Ecosyste.ms: Timeline
Browse the timeline of events for every public repo on GitHub. Data updated hourly from GH Archive.
jspahrsummers created a review on a pull request on modelcontextprotocol/python-sdk
What about multiple result values, per my comment?
jspahrsummers created a review comment on a pull request on modelcontextprotocol/specification
I have a fair number of thoughts on this, and think this shouldn't be as generic as specified. I'd rather split it out, since auth is big enough and enough to discuss on its own.
jspahrsummers created a review comment on a pull request on modelcontextprotocol/specification
@dsp-ant ☝️ I still think this
jspahrsummers created a review comment on a pull request on modelcontextprotocol/specification
I'm fine keeping this well-known URL, but I feel strongly that we should include a recommendation to send that header. This would allow servers to issue different versions of this file for MCP vs. ...
jspahrsummers created a review comment on a pull request on modelcontextprotocol/specification
```suggestion register with the MCP server, and removes the need for users to obtain client IDs ```
jspahrsummers created a review comment on a pull request on modelcontextprotocol/specification
I think we should delete this section—it's covered above.
jspahrsummers created a review comment on a pull request on modelcontextprotocol/specification
Just curious, why is this preferable to a local client being a confidential client?
jspahrsummers created a review comment on a pull request on modelcontextprotocol/specification
```suggestion 3. Token rotation **SHOULD** be implemented for enhanced security ```
jspahrsummers created a review comment on a pull request on modelcontextprotocol/specification
I thought we agreed to only support the header?
jspahrsummers created a review comment on a pull request on modelcontextprotocol/specification
Is "manual registration" a well-understood thing?
jspahrsummers created a review comment on a pull request on modelcontextprotocol/specification
As above, I think this should be recommended but not required. Client ID and client secret could be used here.
jspahrsummers created a review comment on a pull request on modelcontextprotocol/specification
```suggestion 1. Client discovers server metadata (if available) ```
jspahrsummers created a review comment on a pull request on modelcontextprotocol/specification
This section feels redundant (and with the "SHOULD," contradictory). If this is just meant to point to the RFC, can we link it in the above sections?
jspahrsummers created a review comment on a pull request on modelcontextprotocol/specification
I think we require this everywhere, so it's redundant here.
jspahrsummers created a review comment on a pull request on modelcontextprotocol/specification
```suggestion - Dynamic registration is **OPTIONAL** (a client ID is not required) ```
jspahrsummers created a review comment on a pull request on modelcontextprotocol/specification
I suggest adding a separate paragraph which emphasizes that this is optional for servers.
jspahrsummers created a review comment on a pull request on modelcontextprotocol/specification
If a server supports this, a client needs to follow it—otherwise, it will try to access default endpoints and get very confused. ```suggestion For server capability discovery, MCP clients _MUST_ ...
jspahrsummers created a review comment on a pull request on modelcontextprotocol/specification
```suggestion M->>C: Access Token (+ Refresh Token) ```
jspahrsummers created a review comment on a pull request on modelcontextprotocol/specification
```suggestion When authorization is required and has not been provided (or is not valid), servers **MUST** respond with HTTP 401 Unauthorized. The ```
jspahrsummers created a review comment on a pull request on modelcontextprotocol/specification
```suggestion 1. MCP auth implementations **MUST** implement OAuth 2.1 with appropriate security measures for both confidential and public clients. 2. MCP auth implementations **SHOULD** su...
jspahrsummers created a review on a pull request on modelcontextprotocol/specification
Sorry, I have a fair few comments still. If it's helpful, I can fix them up myself and PR it back here.
jspahrsummers created a review on a pull request on modelcontextprotocol/specification
Sorry, I have a fair few comments still. If it's helpful, I can fix them up myself and PR it back here.
jspahrsummers pushed 2 commits to main modelcontextprotocol/docs
jspahrsummers closed a pull request on modelcontextprotocol/docs
Explains cause/solution for ${APPDATA} ENOENT
<!-- Provide a brief summary of your changes --> Some Windows users may not be able to easily configure and use MCP Servers. This appears to impact largely (if not exclusively) those users who ins...
jspahrsummers created a review on a pull request on modelcontextprotocol/docs
Thanks, this is super helpful! Appreciate you diving deep to figure this one out! ❤️
jspahrsummers created a review comment on a pull request on modelcontextprotocol/python-sdk
OTOH, this seems excessive to do on every new incoming message. Why can't we tie it to completion and cancellation?
jspahrsummers created a review comment on a pull request on modelcontextprotocol/python-sdk
https://anyio.readthedocs.io/en/stable/cancellation.html#finalization
jspahrsummers created a review comment on a pull request on modelcontextprotocol/python-sdk
Why isn't this done on completion or cancellation instead? The idea of using a timer for this seems weird to me, and leaves a window (the length of the interval) of possibly unbounded memory growth.