Issues
Volume
Open Issues
↑
0.74%136
Opened
—1
last 7 days
Opened
—16
last 30 days
Opened
—78
last 90 days
Closed
—1
last 7 days
Closed
—45
last 30 days
Closed
—188
last 90 days
Response Time
Time to first maintainer response
Average
—72d
Median
↑
3.58%4d
P90
—264d
P95
—309d
Stale Issues
Issues with no activity
Stale
↑
10.87%102
>30 days
Stale
—88
>60 days
Stale
—75
>90 days
Reopen Rate
—94%
Issues by Label
| Label | Count |
|---|---|
| enhancement | 64 |
| bug | 24 |
| SEP | 21 |
| documentation | 18 |
| auth | 15 |
| security | 14 |
| proposal | 11 |
| draft | 9 |
| in-review | 3 |
| sdk | 3 |
| SEP-requested | 2 |
| governance | 2 |
| question | 2 |
| transport | 2 |
| awaiting-reply | 1 |
| schema | 1 |
| spec | 1 |
Issues Awaiting Maintainer Response
Sorted by longest wait time first
| Issue | Title | Labels | Comments | Waiting |
|---|---|---|---|---|
| #569 | Unspecified error handling for tool calls with output schema | enhancement | 2 | 321d |
| #637 | Proposal: Add RootsTemplate to the schema | enhancement | 0 | 310d |
| #693 | Define display name for prompt/tool/resource input | enhancement | 0 | 303d |
| #705 | [SPEC] Clarification on Notification Identification and Naming Convention | (unlabeled) | 6 | 302d |
| #910 | Specification should be more prescriptive about client/host/LLM behavior | enhancement | 0 | 280d |
| #956 | Enable structured inputs/outputs for Resources | enhancement | 0 | 272d |
| #1281 | Versioning challenges with spec negotiation – client/server compatibility & rollout concerns | enhancement | 5 | 251d |
| #1308 | Listing tools filling up context window | enhancement | 3 | 246d |
| #1341 | Obligatory MCP state transitions | (unlabeled) | 2 | 239d |
| #1400 | SEP-1400: Semantic Versioning for MCP Specification | enhancementSEP+1 | 7 | 224d |
| #1416 | Bug(Schema): Linting issues found using the @sourcemeta/jsonschema cli | bug | 0 | 219d |
| #1610 | SEP-1610: Declarative Multi‑Step Tool Chaining for MCP | proposalSEP | 2 | 185d |
| #1642 | MCP specification inconsistent naming format of methods | enhancementquestion | 2 | 177d |
| #1667 | Unclear if `ping` MUST be supported before `initialize` request | bug | 1 | 175d |
| #1841 | Clarify and potentially rename “stdio” transport to reflect generic byte-stream support | enhancement | 1 | 141d |
| #1917 | Add `pending` or `submitted` status to TaskStatus | bug | 5 | 131d |
| #1939 | Define behavior when Last-Event-ID is unresumable (unknown / expired / wrong session) | enhancement | 0 | 123d |
| #1955 | Tasks SEP-1686 missing important operation "wait"/"await" to prevent excessive polling | (unlabeled) | 12 | 120d |
| #1956 | Tasks SEP-1686:Define result when there are pending `tasks/result` and `tasks/cancel` is called | bug | 1 | 120d |
| #2006 | Elicitation client side timeout coodination | bug | 0 | 107d |
| #2326 | Tier 1 assessment for Swift MCP | sdk | 1 | 39d |
| #2452 | Tasks SEP-1686: In-progress results | bug | 1 | 16d |
| #2451 | Tasks SEP-1686: Missing discussion of task notifications | bug | 0 | 16d |
| #2470 | Proposal: Capability-Aware Tool Presentation for Heterogeneous Model Sizes | (unlabeled) | 1 | 14d |
| #2475 | What HTTP stream is supposed to receive logs | bug | 1 | 14d |
Bug
—Open issues with the bug label.
Click to filter.
81
Enhancement
—Open issues with the enhancement label.
Click to filter.
75
Question
—Open issues with the question label.
Click to filter.
4
Triage pending
—Issues missing type label or priority.
Click to filter.
Green: < 5
Yellow: 5–9
Red: 10+
28
Triage > 2d
—Issues missing type or priority label, past 2 business days.
SEP-1730: triage within 2 business days.
Green: 0
Yellow: 1–2
Red: 3+
24
Reply > 2d
—Reporter replied after our last comment and we haven't responded in 2 business days.
Green: 0
Yellow: 1–2
Red: 3+
41
P0 > 7d
—P0 issues open longer than 7 days.
SEP-1730: resolve critical bugs within 7 days.
Green: 0
Red: any
0
P1 > 90d
—P1 issues open longer than 90 days.
Not in SEP-1730 — surfaces aspirational-P1 rot.
Green: 0
Yellow: 1–4
Red: 5+
26
Stats — volume, response time, staleness, labels
Volume
Open Issues
↑
4.82%174
Opened
—6
last 7 days
Opened
—34
last 30 days
Opened
—87
last 90 days
Closed
—0
last 7 days
Closed
—64
last 30 days
Closed
—96
last 90 days
Response Time
Time to first maintainer response
Average
—74d
Median
↓
16.05%29d
P90
—193d
P95
—225d
Stale Issues
Issues with no activity
Stale
↑
3.12%132
>30 days
Stale
—90
>60 days
Stale
—77
>90 days
Reopen Rate
—96%
Issues by Label
| Label | Count |
|---|---|
| ready for work | 82 |
| bug | 81 |
| enhancement | 76 |
| P2 | 52 |
| P3 | 35 |
| v2 | 31 |
| P1 | 29 |
| auth | 24 |
| needs confirmation | 23 |
| needs design | 16 |
| needs repro | 9 |
| help wanted | 7 |
| breaking change | 6 |
| pending SEP approval | 5 |
| question | 4 |
| documentation | 3 |
| good first issue | 3 |
| improves spec compliance | 3 |
| needs decision | 2 |
| needs maintainer | 1 |
Triage (28)
Missing labels. Quick to clear — each is a 30-second decision.
Untriaged (14) — SEP-1730: apply type label within 2 business days.
| # | Author | Title | Labels | 💬 | Age |
|---|---|---|---|---|---|
| #1459 | pcarleton | _onclose() incomplete cleanup: _timeoutInfo not cleared and stale .finally() can delete new connection's abort controller | — | 66d | |
| #1471 | mattzcarey | registerToolTask handlers receive wrong arguments when inputSchema is omitted | — | 65d | |
| #1474 | mattzcarey | Completers as a first class option in Prompts | — | 65d | |
| #1476 | Bacra | Client received "no session ID or not initialization request" when server restart | 1 | 65d | |
| #1512 | mattzcarey | [TRACKING] non compliance with SEP-986 / tool name validation | 4 | 59d | |
| #1562 | gogakoreli | schemaToJson() produces $ref in tool inputSchema, causing LLM failures | 1 | 48d | |
| #1565 | joy7758 | RC1 Review Request: AAR-MCP-2.0 Verifiable Interaction Layer (Conformance Gate included) | 1 | 47d | |
| #1587 | zero1zero | Published 2.0.0-rc/alpha version to npmjs.com? | — | 43d | |
| #1635 | ac-aashugupta | StreamableHTTPClientTransport should handle 404 and 406 gracefully for GET SSE stream | 2 | 35d | |
| #1641 | semistrict | StreamableHTTPClientTransport cannot be restarted after close() — breaks OAuth re-authentication | 1 | 33d | |
| #1819 | yu1uuu | Resources: Disable listChanged capability in V1x | — | 10d | |
| #1831 | digitamaz | Add Clarvia AEO badge — MCP agent-readiness score | — | 9d | |
| #1852 | cdunda-perchwell | StreamableHTTPServerTransport destroys sessions on TCP keepalive timeout (regression in 1.25+) | 1 | 5d | |
| #1869 | dgon-jd | prompts/get rejects omitted `arguments` when all argsSchema fields are optional; tools fix (#1404) not in 1.x | — | 0d |
Partially triaged (14) — Has a type label but no priority or status — finish triage.
| # | Author | Title | Labels | 💬 | Age |
|---|---|---|---|---|---|
| #1430 | NSeydoux | Support providing client scopes to StaticPrivateKeyJwtProvider (also applicable to PrivateKeyJwtProvider) | enhancement | 1 | 70d |
| #1450 | waltmayf | OAuth Token Exchange Fails with Separate Authorization Servers | bug | 1 | 66d |
| #1477 | NSeydoux | Support custom claims in `PrivateKeyJwtProvider` | enhancement | — | 64d |
| #1537 | josefaidt | consider consolidation of tooling, revise ts setup | enhancement | — | 54d |
| #1582 | asoorm | Scope overwrite in 403 upscoping prevents progressive authorization for servers with per-operation scopes | bug | — | 44d |
| #1585 | jonnycoder1 | server.tool() silently drops inputSchema when passed plain JSON Schema objects instead of Zod schemas | bug | 4 | 43d |
| #1639 | vz443 | Hono Package is not under @modelcontextprotocol | bug | 3 | 34d |
| #1642 | jalpp | feat: Http based register tool adapters | enhancement | — | 33d |
| #1658 | arthurchan35 | StreamableHTTPServerTransport has no public API to reconstruct a session-aware transport from persisted session data | bug | 1 | 30d |
| #1734 | felixweinberger | Evaluate OIDC nonce support | enhancement | — | 17d |
| #1858 | maximemoreillon | ERR_PACKAGE_PATH_NOT_EXPORTED with @modelcontextprotocol/express | bug | — | 3d |
| #1860 | earonesty | mcpAuthRouter construction-time env is incompatible with request-scoped runtimes (Cloudflare Workers, Supabase Edge, etc.) | enhancement | — | 2d |
| #1864 | sainathreddyb | McpServer.registerTool() does not support icons field from ToolScheme | bug | 1 | 1d |
| #1863 | haydenrear | Add MCP_TOOL_TIMEOUT_MSEC default value only for tool calls. | enhancement | — | 1d |
Active (54)
Someone is waiting on us. Longest-waiting first.
Needs reply (42) — Reporter answered after our last comment — respond.
| # | Author | Title | Labels | 💬 | Age |
|---|---|---|---|---|---|
| #149 | disintegrator | Unordered and partial query parameter matching | bug P1 | 3 | 421d |
| #153 | mikesir87 | Expected manner to capture error details during startup | enhancement P3 | 5 | 416d |
| #174 | punkpeye | stderr is not available until after start is called | bug P1 | 2 | 398d |
| #181 | theodormarcu | MCP should return empty instead of error if tools / prompts / resources are not defined | bug | 7 | 395d |
| #342 | cj2a7t | SSEClientTransport | bug | 5 | 359d |
| #392 | mhart | Promise/async handling causes unhandled rejections | bug | 3 | 351d |
| #419 | bbracha-evinced | Cannot load a basic STDIO MCP server (JS) in claude desktop | bug | 2 | 346d |
| #436 | jigarchhadwa | SSE client is not adding headers from requestInit? in _commonHeaders method | bug P2 | 6 | 344d |
| #470 | tobegit3hub | MCP SDK Path Handling Bug for Subpath Servers | bug | 4 | 335d |
| #471 | tobegit3hub | MCP SDK Can not handle the MCP Servers with subpath | bug | 5 | 335d |
| #484 | ajgray-stripe | SDK makes HTTPS fetches through an HTTP proxy | bug P3 | 2 | 332d |
| #539 | ghalibansari | Raw bytes support sending to mcp server in callTool method | bug | 5 | 322d |
| #545 | pavinduLakshan | Resolving Authorization server metadata URL omits the base path of the Authorization server URL | bug | 12 | 319d |
| #677 | dudo | ResourceTemplate fails when user selects <Empty> for optional parameter | bug P2 | 3 | 293d |
| #688 | dudo | Resource Templates: Support for display names vs values in completion and better handling of special characters in URI paths | enhancement P3 | 3 | 290d |
| #737 | Mohhit1230 | Request time out issue repeatedly | bug | 6 | 279d |
| #772 | andormarkus | Add Initial Access Token Support for Dynamic Client Registration | enhancement P2 | 2 | 268d |
| #776 | elvisjhonataoliveira | [BUG] Multi-Node Deployment with Persistent Storage Mode not working | bug P1 | 3 | 267d |
| #780 | shellRaining | onerror and other listener not remove after client close (stdio) | bug P3 | 3 | 266d |
| #836 | danielsinai | Dynamic Tool Registration Based on Authentication Context | enhancement P2 | 6 | 249d |
| #842 | cameroncooke | Bulk tool registration causes EventEmitter memory leak warnings | bug | 3 | 248d |
| #852 | christopherorea | Missing session reuse in browser: client.connect ignores mcp-session-id | bug P1 | 8 | 246d |
| #868 | shellRaining | When executing client.close(), onerror will be executed twice (Streamable HTTP) | bug P1 | 6 | 240d |
| #876 | Kelier | sse timeout set dont work & always close after 5mins | bug P1 | 4 | 239d |
| #912 | zhuyuanmin | 【BUG】Use Koa server create StreamableHTTPServerTransport, when call tool, server crash! | bug | 4 | 220d |
| #929 | LandonSchropp | Client#listPrompts results in MCP error -32601: Method not found | bug P3 | 4 | 212d |
| #943 | y0geshdev | The bug in InMemoryEventStore break SSE stream resumability | bug P3 | 2 | 206d |
| #949 | Lutz2015 | Client error for command SSE stream disconnected: TypeError: terminated | bug | 3 | 204d |
| #956 | jordan-burnett | Ability to pass custom context to tool handlers | enhancement P3 | 3 | 201d |
| #971 | NorthIsUp | CommonJS export paths broken - missing index.js file in dist/cjs | bug P1 | 4 | 196d |
| #1028 | juanlluva | ListTools request handler fails to generate inputSchema (jsonSchema) | bug P1 | 6 | 176d |
| #1079 | 4bd4ll4h | # MCP SDK ResourceTemplate URI Validation Issue: RFC 6570 Template Matching Behavior | bug P2 | 2 | 157d |
| #1132 | enesgules | Question: Tool list changed notification | question P3 | 3 | 142d |
| #1149 | spacewander | output schema has unnecessary restriction type=object | bug P2 | 4 | 140d |
| #1167 | bmingles | Support `roots/list` request from server to client | enhancement P3 | 5 | 135d |
| #1211 | whynixx | SSE stream disconnected: TypeError: terminated | bug P2 | 4 | 129d |
| #1238 | ahammednibras8 | Feature Request: Middleware support for McpServer | enhancement P2 | 5 | 126d |
| #1308 | joshjg | Tool output validation fails when outputSchema is a Zod schema other than ZodObject | bug P2 | 3 | 114d |
| #1380 | kirill578 | Bug: `new McpServer()` throws "Schema method literal must be a string" during initialization (method literal stored under `_def.values[0]`) | bug P1 | 3 | 86d |
| #1400 | AI-Hub-Admin | MCP 1.25 Cursor Second Connection to StreamableHTTPServerTransport Initialization Request Failed | bug P3 | 2 | 83d |
| #1415 | mozmo15 | getParseErrorMessage prioritizes error.message which bypasses custom Zod errors | bug P2 | 3 | 78d |
| #1417 | severi | MCP servers deployed on AWS Lambda Function URLs stopped working after upgrading from v1.24.2 to v1.25.0+ | bug | 4 | 78d |
Community active (12) — The community is debugging/discussing; no maintainer has engaged. Adopt their answer or redirect.
| # | Author | Title | Labels | 💬 | Age |
|---|---|---|---|---|---|
| #143 | jspahrsummers | Better CORS defaults for SSE transport | enhancement P1 | 6 | 430d |
| #451 | pete-grunge-ai | Subclassing McpServer causes tool invocation issues | bug | 3 | 339d |
| #553 | sram1337 | tool/call results in 'Method not found' with StreamableHTTPServerTransport in stateful session after successful initialize (SDK v1.12.0) | bug P1 | 3 | 318d |
| #558 | kentcdodds | Support the resources/subscribe method | enhancement P2 | 6 | 317d |
| #754 | boogie-amplitude | ProxyOAuthServerProvider fails with Zod validation error when using Ory Hydra as OAuth provider | bug P2 | 3 | 274d |
| #778 | junjiexv | invoke asyn method in mcp tool through StreamableHttpTransport cause early return from tool call | bug P1 | 4 | 266d |
| #1159 | pcarleton | Validate clientMetadataUrl at construction time rather than during auth flow (SEP-991/CIMD) | enhancement P3 | 3 | 137d |
| #1231 | bhaveshpatel640 | Undici instrumentation marks successful MCP requests as aborted due to premature AbortController.abort() in SSE / StreamableHTTP transports | enhancement P2 | 4 | 127d |
| #1385 | punkpeye | Task-augmented tool call errors are wrapped incorrectly, masking actual error messages | bug P2 | 3 | 85d |
| #1708 | mbochneak | 🤖 StreamableHTTPClientTransport doesn't handle 404 per spec (no session clear + re-init) | bug P2 | 5 | 22d |
| #1716 | RyanDJLee | 🤖 startAuthorization silently redirects to wrong URL when AS metadata discovery fails for non-root paths | bug P2 | 3 | 21d |
| #1760 | DhyeyaDesai | 🤖 Race condition in auth() causes refresh token invalidation when rotating tokens are used | bug P2 | 3 | 15d |
Hygiene (87)
Stale — close or consciously keep.
Close candidates (11) — Asked for repro/confirmation over 60 days ago with no reply — verify and close.
| # | Author | Title | Labels | 💬 | Age |
|---|---|---|---|---|---|
| #19 | jspahrsummers | Automatically create a new server from a template | enhancement P3 | — | 540d |
| #147 | au-re | Additional parameters are not passed through to tools | bug | 2 | 423d |
| #320 | ynaoto | The MCP client using a tool launched with uvx does not terminate. | bug | 1 | 362d |
| #321 | nichtsam | SSEServerTransport doesn't seem to close properly | bug | 8 | 362d |
| #682 | ruturaj-browserstack | Dynamic MCP Tool Registration Not Available Mid-Chain or Same Cycle | enhancement P3 | 2 | 291d |
| #690 | dudo | Resource completion performance: Consider client-side caching and fuzzy filtering | question | 2 | 290d |
| #794 | ho3einmolavi | disconnect method for MCP client | enhancement | 2 | 263d |
| #886 | weihaoxia-01 | Request guidance/feature to stream streaming tool responses back | enhancement P3 | 1 | 233d |
| #1004 | CahidArda | storeEvent in EventStore Receives Hardcoded `streamId` | question | 1 | 188d |
| #1112 | YashwantRamAB | Can not create proxy OAuth flow with google OAuth | bug | 4 | 146d |
| #1317 | lokendra-ss | Auth Failure Retry Handler `_hasCompletedAuthFlow` | bug | 1 | 112d |
Stale backlog (76) — In the queue for over 90 days — close or actually prioritize.
| # | Author | Title | Labels | 💬 | Age |
|---|---|---|---|---|---|
| #1090 | felixweinberger | Implement SEP-990: Enterprise Managed Authorization (Extension) | enhancement P1 | 4 | 153d |
| #34 | jspahrsummers | Make it easy to send progress notifications from a request handler | enhancement P1 | 1 | 521d |
| #209 | praboud-ant | /token endpoint should validate redirect_uri matches | bug P1 | 1 | 386d |
| #1058 | felixweinberger | Implement SEP-1442: Make MCP Stateless | enhancement P1 | 1 | 161d |
| #1063 | felixweinberger | Implement SEP-1724: Extensions | enhancement P1 | 1 | 161d |
| #1151 | pcarleton | Server SDK support for scope challenges on tool calls | enhancement P1 | 1 | 139d |
| #1186 | Miaoxingren | Zombie Task Collision in StreamableHTTPServerTransport | bug P1 | 1 | 133d |
| #1234 | pcarleton | OAuth: Resource metadata URL lost after redirect, causing token exchange to fail | bug P1 | 1 | 126d |
| #1253 | felixweinberger | Type-first as opposed to Zod schema-first approach | enhancement P1 | 1 | 122d |
| #251 | gmaison | Bug: npm spawn processes incorrectly use root directory instead of project directory | bug P1 | — | 373d |
| #771 | alexhermida | Memory leak in StreamableHTTP and SSE | bug P1 | — | 268d |
| #817 | nikhilmat | Package attaches process signal handlers | bug P1 | — | 255d |
| #1262 | felixweinberger | Inject your own logger | enhancement P1 | — | 122d |
| #1250 | felixweinberger | Remove or clarify ProxyOAuthProvider | enhancement P1 | — | 122d |
| #1259 | felixweinberger | Class names - align with Python SDK (server, session, etc.) | enhancement P1 | — | 122d |
| #283 | psclkhoury | Support JSON schema in addition to zod | enhancement P2 | 11 | 367d |
| #1046 | felixweinberger | Zod types via `infer` make TypeScript types a lot less readable | enhancement P2 | 4 | 164d |
| #509 | rickchow88 | Bug Report: Tool Handlers Not Invoked with StdioServerTransport on macOS | bug P2 | 2 | 327d |
| #759 | johnfriz | OAuth token exchange fails with URL-encoded responses - assumes JSON format only | bug P2 | 2 | 273d |
| #893 | inverted-capital | McpServer re-registers capabilities after connect, blocking dynamic registration even when capabilities were supplied at construction | bug P2 | 2 | 232d |
| #951 | thomasst | Prefer token endpoint auth method obtained during OAuth client registration | bug P2 | 2 | 203d |
| #1124 | nazoking | Support Secure Hashed Client Secrets in OAuthRegisteredClientsStore | enhancement P2 | 2 | 144d |
| #1160 | clemmy | Call schema on inputSchema validation failure | enhancement P2 | 2 | 136d |
| #1294 | domdomegg | Server SDK support for signaling token expiry (401) from tool handlers | enhancement P2 | 2 | 118d |
| #6 | jspahrsummers | `Host` abstraction for multiple client → server connections in one process | enhancement P2 | 1 | 554d |
| #28 | jspahrsummers | Automate sending pings from SSE servers | enhancement P2 | 1 | 528d |
| #88 | jspahrsummers | Increase default child process `maxBuffer`, and make configurable | enhancement P2 | 1 | 486d |
| #235 | jspahrsummers | Revoke tokens if authorization code presented a second time | enhancement P2 | 1 | 378d |
| #563 | joshcanhelp | Invalid JSON RPC requests do not respond with an error | bug P2 | 1 | 315d |
| #573 | carlpeaslee | Dynamically listed Resources created by ResourceTemplates display the ResourceTemplates rather than their own | bug P2 | 1 | 314d |
| #650 | zackify | Dynamic Resources 404 when using nested paths | bug P2 | 1 | 296d |
| #927 | kentcdodds | Use types for tool annotations to reduce confusion | enhancement P2 | 1 | 213d |
| #1000 | younaman | Bug Report-2: Missing Periodic Ping Implementation | enhancement P2 | 1 | 189d |
| #1001 | younaman | Bug Report-3: Missing Progress Monotonicity Validation Leading to Resource Exhaustion | bug P2 | 1 | 189d |
| #1039 | dmcwherter | Support upscoping on insufficient_scope 403 like in Python SDK | enhancement P2 | 1 | 168d |
| #1049 | masx200 | [MCP-SDK] stdio client crashes with "MCP error -32000: Connection closed" when spawned server exits unexpectedly | bug P2 | 1 | 163d |
| #1268 | felixweinberger | MSW (Mock Service Worker) integration | enhancement P2 | 1 | 122d |
| #1361 | domdomegg | Consider type coercion for tool arguments | enhancement P2 | 1 | 93d |
| #192 | wskish | consider defaulting resetTimeoutOnProgress to True | enhancement P2 | — | 392d |
| #579 | pavelfeldman | StdioClientTransport does not follow the spec on close | bug P2 | — | 313d |
| #662 | kentcdodds | Support Zod schema with Elicitation? | enhancement P2 | — | 295d |
| #892 | katjes733 | Issue: No Reliable Mapping Between sessionId and streamId for Stateless Resumability | enhancement P2 | — | 232d |
| #941 | jeremyshi-ant | OAuth: scope parameter missing from token exchange requests | bug P2 | — | 208d |
| #1255 | felixweinberger | Fix packaging with tsdown, export from root, shims for different runtimes | enhancement P2 | — | 122d |
| #1271 | felixweinberger | Better contribution guidelines for external contributors | enhancement P2 | — | 122d |
| #1264 | felixweinberger | OpenTelemetry integration out of the box | enhancement P2 | — | 122d |
| #1260 | felixweinberger | Refactor Protocol.ts to eliminate client/server conditionals | enhancement P2 | — | 122d |
| #1263 | felixweinberger | Add custom onError config points for McpError handling | enhancement P2 | — | 122d |
| #1265 | felixweinberger | Clear abstracted way to define experimental features | enhancement P2 | — | 122d |
| #703 | KKonstantinov | Prompts - Metadata attributes in prompt registration, similar to resource metadata or tool annotations | enhancement P3 | 2 | 286d |
| #811 | mahmoudmoravej | Cannot destructure property 'requestInfo' of 'undefined' as it is undefined. | bug P3 | 2 | 259d |
| #963 | ochafik | Simplify attribution of elicitation to a tool call | enhancement P3 | 2 | 198d |
| #999 | younaman | Bug Report-1: Missing Cancellation Logging Implementation | bug P3 | 2 | 189d |
| #42 | jspahrsummers | Typechecking should fail on returning {} for all requests | bug P3 | 1 | 517d |
| #74 | lino-levan | Publish on the JSR | enhancement P3 | 1 | 498d |
| #208 | jrieken | Add ways for server processes to self-terminate when host is gone | enhancement P3 | 1 | 386d |
| #370 | logan272 | Allow Custom Client Features for MCP Tools | enhancement P3 | 1 | 355d |
| #658 | ochafik | update server examples to cover external authentication servers | enhancement P3 | 1 | 295d |
| #676 | alonhar | OAuth Request Should Accept client_id and client_secret via Headers, Not Just in the Request Body | enhancement P3 | 1 | 293d |
| #861 | utkarshpandey6 | StreamableHTTPClientTransport is not implementing Transport properly | bug P3 | 1 | 242d |
| #10 | jspahrsummers | Add conveniences for MCP proxy pattern | enhancement P3 | — | 546d |
| #387 | flippinjoe | Allow receiving messages per stream in client sdk | enhancement P3 | — | 351d |
| #581 | ZachGerman | Enforcing Content-Type header on client requests | bug P3 | — | 311d |
| #584 | localden | SDK assumes one authorization server to be used from PRM | bug P3 | — | 311d |
| #674 | fxBrBowman | Please add the ability to supply the the registerClient and defaultScopes to the ProxyOAuthServerProvider | enhancement P3 | — | 293d |
| #740 | john012343210 | Can we have a chatbot example that connected to multiple remote servers | enhancement P3 | — | 277d |
| #741 | nataliapc | Feature: Retrieve info about registered Resources and execute them from a tool | enhancement P3 | — | 276d |
| #998 | younaman | Bug Report: Initialize Request Cancellation Violation | bug P3 | — | 189d |
| #1126 | splincode | What is the recommended way of writing unit tests for MCP endpoints? | question P3 | — | 144d |
| #577 | Rajesh-Narayanappa87 | Auth : Allow user provided routes to escape Auth middleware | enhancement | 1 | 314d |
| #830 | jkorach | Need to handle GET and POST differently in OAuthServerProvider.authorize handler | enhancement | 1 | 252d |
| #932 | yadav-prakhar | Elicitation with custom input [ SEP-1456 ] | enhancement | 1 | 211d |
| #1036 | localconst | Simplify public access to McpServer registered tools | enhancement | 1 | 170d |
| #911 | dsp-ant | Implement consistent structuredContent handling per specification clarification | bug | — | 220d |
| #1059 | felixweinberger | Implement SEP-1649: MCP Server Cards (.well-known Discovery) | enhancement | — | 161d |
| #1316 | BestOwl | Support RFC 8252 dynamic loopback port selection for native OAuth clients | enhancement | — | 112d |
Not actionable (5)
Ball is elsewhere, or genuinely queued.
Waiting on reporter (2) — Asked for repro/confirmation — ball is with the author.
| # | Author | Title | Labels | 💬 | Age |
|---|---|---|---|---|---|
| #1757 | tizmagik | Add hook or middleware for transforming tools/list responses | enhancement | 2 | 15d |
| #1844 | felixweinberger | Elicit primitive schemas reject extra JSON Schema keys (pattern, format, etc.) | enhancement P3 | — | 8d |
Backlog (3) — Triaged, not blocked, under 90 days — plan into a sprint.
| # | Author | Title | Labels | 💬 | Age |
|---|---|---|---|---|---|
| #1397 | domdomegg | bug: invalid types for sessionIdGenerator in 1.25.2 | bug P1 | 5 | 83d |
| #1429 | aldipower | Do not return and expose internal errors to the client as this is a security risk | bug P1 | 1 | 71d |
| #1847 | felixweinberger | Convert tool/prompt schemas eagerly at register time instead of on tools/list | enhancement P2 | — | 7d |
Bug
—Open issues with the bug label.
Click to filter.
76
Enhancement
—Open issues with the enhancement label.
Click to filter.
99
Question
—Open issues with the question label.
Click to filter.
8
Triage pending
—Issues missing type label or priority.
Click to filter.
Green: < 5
Yellow: 5–9
Red: 10+
54
Triage > 2d
—Issues missing type or priority label, past 2 business days.
SEP-1730: triage within 2 business days.
Green: 0
Yellow: 1–2
Red: 3+
52
Reply > 2d
—Reporter replied after our last comment and we haven't responded in 2 business days.
Green: 0
Yellow: 1–2
Red: 3+
34
P0 > 7d
—P0 issues open longer than 7 days.
SEP-1730: resolve critical bugs within 7 days.
Green: 0
Red: any
0
P1 > 90d
—P1 issues open longer than 90 days.
Not in SEP-1730 — surfaces aspirational-P1 rot.
Green: 0
Yellow: 1–4
Red: 5+
50
Stats — volume, response time, staleness, labels
Volume
Open Issues
↓
0.88%224
Opened
—3
last 7 days
Opened
—26
last 30 days
Opened
—104
last 90 days
Closed
—9
last 7 days
Closed
—46
last 30 days
Closed
—120
last 90 days
Response Time
Time to first maintainer response
Average
—78d
Median
↑
12.94%47d
P90
—198d
P95
—246d
Stale Issues
Issues with no activity
Stale
↓
1.73%170
>30 days
Stale
—82
>60 days
Stale
—76
>90 days
Reopen Rate
—100%
Issues by Label
| Label | Count |
|---|---|
| ready for work | 123 |
| enhancement | 99 |
| bug | 76 |
| P2 | 59 |
| P1 | 58 |
| v2 | 54 |
| P3 | 40 |
| auth | 33 |
| documentation | 15 |
| needs confirmation | 14 |
| good first issue | 10 |
| improves spec compliance | 9 |
| question | 9 |
| breaking change | 7 |
| pending SEP approval | 6 |
| needs repro | 5 |
| improves sdk consistency | 2 |
| help wanted | 1 |
| needs maintainer | 1 |
Triage (54)
Missing labels. Quick to clear — each is a 30-second decision.
Untriaged (31) — SEP-1730: apply type label within 2 business days.
| # | Author | Title | Labels | 💬 | Age |
|---|---|---|---|---|---|
| #1318 | Norcim133 | Critical Token Refresh Bugs - Prevents Proactive Refresh | P1 | 6 | 225d |
| #1450 | certainly-param | Response leak in SSE handlers | P2 | 3 | 183d |
| #1555 | felixweinberger | Implement SEP-1724: Extensions | — | 161d | |
| #1561 | corv89 | Invalid method names return error code -32602 instead of -32601 | P3 | 1 | 161d |
| #1602 | maxisbey | OAuth: 403 responses without insufficient_scope incorrectly retry with same token | P3 | — | 150d |
| #1764 | Ctariy | Race condition in StreamableHTTP: zero-buffer memory streams cause deadlock with concurrent SSE responses | 5 | 120d | |
| #1785 | sonmaximum | Discover OIDC-only authorization servers when PR metadata is absent | P2 | 8 | 116d |
| #1821 | maxisbey | Clarify JSON-RPC error code for 'session not found' responses | — | 99d | |
| #1842 | aiwebb | ClientAuthenticator ignores token_endpoint_auth_method="none" when client_secret is stored | — | 91d | |
| #1844 | Tech-Fumi | SSE transport: "Received request before initialization was complete" error with Claude Code client | — | 90d | |
| #2021 | maxisbey | Refactor handler context to be transport- and handler-type-aware | P1 | 1 | 59d |
| #2100 | maxisbey | Bind authenticated identity to sessions in StreamableHTTPSessionManager | — | 49d | |
| #2233 | sergeykad | pywin32 installation fails on Windows — hard dep only needed for client stdio, but pulled in for all users via eager import in __init__.py | 1 | 34d | |
| #2255 | tonybhaskar | Allow explicit `message_url` override in `mcp.client.sse.sse_client` | 1 | 31d | |
| #2270 | oedokumaci | _handle_refresh_response discards existing refresh_token when server omits it | 1 | 29d | |
| #2278 | maxisbey | Mark SSE transport as deprecated | P3 | 1 | 29d |
| #2307 | tsingh2k15 | [mcp/python-sdk] ClientSession has no way to specify protocolVersion | 2 | 22d | |
| #2317 | artdent | Don't override client_metadata.scopes if they are already set | — | 21d | |
| #2326 | shahashish17 | Context Synchronization Failure Between Client and MCP Server | 1 | 19d | |
| #2328 | manthanghasadiya | [Bug] Server crashes with anyio.ClosedResourceError when receiving raw invalid UTF-8 bytes | 1 | 19d | |
| #2329 | kingpanther13 | Improve log clarity for "Terminating session: None" in stateless mode | 1 | 18d | |
| #2331 | rgoldstein1989 | Add remove_prompt() and remove_resource() for parity with remove_tool() | 4 | 18d | |
| #2349 | juliendoclot | Streamable HTTP transport rejects Accept: text/event-stream without application/json | 1 | 15d | |
| #2354 | maxisbey | Design: future of `dependencies` parameter on MCPServer | 2 | 14d | |
| #2376 | Kunyu-Chen | Image/ImageContent serialization fails in stateless HTTP mode | 1 | 11d | |
| #2379 | dgenio | ClientSession: add public API for updating callbacks after initialization | 3 | 10d | |
| #2382 | digitamaz | Add Clarvia AEO score badge to README | — | 9d | |
| #2384 | felixweinberger | Inline $ref in tool inputSchema for LLM consumption (parity with typescript-sdk) | — | 7d | |
| #2393 | jeffplourde | StreamableHTTP client: _handle_reconnection resets attempt counter to 0, causing infinite retry loop | — | 4d | |
| #2408 | dgenio | Introduce strategy/registry pattern for type handling in _create_output_model() | — | 1d | |
| #2416 | bbarwik | Bug: AssertionError: Request already responded to — cancellation race in v1.27.0 | — | 0d |
Partially triaged (23) — Has a type label but no priority or status — finish triage.
| # | Author | Title | Labels | 💬 | Age |
|---|---|---|---|---|---|
| #992 | andrey-star | Support granular OAuth2 flow with state and verifier persistence | enhancement | — | 293d |
| #1031 | davemssavage | Enable FastMCP to filter tools, prompts, resources using a fine grained policy | enhancement | 2 | 288d |
| #1305 | wenhuizhang | Feature Proposal: Secure Tool/Resource/Prompt Decorators with Auth + Encrypted I/O | enhancement | — | 228d |
| #1315 | Mars9934 | OAuth TokenHandler should check Authorization header for client credentials | enhancement | 2 | 225d |
| #1319 | localden | Support selection of authorization servers from PRM document | enhancement | — | 225d |
| #1368 | vitorbal | OAuth client should support bi-phasic oauth flows | enhancement | — | 206d |
| #1512 | venetak | Add client subscription and server event broadcasting | question | — | 168d |
| #1521 | cfytrok | How to manually set client_id client_secret? | question | — | 164d |
| #1593 | felixweinberger | Implement SEP-990: Enterprise Managed Authorization (Extension) | enhancement | 3 | 153d |
| #1625 | cdreetz | Running Streamable HTTP Servers | question | — | 147d |
| #1628 | aniketwattamwar | Agents talking to MCP Server, SSL verification is failing. Has some been through this? | question | — | 146d |
| #1966 | somaraani | Per-Request Transport Configuration for MCP Clients | enhancement | 1 | 72d |
| #2024 | nypdmax | Support multi-protocol authentication with spec-aligned discovery and OAuth fallback | enhancement | — | 59d |
| #2052 | maxisbey | Audit MCPServer constructor parameters | enhancement | 1 | 55d |
| #2051 | maxisbey | Simplify README and move examples to documentation site | enhancement | — | 55d |
| #2054 | maxisbey | Add dependency injection support to MCPServer | enhancement | — | 55d |
| #2053 | maxisbey | Replace Field(description=...) with proper docstrings in auth models | enhancement | — | 55d |
| #2105 | maxisbey | Support custom method handlers with custom params and return types on MCPServer | enhancement | — | 49d |
| #2135 | maxisbey | Public API for runtime handler registration/deregistration on low-level Server | enhancement | — | 44d |
| #2153 | maxisbey | MCPServer handlers should raise exceptions, not return error objects | enhancement | — | 42d |
| #2202 | maxisbey | Type the MCPServer handler pipeline: tool/resource/prompt return types | enhancement | — | 38d |
| #2201 | maxisbey | Add Tasks support to `MCPServer` | enhancement | — | 38d |
| #2208 | maxisbey | get_access_token() returns stale token in stateful streamable-HTTP sessions | bug | — | 36d |
Active (65)
Someone is waiting on us. Longest-waiting first.
Needs reply (36) — Reporter answered after our last comment — respond.
| # | Author | Title | Labels | 💬 | Age |
|---|---|---|---|---|---|
| #156 | grll | support logging to stderr in Jupyter Notebook Environments. | bug P3 | 6 | 448d |
| #226 | salman1993 | Improving how function docstring gets converted to tool's jsonschema for FastMCP | enhancement P2 | 11 | 412d |
| #235 | yu-iskw | Official Adapter Functions for LLM Providers in MCP Python SDK | enhancement P3 | 7 | 407d |
| #263 | Nriver | dynamic resource not working in Claude desktop | enhancement P3 | 24 | 394d |
| #262 | herrrX | cannot get response from await session.call_tool() | bug P1 | 15 | 394d |
| #348 | ezyang | No way to set isError=True for arbitrary tool result content | enhancement P3 | 2 | 383d |
| #381 | weester-yan | Fastmcp tool parameter parsing type error | bug P1 | 12 | 379d |
| #397 | alejandro5042 | Context logging function types are not spec compliant | bug | 11 | 375d |
| #423 | folkvir | MCP SSE Server: Received request before initialization was complete | bug P2 | 23 | 371d |
| #457 | alnickle | Documentation for mcp command flags | documentation P1 | 2 | 366d |
| #514 | growler | FastMCP server with SSE transport fails to shut down on a signal | bug P3 | 11 | 360d |
| #577 | HMJiangGatech | `RuntimeError: Attempted to exit cancel scope in a different task` when cleaning up multiple MCPClient instances out-of-order | bug P1 | 10 | 351d |
| #915 | hzeus | Exception in `ClientSessionGroup` if `streamable_http` MCP server is not available | bug P1 | 5 | 304d |
| #1004 | sthomson-wyn | Session ID not present in memory store should return 404, not 400 | bug P2 | 2 | 290d |
| #1038 | thomasst | MCP server: AccessToken class should have field for subject claim ("sub") | enhancement P3 | 5 | 288d |
| #1052 | yurikunash | The resource URL path is ignored when building the protected resource metadata URL | question P3 | 2 | 285d |
| #1060 | paxan | PydanticSchemaGenerationError: Unable to generate pydantic-core schema for Image type | bug P2 | 3 | 283d |
| #1103 | kdheeraz | MCP client not able to initiate StdioServerParameters while running in Jupyter Notebook | bug | 5 | 276d |
| #1126 | chrisagrams | Specifying capabilities w/ FastMCP Server | enhancement P2 | 2 | 272d |
| #1141 | abhishekgahlot2 | Progress notifications cause server to hang on stdio transport | bug P3 | 3 | 269d |
| #1205 | yarnabrina | Controlling Context in Client for Sampling Requests | documentation P1 | 7 | 256d |
| #1240 | yannj-fr | Implement OAuth relying on Authlib | enhancement P1 | 7 | 247d |
| #1269 | chipkent | FastMCP server death on client HEAD calls | bug P2 | 6 | 239d |
| #1274 | rcxwhiz | Streamable HTTP client performance regression starting with v1.12.0 | bug P2 | 2 | 238d |
| #1277 | ilvalerione | How to get environment variables on the server? | question P2 | 2 | 237d |
| #1372 | SinDongHwan | fastmcp.run() runtimeerror: task group is not initialized. make sure to use run(). | bug | 3 | 204d |
| #1374 | ochafik | No default timeout for requests (unlike TS SDK) | enhancement P2 | 4 | 204d |
| #1401 | Unshure | ClientSession Error Handling | bug P1 | 8 | 196d |
| #1509 | damianoneill | Support Per-Request HTTP Headers in call_tool() | enhancement P1 | 7 | 168d |
| #1579 | fennb | FastMCP read_resource() returns incorrect error code when resource not found | bug P3 | 4 | 156d |
| #1690 | dgenio | Introduce a shared Transport abstraction to reduce stdio/SSE/WebSocket/HTTP duplication | enhancement | 2 | 132d |
| #1691 | dgenio | Simplify and harden session lifecycle with an explicit state machine | enhancement P2 | 2 | 132d |
| #1701 | dgenio | Define and document the public Python SDK API surface | enhancement P1 | 4 | 132d |
| #1919 | joar | Trailing slash in OAuthMetadata's `issuer` causes issues with clients | bug P1 | 2 | 78d |
| #1960 | newsbubbles | BrokenResourceError race condition in stdio_client cleanup when context exits quickly | bug | 3 | 73d |
| #2057 | clouatre | Requests with "id": null silently misclassified as notifications | bug P2 | 10 | 55d |
Community active (29) — The community is debugging/discussing; no maintainer has engaged. Adopt their answer or redirect.
| # | Author | Title | Labels | 💬 | Age |
|---|---|---|---|---|---|
| #187 | jspahrsummers | Better CORS defaults for SSE transport | enhancement P1 | 5 | 430d |
| #194 | mconflitti-pbc | Allow customization of the Starlette app (middleware, routes, etc) | enhancement P1 | 8 | 426d |
| #220 | dsp-ant | Support for `path` convertor `{value:path}` in FastMCP | enhancement P1 | 4 | 414d |
| #301 | dino-su | Fast MCP Server Initializes Twice | bug P1 | 3 | 389d |
| #412 | allieus | sse_app() ignores mount prefix, resulting in 404 from client | bug P2 | 12 | 372d |
| #420 | carlosemart | Option to not rewrite the logging configuration | enhancement P1 | 10 | 372d |
| #421 | fali007 | Adding Opentelemetry to MCP SDK | enhancement P3 | 14 | 371d |
| #431 | Gelembjuk | Question: How to authorise a client with Bearer header with SSE? | documentation P1 | 17 | 370d |
| #509 | maxschulz-COL | Force returning tool result/ressource as artifact without regeneration | enhancement P2 | 6 | 360d |
| #526 | RodrigoPAml | MCP Server with Python on Claude Desktop Never Exits | bug P2 | 6 | 359d |
| #600 | grll | SDKs and other middleware SHOULD allow these timeouts to be configured on a per-request basis. | enhancement P2 | 3 | 346d |
| #671 | ycycycl | MCP Tool execution hangs indefinitely in stdio mode when calling external Python scripts | bug P3 | 6 | 336d |
| #737 | jasny6969 | Bug Report: FastMCP `RuntimeError: Received request before initialization was complete` Leading to Empty SSE Responses When Embedded in FastAPI | bug P1 | 5 | 328d |
| #817 | huang-sh | STDIO hangs forever when the using multiprocessing in tools | enhancement P3 | 3 | 317d |
| #857 | Kludex | Drop uvicorn from test suite | enhancement P2 | 7 | 314d |
| #880 | karthich | [horizontal scaling] How to actually build session persistence in streamable http MCP server? | documentation P1 | 17 | 310d |
| #1053 | sidgangs99 | Streamable HTTP transport fails when accessing MCP server on Cloud Run using sdk | bug | 4 | 285d |
| #1264 | carlosemart | Protected Resource Metadata resource erroneous when setting up authentication on server | bug P2 | 4 | 240d |
| #1294 | LidiYuan | Streamable_ ttp. py shows warning | bug P2 | 3 | 230d |
| #1335 | whitewg77 | Using /.well-known/ OAuth endpoints behind custom path on GKE | enhancement P2 | 4 | 219d |
| #1429 | maxisbey | feat: enhance dynamic tool management with notifications and enable/disable | enhancement P1 | 4 | 185d |
| #1452 | Shashikant86 | The `stdio_client` hangs indefinitely on session initialization | bug P2 | 4 | 182d |
| #1564 | ParthibanRajasekaran | stdio_client fails with BrokenResourceError during initialization | bug P3 | 3 | 158d |
| #1743 | maxisbey | Extract OAuth flow logic into reusable components for proxy use cases | enhancement P1 | 8 | 125d |
| #1788 | felixweinberger | Consider extensible pattern for protocol flow-control exceptions | enhancement P2 | 3 | 115d |
| #1801 | maxisbey | Implement server-side support for Client ID Metadata Documents (CIMD) | enhancement P2 | 3 | 112d |
| #1811 | ivanbelenky | client's `read_stream_writer` open after SSE disconnection hanging `.receive()` | bug P1 | 3 | 110d |
| #2110 | maxisbey | HTTP transport swallows non-2xx status codes causing client to hang | bug P1 | 3 | 49d |
| #2216 | nik1097 | Bug: validate_scope rejects client scopes when required scopes in None | bug P2 | 3 | 35d |
Hygiene (88)
Stale — close or consciously keep.
Close candidates (7) — Asked for repro/confirmation over 60 days ago with no reply — verify and close.
| # | Author | Title | Labels | 💬 | Age |
|---|---|---|---|---|---|
| #309 | mattzh72 | Synchronous Python Client | enhancement P2 | 7 | 388d |
| #1646 | MikeBai523 | Why synchronous @mcp.tool definition is not supported for parallelism? | bug | 1 | 141d |
| #1692 | dgenio | Revisit single-use semantics of StreamableHTTPSessionManager.run() | enhancement | 1 | 132d |
| #1702 | dgenio | Clarify and improve behavior when tool output fails schema validation | enhancement | 1 | 132d |
| #1705 | dgenio | Document and provide hooks for sandboxing file and network access in MCP tools | enhancement | 1 | 132d |
| #1805 | h-filzer | Possible ressource leak / race condition in streamable_http_client | bug | 10 | 111d |
| #1843 | davidbernat | Function parameter coercion ("false" => False) failures in properly documented FastMCP tools? | enhancement | 5 | 90d |
Stale backlog (81) — In the queue for over 90 days — close or actually prioritize.
| # | Author | Title | Labels | 💬 | Age |
|---|---|---|---|---|---|
| #883 | toughnoah | AssertionError: Unexpected message while using middlewares | bug P1 | 14 | 310d |
| #1250 | pematth | Framework does not handle refreshed tokens correctly | bug P1 | 12 | 244d |
| #539 | z29 | We need some more client and sampling examples and use-cases. | documentation P1 | 7 | 356d |
| #702 | Westerby | Auth for MCP - Starlette middleware vs. OAuthAuthorizationServerProvider | documentation P1 | 6 | 332d |
| #874 | efcwetgw | Cannot break out of session.initialize() when using streamable-http | bug P1 | 5 | 311d |
| #378 | ciccolo-anthropic | FastMCP should support all of RFC 6570 | enhancement P1 | 4 | 379d |
| #498 | dgzxx-2000 | How do python clients and servers use prompt | documentation P1 | 4 | 362d |
| #1207 | samuelcolvin | Excessive use of generics | enhancement P1 | 3 | 256d |
| #299 | john0312 | Low-level Server support for mcp dev and mcp run command | enhancement P1 | 2 | 389d |
| #373 | samirbajaj | How to set / get `client_id`? | bug P1 | 2 | 380d |
| #852 | Wuhall | Client Registration Fails with 502 Error When Connecting to Auth Server | bug P1 | 2 | 315d |
| #1065 | nileshmalode11 | MCP Completion Issue | bug P1 | 2 | 282d |
| #1253 | Kludex | Python SDK v2 | enhancement P1 | 2 | 244d |
| #1257 | 0x-Professor | Don’t use shell=True in mcp dev subprocess on Windows (command injection risk) | bug P1 | 2 | 243d |
| #1272 | lindycoder | Server hangs when shutting down if a connection is still open | bug P1 | 2 | 238d |
| #1464 | felixweinberger | Improve docs on how to use `instructions` on `InitializeResult` | documentation P1 | 2 | 181d |
| #698 | bendavis78 | Tool.run should not reveal exception value to the client | bug P1 | 1 | 332d |
| #795 | lizzzcai | Support for API Gateway Path Prefixes in SSE Client URL Handling | bug P1 | 1 | 321d |
| #881 | SoldierSacha | Client Credentials In the token Handler | enhancement P1 | 1 | 310d |
| #1233 | dsp-ant | Middleware Support in MCP | enhancement P1 | 1 | 248d |
| #1675 | AydarDD | Streamable HTTP transport drops requests immediately after `initialize` | bug P1 | 1 | 134d |
| #1739 | maxisbey | Support clean server shutdown | enhancement P1 | 1 | 125d |
| #12 | jspahrsummers | Add conveniences for MCP proxy pattern | enhancement P1 | — | 546d |
| #47 | jspahrsummers | Validate local capabilities | enhancement P1 | — | 513d |
| #1265 | FakeDocument | Trailing slash in `.well-known/oauth-protected-resource` response may violate “Canonical Server URI” requirement | bug P1 | — | 240d |
| #1410 | asheshvidyut | Cancelling a Call Tool Request from Client | question P1 | — | 193d |
| #1581 | maxisbey | Add RFC 9728 resource field validation for protected resource metadata discovery | bug P1 | — | 155d |
| #1733 | maxisbey | Refactor examples to use PEP 723 inline script metadata | enhancement P1 | — | 125d |
| #710 | skunkwerk | how to trigger a resources_changed or listChanged | enhancement P2 | 10 | 331d |
| #1798 | Junyi-99 | Guide: Resolving "421 Invalid Host Header" (DNS Rebinding Protection) | question P2 | 10 | 113d |
| #1391 | stevenh | wrapped tools using annotations fail | bug P2 | 5 | 198d |
| #1676 | david-nominal | MCP client doesn't not initialize new session when getting 404 session not found | bug P2 | 3 | 134d |
| #339 | exeex | [docs] How to run FastMCP with args or env vars? | documentation P2 | 2 | 385d |
| #1281 | FallenDeity | Modular system to define MCP Primitives | enhancement P2 | 2 | 234d |
| #1326 | Norcim133 | Clients Using Storage Face Deadlock on Token Refresh for SSE | bug P2 | 2 | 222d |
| #1405 | 0Delta | It is not possible to define a Resource that takes only the Context parameter as an argument. | bug P2 | 2 | 195d |
| #1475 | maxisbey | FastMCP: Support dynamic annotation updates | enhancement P2 | 2 | 178d |
| #1577 | gyang-xai | Client tool call hangs forever if server crashes or connection dies when using streamable-http | bug P2 | 2 | 156d |
| #1648 | FanisPapakonstantinou | ClientDisconnect returns HTTP 500 | bug P2 | 2 | 140d |
| #1656 | pfaion | FastMCP configures logging on init, which messes up application-level logging | bug P2 | 2 | 136d |
| #1723 | erwang01 | `auth` specification in `ClientSessionGroup` | enhancement P2 | 2 | 126d |
| #230 | ihrpr | No way to get `request_id` for a tool call to cancel it | enhancement P2 | 1 | 410d |
| #766 | CakeCrusher | (discussion) How to best handle instrumenting for `resources` and `prompts` | documentation P2 | 1 | 324d |
| #1023 | magicbrighter | Support for Parameter Passing in MCP Configuration and Runtime Context | enhancement P2 | 1 | 289d |
| #1218 | howardjohn | `simple-streamablehttp-stateless` example will not return data if `id=0` | bug P2 | 1 | 253d |
| #1333 | peteski22 | `stdio_server` uses unbuffered memory streams which can cause server to block and become unresponsive | bug P2 | 1 | 220d |
| #1671 | maxisbey | ServerSession methods (create_message, elicit_form) don't expose progress_callback parameter | enhancement P2 | 1 | 135d |
| #1741 | maxisbey | Support pluggable logging for structured output and correlation IDs | enhancement P2 | 1 | 125d |
| #1295 | somaraani | 401 in Streamable HTTP should be handled gracefully | bug P2 | — | 230d |
| #1393 | caffeinism | Lazy HTTP connections seem to make error handling difficult. | enhancement P2 | — | 198d |
| #1523 | cfytrok | OAuthClientProvider._handle_token_response expect json | bug P2 | — | 163d |
| #1664 | LucaButBoring | User-Agent header in sHTTP transport is not forwarded to auth flow | bug P2 | — | 136d |
| #1734 | maxisbey | Audit and document the MCP server publishing experience | enhancement P2 | — | 125d |
| #1742 | maxisbey | Introduce typed error classes with metadata | enhancement P2 | — | 125d |
| #1746 | maxisbey | Support multiple MCP protocol versions | enhancement P2 | — | 125d |
| #1744 | maxisbey | Improve exception tracebacks for easier debugging | enhancement P2 | — | 125d |
| #193 | mconflitti-pbc | Add default /docs route to list information about the HTTP MCP server | enhancement P3 | 5 | 426d |
| #762 | surister | Allow installing mcp servers from pypi | enhancement P3 | 3 | 324d |
| #837 | davenpi | Type system complexity creating developer friction and maintenance overhead | enhancement P3 | 2 | 315d |
| #1302 | DebajitKumarPhukan | [Feature Request]: Support For "Proxy" in SSE and Streamable HTTP Client | enhancement P3 | 2 | 228d |
| #1795 | maxisbey | Make JSON-RPC ID type coercion configurable | bug P3 | 2 | 114d |
| #3 | dsp-ant | Specific transports could be Python package extras | enhancement P3 | 1 | 562d |
| #73 | dsp-ant | Better logging of when handlers are called and what they return when DEBUG is set | enhancement P3 | 1 | 499d |
| #396 | omasoud | MCP Server: Inconsistent Exception Handling in @app.call_tool and Client Undetected Server Termination via Stdio | bug P3 | 1 | 375d |
| #622 | bendavis78 | [Feature] De-couple Starlette from FastMCP to make it easier to implement MCP endpoints in other frameworks | enhancement P3 | 1 | 341d |
| #1121 | wiltshirek | MCP tool proxy, planned pull request. Allowing for Seamless Human or determinism (private keys, etc) in the middle. | enhancement P3 | 1 | 273d |
| #1678 | felixweinberger | test_streamable_http.py isn't covered by test coverage | enhancement P3 | 1 | 133d |
| #1700 | dgenio | Refactor func_metadata() into smaller components for schema & metadata generation | enhancement P3 | 1 | 132d |
| #1745 | maxisbey | Remove jsonschema dependency | enhancement P3 | 1 | 125d |
| #767 | DamyanBG | Feature Proposal: Modular Router System for MCP Python SDK | enhancement P3 | — | 324d |
| #1128 | simba-git | Native sampling method on Context | enhancement P3 | — | 272d |
| #1251 | de-code | Incorrect typing hint for FastMCP.call_tool | bug P3 | — | 244d |
| #1347 | felixweinberger | Address currently ignored ruff rules in Python SDK | enhancement P3 | — | 216d |
| #1573 | maxisbey | Fix flaky test test_response in test_streamable_http.py | bug P3 | — | 156d |
| #1696 | dgenio | Clarify semantics, limitations, and naming for stateless HTTP mode | enhancement P3 | — | 132d |
| #1806 | sesajad | More control over stderr in stdio client | enhancement P3 | — | 111d |
| #436 | Gelembjuk | Question: How to get a resource argument containing "/" ? | bug | 7 | 369d |
| #1307 | jennsun | Error & Mismatch in OAuth scope resolution between Claude.ai/MCP Python SDK and Inspector | bug | 1 | 227d |
| #1332 | dsp-ant | Implement consistent structuredContent handling per specification clarification | bug | 1 | 220d |
| #1545 | felixweinberger | Implement SEP-1649: MCP Server Cards (.well-known Discovery) | enhancement | — | 162d |
| #1544 | felixweinberger | Implement SEP-1442: Make MCP Stateless | enhancement | — | 162d |
Not actionable (17)
Ball is elsewhere, or genuinely queued.
Waiting on reporter (3) — Asked for repro/confirmation — ball is with the author.
| # | Author | Title | Labels | 💬 | Age |
|---|---|---|---|---|---|
| #2083 | rf-ellamind | Optionally(?) allow plaintext on localhost subdomains | enhancement | — | 50d |
| #2121 | martimfasantos | Allow `OAuthClientProvider` to accept a pre-configured auth server URL | enhancement | — | 47d |
| #2141 | enkidulan | Add wildcard pattern support for `allowed_hosts` in transport security | enhancement | — | 44d |
Backlog (14) — Triaged, not blocked, under 90 days — plan into a sprint.
| # | Author | Title | Labels | 💬 | Age |
|---|---|---|---|---|---|
| #2114 | maxisbey | ExceptionGroup wrapping obscures real errors from task groups | bug P1 | 2 | 49d |
| #2009 | felixweinberger | Re-enable conformance tests in CI | bug P1 | 1 | 61d |
| #2113 | maxisbey | Redesign lifespan: separate server-scoped and session-scoped lifetimes | enhancement P1 | 1 | 49d |
| #1889 | felixweinberger | Add transport types to Client + infer_transport() for auto-detection | enhancement P1 | — | 83d |
| #2098 | maxisbey | Expose session, auth, and transport information on handler Context | enhancement P1 | — | 49d |
| #2116 | sr07asthana | Support MCP client session resumption (sessionId reuse) in Python SDK | enhancement P2 | 2 | 48d |
| #1873 | TommyVee | Bug: String parameters starting with digits coerced to numbers, causing UUID data loss | bug P2 | 1 | 84d |
| #2150 | emmahoggan | Active Streamable HTTP sessions are not terminated during shutdown | bug P2 | 1 | 42d |
| #2001 | hubbard-zlee | Progress notifications not delivered via SSE in stateless HTTP mode | bug P2 | — | 63d |
| #2107 | maxisbey | Handle list_changed notifications instead of dropping them | bug P2 | — | 49d |
| #1933 | hyn0027 | Using transport="stdio" closes real stdio, causing ValueError after server exits | bug P3 | 2 | 77d |
| #2108 | maxisbey | Design client-side caching for list_tools/list_prompts/list_resources | enhancement P3 | 2 | 49d |
| #1974 | mjahr | find_context_parameter() fails to detect Context parameter in callable class instances | bug P3 | 1 | 70d |
| #2111 | maxisbey | Support serializable session state for distributed deployments | enhancement P3 | — | 49d |
Volume
Open Issues
↑
0.90%112
Opened
—1
last 7 days
Opened
—27
last 30 days
Opened
—92
last 90 days
Closed
—4
last 7 days
Closed
—20
last 30 days
Closed
—106
last 90 days
Response Time
Time to first maintainer response
Average
—23d
Median
↑
0.73%1d
P90
—77d
P95
—157d
Stale Issues
Issues with no activity
Stale
↑
14.10%89
>30 days
Stale
—52
>60 days
Stale
—45
>90 days
Reopen Rate
—100%
Issues by Label
| Label | Count |
|---|---|
| enhancement | 60 |
| bug | 38 |
| needs confirmation | 25 |
| ready for work | 18 |
| P2 | 14 |
| P3 | 9 |
| documentation | 8 |
| area-auth | 6 |
| question | 4 |
| help wanted | 3 |
| P1 | 2 |
| blocked | 2 |
| area-infrastructure | 1 |
| area-tests | 1 |
| needs repro | 1 |
Issues Awaiting Maintainer Response
Sorted by longest wait time first
| Issue | Title | Labels | Comments | Waiting |
|---|---|---|---|---|
| #236 | Pass context from request endpoint to message handler | enhancementneeds confirmation | 2 | 366d |
| #350 | MAUI application create mcp client throw exception:The server shut down unexpectedly. | bug | 5 | 350d |
| #433 | McpServerPrimitiveCollection needs transactions/updates | enhancementneeds confirmation | 0 | 326d |
| #450 | Resource-based authorization on tools | enhancementarea-auth+1 | 0 | 318d |
| #611 | Host several MCP in one ASP.Net application | questionneeds confirmation | 1 | 272d |
| #640 | Dictionary<string, JsonElement> overload for CallToolAsync | enhancement | 0 | 262d |
| #648 | OAuth authentication request fails with MS Entra-ID | ready for work | 4 | 257d |
| #654 | When Absolute Uri passed as McpAuthenticationOptions.ResourceMetadataUri, /.well-known/oauth-protected-resource endpoint returns 404 | bug | 2 | 255d |
| #659 | AspNetCore TestHost client transport | enhancement | 0 | 253d |
| #657 | Release signed binaries in nuget package | enhancement | 0 | 253d |
| #667 | MCP Framework Tool Invocation Fails Based on Method Name Despite Identical Implementation | bug | 2 | 250d |
| #681 | Not able to authenticate MCP Servers | bug | 6 | 246d |
| #684 | Using incorrect oauth-authorization-server endpoint | bugarea-auth+1 | 1 | 245d |
| #689 | ProtectedMcpServer sample doesn't work with VSCode auth flow | bug | 0 | 244d |
| #720 | Passing ACR_VALUES TO Token Endpoint | enhancement | 0 | 232d |
| #730 | SDK Implementation of Authorization is not compatible with the specification. code_challenge_methods_supported is handled incorrectly | bug | 1 | 227d |
| #738 | Server-side keep-alive Scheduler for SSE responses | bug | 0 | 224d |
| #752 | How can a server using the SSE (Server-Sent Events) model over HTTP support additional content like images within the conversational context? | enhancement | 2 | 218d |
| #788 | Passing a malformed body throws a 500 error instead of 400. Very hard to figure out what is incorrect in the request being issued by the caller | bug | 0 | 204d |
| #812 | Support PRM subpaths per RFC 9728 (multiple resources per host) | enhancement | 0 | 199d |
| #842 | OAuth Flow not working for Atlassian MCP and Github MCP | bug | 4 | 182d |
| #887 | Scopes not forwarded to DCR endpoint and duplication of RedirectUris | bug | 0 | 175d |
| #917 | Support externally sourced JWT in Auth header from MCP client | enhancement | 2 | 168d |
| #932 | Transfer-Encoding=Chunked causes issues with locally run Azure Functions | bug | 0 | 160d |
| #964 | 403 error with Authorization Bearer | needs confirmation | 2 | 146d |
| #1026 | Provide an example of how to connect telemetry with Application Insights | enhancement | 1 | 135d |
| #1052 | Practical OAuth implementation for production | documentationhelp wanted+2 | 0 | 127d |
| #1119 | OAuth Resource URI Validation Too Strict - Fails When MCP Server Uses Subpath | bug | 0 | 108d |
| #1126 | Request for Sample: ASP.NET Core MCP Client with One Persisted Connection Per User Session | documentationhelp wanted+1 | 5 | 101d |
| #1132 | Streamable HTTP transport doesn't correctly handle empty response | bugneeds confirmation | 1 | 92d |
| #1150 | Allow JsonSerializerOptions without TypeInfoResolver | bug | 0 | 84d |
| #1166 | Github copilot not setting bearer token on acces to tools. | bug | 2 | 80d |
| #1172 | Support using WithStreamServerTransport for multiple in-process mcp servers | bug | 0 | 77d |
| #1216 | Version-Based Tool Registration for MCP Server | enhancement | 0 | 69d |
| #1236 | Specified ClientOAuthOptions.Scopes are ignored | bugarea-auth+1 | 1 | 66d |
| #1314 | Custom filters | enhancementready for work+1 | 0 | 49d |
| #1389 | Sample: stdio-to-HTTP bridge for AI clients that only support stdio transport | documentationenhancement | 0 | 43d |
| #1413 | Export Control Classification Number for these packages? | documentationquestion | 0 | 34d |
| #1434 | CreateOutputSchema wraps non-object schemas without rewriting internal $ref pointers | bugP2 | 0 | 25d |
| #1446 | [Auth] OAuth proxy / DCR facade for non-DCR providers (e.g. Entra ID + Claude Code) | enhancement | 1 | 22d |
| #1470 | McpClient.CreateAsync times out behind APIM in .NET SDK while MCP Inspector/Azure AI Foundry succeed | bugP2 | 0 | 13d |
| #1480 | Tool returning McpTask is double-wrapped when client sends task-augmented request | bugready for work+1 | 0 | 9d |
| #1487 | Authorization Server & Protected Resource Metadata inspection | enhancement | 0 | 8d |
| #1494 | [Documentation request] Authentication architecture suggestions | documentationenhancement | 2 | 7d |
Volume
Open Issues
↑
14.29%16
Opened
—2
last 7 days
Opened
—3
last 30 days
Opened
—17
last 90 days
Closed
—0
last 7 days
Closed
—1
last 30 days
Closed
—8
last 90 days
Response Time
Time to first maintainer response
Average
—5d
Median
—2d
P90
—11d
P95
—16d
Stale Issues
Issues with no activity
Stale
↑
22.22%11
>30 days
Stale
—6
>60 days
Stale
—2
>90 days
Reopen Rate
—100%
Issues by Label
| Label | Count |
|---|---|
| enhancement | 5 |
| bug | 3 |
Issues Awaiting Maintainer Response
Sorted by longest wait time first
| Issue | Title | Labels | Comments | Waiting |
|---|---|---|---|---|
| #151 | tier-check: support monorepos with multiple SDK packages | (unlabeled) | 0 | 53d |
| #150 | github actions running error | bug | 0 | 53d |
| #182 | tier-check reports 0/30 server conformance despite all tests passing | (unlabeled) | 0 | 35d |
| #208 | Add positive tests for the Authorization Code Grant | enhancement | 2 | 6d |
| #207 | Add check for PKCE of authorization server metadata | enhancement | 1 | 6d |