Skip to content

build(deps): Bump @modelcontextprotocol/sdk from 1.11.0 to 1.24.0#485

Merged
flex-development[bot] merged 2 commits intomainfrom
dependabot/npm_and_yarn/modelcontextprotocol/sdk-1.24.0
Dec 2, 2025
Merged

build(deps): Bump @modelcontextprotocol/sdk from 1.11.0 to 1.24.0#485
flex-development[bot] merged 2 commits intomainfrom
dependabot/npm_and_yarn/modelcontextprotocol/sdk-1.24.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Dec 2, 2025

Bumps @modelcontextprotocol/sdk from 1.11.0 to 1.24.0.

Release notes

Sourced from @​modelcontextprotocol/sdk's releases.

1.24.0

Summary

This release brings us up to speed with the latest MCP spec 2025-11-25. Take a look at the latest spec as well as the release blog post.

What's Changed

New Contributors

Full Changelog: modelcontextprotocol/typescript-sdk@1.23.0...1.24.0

1.23.0

What's Changed

... (truncated)

Commits
  • 356b7e6 chore: bump version for release (#1215)
  • 09623e2 Merge commit from fork
  • cf51343 feat: backwards-compatible createMessage overloads for SEP-1577 (#1212)
  • 8204126 fix: allow zod 4 transformations (#1213)
  • 6083600 Modify Origin header validation in validateRequestHeaders (streamableHttp.ts ...
  • a6ee2cb fix: normalize null to undefined in ElicitResultSchema content field (#1204)
  • 4b651b8 feat: add closeStandaloneSSEStream for GET stream polling (#1203)
  • 5ceabfb fix: normalize headers in sse transport (#856)
  • f67fc2f fix: improve SSE reconnection behavior (#1191)
  • fab7e1e feat: add closeSSEStream callback to RequestHandlerExtra (#1166)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by pcarleton, a new releaser for @​modelcontextprotocol/sdk since your current version.


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
build(deps): Bump @modelcontextprotocol/sdk from 1.11.0 to 1.24.0
d40e01c 
Bumps [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) from 1.11.0 to 1.24.0.
- [Release notes](https://github.com/modelcontextprotocol/typescript-sdk/releases)
- [Commits](modelcontextprotocol/typescript-sdk@1.11.0...1.24.0)

---
updated-dependencies:
- dependency-name: "@modelcontextprotocol/sdk"
  dependency-version: 1.24.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot Bot added scope:dependencies dependency updates type:build changes to the build system or external dependencies labels Dec 2, 2025
@flex-development flex-development Bot enabled auto-merge (squash) December 2, 2025 17:02
@flex-development
build(yarn): [dependabot skip] deduplicate dependencies for @dependabot
6e0a478 
Signed-off-by: flex-development[bot] <148604919+flex-development[bot]@users.noreply.github.com>
unicornware
unicornware approved these changes Dec 2, 2025
View reviewed changes
Copy link
Copy Markdown
Member

@unicornware unicornware left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm 👍🏾

@github-project-automation github-project-automation Bot moved this from 🆕 New to 🔖 Ready in @flex-development/tsconfig-utils Dec 2, 2025
@codecov
Copy link
Copy Markdown

codecov Bot commented Dec 2, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 100.00%. Comparing base (b562e6e) to head (6e0a478).
⚠️ Report is 95 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff            @@
##              main      #485   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files           15        15           
  Lines          506       505    -1     
  Branches        83        83           
=========================================
- Hits           506       505    -1
Flag Coverage Δ
node22 100.00% <ø> (ø)
node23 100.00% <ø> (ø)
Components Coverage Δ
lib 100.00% <ø> (ø)
see 1 file with indirect coverage changes

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update b52f816...6e0a478. Read the comment docs.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@flex-development flex-development Bot merged commit d789d02 into main Dec 2, 2025
21 checks passed
@flex-development flex-development Bot deleted the dependabot/npm_and_yarn/modelcontextprotocol/sdk-1.24.0 branch December 2, 2025 17:06
@github-project-automation github-project-automation Bot moved this from 🔖 Ready to ✅ Done in @flex-development/tsconfig-utils Dec 2, 2025
@flex-development
Copy link
Copy Markdown
Contributor

flex-development Bot commented Feb 1, 2026

This pull request has been automatically locked since there has not been any recent
activity after it was closed. Please open a new issue for related bugs or features. Be
sure to reference this issue.

@flex-development flex-development Bot locked as resolved and limited conversation to collaborators Feb 1, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@unicornware unicornware unicornware approved these changes

Assignees

No one assigned

Labels

scope:dependencies dependency updates type:build changes to the build system or external dependencies

Projects

@flex-development/tsconfig-utils
Status: ✅ Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@unicornware