Skip to content

Epistates/TurboMCP

v3.1.4 Feature

This release adds 2 notable features for engineering teams evaluating rollout.

Published 25d MCP Developer Tools
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

mcp mcp-client mcp-sdk mcp-server mcp-servers rust

Summary

AI summary

Added Streamable HTTP/SSE server-initiated request support and full resource‑template handling across all layers.

Full changelog

[3.1.4] - 2026-05-08

Patch release: MCP compliance hardening focused on the 2025-11-25 and
2025-06-18 stable protocol surfaces, Streamable HTTP/SSE bidirectionality,
resource template fidelity, version adaptation, and regression coverage.

Added

  • Streamable HTTP/SSE server-initiated request support — initialized HTTP
    sessions now attach an McpSession to request contexts, so
    ctx.sample(...), ctx.elicit_form(...), ctx.elicit_url(...), and
    ctx.notify_client(...) can send JSON-RPC requests or notifications over SSE
    and correlate client POSTed responses back to the original handler.
  • resources/templates/list support across server, client, macros, and
    proxy paths     — handlers, routing, generated servers, backend introspection,
    and proxy forwarding now expose resource templates as first-class MCP
    resources rather than dropping or flattening them.
  • Stable schema/method parity regression coverage — server tests now compare
    supported version-adapter methods directly against the embedded stable MCP
    schemas to catch missing method wiring during future spec updates.

Changed

  • Protocol negotiation is explicit for stable versions — 2025-11-25 remains
    the preferred stable version, while 2025-06-18 compatibility is retained
    through version adapters that strip newer response fields where required.
  • Release-facing metadata now targets 3.1.4 — workspace manifests, internal
    crate dependency pins, lockfile entries, install snippets, README examples,
    and package-facing migration docs identify the patch release consistently.

Fixed

  • HTTP/SSE sampling, elicitation, and roots flows no longer time out after
    valid client responses     — client JSON-RPC responses posted with the active
    Mcp-Session-Id resolve pending server-initiated requests immediately,
    including rejected sampling responses.
  • Normal POST-only HTTP clients remain compatible — ordinary client-to-server
    JSON-RPC requests continue to work without requiring an SSE subscriber or
    server-initiated request handling.
  • Client resource template APIs preserve full metadataResourceTemplate
    responses retain uriTemplate, name, title, description, mimeType,
    icons, annotations, and _meta instead of reducing templates to strings.
  • Proxy resource template forwarding preserves backend data — proxy
    introspection and resources/templates/list forwarding now keep template
    metadata intact and emit the spec field name resourceTemplates.

Full Changelog: https://github.com/Epistates/turbomcp/compare/v3.1.3...v3.1.4

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track Epistates/TurboMCP

Get notified when new releases ship.

Sign up free

About Epistates/TurboMCP

TurboMCP SDK: Enterprise MCP SDK in Rust

All releases →

Related context

Beta — feedback welcome: [email protected]