Skip to content

AnythingMCP

v0.1.17 Breaking

This release includes 2 breaking changes for platform teams planning a safe upgrade.

Published 1mo MCP Developer Tools
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

ai-agents anthropic api-gateway api-to-mcp chatgpt claude
+14 more
database gemini graphql llm-tools mcp mcp-gateway mcp-middleware mcp-proxy mcp-server model-context-protocol openapi rest self-hosted soap

Affected surfaces

auth breaking_upgrade

Summary

AI summary

Users can self‑delete accounts and org admins can delete organizations, both requiring confirmation and handling cascade cleanup.

Full changelog

What's new

  • Account self-delete — Users can now delete their own account from /settings (Danger Zone). Requires password confirmation + typing DELETE. Audit logs are preserved without identifying information; OAuth artifacts and active MCP API keys are revoked atomically.
  • Organization delete — Org admins can delete the entire organization from /settings/organization (Danger Zone). Requires typing the org name. Cascade-removes all members, connectors, MCP servers, API keys, custom roles, invitations, and settings.

Behavior details

  • Sole-admin guardrail: self-delete is blocked when the user is the only admin of an org with other members; the dialog lists which orgs need attention.
  • Sole-occupant cleanup: orgs where the deleting user is the only member are removed in the same transaction.
  • Orphan migration: when an org is deleted, other members whose cached active org pointed to it are migrated to their oldest remaining membership; if none, their organizationId becomes null and the next request auto-resyncs.
  • Last-org safety net: deleting your last org auto-creates a fresh Personal Workspace and reissues a JWT, so admins are never stranded without a workspace.

Migration

User.organizationId is now nullable with onDelete: SetNull. Apply the included Prisma migration before deploying:

npm run db:migrate

Breaking Changes

  • User.organizationId column now nullable (onDelete: SetNull) – requires Prisma migration before deployment
  • Self‑delete blocked when user is sole admin of an org with other members; dialog lists affected orgs
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track AnythingMCP

Get notified when new releases ship.

Sign up free

About AnythingMCP

All releases →

Related context

Beta — feedback welcome: [email protected]