Skip to content

@ai-sdk/mcp@2.0.0-canary.63

Pre-release
Pre-release

Choose a tag to compare

View all tags
@github-actions github-actions released this 12 Jun 15:36
· 12 commits to main since this release
@ai-sdk/mcp@2.0.0-canary.63
fb370a5
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Patch Changes

  • 2a150f8: fix(mcp): lock first sse endpoint received via event

  • b44b051: fix(mcp): prevent prototype-named tools from bypassing the schemas allowlist

    When using client.tools({ schemas }) to expose only an explicitly allowed
    subset of an MCP server's tools, the allowlist check used the in operator,
    which also matches inherited Object.prototype properties. A server-advertised
    tool named constructor, toString, __proto__, etc. would pass the check
    even though the developer never defined it in schemas, and was then exposed to
    the model and executable. The check now uses Object.hasOwn, so only
    explicitly defined tools are returned.

  • Updated dependencies [aeda373]

  • Updated dependencies [375fdd7]

  • Updated dependencies [b4507d5]

    • @ai-sdk/provider-utils@5.0.0-canary.48
Assets 2
Loading