Skip to content

chore(deps): bump fastmcp from 2.12.5 to 2.13.2 #411

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dependabot wants to merge 1 commit into from
Closed

chore(deps): bump fastmcp from 2.12.5 to 2.13.2 #411

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 2, 2025
edited
Loading

Bumps fastmcp from 2.12.5 to 2.13.2.

Release notes

Sourced from fastmcp's releases.

v2.13.2: Refreshing Changes

FastMCP 2.13.2 polishes the authentication stack with fixes for token refresh, scope handling, and multi-instance deployments. Discord joins the growing roster of built-in OAuth providers, Azure and Google token handling gets more reliable, and proxy classes now properly forward icons and titles. This release also adds CSP customization for consent screens and fixes an edge case where $defs could mutate during tool transforms.

Welcome to 7 new contributors who made their first FastMCP contributions in this release!

What's Changed

New Features 🎉

Enhancements 🔧

Fixes 🐞

Docs 📚

Dependencies 📦

Other Changes 🦾

New Contributors

Full Changelog: jlowin/fastmcp@v2.13.1...v2.13.2

v2.13.1: Heavy Meta

FastMCP 2.13.1 introduces meta parameter support for ToolResult (#2283), letting tools return metadata alongside results to enable new use cases such as OpenAI's Apps SDK. It also supports client-sent meta (#2206) as well as improved OAuth capabilities and custom token verifiers (including the new DebugTokenVerifier) and an OCI authentication provider. A large list of enhancements and bugfixes round out the release.

... (truncated)

Commits
  • 9c21754 Fix Azure provider OIDC scope handling (#2506)
  • 83085c3 Fix version badges for icons and website_url; add Discord example (#2509)
  • aa53bdf Add Discord OAuth integration documentation (#2508)
  • e1d41f5 Add Discord OAuth provider and corresponding tests (#2428)
  • 246a0ad Fix get_access_token() returning stale token after OAuth refresh (#2505)
  • 01ecc91 Fix OAuth proxy refresh token storage for multi-instance deployments (#2483)
  • 3341c0c Add icons support to proxy classes (#2502)
  • adbb7d6 Add title attribute to ProxyTool, ProxyResource, … (#2497)
  • ba69fba Add consent_csp_policy parameter for CSP customization (#2484)
  • d770a76 fix: prevent $defs mutation in Tool.from_tool transforms (#2493)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Dec 2, 2025
@dependabot dependabot bot mentioned this pull request Dec 2, 2025
Closed
@dependabot
chore(deps): bump fastmcp from 2.12.5 to 2.13.2
fcf31b6 
Bumps [fastmcp](https://github.com/jlowin/fastmcp) from 2.12.5 to 2.13.2.
- [Release notes](https://github.com/jlowin/fastmcp/releases)
- [Changelog](https://github.com/jlowin/fastmcp/blob/main/docs/changelog.mdx)
- [Commits](jlowin/fastmcp@v2.12.5...v2.13.2)

---
updated-dependencies:
- dependency-name: fastmcp
  dependency-version: 2.13.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/uv/fastmcp-2.13.2 branch from a11158d to fcf31b6 Compare December 3, 2025 06:55
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 4, 2025

Superseded by #424.

@dependabot dependabot bot closed this Dec 4, 2025
@dependabot dependabot bot deleted the dependabot/uv/fastmcp-2.13.2 branch December 4, 2025 02:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants