Sourced from fastmcp's releases.

v3.2.4: Patch Me If You Can

A grab bag of fixes, hardening, and polish.

The headline behavior change: background tasks are now scoped to the authorization context rather than the MCP session, so a task kicked off by an authenticated user survives session churn and stays tied to who started it. This is a breaking change for anyone relying on the old session-scoped semantics.

Security got three meaningful upgrades. FileUpload now validates actual decoded base64 size instead of trusting the client-reported number, so an attacker can't claim "10 bytes" and deliver 10MB. The proxy client stops forwarding inbound HTTP headers to unrelated remote servers — previously a header meant for server A could leak to server B. And AuthKit now auto-binds token audience to the resource URL per RFC 8707, closing a token-reuse gap across MCP resources.

Schema handling had a rough-edges pass. json_schema_to_type no longer crashes on Python keywords, boolean schemas, empty enums, or name collisions, and we added a 232K-schema crash test from APIs.guru to keep it honest. Gemini 2.5 Flash compatibility is fixed by stripping title fields the model rejects. Parameter descriptions are now extracted from docstrings automatically, so your tool signatures document themselves.

Plus a Keycloak OAuth provider for enterprise auth, improvements to ctx.elicit() (new response_title/response_description, deprecation warning when called without response_type), and dozens of smaller fixes across transforms, retry middleware, resource templates, and client disconnect handling.

What's Changed

Breaking Changes ⚠️

• Scope tasks to authorization context, not session by @​chrisguidry in PrefectHQ/fastmcp#3800

Enhancements ✨

• Bump pydocket>=0.19.0, drop fakeredis pin by @​chrisguidry in PrefectHQ/fastmcp#3822
• Add real-world schema crash test (232K schemas from APIs.guru) by @​strawgate in PrefectHQ/fastmcp#3826
• Enable 7 zero-violation ruff rules by @​strawgate in PrefectHQ/fastmcp#3841
• Promote 7 ty rules from ignore to warn by @​strawgate in PrefectHQ/fastmcp#3852
• Replace ___ with hash-based backend tool routing and per-tool prefab resources by @​jlowin in PrefectHQ/fastmcp#3824
• Enable 4 ruff rules (DTZ, ERA, ISC, INP) and fix 9 violations by @​strawgate in PrefectHQ/fastmcp#3842
• Extract parameter descriptions from docstrings by @​jlowin in PrefectHQ/fastmcp#3872
• ci: speed up schema crash test (CSafeLoader + xdist-safe aggregation) by @​jlowin in PrefectHQ/fastmcp#3873
• test: bump OpenAPI init perf threshold to 200ms for Windows CI by @​jlowin in PrefectHQ/fastmcp#3879
• refactor: unify object-schema conversion through _object_schema_to_type by @​jlowin in PrefectHQ/fastmcp#3884
• Add Keycloak OAuth Provider for Enterprise Authentication and local dev by @​stephaneberle9 in PrefectHQ/fastmcp#1937
• Allow auth providers to override protected resource base URLs by @​aaazzam in PrefectHQ/fastmcp#3900
• Enable PERF and T20 ruff rules by @​strawgate in PrefectHQ/fastmcp#3845
• Add response_title and response_description to ctx.elicit() by @​jlowin in PrefectHQ/fastmcp#3912
• Deprecate ctx.elicit() without response_type by @​jlowin in PrefectHQ/fastmcp#3916

Security 🔒

• Validate actual base64 data size in FileUpload, not client-reported size by @​strawgate in PrefectHQ/fastmcp#3816
• Stop forwarding inbound HTTP headers to unrelated remote servers by @​jlowin in PrefectHQ/fastmcp#3837
• AuthKit: auto-bind token audience to resource URL (RFC 8707) by @​jlowin in PrefectHQ/fastmcp#3905

Fixes 🐞

• Version-check is_docket_available() to avoid transitive pydocket crash by @​jlowin in PrefectHQ/fastmcp#3807
• fix: materialize generators before result conversion, handle bytes gracefully by @​strawgate in PrefectHQ/fastmcp#3830
• Fix json_schema_to_type crashes on keywords, boolean schemas, empty enums, and name collisions by @​strawgate in PrefectHQ/fastmcp#3818
• fix: replace or with is not None checks for config/override merging by @​strawgate in PrefectHQ/fastmcp#3833
• fix: TransformedTool sync fn crash and schema mutation by @​strawgate in PrefectHQ/fastmcp#3823
• fix: cross-provider duplicate detection, error visibility, mask propagation by @​strawgate in PrefectHQ/fastmcp#3827
• fix: don't pass HTTP kwargs when transport is unspecified by @​strawgate in PrefectHQ/fastmcp#3838
• fix: strip title fields from tool schemas for Gemini 2.5 Flash compatibility by @​strawgate in PrefectHQ/fastmcp#3861
• fix: retry when LLM returns text instead of calling final_response by @​strawgate in PrefectHQ/fastmcp#3850
• Raise on unhandled content types in sampling handler dispatch chains by @​strawgate in PrefectHQ/fastmcp#3857
• Fix broken code examples in docs by @​strawgate in PrefectHQ/fastmcp#3869
• fix: GoogleGenaiSamplingHandler leaks thought parts and gives unhelpful errors on empty responses by @​strawgate in PrefectHQ/fastmcp#3849

... (truncated)

• 7d76074 Stop pydantic 2.13 from leaking _WrappedResult docstring into tool output sch...
• b732a4a Overhaul apps docs (#3915)
• 5c2ff1b chore: Update SDK documentation (#3914)
• f4f2ec0 Deprecate ctx.elicit() without response_type (#3916)
• 338b80c chore(deps): bump the uv group across 2 directories with 1 update (#3913)
• 110cd3a Add response_title and response_description to ctx.elicit() (#3912)
• 3117846 chore: Update SDK documentation (#3909)
• 031c7e0 Fix RetryMiddleware not retrying tool errors (#3858)
• 200d79e Enable PERF and T20 ruff rules (#3845)
• 82f310f AuthKit: auto-bind token audience to resource URL (RFC 8707) (#3905)
• Additional commits viewable in compare view