This release includes breaking changes for platform teams planning a safe upgrade.
✓ No known CVEs patched in this version
Topics
Summary
AI summaryFixed prompt pagination cursor handling and ZodNumber empty-string coercion, preventing crashes from file watcher errors.
Full changelog
Fixed
- Empty-string coercion for ZodNumber fields in prompt args now correctly rejects instead of silently producing 0
- Prompt pagination cursor gracefully handles removed entries between pages (no more restart from page 1)
- isToolResponse type guard now verifies content element structure, preventing domain objects from bypassing MVA pipeline
- Flat-mode tool dispatch reuses compiled exposition instead of double-compiling per call
- CJS hot-reload now propagates through transitive dependency chains
- File watcher error handler prevents unhandled filesystem errors from crashing the process
- Exported resetXStateCache() for test environments to re-trigger xstate dynamic import
28 new regression tests | 4573 total tests passing | 0 regressions
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About vinkius-labs/mcp-fusion
A TypeScript framework for building production-ready MCP servers with automatic tool discovery, multi-transport support (stdio/SSE/HTTP), built-in validation, and zero-config setup.
Related context
Related tools
Beta — feedback welcome: [email protected]