chore(deps): update rust crate rmcp to v1.6.0

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
rmcp	dependencies	minor	1.2.0 → 1.6.0

---

Release Notes

modelcontextprotocol/rust-sdk (rmcp)

v1.6.0

Compare Source

Added

• (http) log Host/Origin rejections (#​826)
• (http) add Origin header validation (#​823)
• (router) support runtime disabling of tools (#​809)
• optional session store (resumabillity support) (#​775)

Fixed

• add init_timeout for streamable-http sessions (#​811)
• (http) fall back to :authority for HTTP/2 (#​827)
• (docs) use correct Parameters syntax in tool examples (#​814)

Other

• add systemprompt-template to Built with rmcp (#​820)

v1.5.0

Compare Source

Added

• (transport) add constructors for non_exhaustive error types (#​806)
• add 2025-11-25 protocol version support (#​802)

Fixed

• treat resource metadata JSON parse failure as soft error (#​810)
• include http_request_id in request-wise priming event IDs (#​799)
• (http) drain SSE stream for connection reuse (#​790)

Other

• (deps) update which requirement from 7 to 8 (#​807)

v1.4.0

Compare Source

Added

• add Default and constructors to ServerSseMessage (#​794)
• add meta to elicitation results (#​792)
• (macros) auto-generate get_info and default router (#​785)
• (transport) add which_command for cross-platform executable resolution (#​774)
• (auth) add StoredCredentials::new() constructor (#​778)

Fixed

• (server) remove initialized notification gate to support Streamable HTTP (#​788)
• default session keep_alive to 5 minutes (#​780)
• (http) add host check (#​764)
• exclude local feature from docs.rs build (#​782)

Other

• update Rust toolchain to 1.92 (#​797)
• unify IntoCallToolResult Result impls (#​787)

v1.3.0

Compare Source

Added

• (transport) add Unix domain socket client for streamable HTTP (#​749)
• (auth) implement SEP-2207 OIDC-flavored refresh token guidance (#​676)
• add configuration for transparent session re-init (#​760)
• add local feature for !Send tool handler support (#​740)

Fixed

• prevent CallToolResult and GetTaskPayloadResult from shadowing CustomResult in untagged enums (#​771)
• drain in-flight responses on stdin EOF (#​759)
• remove default type param from StreamableHttpService (#​758)
• use cfg-gated Send+Sync supertraits to avoid semver break (#​757)
• (rmcp) surface JSON-RPC error bodies on HTTP 4xx responses (#​748)
• default CallToolResult content to empty vec on missing field (#​752)
• (auth) redact secrets in Debug output for StoredCredentials and StoredAuthorizationState (#​744)

Other

• fix all clippy warnings across workspace (#​746)

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[claude]

Review

CI: Clippy check is failing. The CI shows the Clippy job failed after upgrading rmcp to 1.3.0. This must be resolved before merging.

Root cause to investigate: rmcp 1.3.0 includes a fix titled 'remove default type param from StreamableHttpService'. The project uses StreamableHttpService::new(...) in src/lib.rs:143 without an explicit type annotation, relying on type inference. Removing a default type parameter can break inference at call sites and may require an explicit type annotation.

Cargo.toml/Cargo.lock mismatch: Cargo.toml still declares rmcp version 1.2.0 while Cargo.lock now resolves to 1.3.0. Technically valid (Cargo treats 1.2.0 as >=1.2.0, <2.0.0), but the minimum version specifier should be updated to 1.3.0 to match the resolved version and prevent unexpected downgrades.

Action required: Fix the Clippy failure (likely by adding an explicit type parameter to the StreamableHttpService::new call in src/lib.rs) and update Cargo.toml to version = "1.3.0".

[claude]

rmcp 1.3.0 includes "remove default type param from StreamableHttpService" which can break type inference at call sites using StreamableHttpService::new(...) without an explicit type parameter. The Clippy CI job is failing — check if src/lib.rs:143 needs an explicit type annotation after this upgrade.

[claude]

Review (rmcp 1.2.0 → 1.4.0)

CI is still failing: Clippy and Tests both fail. The issues identified in the previous review remain unresolved.

Blocking issues

Clippy/compile failure — rmcp 1.3.0 removed the default type parameter from StreamableHttpService. The call in src/lib.rs:143 relies on type inference that may no longer resolve without an explicit annotation. Until CI passes, this is not mergeable.

Cargo.toml version specifier not updated — Cargo.toml still declares rmcp = { version = "1.2.0", ... } while the lock file resolves to 1.4.0. Update it to "1.4.0" to pin the minimum to what is actually used and prevent accidental downgrades.

Notes

The 1.3.0 and 1.4.0 releases include two positive security fixes:

• Secret redaction in Debug output (1.3.0): StoredCredentials and StoredAuthorizationState no longer leak secrets via {:?}.
• HTTP host header check (1.4.0): Adds DNS-rebinding protection to the Streamable HTTP server.

Once the Clippy/build failure is fixed and Cargo.toml is updated to "1.4.0", this update is safe to merge.

[claude]

Review: rmcp 1.2.0 → 1.5.0

Lock-file-only bump — no source changes. Code inspection against the release notes across all three skipped minor versions:

v1.3.0 — remove default type param from StreamableHttpService
The call at src/lib.rs:143 uses StreamableHttpService::new(...) without an explicit type parameter. The factory closure returns a concrete ImapMcpServer, so Rust's type inference should resolve this without annotation. This is the highest-risk change in the batch; a cargo build run in CI is the only way to confirm it doesn't break.

v1.4.0 — add host check
StreamableHttpService now validates the Host request header. The config at src/lib.rs:137–141 uses ..Default::default(), so any new allowed_hosts-style field will take its default value. If the default is restrictive rather than permissive, requests behind a reverse proxy (where Host differs from the origin) may start failing at runtime after the upgrade. Worth validating in a staging/dev environment before merging to production.

All other changes (transport constructors, session keep-alive, protocol version 2025-11-25 support, error body surfacing on 4xx) are additive and don't touch code paths used here.

No compile failures or logic errors were identified by static analysis. Recommend confirming CI passes before merge.

[claude]

Code Review

This Renovate-generated PR updates rmcp from 1.2.0 → 1.6.0 via a Cargo.lock-only change.

Summary

The diff is exclusively Cargo.lock changes — no source code or Cargo.toml modifications. The version constraint in Cargo.toml remains "1.2.0" (which Cargo resolves as ^1.2.0, so 1.6.0 is within range). CI runs cargo fmt, cargo clippy -D warnings, and cargo test, so a passing CI run validates compilation compatibility.

One behavioral change worth verifying

Origin header validation added in v1.6.0 (#823, #826): rmcp now validates HTTP Origin and Host headers on incoming Streamable HTTP connections and logs rejections. The project uses the transport-streamable-http-server feature, so this validation is active.

If the MCP server receives requests from clients whose Origin doesn't match the expected host, connections will be rejected silently from the client's perspective. The existing tests use stdio/in-process transports (not HTTP), so this new gate isn't exercised by CI. Worth a manual smoke-test of the Streamable HTTP transport after merging.

No issues found with

• API compatibility: The rmcp authors explicitly note "use cfg-gated Send+Sync supertraits to avoid semver break" in v1.3.0 — the public API surface used by this project (tool, tool_router, tool_handler macros, CallToolResult, ServerHandler) is unchanged.
• The transitive windows-sys shift (0.61.2 → 0.52.0 in mio/rustix/tempfile) is expected and both versions continue to coexist in the lock file for other dependents.

[claude]

Review: rmcp 1.2.0 → 1.6.0

Clean dependency upgrade. All API-breaking changes from the four minor versions are correctly adapted.

src/lib.rs — StreamableHttpServerConfig migrated from struct-literal to the new builder API (.with_stateful_mode() / .with_json_response()). Correct.

src/mcp.rs — tool_router: ToolRouter<Self> field removed from struct and constructor. This is correct: rmcp v1.4.0 added auto-generation of the router via the #[tool_router] macro, so the field is no longer needed. The macro attributes on the impl block and ServerHandler impl are still in place and sufficient.

Security improvement (positive): v1.4.0 and v1.6.0 add Host and Origin header validation for the streamable-HTTP transport — a meaningful CSRF/confused-deputy mitigation this server gains for free.

Transitive windows-sys shift (0.61.2 → 0.52.0): Cargo resolver aligning several crates to a single older version; no functional impact on Linux/macOS targets.

No CLAUDE.md violations, no suppressed errors introduced, no high-signal issues. LGTM.