You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
MCP tool annotations on all 56 tools: readOnlyHint: true on read-only
tools, destructiveHint: true on destructive ones (user deletion, password
reset, shutdown/restart, stopping sessions, resume-state clears, Quick
Connect authorization), so MCP clients can route destructive calls to human
approval. The confirm: true gate remains as a second layer.
Fixed
Strip the draft-07 $schema the MCP SDK stamps on tool schemas; Anthropic
rejects it when the full tool set is sent (e.g. on subagent spawns).
JELLYFIN_TIMEOUT is validated: non-numeric, zero, or negative values now
warn on stderr and fall back to the 30s default instead of producing a NaN
that aborted every request after ~1ms.
Server name and version are derived from package.json instead of
duplicated literals, so the advertised MCP version can no longer drift from
the published package version.
Security
JELLYFIN_VERIFY_SSL=false now relaxes TLS certificate validation for the
Jellyfin connection only, via a per-request undici dispatcher, instead of
the process-global NODE_TLS_REJECT_UNAUTHORIZED which disabled validation
for every outbound TLS connection.
Upstream Jellyfin error response bodies are no longer returned to the MCP
client; results carry the status summary only and the full body is logged
to stderr for operators.
jellyfin_set_user_password now warns (tool description and README) that
the plaintext password transits the LLM conversation and provider logs.
Changed
CI: the test step no longer uses continue-on-error, so test failures fail
the build and gate the publish job.