From 3c2d74f39a6ff005cd4a93bc5f2c298ccc609e94 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Han?= Date: Wed, 3 Dec 2025 17:38:56 +0100 Subject: [PATCH] chore: bump mcp package version (#4287) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit # What does this PR do? Address https://github.com/modelcontextprotocol/python-sdk/security/advisories/GHSA-9h52-p55h-vw2f Signed-off-by: Sébastien Han --- src/llama_stack/providers/registry/agents.py | 2 +- src/llama_stack/providers/registry/tool_runtime.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/llama_stack/providers/registry/agents.py b/src/llama_stack/providers/registry/agents.py index 22bb45faf..01dacdd4e 100644 --- a/src/llama_stack/providers/registry/agents.py +++ b/src/llama_stack/providers/registry/agents.py @@ -23,7 +23,7 @@ def available_providers() -> list[ProviderSpec]: "pillow", "pandas", "scikit-learn", - "mcp>=1.8.1", + "mcp>=1.23.0", ] + kvstore_dependencies(), # TODO make this dynamic based on the kvstore config module="llama_stack.providers.inline.agents.meta_reference", diff --git a/src/llama_stack/providers/registry/tool_runtime.py b/src/llama_stack/providers/registry/tool_runtime.py index d34312353..a4215fc01 100644 --- a/src/llama_stack/providers/registry/tool_runtime.py +++ b/src/llama_stack/providers/registry/tool_runtime.py @@ -80,7 +80,7 @@ def available_providers() -> list[ProviderSpec]: provider_type="remote::model-context-protocol", module="llama_stack.providers.remote.tool_runtime.model_context_protocol", config_class="llama_stack.providers.remote.tool_runtime.model_context_protocol.config.MCPProviderConfig", - pip_packages=["mcp>=1.8.1"], + pip_packages=["mcp>=1.23.0"], provider_data_validator="llama_stack.providers.remote.tool_runtime.model_context_protocol.config.MCPProviderDataValidator", description="Model Context Protocol (MCP) tool for standardized tool calling and context management.", ),