Support MCP 2025-06-18 Protocol Revision #117
Draft
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
There was a problem hiding this comment.
Pull Request Overview
This PR implements comprehensive support for the MCP 2025-06-18 protocol revision by updating the protocol version, adding extensive test coverage, and implementing new transport layers with OAuth 2.1 support and metadata validation.
- Updates PROTOCOL_VERSION constant from '2024-11-05' to '2025-06-18' throughout the codebase
- Implements new StreamableHTTP transport with unified endpoint support and protocol version validation
- Adds OAuth 2.1 compliant transport with scope-based authorization and RFC 9728 protected resource metadata
Reviewed Changes
Copilot reviewed 45 out of 53 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| spec/ files | Comprehensive test coverage for new OAuth functionality, transport layers, and compliance validation |
| lib/mcp/transports/ | New transport implementations including StreamableHTTP, OAuth, and authenticated variants |
| lib/mcp/protocol_version.rb | Centralized protocol version definition |
| lib/mcp/oauth/ | OAuth 2.1 implementation with token validation and resource server components |
| lib/mcp/metadata.rb | Metadata validation with reserved prefix checking |
| examples/ | Demonstration servers showing new transport capabilities |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
yjacquin
force-pushed
the
mcp-2025-06-18
branch
from
8ff3c05 to
0ce1b48
Compare
* Update MCP protocol version to 2025-06-18 - Update PROTOCOL_VERSION constant from '2024-11-05' to '2025-06-18' - Add MCP-Protocol-Version header validation to BaseTransport - Implement protocol version validation in RackTransport - Add proper error responses for unsupported protocol versions - Maintain backward compatibility with lenient validation This implements Phase 1.1 of the MCP 2025-06-18 specification upgrade.
Implement comprehensive metadata validation and reserved namespace protection for MCP 2025-06-18 specification compliance. - **Metadata validation module** (`lib/mcp/metadata.rb`) - Reserved prefix protection (`mcp:`, `mcp-`) - Metadata structure validation - Sanitization and formatting utilities - Metadata merging capabilities - **Tool class** (`lib/mcp/tool.rb`) - Metadata validation on key assignment - Reserved prefix error handling - Enhanced metadata management - **Resource class** (`lib/mcp/resource.rb`) - Metadata module integration - Reserved namespace protection - **Server class** (`lib/mcp/server.rb`) - Enhanced metadata sanitization in send_result - Automatic filtering of reserved keys - Improved metadata formatting - **Comprehensive test coverage** (39 new tests) - Metadata validation tests - Reserved prefix protection tests - Tool/Resource metadata integration tests - Server metadata handling tests - Edge case and error condition coverage - Tools and Resources now validate metadata keys - Reserved `mcp:` and `mcp-` prefixes are blocked - Metadata with invalid keys will raise ReservedMetadataError - Existing valid metadata continues to work unchanged - Only newly restricted prefixes cause errors - Automatic sanitization prevents invalid metadata propagation Resolves #110 - Enhanced _meta Field Support Part of #109 - Support MCP 2025-06-18 Protocol Revision
* Add Streamable HTTP * Finish OAuth * remove authorization server related code and add docs * Refact attempt for resource server behavior * oauth and resource server spec fixes * fix oauth streamable http transport specs * fix token validator specs * update docs * doc changes
yjacquin
force-pushed
the
mcp-2025-06-18
branch
from
9645cdb to
767c7ef
Compare
- Fix critical audience binding logic bug in OAuth resource server - Bump version to 1.7.0 - Add comprehensive CHANGELOG entry for v1.7.0 - Update README to mention MCP Protocol 2025-06-18 support - Update logger TODO with implementation note - Complete Rails integration guide documentation - Remove implementation plan development artifact
- Fix broken cross-references in migration_guide.md, oauth-resource-server.md, and streamable_http_transport.md - Standardize JWKS parameter name to jwks_uri across all documentation - Replace references to non-existent files with correct documentation links - All 370 tests still passing
- Add tests for allowed algorithms (HS256, HS384, HS512) - Add test for rejecting unallowed algorithms (e.g., RS256) - Ensures token validator properly validates algorithm whitelist - All 374 tests passing
…y handle yield - fixes issue with tools not being detected due to yield being used in called method
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Update MCP protocol version to 2025-06-18
This branch regroups all issues to come from #109
Closes #109