Sourced from mcp's releases.

v1.10.0

🚀 Implementation for Spec revision 2025-06-18

• feat: implement MCP-Protocol-Version header requirement for HTTP transport by @​felixweinberger in modelcontextprotocol/python-sdk#898
• Rename ResourceReference to ResourceTemplateReference by @​ihrpr in modelcontextprotocol/python-sdk#947
• feat: add _meta to more objects by @​felixweinberger in modelcontextprotocol/python-sdk#963
• Include context into completions by @​ihrpr in modelcontextprotocol/python-sdk#966
• Add support for Elicitation by @​ihrpr in modelcontextprotocol/python-sdk#625
• Update _meta usage guidance in types by @​ihrpr in modelcontextprotocol/python-sdk#971
• Add title to tools, resources, prompts by @​felixweinberger in modelcontextprotocol/python-sdk#972
• Add resource Link by @​ihrpr in modelcontextprotocol/python-sdk#974
• MCP server separation into Authorization Server (AS) and Resource Server (RS) roles per spec PR #338 by @​ihrpr in modelcontextprotocol/python-sdk#982
• RFC 8707 Resource Indicators Implementation by @​ihrpr in modelcontextprotocol/python-sdk#991
• Fix /.well-known/oauth-authorization-server dropping path by @​ihrpr in modelcontextprotocol/python-sdk#1014
• Make "resource" optional on earlier protocols by @​dr3s in modelcontextprotocol/python-sdk#1017
• Add schema validation to lowlevel server by @​bhosmer-ant in modelcontextprotocol/python-sdk#1005
• feat: Add structured output support for tool functions by @​bhosmer-ant in modelcontextprotocol/python-sdk#993
• Update latest protocol version to 2025-06-18 by @​ihrpr in modelcontextprotocol/python-sdk#1036

Other changes

• set timeout for sse in httpx_client_factory by @​ihrpr in modelcontextprotocol/python-sdk#943
• clean-up: removed unused ci file by @​DarkDk123 in modelcontextprotocol/python-sdk#950
• ci: add timeout on the test job by @​Kludex in modelcontextprotocol/python-sdk#955
• Fix uncaught exception in MCP server by @​ddworken in modelcontextprotocol/python-sdk#967
• Allow longer duration in test_188_concurrency by @​msabramo in modelcontextprotocol/python-sdk#969
• Add support for DNS rebinding protections by @​ddworken in modelcontextprotocol/python-sdk#861
• Fix Windows subprocess NotImplementedError (STDIO clients) by @​theailanguage in modelcontextprotocol/python-sdk#596
• Remove github from auth examples by @​ihrpr in modelcontextprotocol/python-sdk#1011
• refactor: rename DummyProcess to FallbackProcess in Windows stdio by @​felixweinberger in modelcontextprotocol/python-sdk#1015
• ci: add --frozen flag to all uv commands in workflows by @​dsp-ant in modelcontextprotocol/python-sdk#970
• unpin jsonschema version by @​ihrpr in modelcontextprotocol/python-sdk#1037

New Contributors 🙏

• @​DarkDk123 made their first contribution in modelcontextprotocol/python-sdk#950
• @​msabramo made their first contribution in modelcontextprotocol/python-sdk#969
• @​theailanguage made their first contribution in modelcontextprotocol/python-sdk#596

Full Changelog: https://github.com/modelcontextprotocol/python-sdk/compare/v1.9.4...v1.10.0

• dced223 Remove frozen from build (#1040)
• 0323831 unpin jsonschema version (#1037)
• 4b65963 Update latest protocol version to 2025-06-18 (#1036)
• 43bb24f feat: Add structured output support for tool functions (#993)
• c8bbfc0 Add schema validation to lowlevel server (#1005)
• 0b11bdb ci: add --frozen flag to all uv commands in workflows (#970)
• 41f3bc3 Make "resource" optional on earlier protocols (#1017)
• 4d45bb8 refactor: rename DummyProcess to FallbackProcess in Windows stdio (#1015)
• 6747688 Fix /.well-known/oauth-authorization-server dropping path (#1014)
• ce007de Remove github from auth examples (#1011)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.