Skip to content

Comments

Bump fastmcp from 2.12.0 to 2.14.4 in /backend#2375

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/backend/fastmcp-2.14.4
Closed

Bump fastmcp from 2.12.0 to 2.14.4 in /backend#2375
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/backend/fastmcp-2.14.4

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Jan 31, 2026

Bumps fastmcp from 2.12.0 to 2.14.4.

Release notes

Sourced from fastmcp's releases.

v2.14.4: Package Deal

This patch release fixes a fresh install bug where the packaging library was previously installed as a transitive dependency but is no longer—causing an import error on fresh installs without dev dependencies. Also includes a pydocket version pin to avoid Redis connection noise in tests, plus backports from 3.x for $ref dereferencing in tool schemas and the task capabilities location fix.

What's Changed

Enhancements 🔧

Fixes 🐞

Full Changelog: PrefectHQ/fastmcp@v2.14.3...v2.14.4

v2.14.3: Time After Timeout

This patch release fixes an HTTP transport timeout bug where connections were defaulting to 5 seconds instead of respecting MCP's 30-second default, causing premature timeouts for slower operations. Also includes OAuth token storage fixes, Redis key isolation for ACL compliance, and improved ContextVar propagation for ASGI-mounted servers. Plus, the CLI will now nudge you when updates are available (you're welcome, future you).

What's Changed

Enhancements 🔧

Fixes 🐞

Full Changelog: PrefectHQ/fastmcp@v2.14.2...v2.14.3

v2.14.2: Port Authority

FastMCP 2.14.2 brings a wave of community contributions safely into the 2.x line. A variety of important fixes backported from 3.0 work improve OpenAPI 3.1 compatibility, MCP spec compliance for output schemas and elicitation, and correct a subtle base_url fallback issue. The CLI now gently reminds you that FastMCP 3.0 is on the horizon.

What's Changed

Enhancements 🔧

Fixes 🐞

... (truncated)

Commits
  • ab935b3 Add missing packaging dependency (#2989)
  • 0e5677c Merge pull request #2874 from jlowin/fix-task-capabilities-2.x
  • b0b6826 Add type ignores for extra_data kwargs
  • ed72c4b Fix type: use TasksCallCapability instead of dict
  • dec3c6d Fix task capabilities location (issue #2870)
  • bc2f601 Backport: Dereference $ref in tool schemas for MCP client compatibility (#2861)
  • 559b778 Add release notes for v2.14.2 and v2.14.3 (#2851)
  • e600570 Fix HTTP transport timeout defaulting to 5 seconds (#2848)
  • 9e86dbc Merge pull request #2843 from jlowin/debug-task-lifecycle
  • 964b23b Merge branch 'release/2.x' into debug-task-lifecycle
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump fastmcp from 2.12.0 to 2.14.4 in /backend
0ca3e67 
Bumps [fastmcp](https://github.com/jlowin/fastmcp) from 2.12.0 to 2.14.4.
- [Release notes](https://github.com/jlowin/fastmcp/releases)
- [Changelog](https://github.com/jlowin/fastmcp/blob/main/docs/changelog.mdx)
- [Commits](PrefectHQ/fastmcp@v2.12.0...v2.14.4)

---
updated-dependencies:
- dependency-name: fastmcp
  dependency-version: 2.14.4
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Jan 31, 2026

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot bot requested review from Phinease and WMC001 as code owners January 31, 2026 02:50
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Feb 6, 2026

Superseded by #2455.

@dependabot dependabot bot closed this Feb 6, 2026
@dependabot dependabot bot deleted the dependabot/pip/backend/fastmcp-2.14.4 branch February 6, 2026 15:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Phinease Phinease Awaiting requested review from Phinease Phinease is a code owner

@WMC001 WMC001 Awaiting requested review from WMC001 WMC001 is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants