to it. That option (jsonescaping=1) will be removed in v1.6.0.

Bug fixes

Security vulnerability caused by the case insensitive parsing behavior of encoding/json has been submitted (also release as a cherry pick in v1.3.1). Security advisory has been posted.

Other fixes:

Enhancements

Notably, the SDK now supports the extensions field in client and server capabilities, which should enable creation of MCP Apps.

  • mcp: add Extensions field to capabilities per SEP-2133 by @ymmt2005 in #794

Other enhancements:

  • mcp: enforce retry limit when SSE stream makes no progress by @majiayu000 in #742
  • mcp: export session missing error by @CocaineCong in #771
  • fix: add JSON tags to ElicitationCapabilities fields by @awschmeder in #774
  • mcp: improve http transports error handling and make transport work with any size message by @alexbumbacea in #734
  • examples: bind auth-middleware server to localhost by default by @TheodorNEngoy in #784

Repository organization

Some effort was put into better organization of the repository, as well as making sure it's up to date and secure. As a highlight, the repository is not integrated with OSSF Scorecard with a positive score of 8.7. Additionally, the full conformance test suite is now run on every PR and push to main.

New Contributors

Read more

Contributors

pcarleton, alexbumbacea, and 14 other contributors
Loading

v1.3.1

18 Feb 16:18
@maciej-kisiel maciej-kisiel
v1.3.1
This tag was signed with the committer’s verified signature.
maciej-kisiel Maciej Kisiel
SSH Key Fingerprint: KqPZd4n3AN05jyvoqCVz5TeysdqkO8uI2QcsGsy9Nvk
Verified
Learn about vigilant mode.
6e8ca56
This commit was signed with the committer’s verified signature.
maciej-kisiel Maciej Kisiel
SSH Key Fingerprint: KqPZd4n3AN05jyvoqCVz5TeysdqkO8uI2QcsGsy9Nvk
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.3.1

This release is a patch release for v1.3.0.

It contains a cherry-pick for a security issue reported in #805, which takes advantage of the default behavior of Go's standard library JSON decoder that allows case-insensitive matches to struct field names (or "json" tags). The issue has been addressed by changing the JSON decoder to one that supports case sensitive matching.

Fixes

New external dependencies

Full Changelog: v1.3.0...v1.3.1

Contributors

maciej-kisiel
Loading

v1.3.0

09 Feb 15:14
@maciej-kisiel maciej-kisiel
v1.3.0
6b75899

Choose a tag to compare

View all tags
v1.3.0

This release is equivalent to v1.3.0-pre.1. Thank you to those who tested the pre-release.

This release includes several enhancements and bugfixes. Worth mentioning is the addition of schema caching, which significantly improves the performance in some stateless server deployment scenarios.

Dependency updates

  • go.mod: upgrade to jsonschema v0.4.2 by @jba in #732

Enhancements

  • perf: add schema caching to avoid repeated reflection by @SamMorrowDrums in #685
  • mcp: add DisableListening option to StreamableClientTransport by @zxxf18 in #729
  • feat: deprecated logger in client & add Logger in ClientOption by @CocaineCong in #738
  • feat: deleted the old logger in client by @CocaineCong in #744
  • Export GetError and SetError methods by @jba in #753

Bugfixes

Chores

  • docs: adds SDK version support matrix by @La002 in #737
  • .github/workflows: add nightly conformance tests by @findleyr in #752

New Contributors

Full Changelog: v1.2.0...v1.3.0

Contributors

maciej-kisiel, SamMorrowDrums, and 7 other contributors
Loading

v1.3.0-pre.1

27 Jan 11:55
@maciej-kisiel maciej-kisiel
v1.3.0-pre.1
6b75899

Choose a tag to compare

View all tags
v1.3.0-pre.1 Pre-release
Pre-release

This release includes several enhancements and bugfixes. Worth mentioning is the addition of schema caching, which significantly improves the performance in some stateless server deployment scenarios.

Dependency updates

  • go.mod: upgrade to jsonschema v0.4.2 by @jba in #732

Enhancements

  • perf: add schema caching to avoid repeated reflection by @SamMorrowDrums in #685
  • mcp: add DisableListening option to StreamableClientTransport by @zxxf18 in #729
  • feat: deprecated logger in client & add Logger in ClientOption by @CocaineCong in #738
  • feat: deleted the old logger in client by @CocaineCong in #744
  • Export GetError and SetError methods by @jba in #753

Bugfixes

Chores

  • docs: adds SDK version support matrix by @La002 in #737
  • .github/workflows: add nightly conformance tests by @findleyr in #752

New Contributors

Full Changelog: v1.2.0...v1.3.0-pre.1

Contributors

maciej-kisiel, SamMorrowDrums, and 7 other contributors
Loading

v1.2.0

22 Dec 14:52
@findleyr findleyr
v1.2.0
411d5a0
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.2.0

This release is equivalent to v1.2.0-pre.2. Thank you to those who tested the prerelease.

This release adds partial support for the 2025-11-25 version of the MCP spec and fixes some bugs in the streamable transports. It also includes some minor new APIs, changes to contributing flows, and small bugfixes.

Contributing changes

  • CONTRIBUTING.md is updated to remove the ad-hoc antitrust policy (#651), and add a dependency update policy (#635).
  • An example server (examples/server/conformance) is added for the new conformance tests at modelcontextprotocol/conformance. Test can be run with scripts/conformance.sh (#650).

Partial support for the 2025-11-25 spec

The following SEPs from the 2025-11-25 spec are now supported. Please see #725 for the proposed API additions included to support these SEPs.

  • SEP-973: icons and metadata (#570)
  • SEP-986: tool name validation (#640)
  • SEP-1024: elicitation defaults (#644)
  • SEP-1036: URL mode elicitation (#646)
  • SEP-1699: SSE polling (#663)
  • SEP-1330: elicitation enum improvements (#676)

Other API additions

  • Common error codes are now available through the sentinel jsonrpc.Error (#452)
  • OAuth 2.0 Protected Resource Metadata support (#643)
  • ClientCapabilities.RootsV2 and RootCapabilities are added to work around an API bug (#607)
  • Capabilities fields are added to ServerOptions and ClientOptions, to simplify capability configuration (#706)

Streamable fixes

Several bug fixes are included for the streamable transports:

  • mcp: relax SSE connection response handling in non-strict mode by @zhxie in #611
  • Fix: Skip non-message SSE events in processStream by @raphaelmansuy in #637
  • mcp: better handling for streamable context cancellation by @findleyr in #677
  • mcp: don't break the streamable client connection for transient errors by @findleyr in #723

Other notable bugfixes

  • fix: handle Windows CRLF in MCP client by @isfzhang in #665
  • auth, mcp: add UserID to TokenInfo for session hijacking prevention by @findleyr in #695
  • internal/docs: document UserID for session hijacking prevention by @findleyr in #697
  • mcp: allow re-using connections in more cases by @howardjohn in #709
  • oauthex: validate URL schemes in auth server metadata and DCR by @findleyr in #712
  • mcp: debounce server change notifications by @findleyr in #717
  • oauthex: fix content type check in getJSON by @nikolavp in #721

New Contributors

Full Changelog: v1.1.0...v1.2.0

Contributors

nikolavp, SpringMT, and 7 other contributors
Loading

v1.2.0-pre.2

20 Dec 15:14
@jba jba
v1.2.0-pre.2
411d5a0
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.2.0-pre.2 Pre-release
Pre-release

This release brings one minor change to v1.2.0-pre.1: the icon themes "light" and "dark" now have their own type and constants.

What's Changed

New Contributors

Full Changelog: v1.2.0-pre.1...v1.2.0-pre.2

Contributors

jonathanhefner and findleyr
Loading

v1.2.0-pre.1

12 Dec 20:39
@findleyr findleyr
v1.2.0-pre.1
875d1d3
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.2.0-pre.1 Pre-release
Pre-release

This release adds partial support for the 2025-11-25 version of the MCP spec and fixes some bugs in the streamable transports. It also includes some minor new APIs, changes to contributing flows, and small bugfixes.

Please test the prerelease if you can, and review any pending proposals included in the release. Your feedback is greatly appreciated!

Contributing changes

  • CONTRIBUTING.md is updated to remove the ad-hoc antitrust policy (#651), and add a dependency update policy (#635).
  • An example server (examples/server/conformance) is added for the new conformance tests at modelcontextprotocol/conformance. Test can be run with scripts/conformance.sh (#650).

Partial support for the 2025-11-25 spec

The following SEPs from the 2025-11-25 spec are now supported. Please see #725 for the proposed API additions included to support these SEPs.

  • SEP-973: icons and metadata (#570)
  • SEP-986: tool name validation (#640)
  • SEP-1024: elicitation defaults (#644)
  • SEP-1036: URL mode elicitation (#646)
  • SEP-1699: SSE polling (#663)
  • SEP-1330: elicitation enum improvements (#676)

Other API additions

  • Common error codes are now available through the sentinel jsonrpc.Error (#452)
  • OAuth 2.0 Protected Resource Metadata support (#643)
  • ClientCapabilities.RootsV2 and RootCapabilities are added to work around an API bug (#607)
  • Capabilities fields are added to ServerOptions and ClientOptions, to simplify capability configuration (#706)

Streamable fixes

Several bug fixes are included for the streamable transports:

  • mcp: relax SSE connection response handling in non-strict mode by @zhxie in #611
  • Fix: Skip non-message SSE events in processStream by @raphaelmansuy in #637
  • mcp: better handling for streamable context cancellation by @findleyr in #677
  • mcp: don't break the streamable client connection for transient errors by @findleyr in #723

Other notable bugfixes

  • fix: handle Windows CRLF in MCP client(#664) by @isfzhang in #665
  • auth, mcp: add UserID to TokenInfo for session hijacking prevention by @findleyr in #695
  • internal/docs: document UserID for session hijacking prevention by @findleyr in #697
  • mcp: allow re-using connections in more cases by @howardjohn in #709
  • oauthex: validate URL schemes in auth server metadata and DCR by @findleyr in #712
  • mcp: debounce server change notifications by @findleyr in #717
  • oauthex: fix content type check in getJSON by @nikolavp in #721

New Contributors

Full Changelog: v1.1.0...v1.2.0-pre.1

Contributors

nikolavp, SpringMT, and 7 other contributors
Loading

v1.1.0

30 Oct 14:32
@findleyr findleyr
v1.1.0
72afbc9
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.1.0

This release introduces a few new features, and includes improvements and bug fixes for the streamable transport. Notably, the default behavior of the streamable server transport is changed to disable streams resumption (see #580).

Behavior Changes

Stream resumption disabled by default. In the StreamableServerTransport, the default value of nil for the EventStore field now disables stream resumption, rather than defaulting to use an in-memory event store. Resumption is not desirable in many cases, particularly for servers that must serve a large number of users and/or streams.

If you want to enable resumption, set StreamableHTTPOptions.EventStore.

In general, we will avoid changing behaviors that may be relied upon by users, but in this case the old default was deemed to be an oversight/bug, and fixing it now will benefit future users.

API Additions

  • IOTransport is a new general-purpose transport constructed from an io.ReadCloser and io.WriteCloser (#444 ).
  • ServerOptions.Logger and StreamableHTTPOptions.Logger enable server-side logging (#170).
  • StreamableHTTPOptions.EventStore enables stream resumption (#587).
  • StreamableHTTPOptions.SessionTimeout adds a timeout which, when set, causes idle sessions to be automatically closed (#499).

Experimental client-side oauth support

The auth package now includes experimental APIs when build with the mcp_go_client_oauth build tag. See auth/client.go for more details. These APIs may change before their official release.

New Contributors

Full Changelog: v1.0.0...v1.1.0

Contributors

appleboy, jhrozek, and 6 other contributors
Loading