Bump the other group with 31 updates

[dependabot]

Updated Autofac from 9.0.0 to 9.1.0.

Release notes

Sourced from Autofac's releases.

9.1.0

This is a pretty big release for Autofac with some major new functionality!

AnyKey Support

First, Autofac now natively supports the concept of AnyKey. It behaves the same way AnyKey works in Microsoft.Extensions.DependencyInjection, but it is native to Autofac directly. The unit tests here show some very detailed examples of usage, but on a high level:

var builder = new ContainerBuilder();
builder.RegisterType<Service>().Keyed<IService>(KeyedService.AnyKey);

var container = builder.Build();

// Registering as AnyKey allows it to respond to... any key!
var service = container.ResolveKeyed<IService>("service1");

Inject Service Key Into Constructors

The new [ServiceKey] attribute allows you to inject the service key provided during resolution. This is handy in conjunction with AnyKey. Again, this is similar to the construct in Microsoft.Extensions.DependencyInjection, but with native Autofac.

First, mark up your class to take the constructor parameter.

public class Service : IService
{
  private readonly string _id;
  public Service([ServiceKey] string id) => _id = id;
}

Then when you resolve the class, the service key will automatically be injected.

You can also make use of this in a lambda registration.

var builder = new ContainerBuilder();
builder.Register<Service>((ctx, p) => {
  var key = p.TryGetKeyedServiceKey(out string value) ? value : null;
  return new Service(key);
}).Keyed<Service>(KeyedService.AnyKey);

Metrics

Some metrics have been introduced that can allow you to capture counters on how long middleware is taking, how often lock contention occurs, and so on.

Set the AUTOFAC_METRICS environment variable in your process to true or 1 to enable this feature. You can see the set of counters that will become available here.

⚠️ This is NOT FREE. Collecting counters and metrics will incur a performance hit, so it's not something you want to leave on in production.

... (truncated)

Commits viewable in compare view.

Updated Autofac.Extensions.DependencyInjection from 10.0.0 to 11.0.0.

Release notes

Sourced from Autofac.Extensions.DependencyInjection's releases.

11.0.0

Breaking Changes

• Drop .NET 6 and .NET 7 targeting.
• Add .NET 10 target.
• Change the AnyKey support to use the new native support for AnyKey in core Autofac - this removes some of the custom internals used to support keyed services and moves that to core Autofac.

Other Changes

• Updated benchmark suite to test more scenarios.
• Executed some targeted performance improvements in the "glue" that maps M.E.DI behaviors to Autofac.
• Updated Autofac dependency to v9.1.0.

Full Changelog: autofac/Autofac.Extensions.DependencyInjection@v10.0.0...v11.0.0

Commits viewable in compare view.

Updated Azure.Extensions.AspNetCore.Configuration.Secrets from 1.4.0 to 1.5.0.

Release notes

Sourced from Azure.Extensions.AspNetCore.Configuration.Secrets's releases.

1.5.0

1.5.0 (2026-03-04)

Features Added

• Added AddKeyVaultSecrets extension methods on IConfigurationBuilder that create a SecretClient from configuration using the Azure.Core configuration extensions (built on System.ClientModel).

Bugs Fixed

• Handle OperationCanceledException in PollForSecretChangesAsync so the background polling loop exits cleanly when the provider is disposed.

1.5.0-beta.2

1.5.0-beta.2 (2026-03-19)

Features Added

• Upgraded Registry api-version to 2026-01-01-preview.

1.5.0-beta.1

1.5.0-beta.1 (2026-03-27)

Features Added

• Upgraded api-version tag from 'package-2025-07-01' to 'package-2026-01-01'. Tag detail available at https://github.com/Azure/azure-rest-api-specs/blob/8b8076693baafd8d4ebeaca903bdaa0c191766b9/specification/storagecache/resource-manager/Microsoft.StorageCache/StorageCache/readme.md.
• Added feature support for Expansion.

Commits viewable in compare view.

Updated Azure.Identity from 1.17.1 to 1.18.0.

Release notes

Sourced from Azure.Identity's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Azure.Identity from 1.17.1 to 1.20.0.

Release notes

Sourced from Azure.Identity's releases.

1.20.0

1.20.0 (2026-03-30)

Features Added

• Added a JSON schema segment to the NuGet package that provides IntelliSense and validation for Azure.Identity credential configuration in appsettings.json.

Breaking Changes

• AddAzureClient, AddKeyedAzureClient, and WithAzureCredential return type changed from IHostApplicationBuilder to IClientBuilder to align with the IClientBuilder composition change in System.ClientModel.

1.19.0

1.19.0 (2026-03-11)

Features Added

• Added support in ClientCertificateCredential to specify a path in the form of cert:/StoreLocation/StoreName/Thumbprint to refer to a certificate in the platform certificate store - such as the Windows Certificate Store on Windows, and the KeyChain on MacOS - instead of a file on disk. For example to load a certificate from the "My" store in the "CurrentUser" location use the path cert:/CurrentUser/My/E661583E8FABEF4C0BEF694CBC41C28FB81CD870 (A community contribution, courtesy of fowl2).

Other Changes

• Updated Microsoft.Identity.Client and Microsoft.Identity.Client.Extensions.Msal dependencies to version 4.83.1.

Commits viewable in compare view.

Updated Azure.Security.KeyVault.Secrets from 4.8.0 to 4.9.0.

Release notes

Sourced from Azure.Security.KeyVault.Secrets's releases.

4.9.0

4.9.0 (2026-03-04)

Bugs Fixed

• Fixed challenge-based authentication to correctly parse tenant ID from DSTSv2 authority URIs.

Other Changes

• The default service version is now 2025-07-01.
• Updated System.IdentityModel.Tokens.Jwt dependency to 8.14.0

Commits viewable in compare view.

Updated Azure.Storage.Blobs from 12.26.0 to 12.27.0.

Release notes

Sourced from Azure.Storage.Blobs's releases.

12.27.0-beta.1

12.27.0-beta.1 (2026-03-24)

Features Added

• Added support for service version 2026-06-06.
• Added DataLakePathClient, DataLakeFileClient, and DataLakeDirectoryClient.GetSystemProperties() and .GetSystemPropertiesAsync().
• Added DataLakePathClient, DataLakeFileClient, and DataLakeDirectoryClient.GetTags(), .GetTagsAsync(), .SetTags(), and .SetTagsAsync().

Commits viewable in compare view.

Updated ConfigCat.Client from 9.4.3 to 9.5.0.

Release notes

Sourced from ConfigCat.Client's releases.

9.5.0

This release focuses on networking-related improvements. Upgrading is highly recommended if you occasionally see HTTP errors or timeouts in the SDK's log.

Improvements:

• Implement logic to retry failed HTTP requests one time (on receiving unexpected status code, timeout or request error). (#​134)
• Implement protection against socket exhaustion theoretically possible in extreme cases. (Prevent recreation of HttpClientHandler within 30 seconds).
• Deprecate ConfigCatClientOptions.HttpClientHandler. Alternative: ConfigCatClientOptions.Proxy or ConfigCatClientOptions.ConfigFetcher = new HttpClientConfigFetcher(...).
• Add the new Proxy option to ConfigCatClientOptions.
• Make HttpClientConfigFetcher public and allows subclassing to provide an extension point for customizing request headers.
• Make reading response body in HttpClientConfigFetcher cancelable for targets below .NET 5.
• Add debug logging to HttpClientConfigFetcher.
• Add UnsupportedOSPlatform annotations for APIs that are not available when running in browser.
• Log the CF-RAY header also when the headers are received but downloading the response body times out or fails.

Bug fixes:

• Prevent sending additional headers when running in browser to avoid extra CORS OPTIONS requests.
• Prevent disposing of externally created IConfigFetcher instances (as multiple ConfigCatClient may be configured to use those.)

Commits viewable in compare view.

Updated csharpier from 1.2.5 to 1.2.6.

Release notes

Sourced from csharpier's releases.

1.2.6

What's Changed

[Bug]: XML with DOCTYPE results in "invalid xml" warning #​1809

CSharpier was not formatting xml that included a doctype and instead reporting that it was invalid xml.

<?xml version="1.0"?>
<!DOCTYPE staff SYSTEM "staff.dtd"[
    <!ENTITY ent1 "es">
]>
<staff></staff>

[Bug]: Initializing a span using stackalloc leads to different formatting compared to new #​1808

When initializing a spacn using stackalloc, it was not being formatting consistently with other code

// input & expected output
Span<int> metatable = new int[]
{
    00000000000000000000000001,
    00000000000000000000000002,
    00000000000000000000000003,
};

Span<int> metatable = stackalloc int[]
{
    00000000000000000000000001,
    00000000000000000000000002,
    00000000000000000000000003,
};

// 1.2.5
Span<int> metatable = new int[]
{
    00000000000000000000000001,
    00000000000000000000000002,
    00000000000000000000000003,
};

Span<int> metatable =
    stackalloc int[] {
        00000000000000000000000001,
        00000000000000000000000002,
        00000000000000000000000003,
    };

[Bug]: Comments in otherwise empty object pattern disappear when formatting #​1804

CSharpier was removing comments if they were the only content of an object pattern.

// input & expected output
var match = obj is {
    //Property: 123
 ... (truncated)

Commits viewable in [compare view](https://github.com/belav/csharpier/compare/1.2.5...1.2.6).
</details>

Updated [Dapper](https://github.com/DapperLib/Dapper) from 2.1.66 to 2.1.72.

<details>
<summary>Release notes</summary>

_Sourced from [Dapper's releases](https://github.com/DapperLib/Dapper/releases)._

## 2.1.72

## What's Changed
* TFM packaging for .NET 10 by @​mgravell in https://github.com/DapperLib/Dapper/pull/2195
* Fix and clarify OrWhere caveats in SqlBuilder docs by @​jnoordsij in https://github.com/DapperLib/Dapper/pull/2149
* OutputExpression wasn't working for methods that use QueryRowAsync by @​ri-rgb in https://github.com/DapperLib/Dapper/pull/2156
* CI: use preinstalled sdk by @​kbth in https://github.com/DapperLib/Dapper/pull/2160
* CI: serialize DB-dependent tests by @​kbth in https://github.com/DapperLib/Dapper/pull/2163

## New Contributors
* @​jnoordsij made their first contribution in https://github.com/DapperLib/Dapper/pull/2149
* @​ri-rgb made their first contribution in https://github.com/DapperLib/Dapper/pull/2156
* @​kbth made their first contribution in https://github.com/DapperLib/Dapper/pull/2160

**Full Changelog**: https://github.com/DapperLib/Dapper/compare/2.1.66...2.1.72

Commits viewable in [compare view](https://github.com/DapperLib/Dapper/compare/2.1.66...2.1.72).
</details>

Updated [dotnet-coverage](https://github.com/microsoft/codecoverage) from 18.3.1 to 18.5.2.

<details>
<summary>Release notes</summary>

_Sourced from [dotnet-coverage's releases](https://github.com/microsoft/codecoverage/releases)._

No release notes found for this version range.

Commits viewable in [compare view](https://github.com/microsoft/codecoverage/commits).
</details>

Updated [FirebaseAdmin](https://github.com/Firebase/firebase-admin-dotnet) from 3.4.0 to 3.5.0.

<details>
<summary>Release notes</summary>

_Sourced from [FirebaseAdmin's releases](https://github.com/Firebase/firebase-admin-dotnet/releases)._

## 3.5.0


### New Features

* feat(fcm): Add support for bandwidth constrained and restricted satellite APIs (#​502)

### Miscellaneous

* [chore] Release 3.5.0 (#​515)
* Bump Microsoft.AspNetCore.WebUtilities from 2.2.0 to 2.3.9 (#​511)
* chore: Upgrade Google.Apis.Auth and Google.Api.Gax.Rest (#​509)
* Bump coverlet.msbuild from 6.0.4 to 8.0.1 (#​505)
* Bump Microsoft.AspNetCore.Http from 2.2.2 to 2.3.9 (#​508)
* chore(deps): bump actions/setup-dotnet from 5.0.1 to 5.2.0 (#​497)
* chore(deps): bump actions/checkout from 5.0.1 to 6.0.2 (#​499)
* chore(deps): bump actions/download-artifact from 5.0.0 to 8.0.1 (#​490)
* chore(deps): bump actions/upload-artifact from 4.6.2 to 7.0.0 (#​495)
* chore(deps): bump firebase/firebase-admin-node from 13.6.0 to 13.6.1 (#​500)
* chore: Update release workflows for push triggers (#​501)
* chore: Enable NuGet trusted publishing (#​498)
* chore: Update github actions workflows and integration test resources (#​494)
* chore: Rename default branch to main (#​492)
* chore(deps): bump actions/setup-dotnet from 4 to 5 (#​481)

Commits viewable in [compare view](https://github.com/Firebase/firebase-admin-dotnet/compare/v3.4.0...v3.5.0).
</details>

Updated [FluentAssertions](https://github.com/fluentassertions/fluentassertions) from 7.2.0 to 7.2.2.

<details>
<summary>Release notes</summary>

_Sourced from [FluentAssertions's releases](https://github.com/fluentassertions/fluentassertions/releases)._

## 7.2.2

<!-- Release notes generated using configuration in .github/release.yml at support-7.0 -->

## What's Changed
### Fixes
* Fix a formatting exception when `"{}"` is used as a dictionary key by @​dennisdoomen in https://github.com/fluentassertions/fluentassertions/pull/3173
* Ensured `WithTracing` is safe when used with `BeEquivalentTo` globally by @​dennisdoomen in https://github.com/fluentassertions/fluentassertions/pull/3173
* Fix formatting exception when comparing strings containing braces by @​dennisdoomen in https://github.com/fluentassertions/fluentassertions/pull/3173
* Backport `AssertionResultSet` fixes from fluentassertions#​3100 by @​jnyrup in https://github.com/fluentassertions/fluentassertions/pull/3173

## Building
* Bump F# to 8.0 to compile with .NET 11 SDK by @​jnyrup in https://github.com/fluentassertions/fluentassertions/pull/3173

**Full Changelog**: https://github.com/fluentassertions/fluentassertions/compare/7.2.1...7.2.2

## 7.2.1

<!-- Release notes generated using configuration in .github/release.yml at support-7.0 -->

## What's Changed
### Fixes
* Prevent a crash while formatting a collection with nested empty collections by @​dennisdoomen in https://github.com/fluentassertions/fluentassertions/pull/3150


**Full Changelog**: https://github.com/fluentassertions/fluentassertions/compare/7.2.0...7.2.1

Commits viewable in [compare view](https://github.com/fluentassertions/fluentassertions/compare/7.2.0...7.2.2).
</details>

Updated [Google.Cloud.Firestore](https://github.com/googleapis/google-cloud-dotnet) from 4.1.0 to 4.2.0.

<details>
<summary>Release notes</summary>

_Sourced from [Google.Cloud.Firestore's releases](https://github.com/googleapis/google-cloud-dotnet/releases)._

## 4.2.0

### New features

- Expose the variable definition in the Cloud Firestore API


Commits viewable in [compare view](https://github.com/googleapis/google-cloud-dotnet/commits/Google.Cloud.Firestore-4.2.0).
</details>

Updated [MassTransit](https://github.com/Massient/MassTransit) from 8.5.7 to 9.1.0.

<details>
<summary>Release notes</summary>

_Sourced from [MassTransit's releases](https://github.com/Massient/MassTransit/releases)._

No release notes found for this version range.

Commits viewable in [compare view](https://github.com/Massient/MassTransit/commits).
</details>

Updated [Microsoft.EntityFrameworkCore](https://github.com/dotnet/dotnet) from 10.0.0 to 10.0.4.

<details>
<summary>Release notes</summary>

_Sourced from [Microsoft.EntityFrameworkCore's releases](https://github.com/dotnet/dotnet/releases)._

No release notes found for this version range.

Commits viewable in [compare view](https://github.com/dotnet/dotnet/commits).
</details>

Updated [Microsoft.Extensions.Configuration](https://github.com/dotnet/dotnet) from 10.0.0 to 10.0.3.

<details>
<summary>Release notes</summary>

_Sourced from [Microsoft.Extensions.Configuration's releases](https://github.com/dotnet/dotnet/releases)._

No release notes found for this version range.

Commits viewable in [compare view](https://github.com/dotnet/dotnet/commits).
</details>

Updated [Microsoft.Extensions.Hosting.Abstractions](https://github.com/dotnet/dotnet) from 10.0.0 to 10.0.3.

<details>
<summary>Release notes</summary>

_Sourced from [Microsoft.Extensions.Hosting.Abstractions's releases](https://github.com/dotnet/dotnet/releases)._

No release notes found for this version range.

Commits viewable in [compare view](https://github.com/dotnet/dotnet/commits).
</details>

Updated [ModelContextProtocol](https://github.com/modelcontextprotocol/csharp-sdk) from 0.4.0-preview.3 to 1.2.0.

<details>
<summary>Release notes</summary>

_Sourced from [ModelContextProtocol's releases](https://github.com/modelcontextprotocol/csharp-sdk/releases)._

## 1.2.0

This release improves stateless HTTP transport defaults and documentation with a **breaking behavioral change** that we are considering as a server reliability fix and therefore not bumping the major version with this release. **Legacy SSE endpoints are now disabled by default** with a new `HttpServerTransportOptions.EnableLegacySse` property available to opt back into responding to the SSE endpoints; the property is marked as an `[Obsolete]` warning as we expect to remove this property in a future major version.

A warning-level `[Obsolete]` attribute is also applied to the `RequestContext(McpServer, JsonRpcRequest)` constructor, and the `RequestContext(McpServer, JsonRpcRequest, TParams)` overload should be used instead. This change contributes to fixes including DI scope lifetime in task-augmented tools, meta/progress combination failures, and outgoing message filter routing. We plan to remove the obsolete overload in a future major version.

## Breaking Changes

Refer to the [C# SDK Versioning](https://csharp.sdk.modelcontextprotocol.io/versioning.html) documentation for details on versioning and breaking change policies.

### 1. **Disable legacy SSE by default #​1468**
`MapMcp()` no longer maps `/sse` and `/message` endpoints by default. Servers whose clients connect via SSE will find those endpoints removed.

#### Migrating from legacy SSE

If your clients connect to a `/sse` endpoint (e.g., `https://my-server.example.com/sse`), they were using the legacy SSE transport--if not running in `Stateless` mode. The `/sse` and `/message` endpoints are now **disabled by default** (`EnableLegacySse` is `false` and marked `[Obsolete]` with diagnostic `MCP9004`). Upgrading the server SDK without updating clients will break SSE connections.

**Client-side migration.** Change the client `Endpoint` from the `/sse` path to the root MCP endpoint — the same URL your server passes to `MapMcp()`. For example:

```csharp
// Before (legacy SSE):
Endpoint = new Uri("https://my-server.example.com/sse")

// After (Streamable HTTP):
Endpoint = new Uri("https://my-server.example.com/")

With the default HttpTransportMode.AutoDetect transport mode, the client automatically tries Streamable HTTP first. You can also set TransportMode = HttpTransportMode.StreamableHttp explicitly if you know the server supports it.

Server-side migration. If you previously relied on /sse being mapped automatically, you now need EnableLegacySse = true (suppressing the MCP9004 warning) to keep serving those endpoints. The recommended path is to migrate all clients to Streamable HTTP and then remove EnableLegacySse.

Transition period. If some clients still need SSE while others have already migrated to Streamable HTTP, set EnableLegacySse = true with Stateless = false. Both transports are served simultaneously by MapMcp() — Streamable HTTP on the root endpoint and SSE on /sse and /message. Once all clients have migrated, remove EnableLegacySse and optionally switch to Stateless = true.

SSE (legacy — opt-in only)

Legacy SSE endpoints are now disabled by default and must be explicitly enabled via HttpServerTransportOptions.EnableLegacySse. This is the primary reason they are disabled — the SSE transport has no built-in HTTP-level backpressure.

The legacy SSE transport separates the request and response channels: clients POST JSON-RPC messages to /message and receive responses through a long-lived GET SSE stream on /sse. The POST endpoint returns 202 Accepted immediately after queuing the message — it does not wait for the handler to complete. This means there is no HTTP-level backpressure on handler concurrency, because each POST frees its connection immediately regardless of how long the handler runs.

Internally, handlers are dispatched with a fire-and-forget pattern. A client can send unlimited POST requests to /message while keeping the GET stream open, and each one spawns a concurrent handler with no built-in limit.

The GET stream does provide session lifetime bounds: handler cancellation tokens are linked to the GET request's HttpContext.RequestAborted, so when the client disconnects the SSE stream, all in-flight handlers are cancelled. This is similar to SignalR's connection-bound lifetime model — but unlike SignalR, there is no per-client concurrency limit like MaximumParallelInvocationsPerClient. The GET stream provides cleanup on disconnect, not rate-limiting during the connection.

2. Obsolete 2-arg RequestContext constructor #​1462

The RequestContext(McpServer, JsonRpcRequest) constructor is now [Obsolete] with diagnostic MCP9003, producing build warnings. The Params property is also changed from TParams? to TParams.

Migration: Use the new 3-arg constructor: new RequestContext(server, request, parameters).

What's Changed

• Support specifying OutputSchema independently of return type for tools returning CallToolResult #​1425 by @​stephentoub (co-authored by @​Copilot)
• Add 3-arg RequestContext constructor and obsolete 2-arg to eliminate null-forgiving operator usage #​1462 by @​halter73 (co-authored by @​Copilot)
  ... (truncated)

1.1.0

Highlights of v1.1.0 include client completion details for understanding when and why a client connection ended, auto-populated completion handlers from AllowedValuesAttribute, and bug fixes for server-initiated ping handling, server capabilities initialization, and in-flight message handler cleanup.

What's Changed

• Register ping handler in McpSessionHandler to support server-initiated pings #​1391 by @​stephentoub (co-authored by @​Copilot)
• Fix Extensions not being copied to ServerCapabilities during initialization #​1399 by @​stephentoub (co-authored by @​Copilot)
• Auto-populate completion handlers from AllowedValuesAttribute on prompt/resource parameters #​1380 by @​stephentoub (co-authored by @​Copilot)
• Add client completion notification and details #​1368 by @​stephentoub (co-authored by @​Copilot)
• Wait for in-flight message handlers before ProcessMessagesCoreAsync returns #​1403 by @​stephentoub (co-authored by @​Copilot)

Documentation Updates

• Add SSE server code example to transports documentation #​1385 by @​jeffhandley (co-authored by @​Copilot)
• Simplify and update README for stable release #​1387 by @​stephentoub (co-authored by @​jeffhandley)
• Simplify and update package README.md files for stable release #​1388 by @​stephentoub (co-authored by @​Copilot @​jeffhandley)
• Remove outdated README reference from transports.md #​1394 by @​halter73
• Clean up markdown-link-check warnings #​1395 by @​jeffhandley (co-authored by @​Copilot)

Repository Infrastructure Updates

• Enable EnablePackageValidation for all src packages with 1.0.0 baseline #​1330 by @​jeffhandley (co-authored by @​Copilot @​stephentoub)
• Bump hono from 4.12.0 to 4.12.2 in the npm_and_yarn group across 1 directory #​1392
• Bump docfx from 2.78.4 to 2.78.5 #​1408
• Bump actions/download-artifact from 7.0.0 to 8.0.0 #​1406
• Bump actions/upload-artifact from 6.0.0 to 7.0.0 #​1405
• Bump danielpalme/ReportGenerator-GitHub-Action from 5.5.1 to 5.5.2 #​1404
• Bump the testing-frameworks group with 1 update #​1407
• Add issue-triage Copilot skill #​1412 by @​jeffhandley (co-authored by @​Copilot)
• Release v1.1.0 #​1411 by @​jeffhandley (co-authored by @​Copilot)

Acknowledgements

• @​r-Larch submitted issue #​1269 (resolved by #​1403)
• @​darena-mhaque submitted issue #​1398 (resolved by #​1399)
• @​hulumane submitted issue #​1332 (resolved by #​1368)
• @​AArnott submitted issue #​438 (resolved by #​1368)
• @​JarroVGIT submitted issue #​1390 (resolved by #​1391)
• @​stephentoub @​halter73 @​eiriktsarpalis @​jeffhandley reviewed pull requests

Full Changelog: modelcontextprotocol/csharp-sdk@v1.0.0...v1.1.0

1.0.0

This is the first stable release of the ModelContextProtocol C# SDK. Thank you to all of the contributors who helped us achieve this milestone!

Breaking Changes

Refer to the C# SDK Versioning documentation for details on versioning and breaking change policies.

1. Mark RunSessionHandler experimental (MCPEXP002) #​1383
   • HttpServerTransportOptions.RunSessionHandler is now annotated with [Experimental("MCPEXP002")]
   • Code that references RunSessionHandler will produce a compile-time warning (or error with TreatWarningsAsErrors); suppress with #pragma warning disable MCPEXP002
   • Consider using ConfigureSessionOptions as an alternative; RunSessionHandler may be removed or change signatures in a future release

What's Changed

• Add 2025-03-26 OAuth backward compatibility for client conformance #​1374 by @​jeffhandley (co-authored by @​Copilot)
• Mark RunSessionHandler experimental (MCPEXP002) #​1383 by @​halter73 (co-authored by @​Copilot @​jeffhandley)

Documentation Updates

• Fix a few bugs in the docs #​1379 by @​stephentoub
• Add and augment conceptual docs #​1375 by @​jeffhandley (co-authored by @​Copilot @​mikekistler @​stephentoub @​halter73)

Repository Infrastructure Updates

• Bump to version 1.0.0 (stable) #​1384 by @​jeffhandley

Acknowledgements

• @​halter73 @​stephentoub @​mikekistler @​eiriktsarpalis reviewed pull requests

Full Changelog: modelcontextprotocol/csharp-sdk@v1.0.0-rc.1...v1.0.0

1.0.0-rc.1

This release candidate completes a full API surface area audit ahead of the 1.0.0 stable release, with more changes to public APIs to ensure consistency and long-term maintainability. Protocol DTO types are updated to match the MCP specification, deprecated filter APIs are removed, and bug fixes improve transport reliability and JSON handling.

Breaking Changes

Refer to the C# SDK Versioning documentation for details on versioning and breaking change policies.

1. Address asymmetry in McpServerHandlers/McpClientHandlers and make all filter properties settable #​1337

   • Seals McpClientHandlers to match the already-sealed McpServerHandlers
   • Makes McpServerOptions.Handlers, McpServerOptions.Filters, and all IList<T> filter properties settable with null validation

2. Remove server back-references from protocol DTO types #​1345

   • Removes Tool.McpServerTool, Prompt.McpServerPrompt, Resource.McpServerResource, and ResourceTemplate.McpServerResource properties
   • Use McpServerPrimitiveCollection.TryGetPrimitive() for name-based lookups instead

3. Make Tool.Name required to match other protocol types #​1351

   • Adds required modifier to Tool.Name, matching Prompt.Name, Resource.Name, and other IBaseMetadata implementations
   • Callers must now specify Name in object initializers

4. Make LoggingMessageNotificationParams.Data required per MCP spec #​1353

   • Changes LoggingMessageNotificationParams.Data from JsonElement? to required JsonElement per the MCP specification

5. Fix CreateMessageRequestParams.Metadata type to JsonObject #​1354

   • Changes CreateMessageRequestParams.Metadata from JsonElement? to JsonObject? to match all other _meta/Meta properties in the SDK

6. Normalize CallToolResult.StructuredContent to JsonElement? #​1357

   • Changes CallToolResult.StructuredContent from JsonNode? to JsonElement? for consistency with the rest of the SDK
   • Use JsonSerializer.SerializeToElement() to produce a JsonElement

7. Unify service configuration for ISseEventStreamStore, IMcpTaskStore, and ISessionMigrationHandler #​1362

   • Consistent options + DI pattern: explicit options property > DI resolution

8. Add explicit [Experimental] protected constructors to McpClient and McpServer #​1363

   • Protected constructors on McpClient and McpServer now require suppressing MCPEXP002 to subclass

9. Remove MCP9002 obsolete APIs and document obsolete diagnostics #​1366

   • Removes the 13 AddXxxFilter extension methods on IMcpServerBuilder (e.g. AddCallToolFilter, AddListToolsFilter) that were deprecated under diagnostic MCP9002
   • Use WithRequestFilters() and WithMessageFilters() instead

10. Fix McpClientPrompt/Resource types to use RequestOptions like McpClientTool does #​1370

    • Replaces JsonSerializerOptions with RequestOptions parameter for consistency across McpClientPrompt, McpClientResource, and McpClientTool

What's Changed

• Make Tool.Name required to match other protocol types #​1351 by @​stephentoub (co-authored by @​Copilot)
• Make LoggingMessageNotificationParams.Data required per MCP spec #​1353 by @​stephentoub (co-authored by @​Copilot)
• Fix off-by-one error in reconnection attempts #​1356 by @​stephentoub (co-authored by @​Copilot)
• Remove server back-references from protocol DTO types #​1345 by @​stephentoub (co-authored by @​Copilot)
• Fix base64 deserialization when JSON encoder escapes forward slashes #​1342 by @​stephentoub (co-authored by @​Copilot)
• Increase MaxReconnectionAttempts default from 2 to 5 #​1355 by @​stephentoub (co-authored by @​Copilot)
• Prevent cancellation of initialize request per MCP spec #​1350 by @​stephentoub (co-authored by @​Copilot)
  ... (truncated)

0.9.0-preview.2

This release focuses on API surface consistency and correctness ahead of 1.0.0. Public collection properties are now typed as IList<T> instead of concrete List<T> or T[], and Root.Meta is aligned with the rest of the protocol DTOs by using JsonObject?. Other improvements include new experimental Extensions support for capabilities, missing ResourceLinkBlock properties, improved mimeType handling, and several documentation and test reliability fixes.

We plan to release the stable 1.0.0 release early in the week of February 23, 2026.

Breaking Changes

Refer to the C# SDK Versioning documentation for details on versioning and breaking change policies.

1. Replace concrete collection types with interfaces in public API surface #​1326

   • List<T> and T[] properties on ProtectedResourceMetadata, ToolResultContentBlock, ListTasksResult, and DynamicClientRegistrationResponse changed to IList<T>. Replace .Length with .Count and cast to List<T> if List<T>-specific members are needed.

2. Fix Root.Meta to use JsonObject instead of JsonElement #​1341

   • Root.Meta changed from JsonElement? to JsonObject?. Replace meta.Value.GetProperty("key").GetString() with (string?)meta["key"].

3. Make UrlElicitationRequiredErrorData.Elicitations consistent with other Protocol DTOs #​1335

   • Elicitations changed from IReadOnlyList<ElicitRequestParams> with init to IList<ElicitRequestParams> with set. Code using List<T> is unaffected since it implements both interfaces.

What's Changed

• Remove dead code: options ??= new() in McpServerImpl constructor #​1322 by @​stephentoub (co-authored by @​Copilot)
• Remove unnecessary _connectCts field from McpClientImpl #​1323 by @​stephentoub (co-authored by @​Copilot)
• Add missing Title and Icons properties to ResourceLinkBlock #​1320 by @​stephentoub (co-authored by @​Copilot)
• Omit null mimeType from ResourceContents JSON serialization #​1325 by @​stephentoub (co-authored by @​Copilot)
• Validate mimeType in ImageContentBlock.FromBytes and AudioContentBlock.FromBytes #​1321 by @​stephentoub (co-authored by @​Copilot)
• Replace concrete collection types with interfaces in public API surface #​1326 by @​stephentoub (co-authored by @​Copilot)
• Make UrlElicitationRequiredErrorData.Elicitations consistent with other Protocol DTOs #​1335 by @​stephentoub (co-authored by @​Copilot)
• Fix Metadata delegation in DelegatingMcpServerTool/Prompt/Resource #​1338 by @​stephentoub (co-authored by @​Copilot @​jeffhandley)
• Add Extensions support to ClientCapabilities and ServerCapabilities #​1317 by @​stephentoub (co-authored by @​Copilot)
• Fix _meta properties to use JsonObject #​1341 by @​stephentoub (co-authored by @​Copilot)

Documentation Updates

• Fix incorrect XML doc comments in McpClient.Methods.cs #​1333 by @​stephentoub (co-authored by @​Copilot)
• Add missing exception documentation for public APIs #​1339 by @​stephentoub (co-authored by @​Copilot)

Test Improvements

• Fix flaky DiagnosticTests on net10.0 by waiting for specific activities #​1324 by @​stephentoub (co-authored by @​Copilot)
• Fix flaky sse-retry conformance test due to CI timing overhead #​1336 by @​ericstj (co-authored by @​Copilot)

Repository Infrastructure Updates

• Bump version to 1.0.0-rc.1 #​1327 by @​jeffhandley (co-authored by @​Copilot)
• Add release-notes, breaking-changes, and bump-version Copilot skills #​1328 by @​jeffhandley (co-authored by @​Copilot)
• Bump hono from 4.11.7 to 4.12.0 in the npm_and_yarn group across 1 directory #​1316
• Bump version down to 0.9.0-preview.2 since we are still changing APIs #​1344 by @​jeffhandley (co-authored by @​Copilot)

Acknowledgements

• @​halter73 @​eiriktsarpalis @​mikekistler reviewed pull requests
  ... (truncated)

0.9.0-preview.1

The 0.9.0-preview.1 release includes multiple breaking changes focused on quality, extensibility, usability, and API consistency as we continue refining the SDK in preparation for a stable 1.0.0 release.

We plan to release the stable 1.0.0 release early in the week of February 23, 2026.

Breaking Changes

Refer to the C# SDK Versioning documentation for details on versioning and breaking change policies.

1. Use ReadOnlyMemory<byte> for binary data to eliminate UTF-16 transcoding #​1070

   • ImageContentBlock.Data, AudioContentBlock.Data, and BlobResourceContents.Blob changed from string to ReadOnlyMemory<byte>; FromImage/FromAudio renamed to FromBytes; BlobResourceContents.Data renamed to DecodedData
   • Migration: Use DecodedData for decoded bytes and FromBytes(...) factory methods

2. Split configuration of request and message filters #​1308

   • Add*Filter extension methods on IMcpServerBuilder replaced by WithMessageFilters and WithRequestFilters callbacks with grouped builder instances
   • Migration: Wrap existing filter registration inside the new callback methods

3. Don't treat McpServerHandlers as an independent options type #​1313

   • McpServerHandlers no longer resolved via IOptions<McpServerHandlers>; handlers set directly on McpServerOptions.Handlers
   • Migration: Configure handlers through McpServerOptions directly

4. Add ISessionMigrationHandler #​1270

   • Stateful Streamable HTTP POST requests without a session ID are now rejected with 400 unless the message is an initialize request
   • Compat switch: ModelContextProtocol.AspNetCore.AllowNewSessionForNonInitializeRequests = true restores previous behavior

5. Change ProtectedResourceMetadata URI properties to strings #​1264

   • Multiple properties changed from Uri?/List<Uri> to string?/List<string> to avoid unwanted URI normalization
   • Migration: Use string values directly instead of Uri objects

6. Hide experimental types from external source generators using internal property pattern #​1301

   • Experimental properties now use [JsonIgnore] + internal delegate pattern; external source generators no longer reference experimental types
   • No code changes needed for most consumers

7. Validate MCP-Protocol-Version header in Streamable HTTP handler #​1277

   • Server returns HTTP 400 for invalid/unsupported header values; missing header still allowed
   • Migration: Ensure clients send a valid protocol version or omit the header

8. Update McpErrorCode and fix error code usage to align with MCP spec #​1291

   • Task support validation errors changed from MethodNotFound to InvalidParams
   • Migration: Update error code checks for task support validation scenarios

What's Changed

• Bring up to 0.1.13 conformance #​1254 by @​stephentoub
• Change ProtectedResourceMetadata URI properties to strings and build resource strings directly #​1264 by @​halter73 (co-authored by @​Copilot)
• Log tool call name on success, not just failure #​1256 by @​halter73 (co-authored by @​Copilot)
• Fix HttpClient timeout for long-running tools without event stream store #​1268 by @​halter73 (co-authored by @​Copilot)
• Fix stderr event loss due to missing WaitForExit in DisposeProcess #​1280 by @​stephentoub (co-authored by @​Copilot)
• Update McpErrorCode XML docs and fix error code usage to align with MCP spec #​1291 by @​stephentoub (co-authored by @​Copilot)
• Add X-Accel-Buffering header to SSE responses #​1294 by @​stephentoub (co-authored by @​Copilot)
• Fix StdioServerTransport.DisposeAsync() hang: CancellableStdinStream missing Dispose override #​1276 by @​stephentoub (co-authored by @​Copilot)
  ... (truncated)

0.8.0-preview.1

The 0.8.0-preview.1 release includes new server-side capabilities including message-level filters and a distributed cache-backed event stream store, along with several bug fixes for transport reliability. This release also includes a breaking change that seals public Protocol reference types to prevent external inheritance, reinforcing the SDK's API contract as we continue refining toward a stable 1.0.0 release.

Breaking Changes

Refer to the C# SDK Versioning documentation for details on versioning and breaking change policies.

1. Seal public Protocol reference types to prevent external inheritance #​1232
   • Several public classes sealed: JsonRpcMessageContext, ElicitRequestParams.RequestSchema, ElicitRequestParams.LegacyTitledEnumSchema, ContentBlock.Converter, ResourceContents.Converter, PrimitiveSchemaDefinition.Converter
   • ElicitRequestParams.EnumSchema removed; use LegacyTitledEnumSchema directly
   • Migration: Remove any inheritance from these types; replace EnumSchema references with LegacyTitledEnumSchema

What's Changed

• Add Trace-level logging for JSON-RPC payloads in transports #​1191 by @​stephentoub (co-authored by @​halter73 @​Copilot)
• Use Process.Kill(entireProcessTree: true) on .NET for faster process termination #​1187 by @​stephentoub
• Include response body in HttpRequestException for transport client errors #​1193 by @​stephentoub (co-authored by @​Copilot)
• Fix race condition in SSE GET request initialization #​1212 by @​stephentoub
• Fix keyset pagination with monotonic UUIDv7-like task IDs #​1215 by @​eiriktsarpalis (co-authored by @​stephentoub @​Copilot)
• Add ILoggerFactory to StreamableHttpServerTransport #​1213 by @​stephentoub (co-authored by @​Copilot)
• Add support for message-level filters to McpServer #​1207 by @​halter73
• Seal public Protocol reference types to prevent external inheritance #​1232 by @​stephentoub (co-authored by @​Copilot)
• Add DistributedCacheEventStreamStore #​1136 by @​MackinnonBuck (co-authored by @​halter73)

Documentation Updates

• Fix typo in elicitation.md #​1186 by @​ruyut
• Fix typo in progress.md #​1189 by @​ruyut
• Clarify McpMetaAttribute documentation scope #​1242 by @​stephentoub (co-authored by @​Copilot)

Test Improvements

• Remove 10 second wait from docker tests #​1188 by @​stephentoub
• Fix Session_TracksActivities test #​1200 by @​stephentoub
• Fix StdioServerTransportTests to use Debug logging level instead of Trace #​1209 by @​stephentoub (co-authored by @​Copilot)
• Centralize test timeout constants to fix sporadic CI failures #​1210 by @​ericstj (co-authored by @​Copilot)
• Fix race condition in AutomaticInputRequiredStatusTests polling logic #​1223 by @​ericstj (co-authored by @​stephentoub @​Copilot)
• Centralize test timeout constants to fix CI flakiness #​1224 by @​ericstj (co-authored by @​Copilot)
• Add test coverage for AdditionalHeaders in Streamable HTTP transport #​1218 by @​stephentoub (co-authored by @​Copilot)
• Fix XunitLoggerProvider crash when background work logs after test disposal #​1229 by @​stephentoub (co-authored by @​Copilot)
• Skip .NET Framework tests on non-Windows platforms #​1226 by @​stephentoub (co-authored by @​Copilot)
• Suppress TimeProvider.Testing net472 warning #​1227 by @​stephentoub (co-authored by @​Copilot)

Repository Infrastructure Updates

• Bump version to 0.8.0-preview.1 #​1181 by @​jeffhandley (co-authored by @​Copilot)
• Bump actions/checkout from 6.0.1 to 6.0.2 #​1173
• Bump the opentelemetry-testing group with 6 updates #​1174
• Bump the other-testing group with 1 update #​1233
• Bump Anthropic from 12.2.0 to 12.3.0 #​1234

... (truncated)

0.7.0-preview.1

The 0.7.0-preview.1 release adds MCP task support, Streamable HTTP resumability with SSE event stream storage, and support for the 2025-11-25 protocol version. This release also introduces user-defined JsonSerializerOptions throughout SDK serialization APIs and includes several bug fixes for elicitation, source generator diagnostics, and URI template matching. The Streamable HTTP transport includes breaking changes to StreamableHttpServerTransport as part of the resumability implementation.

Breaking Changes

Refer to the C# SDK Versioning documentation for details on versioning and breaking change policies.

1. Streamable HTTP resumability + redelivery + SSE polling via server-side disconnect #​1077
   • StreamableHttpServerTransport.OnInitRequestReceived property removed; replaced by EventStreamStore for resumability support
   • StreamableHttpServerTransport.SessionId setter changed from { get; set; } to { get; init; }
   • Migration: Remove OnInitRequestReceived usage; use ISseEventStreamStore via EventStreamStore for resumability. Set SessionId in the object initializer instead of post-construction assignment.

What's Changed

• Update licensing to Apache 2.0 for new contributions #​1140 by @​domdomegg
• Add 2025-11-25 as supported version #​1130 by @​stephentoub (co-authored by @​Copilot)
• Streamable HTTP resumability + redelivery + SSE polling via server-side disconnect #​1077 by @​MackinnonBuck (co-authored by @​halter73)
• Fix source generator diagnostic locations for incremental caching #​1153 by @​stephentoub (co-authored by @​Copilot)
• Fix form mode elicitation schema check to apply for all form requests #​1151 by @​stephentoub (co-authored by @​Copilot)
• Add support for user-defined JsonSerializerOptions throughout SDK serialization APIs #​1113 by @​stephentoub (co-authored by @​Copilot @​eiriktsarpalis)
• Fix reserved expansion (e.g. {+var}) when matching resources #​1142 by @​halter73
• Implement MCP task support #​1170 by @​eiriktsarpalis (co-authored by @​halter73)

Documentation Updates

• Document MCP Server project template in README #​1148 by @​leslierichardson95 (co-authored by @​mikekistler @​jeffhandley)

Test Improvements

• Add comprehensive edge case tests for JSON-RPC payload shapes #​1143 by @​stephentoub (co-authored by @​Copilot)
• Fix flaky test: Client_CanResumePostResponseStream_AfterDisconnection #​1179 by @​MackinnonBuck

Repository Infrastructure Updates

• Bump version to 0.7.0-preview.1 #​1144 by @​jeffhandley
• Bump actions/setup-dotnet from 5.0.1 to 5.1.0 #​1157
• Bump actions/setup-node from 6.1.0 to 6.2.0 #​1158
• Bump the testing-frameworks group with 1 update #​1159
• Bump the other-testing group with 1 update #​1160
• Update Microsoft.Extensions.AI to 10.2.0 #​1165 by @​eiriktsarpalis (co-authored by @​Copilot @​stephentoub)
• Update Anthropic SDK to 12.2.0 #​1164 by @​eiriktsarpalis (co-authored by @​Copilot)
• Pin the MCP conformance tester package #​1176 by @​eiriktsarpalis

Acknowledgements

• @​domdomegg made their first contribution in #​1140
• @​leslierichardson95 made their first contribution in #​1148
• @​mikekistler submitted #​510 #​1020 (resolved by #​1077), #​1129 (resolved by #​1130), #​943 (resolved by #​1170)
• @​halter73 @​stephentoub @​eiriktsarpalis @​jeffhandley @​mikekistler @​MackinnonBuck @​heaths @​scutuatua-crypto reviewed pull requests

Full Changelog: modelcontextprotocol/csharp-sdk@v0.6.0-preview.1...v0.7.0-preview.1
... (truncated)

0.6.0-preview.1

This release includes improvements to source generator robustness, JSON-RPC deserialization performance, and OpenTelemetry semantic convention alignment. It also adds OAuth incremental scope consent support, fixes session timeout issues, and corrects tool result message handling for sampling with tools. Several documentation improvements and new client conformance tests round out the release.

What's Changed

• Remove s_additionalProperties from McpClientTool #​1080 by @​stephentoub (co-authored by @​Copilot)
• Migrate from Anthropic.SDK to official Anthropic package #​1083 by @​stephentoub (co-authored by @​Copilot)
• Improve caching in XmlToDescriptionGenerator #​1010 by @​stephentoub
• Support incremental scope consent (SEP-835) #​1084 by @​halter73
• Resource subscribe should be true if handler provided #​676 by @​PederHP (co-authored by @​halter73 @​mikekistler)
• Add request duration to LogRequestHandlerCompleted and LogRequestHandlerException log messages #​1092 by @​stephentoub (co-authored by @​Copilot)
• Fix session timeout due to timestamp frequency mismatch and activity tracking #​1106 by @​stephentoub (co-authored by @​Copilot @​eiriktsarpalis)
• Add CS1066 suppressor for MCP server methods with optional parameters #​1110 by @​stephentoub (co-authored by @​Copilot)
• Fix CreateSamplingHandler to use ChatRole.Tool for tool result messages #​1128 by @​stephentoub (co-authored by @​Copilot @​MackinnonBuck)
• Add examples of icons on tools, resources, prompts, and server implementation to EverythingServer #​1096 by @​mikekistler (co-authored by @​halter73)
• Use fully-qualified type names in generated partial method signatures #​1135 by @​stephentoub (co-authored by @​Copilot)
• Optimize JsonRpcMessage deserialization with single-pass parsing #​1138 by @​eiriktsarpalis (co-authored by @​Copilot @​scooletz @​stephentoub)
• Align telemetry with OpenTelemetry MCP semantic conventions #​1139 by @​stephentoub (co-authored by @​Copilot)

Documentation Updates

• Fix Icon.Theme documentation to match MCP specification #​1090 by @​stephentoub (co-authored by @​Copilot)
• Document HttpRequestException thrown by McpClient.CreateAsync #​1095 by @​stephentoub (co-authored by @​Copilot)
• Add missing exception documentation to public API surface #​1103 by @​stephentoub (co-authored by @​Copilot)
• Improve docs landing page #​1114 by @​gewarren
• Add CONTRIBUTING.md #​1125 by @​mikekistler

Test Improvements

• Remove private reflection from tests #​1107 by @​stephentoub (co-authored by @​Copilot @​halter73)
• Add client conformance tests #​1102 by @​mikekistler (co-authored by @​halter73)

Repository Infrastructure Updates

• Bump actions/setup-node from 6.0.0 to 6.1.0 #​1074
• Bump danielpalme/ReportGenerator-GitHub-Action from 5.5.0 to 5.5.1 #​1073
• Bump actions/checkout from 5.0.1 to 6.0.0 #​1005
• Bump version to 0.5.0-preview.2. Update NuGet Project URL. #​1078 by @​jeffhandley
• Update Microsoft.Extensions.AI dependencies to 10.1.0 #​1082 by @​stephentoub (co-authored by @​Copilot)
• Update Microsoft.Extensions.AI* packages to latest versions #​1093 by @​stephentoub (co-authored by @​Copilot)
• Bump actions/checkout from 6.0.0 to 6.0.1 #​1100
• Bump becheran/mlc from 1.0.0 to 1.2.0 #​1098
• Bump actions/upload-artifact from 5.0.0 to 6.0.0 #​1099
• Bump actions/download-artifact from 6.0.0 to 7.0.0 #​1097
• Bump the other-testing group with 1 update #​1101
• Bump Anthropic from 11.0.0 to 12.0.1 #​1118
• Bump the other-testing group with 1 update #​1124
• Install mono in dev container #​1133 by @​mikekistler
• Bump Anthropic from 12.0.1 to 12.1.0 #​1137
• Bump version to 0.6.0-preview.1 #​1141 by @​jeffhandley

... (truncated)

0.5.0-preview.1

The 0.5.0-preview.1 release of the Model Context Protocol C# SDK introduces significant API improvements including a unified RequestOptions parameter bag for client methods, removal of previously obsoleted APIs, and new support for Client ID Metadata Documents and URL mode elicitation. This release also adds conformance tests, DebuggerDisplay attributes for protocol types, and a convenience overload for resource subscriptions with handler delegates.

Breaking Changes

The 0.5.0-preview.1 release includes several categories of breaking changes as we continue to refine the API surface area for the path toward a 1.0.0 stable release. Refer to the C# SDK Versioning documentation for information regarding our versioning, breaking change, and support approaches.

1. Add request options bag to high level requests and include Meta #​970
   • High-level request methods refactored to use options bag. Methods CallToolAsync, GetPromptAsync, ListResourcesAsync, ReadResourceAsync, SubscribeResourceAsync, UnsubscribeResourceAsync, ListToolsAsync, ListPromptsAsync, and similar now accept a new RequestOptions parameter instead of individual JsonSerializerOptions and ProgressToken parameters.
   • Code that passes JsonSerializerOptions or ProgressToken as named or positional parameters to high-level request methods will break and must be updated to use the RequestOptions bag instead.
2. Remove obsolete APIs from codebase #​985
   • McpServerFactory class: Removed obsolete factory class for creating MCP servers.
   • McpClientFactory class: Removed obsolete factory class for creating MCP clients.
   • Obsolete interfaces removed: IMcpEndpoint, IMcpClient, IMcpServer
   • Extension methods and properties that were previously marked obsolete are no longer available.
   • LegacyTitledEnumSchema and EnumSchema remain in place as obsolete APIs, but they now use a custom diagnostic ID of MCP9001 instead of the default CS0618 obsoletion diagnostic ID. This allows references to these APIs to be suppressed with a targeted diagnostic.
3. Fall back to well-known URL in client if 401 response is missing resource_metadata parameter #​1054
   • IsConfiguredEndpointRequest() now properly validates absolute URIs by checking both host and scheme match, not just the path. This may cause previously accepted requests to be rejected if host/scheme don't match.
   • ModelContextProtocol.AspNetCore.Authentication.McpAuthenticationOptions.ResourceMetadataUri was changed from string to a nullable string?.
   • ModelContextProtocol.Authentication.ProtectedResourceMetadata.Resource was changed from required Uri to a non-required and nullable Uri?
4. Remove McpClient.Enumerate*Async methods #​1060
   • Removes EnumerateToolsAsync, EnumeratePromptsAsync, EnumerateResourceTemplatesAsync, and EnumerateResourcesAsync from the public API surface. These scenarios are covered by the corresponding List*Async methods.
5. Add McpClient/Session methods using .Protocol types #​1063
   • Methods accepting a CancellationToken token had the argument renamed from token to cancellationToken for consistency throughout the SDK.
   • Methods accepting a JsonSerializerOptions? serializerOptions argument were updated to accept a RequestOptions? options argument instead, further adopting the RequestOptions class introduced in #​970.
   • ModelContextProtocol.Client.McpClient.CompleteAsync was updated to add an optional RequestOptions? options argument, changing the position of the optional CancellationToken argument on the method signature.
   • ModelContextProtocol.Client.McpClient.UnsubscribeFromResourceAsync arguments were changed to now accept UnsubscribeRequestParams requestParams, CancellationToken cancellationToken = default.
   • ModelContextProtocol.Client.McpClient.SetLoggingLevel was renamed to SetLoggingLevelAsync.

What's Changed

• Add support for Client ID Metadata Documents to enable URL-based client registration #​1023 by @​MackinnonBuck
• Add Conformance tests for the server #​983 by @​mikekistler
• Adjust analyzer diagnostic severities and improve MCP001 reporting #​1038 by @​stephentoub (co-authored by @​Copilot)
• Remove obsolete APIs from codebase #​985 by @​MackinnonBuck (co-authored by @​Copilot @​eiriktsarpalis @​jeffhandley)
• Add support for data to McpProtocolException #​1028 by @​stephentoub (co-authored by @​Copilot)
• Fix XML generator partial method issues #​1059 by @​jongalloway
• Remove McpClient.Enumerate*Async methods #​1060 by @​stephentoub (co-authored by @​Copilot)
• Add request options bag to high level requests and include Meta #​970 by @​mikekistler (co-authored by @​stephentoub @​Copilot)
• Add support for URL mode elicitation #​1021 by @​halter73
• Synthesize return description into tool description when UseStructuredContent is false #​1049 by @​stephentoub (co-authored by @​Copilot)
• Add ResourceNotFound error code (-32002) #​1062 by @​stephentoub (co-authored by @​Copilot)
• Add McpClient/Session methods using .Protocol types #​1063 by @​stephentoub
• WithMeta for McpClientTool #​1027 by @​PederHP (co-authored by @​stephentoub)
• Fall back to well-known URL in client if 401 response is missing resource_metadata parameter #​1054 by @​halter73
• Add DebuggerDisplay attributes to Protocol types #​1068 by @​stephentoub (co-authored by @​Copilot @​halter73)
• Add SubscribeToResourceAsync overload with handler delegate #​1069 by @​stephentoub (co-authored by @​Copilot)

Documentation Updates

• Core Protocol docs edit pass #​1032 by @​gewarren
  ... (truncated)

0.4.1-preview.1

This release brings protocol type standardization, several MCP specification implementations, and new features including an incremental source generator for automatic Description attributes from XML comments and client session resumption support. This release includes breaking changes to protocol types and elicitation enum schemas; refer to the Breaking Changes section below for details.

We are working toward the first stable version of the C# SDK as version 1.0.0, which will have compliance with Version 2025-11-25 of the MCP specification. We will publish at least one more pre-release version of the SDK before declaring the stable version, and breaking changes to remove obsolete interfaces and extension methods (#​774) are expected as part of stabilizing the API.

Breaking Changes

Refer to the C# SDK Versioning documentation for details on versioning and breaking change policies.

1. Audit and standardize MCP protocol types for consistency #​892
   • Property mutability changes
   • Required properties changes
   • Collection types used for properties
2. Implement SEP-1330: Standards-compliant enum schemas for elicitation #​969
   • EnumSchema is marked [Obsolete] using the default CS0618 diagnostic, and it becomes an alias for LegacyTitledEnumSchema, which is also marked as [Obsolete] using the default CS0618 diagnostic

What's Changed

• Add default value support for all primitive types in elicitation schemas (SEP-1034) #​924 by @​eiriktsarpalis (co-authored by @​Copilot)
• Audit protocol types #​892 by @​MackinnonBuck
• Implement SEP-986: Specify Format for Tool Names #​945 by @​stephentoub
• Add public constructors to McpClient types for reusing cached definitions #​938 by @​stephentoub (co-authored by @​Copilot)
• Tweak how McpClientTool.InvokeAsync exposes some content #​941 by @​stephentoub
• Ignore unexpected properties when deserializing a ContentBlock #​956 by @​jeffhandley
• Add Description property to Implementation type per MCP spec #​966 by @​stephentoub (co-authored by @​Copilot)
• Remove TODOs related to AllowOutOfOrderMetadataProperty workarounds #​977 by @​eiriktsarpalis
• Make JsonRpcMessageWithId.RequestId non-required #​984 by @​MackinnonBuck
• Implement SEP-1330: Standards-compliant enum schemas for elicitation #​969 by @​stephentoub (co-authored by @​Copilot)
• Add production-ready incremental source generator for automatic Description attributes from XML comments #​899 by @​stephentoub (co-authored by @​Copilot)
• Add tools support to sampling #​976 by @​stephentoub
• Use JsonElement.Parse for string-to-JsonElement deserialization #​1002 by @​stephentoub (co-authored by @​Copilot)
• Fix race condition in StdioClientTransport on .NET Framework #​996 by @​stephentoub (co-authored by @​Copilot)
• Tokens can be cached beyond the lifetime of the (http) transport #​834 by @​halllo
• Add ability for client to resume session #​1029 by @​halter73

Documentation Updates

• Update ModelId in QuickStartClient to non-deprecated version #​926 by @​PederHP
• Add file-based MCP server sample #​931 by @​PederHP
• Align error handling documentation with SEP-1303 #​967 by @​stephentoub (co-authored by @​Copilot)
• Fix a couple issues in the client sample readme #​994 by @​ericstj
• Fix documentation typos and incorrect type references #​993 by @​MackinnonBuck (co-authored by @​Copilot)
• Introduce versioning, breaking changes, and support document #​986 by @​jeffhandley (co-authored by @​Copilot @​eiriktsarpalis @​mikekistler)
• Address additional feedback on Versioning doc #​999 by @​jeffhandley
• Tweak the file-based MCP server sample #​1019 by @​eiriktsarpalis
• Writing style edits #​1024 by @​gewarren

Test Improvements

• Fix tests in Dev Container #​965 by @​halter73
• Skip flaky test on Mono where stderr callbacks are unsupported #​980 by @​stephentoub (co-authored by @​Copilot)
  ... (truncated)

Commits viewable in compare view.

Updated Npgsql from 10.0.1 to 10.0.2.

Release notes

Sourced from Npgsql's releases.

10.0.2

v10.0.2 contains several minor bug fixes.

Milestone issues

Full Changelog: npgsql/npgsql@v10.0.1...v10.0.2

Commits viewable in compare view.

Updated Npgsql.EntityFrameworkCore.PostgreSQL from 10.0.0 to 10.0.1.

Release notes

Sourced from Npgsql.EntityFrameworkCore.PostgreSQL's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated OpenTelemetry from 1.14.0 to 1.15.1.

Release notes

Sourced from OpenTelemetry's releases.

1.15.1

For highlights and announcements pertaining to this release see: Release Notes > 1.15.1.

The following changes are from the previous release 1.15.0.

• NuGet: OpenTelemetry v1.15.1

  • Fixed Tracer.StartSpan() leaving the new span as Activity.Current when
    the previous activity was stopped by another thread during span creation.
    (#​6257)

  • Fixed OverflowException in TraceIdRatioBasedSampler when trace ID bytes
    produced long.MinValue.
    ([#​6928])

  • Fixed precision issues when using Histogram<float> with custom
    HistogramBucketBoundaries.
    (#​6866)

  • Fixed a thread-safety issue in LogRecordSharedPool.Rent().
    (#​6833)

  • Fixed observable instruments (ObservableCounter, ObservableUpDownCounter,
    ObservableGauge) continuing to export stale data points after a callback
    stops reporting a series.
    (#​5950)

  See CHANGELOG for details.

• NuGet: OpenTelemetry.Api v1.15.1

  • Breaking change: The Baggage API implements the latest Baggage API
    specification,
    which disallows empty baggage names and treats baggage names and values as case
    sensitive.
    (#​6931)

  See CHANGELOG for details.

• NuGet: OpenTelemetry.Api.ProviderBuilderExtensions v1.15.1

  No notable changes.

  See CHANGELOG for details.

• NuGet: OpenTelemetry.Exporter.Console v1.15.1

  No notable ...

Description has been truncated