v0.17.0

What's New

• MCP Client crate - New pulseengine-mcp-client for connecting to MCP servers
• Simplified README - Cleaner docs showcasing macro-based API

Closes #89

Validation Results

✅ All validation tests passed
✅ Python SDK compatibility verified
✅ JSON-RPC 2.0 compliant
✅ MCP protocol compliant

v0.16.0 - Bidirectional Communication

🎉 Bidirectional Communication Support

This release adds full support for server-to-client communication, enabling tools to send notifications and make requests to clients during execution.

✨ New Features

ToolContext Trait

Tools can now communicate with clients using the ToolContext trait:

• send_log() - Send logging notifications
• send_progress() - Report progress updates
• request_sampling() - Request LLM completions from client
• request_elicitation() - Request structured user input

TransportBridge

Transport-agnostic messaging layer that works with any MCP transport (HTTP/SSE, stdio, WebSocket).

Protocol Enhancements

• Audio content type (Content::audio())
• Updated CompleteResult with with_values() constructor
• PromptMessage::new_resource() for embedded resources
• Proper EmbeddedResourceContents support

📦 New Example

• conformance-server - Reference implementation demonstrating all bidirectional features

🔧 API Changes

// Tools can now access context for bidirectional communication
use pulseengine_mcp_server::tool_context::{ToolContext, try_current_context};

async fn my_tool() -> Result<String> {
    if let Some(ctx) = try_current_context() {
        ctx.send_progress(50, Some(100)).await?;
        ctx.send_log(LogLevel::Info, None, json!({"status": "processing"})).await?;
    }
    Ok("Done".to_string())
}

📊 Conformance

Significantly improved MCP conformance test coverage with bidirectional communication support.

Closes

• #87 Implement Server-to-Client Bidirectional Communication

Full Changelog: v0.15.1...v0.16.0

Validation Results

✅ All validation tests passed
✅ Python SDK compatibility verified
✅ JSON-RPC 2.0 compliant
✅ MCP protocol compliant

v0.15.0

test(oauth): add comprehensive OAuth flow integration tests

Added 10 new integration tests for full OAuth 2.1 authorization flow:

Authorization endpoint tests:
- GET /oauth/authorize consent form display
- Invalid response_type validation
- Invalid code_challenge_method validation (S256 required)
- POST user approval with redirect
- POST user denial with access_denied error

Token endpoint tests:
- Full authorization code grant flow with PKCE
- Refresh token flow with token rotation
- Wrong PKCE code_verifier rejection
- Expired authorization code handling
- Wrong redirect_uri validation

These tests exercise both authorize.rs and token.rs OAuth modules
through complete HTTP request/response cycles, improving coverage
of critical OAuth security flows.

v0.14.0: OAuth 2.1 Implementation with Resource Subscriptions

What's New in v0.14.0

This release introduces comprehensive OAuth 2.1 authentication support for MCP servers along with resource subscription capabilities.

OAuth 2.1 Implementation

Complete OAuth 2.1 authorization server implementation with:

• Dynamic Client Registration (RFC 7591) - Automatic client credential provisioning
• Authorization Code Flow with PKCE (RFC 7636) - Mandatory S256 code challenge for enhanced security
• Token Management - Access token and refresh token lifecycle with rotation
• Resource Indicators (RFC 8707) - Multi-resource OAuth support
• Authorization Server Metadata (RFC 8414) - Discovery via .well-known/oauth-authorization-server
• Protected Resource Metadata (RFC 9728) - Resource server discovery

Key features:

• In-memory storage backend (production-ready persistent storage coming soon)
• Axum-based HTTP endpoints for OAuth flows
• Full PKCE validation (no plain method support)
• Refresh token rotation for improved security
• Comprehensive test coverage with 26 integration tests

Resource Subscriptions

Phase 1 & 2 implementation:

• Subscribe/unsubscribe to resource updates
• Notification delivery for subscribed resources
• Full integration with existing resource framework

Test Coverage Improvements

• 26 new OAuth integration tests (basic, endpoints, full flows)
• PKCE validation test coverage
• Storage lifecycle tests
• Authorization and token endpoint integration tests
• Improved overall patch coverage

Bug Fixes

• Fixed _meta field in Tool struct doctest example
• Fixed OAuth doctests compilation errors
• Added inotify dependency for Linux filesystem monitoring
• Fixed Docker validation build to include conformance-tests

Breaking Changes

None - all changes are additive.

Migration Guide

To use OAuth 2.1 authentication in your MCP server:

```rust
use pulseengine_mcp_auth::oauth::{OAuthState, oauth_router};

let oauth_state = OAuthState::new_in_memory();
let router = oauth_router().with_state(oauth_state);
```

See the documentation for complete integration examples.

Full Changelog: v0.13.0...v0.14.0

Validation Results

✅ All validation tests passed
✅ Python SDK compatibility verified
✅ JSON-RPC 2.0 compliant
✅ MCP protocol compliant

v0.13.0 - JSON Serialization Fix

🔧 Breaking Changes

Fixed: mcp_tools macro now uses JSON serialization (#62)

The #[mcp_tools] macro previously used Rust's Debug format ({:?}) instead of JSON serialization, causing tool responses to contain Rust debug format instead of proper JSON. This has been fixed.

Before:

{
  "content": [{
    "type": "text",
    "text": "SearchResult { items: [...] }"
  }]
}

After:

{
  "content": [{
    "type": "text",
    "text": "{\"items\":[...]}"
  }],
  "structured_content": {"items": [...]}
}

📦 Migration Required

Tool return types should implement Serialize trait for optimal JSON output:

#[derive(Debug, Serialize)]  // Add Serialize
struct MyResult {
    data: Vec<String>,
}

#[mcp_tools]
impl MyServer {
    pub fn my_tool(&self) -> MyResult {
        MyResult { data: vec!["item1".to_string()] }
    }
}

Types without Serialize will gracefully fall back to Debug format.

---

✨ What's Changed

mcp-macros

• ✅ Modified generate_error_handling() to use serde_json::to_string() instead of format!("{:?}")
• ✅ Now populates structured_content field per MCP 2025-06-18 specification
• ✅ Graceful fallback to Debug format for types without Serialize trait
• ✅ Added comprehensive test suite (8 tests) covering all scenarios

Testing

• New: json_serialization_test.rs with 8 comprehensive tests
  • Structured types (nested structs, vectors)
  • Result<T, E> return types
  • Simple types (string, number, bool, vector)
  • Verification of structured_content field population
  • Verification that Debug format markers are absent

---

📋 MCP Specification Compliance

This release ensures full compliance with MCP 2025-06-18 specification:

• ✅ Tool responses use proper JSON serialization
• ✅ structured_content field is populated for structured types
• ✅ Both text content and structured_content contain equivalent data

---

📦 Published Crates (v0.13.0)

All workspace crates updated to v0.13.0:

• pulseengine-mcp-protocol - Core MCP protocol types
• pulseengine-mcp-logging - Logging infrastructure
• pulseengine-mcp-auth - Authentication/authorization
• pulseengine-mcp-security - Security middleware
• pulseengine-mcp-security-middleware - Security middleware layer
• pulseengine-mcp-monitoring - Metrics collection
• pulseengine-mcp-transport - Transport layers (stdio/HTTP/WebSocket)
• pulseengine-mcp-cli - CLI framework
• pulseengine-mcp-cli-derive - CLI derive macros
• pulseengine-mcp-server - Server orchestration
• pulseengine-mcp-macros - Procedural macros
• pulseengine-mcp-external-validation - External validation tools

---

🔗 Links

• Issue Fixed: #62
• Pull Request: #63
• Full Changelog: CHANGELOG.md

---

📚 Documentation

See CHANGELOG.md for detailed migration guide and full release notes.

Validation Results

✅ All validation tests passed
✅ Python SDK compatibility verified
✅ JSON-RPC 2.0 compliant
✅ MCP protocol compliant

v0.12.0 - MCP 2025-06-18 Specification Update

What's Changed

MCP 2025-06-18 Protocol Updates

• ✅ Update to MCP 2025-06-18 specification
• ✅ Add NumberOrString type for request IDs
• ✅ Add optional metadata fields (_meta) to Content and CallToolResult
• ✅ Add optional fields (title, annotations, icons) to Tools, Prompts, Resources
• ✅ Update all test assertions to match new protocol types

CI/CD Improvements

• ✅ Fix CI validation (formatting and clippy warnings)
• ✅ Update pre-commit hooks to match CI requirements exactly
• ✅ Add serial_test to prevent flaky env variable test failures
• ✅ All tests pass with new protocol compliance

Breaking Changes

⚠️ Request ID field now uses NumberOrString type instead of Value
⚠️ Protocol structures updated with new optional fields

Installation

cargo add pulseengine-mcp-server@0.12
cargo add pulseengine-mcp-protocol@0.12
cargo add pulseengine-mcp-transport@0.12

Full Changelog: v0.11.0...v0.12.0

Validation Results

✅ All validation tests passed
✅ Python SDK compatibility verified
✅ JSON-RPC 2.0 compliant
✅ MCP protocol compliant

v0.11.0 - MCP 2025-06-18 Specification Update

What's Changed

MCP 2025-06-18 Protocol Updates

• ✅ Update to MCP 2025-06-18 specification
• ✅ Add NumberOrString type for request IDs
• ✅ Add optional metadata fields () to Content and CallToolResult
• ✅ Add optional fields (title, annotations, icons) to Tools, Prompts, Resources
• ✅ Update all test assertions to match new protocol types

CI/CD Improvements

• ✅ Fix CI validation (formatting and clippy warnings)
• ✅ Update pre-commit hooks to match CI requirements exactly
• ✅ All tests pass with new protocol compliance

Breaking Changes

⚠️ Request ID field now uses NumberOrString type instead of Value
⚠️ Protocol structures updated with new optional fields

Installation

cargo add pulseengine-mcp-server
cargo add pulseengine-mcp-protocol
cargo add pulseengine-mcp-transport

Full Changelog: v0.10.0...v0.11.0

Validation Results

✅ All validation tests passed
✅ Python SDK compatibility verified
✅ JSON-RPC 2.0 compliant
✅ MCP protocol compliant

PulseEngine MCP v0.10.1 - Fixed Schema Generation

PulseEngine MCP v0.10.1 - Fixed Schema Generation

🔧 Bug Fixes

• Fixed parameter schema generation regression in v0.10.0 - Resolved issue where parameter schemas were showing empty objects instead of proper JsonSchema-derived schemas
• Dual-pattern parameter support - Now supports both multi-parameter (auto-generated schemas) and JsonSchema struct patterns (rich schemas) seamlessly
• Improved schema validation - Enhanced parameter validation for MCP clients

📦 Published Crates

All framework crates have been published to crates.io:

• pulseengine-mcp-protocol v0.10.1
• pulseengine-mcp-logging v0.10.1
• pulseengine-mcp-auth v0.10.1
• pulseengine-mcp-security v0.10.1
• pulseengine-mcp-security-middleware v0.10.1
• pulseengine-mcp-monitoring v0.10.1
• pulseengine-mcp-transport v0.10.1
• pulseengine-mcp-server v0.10.1
• pulseengine-mcp-macros v0.10.1
• pulseengine-mcp-cli-derive v0.10.1
• pulseengine-mcp-cli v0.10.1

🚀 Pattern Examples

Multi-parameter (Auto-generated schema)

pub fn multi_param_tool(&self, name: String, age: u32, active: bool) -> String {
    format!("Name: {name}, Age: {age}, Active: {active}")
}

JsonSchema struct (Rich schema)

#[derive(Debug, Clone, Serialize, Deserialize, JsonSchema)]
pub struct RichParams {
    /// Required message with description
    pub message: String,
    /// Optional count with validation
    pub count: Option<u32>,
}

pub fn rich_struct_tool(&self, params: RichParams) -> String {
    format!("Message: {}, Count: {:?}", params.message, params.count)
}

🔄 Migration

This is a non-breaking release. Existing code using either pattern will continue to work without changes.

📝 Full Changelog

• Fix schema generation regression from v0.10.0 (#55)
• Implement dual-pattern parameter support
• Add comprehensive test coverage for both patterns
• Update all examples and documentation
• Maintain backward compatibility

🤖 Generated with Claude Code

Co-Authored-By: Claude noreply@anthropic.com

v0.10.0: Parameterized Resources Support

🚀 New Features

Parameterized Resource Support

• 🎯 URI Template Processing: Added support for parameterized resources using URI templates (RFC 6570)
• ⚡ High-Performance Routing: Implemented matchit-based URI routing with radix trie for efficient resource resolution
• 🔧 Automatic Parameter Extraction: Resources can now extract parameters from URIs like timedate://current-time/{timezone}
• 📝 Enhanced Macro Support: Updated #[mcp_resource] attribute to handle parameterized URIs seamlessly

Technical Improvements

• 🛠️ Router Generation: Static router generation with OnceLock for optimal performance
• 🔀 Pattern Matching: Convert URI templates to matchit patterns for precise routing
• ⚙️ Parameter Mapping: Automatic extraction and mapping of URI parameters to method arguments

🐛 Bug Fixes

• ✅ Resource Delegation: Fixed critical bug in mcp_server macro where resources weren't properly delegated
• 🎨 Code Quality: Resolved clippy warnings and formatting issues
• 🔧 Dependency Updates: Added matchit dependency for URI routing

📖 Examples

Resources can now handle dynamic URIs:

#[mcp_resource("timedate://current-time/{timezone}")]
pub async fn get_current_time(&self, timezone: String) -> Result<TimeResponse> {
    // timezone parameter is automatically extracted from the URI
}

🎉 What's Next

• Type-safe parameter conversion (planned for future release)
• Enhanced parameter validation
• Support for complex URI patterns

Full Changelog: v0.9.1...v0.10.0

v0.9.1 - Critical Resource Delegation Fix

v0.9.1 - Emergency Patch Release

This is a critical bug fix release that addresses a fundamental issue with MCP resources in v0.9.0.

Critical Fix

• Resource delegation bug: Fixed the mcp_server macro to properly delegate resource operations to the McpResourcesProvider trait
• Resources are now fully functional and visible in MCP Inspector

What was broken in v0.9.0

The v0.9.0 release introduced a major regression where:

• Resources were advertised in server capabilities but completely non-functional
• The mcp_server macro was not delegating list_resources and read_resource calls to the trait implementation
• This resulted in empty resource lists and "unknown resource" errors for all resource requests

Technical Details

• Modified McpResourcesProvider trait to always be implemented (similar to McpToolsProvider)
• Updated helper methods to properly delegate to trait implementations
• Ensured compilation works for servers without resources defined

Breaking Changes

None - this is a pure bug fix that restores intended functionality.

Upgrade Instructions

Update your Cargo.toml dependencies from 0.9.0 to 0.9.1:

pulseengine-mcp-server = "0.9.1"
pulseengine-mcp-macros = "0.9.1"
# ... other framework crates

Resources that were defined but not working in v0.9.0 will now function correctly.

Note: Parameterized resources still use hardcoded values - this will be addressed in a future release.