fix(deps): update dependency fastmcp to v2.14.0 [security]

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
fastmcp	==2.13.0.2 → ==2.14.0

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

FastMCP updated to MCP 1.23+ due to CVE-2025-66416

GHSA-rcfx-77hg-w2wv

More information

Details

There was a recent CVE report on MCP: https://nvd.nist.gov/vuln/detail/CVE-2025-66416.

FastMCP does not use any of the affected components of the MCP SDK directly. However, FastMCP versions prior to 2.14.0 did allow MCP SDK versions <1.23 that were vulnerable to CVE-2025-66416. Users should upgrade to FastMCP 2.14.0 or later.

Severity

High

References

• https://github.com/jlowin/fastmcp/security/advisories/GHSA-rcfx-77hg-w2wv
• https://github.com/modelcontextprotocol/python-sdk/security/advisories/GHSA-9h52-p55h-vw2f
• https://nvd.nist.gov/vuln/detail/CVE-2025-66416
• https://github.com/advisories/GHSA-rcfx-77hg-w2wv

This data is provided by the GitHub Advisory Database (CC-BY 4.0).

---

Release Notes

PrefectHQ/fastmcp (fastmcp)

v2.14.0: : Task and You Shall Receive

Compare Source

FastMCP 2.14 begins adopting the MCP 2025-11-25 specification, headlined by protocol-native background tasks that let long-running operations report progress without blocking clients. This release also graduates the OpenAPI parser to standard, adds first-class support for several new spec features, and removes deprecated APIs accumulated across the 2.x series.

Background Tasks (SEP-1686)

Long-running operations (like tool calls) normally block MCP clients until they complete. The new MCP background task protocol (SEP-1686) lets clients start operations, track progress, and retrieve results without blocking. For FastMCP users, taking advantage of this new functionality is as easy as adding task=True to any async decorator. Under the hood, it's powered by Docket, the enterprise task scheduler at the heart of Prefect Cloud that handles millions of concurrent tasks every day.

from fastmcp import FastMCP
from fastmcp.dependencies import Progress

mcp = FastMCP("MyServer")

@​mcp.tool(task=True)
async def train_model(dataset: str, progress: Progress = Progress()) -> str:
    await progress.set_total(100)
    for epoch in range(100):
        # ... training work ...
        await progress.increment()
    return "Model trained successfully"

Clients that call this tool in task-augmented mode (for FastMCP clients, that merely means another task=True!) receive a task ID immediately, poll for progress updates, and fetch results when ready. Background tasks work out-of-the-box with an in-memory backend, and users can optionally provide a Redis URL for persistence, horizontal scaling, and single-digit millisecond task pickup latency. When using Redis, users can also add additional Docket workers to scale out their task processing.

Read the docs here!

OpenAPI Parser Promotion

The experimental OpenAPI parser graduates to standard. The new architecture delivers improved performance through single-pass schema processing and cleaner internal abstractions. Existing code works unchanged; users of the experimental module should update their imports.

MCP 2025-11-25 Spec Support

This release begins adopting the MCP 2025-11-25 specification. Beyond the core SDK updates, FastMCP adds first-class developer experiences for:

• SEP-1686: Background tasks with progress tracking
• SEP-1699: SSE polling and event resumability, with full AsyncKeyValue support
• SEP-1330: Multi-select enum elicitation schemas
• SEP-1034: Default values for elicitation schemas
• SEP-986: Tool name validation at registration time

As the MCP SDK continues to adopt more of the specification, FastMCP will add corresponding high-level APIs.

Breaking Changes & Cleanup

This release removes deprecated APIs accumulated across the 2.x series: BearerAuthProvider, Context.get_http_request(), the dependencies parameter, legacy resource prefix formats, and several deprecated methods. The upgrade guide provides migration paths for each.

What's Changed

New Features 🎉

• Switch to new OpenAPI parser as default by @​jlowin in jlowin#2513
• [2.14] SEP-1686 tasks by @​chrisguidry in jlowin#2378

Enhancements 🔧

• Expose InitializeResult to middleware by @​jlowin in jlowin#2516
• [2.14] Update for MCP SDK auth changes by @​chrisguidry in jlowin#2507
• Validate tool names at registration time (SEP-986) by @​jlowin in jlowin#2540
• Deflake GitHub MCP remote integration tests by @​chrisguidry in jlowin#2543
• Add SEP-1034 default values support for elicitation by @​jlowin in jlowin#2545
• Improve rate limit detection for integration tests by @​chrisguidry in jlowin#2550
• Reduce Marvin Test Failure noise by @​strawgate in jlowin#2553
• [SEP-1686] Raise ValueError when sync functions have task=True by @​jlowin in jlowin#2554
• refactor: move task attribute to function-based variants only [SEP-1686] by @​jlowin in jlowin#2560
• Fix type errors for ty 0.0.1-alpha.31 upgrade by @​jlowin in jlowin#2561
• Add regression tests for functools.wraps + Context (#​2524) by @​jlowin in jlowin#2566
• Update VersionBadge to use Mintlify native Badge component by @​jlowin in jlowin#2571
• Add TaskConfig for SEP-1686 execution modes by @​jlowin in jlowin#2570
• Add execution field to base Tool class by @​chrisguidry in jlowin#2576
• SEP-1699: Add SSE polling support with EventStore by @​jlowin in jlowin#2564
• SEP-1330 enum schema support by @​jlowin in jlowin#2549
• Expose get_session_id callback by @​mathewjhan in jlowin#2486
• Remove TaskConfig and client from root exports by @​jlowin in jlowin#2580
• Remove overly restrictive MIME type validation from Resource by @​jlowin in jlowin#2585
• feat: handle error from the initialize middleware by @​tonyxwz in jlowin#2531
• Remove tests/test_examples.py by @​jlowin in jlowin#2593

Fixes 🐞

• Fix RFC 8414 path-aware authorization server metadata discovery by @​jlowin in jlowin#2533
• Make fastapi.cli a runnable package by @​paulo-raca in jlowin#2532
• Move TokenHandler to OAuthProvider for consistent OAuth error codes by @​jlowin in jlowin#2538
• Update FastMCP server documentation link by @​sskim91 in jlowin#2529
• Fix: Include signature modification in create_function_without_params by @​AidanAllchin in jlowin#2563
• add client kwargs to proxy clients and meta to proxy tool calls by @​cegersdoerfer in jlowin#2520
• Prefix Docket function names to avoid collisions in multi-mount setups by @​chrisguidry in jlowin#2575
• Fix OAuth client to preserve full URL path for metadata discovery by @​jlowin in jlowin#2577
• Do not run windows tests in parallel by @​jlowin in jlowin#2579
• Fix proxy tool result meta attribute forwarding by @​dherrman in jlowin#2526
• Fix nested server mount routing for 3+ levels deep by @​jlowin in jlowin#2586
• Add smart fallback for missing access token expiry by @​jlowin in jlowin#2587
• fix: preserve exception propagation through transport cleanup by @​jlowin in jlowin#2591

Breaking Changes 🛫

• Remove enable_docket setting; Docket is now always on by @​chrisguidry in jlowin#2558
• Forbid task execution through proxies, add mount/proxy task tests by @​chrisguidry in jlowin#2574
• Remove enable_tasks setting, enable task protocol by default by @​chrisguidry in jlowin#2578
• Remove deprecated from fastmcp.settings import settings by @​jlowin in jlowin#2581
• Remove deprecated mount/import argument order and separator params by @​jlowin in jlowin#2582
• 2.14 deprecation removals by @​jlowin in jlowin#2329
  Note that #​2329 includes the following PRs:
  • Remove deprecated FASTMCP_SERVER_ environment variable prefix by @​jlowin in jlowin#2330
  • Remove deprecated Context.get_http_request method by @​jlowin in jlowin#2332
  • Remove fastmcp.Image top-level import (deprecated 2.8.1) by @​jlowin in jlowin#2334
  • Remove deprecated client parameter from FastMCPProxy by @​jlowin in jlowin#2333
  • Remove deprecated run_streamable_http_async method by @​jlowin in jlowin#2338
  • Remove deprecated sse_app method by @​jlowin in jlowin#2337
  • Remove deprecated run_sse_async method by @​jlowin in jlowin#2335
  • Remove deprecated streamable_http_app method by @​jlowin in jlowin#2336
  • Remove deprecated dependencies parameter (fixes #​2177) by @​jlowin in jlowin#2340
  • Remove output_schema=False support (deprecated 2.11.4) by @​jlowin in jlowin#2339
  • Remove deprecated BearerAuthProvider module by @​jlowin in jlowin#2341
  • Remove resource_prefix_format="protocol" support (deprecated 2.4.0) by @​jlowin in jlowin#2342
  • Remove from_client classmethod (deprecated 2.8.0) by @​jlowin in jlowin#2343
  • Remove add_resource_fn method (deprecated 2.7.0) by @​jlowin in jlowin#2345

Docs 📚

• Add OCI integration to docs navigation by @​jlowin in jlowin#2515
• Add supabase docs by @​jlowin in jlowin#2030
• Add v2.14.0 upgrade guide by @​jlowin in jlowin#2565
• docs: document stateless_http for horizontal scaling by @​alexjacobs08 in jlowin#2547
• Rewrite background tasks documentation by @​jlowin in jlowin#2567
• [Draft] Add documentation for read-only tool patterns by @​strawgate in jlowin#2536

New Contributors

• @​paulo-raca made their first contribution in jlowin#2532
• @​sskim91 made their first contribution in jlowin#2529
• @​AidanAllchin made their first contribution in jlowin#2563
• @​alexjacobs08 made their first contribution in jlowin#2547
• @​mathewjhan made their first contribution in jlowin#2486
• @​dherrman made their first contribution in jlowin#2526
• @​tonyxwz made their first contribution in jlowin#2531

Full Changelog: PrefectHQ/fastmcp@v2.13.2...v2.14.0

v2.13.3: : Pin-ish Line

Compare Source

MCP SDK 1.23 introduced some changes related to the 11/25/25 MCP protocol update that break some patches/workarounds that FastMCP had implemented previously. In particular, OAuth changes in the new protocol changed some implementation details that FastMCP patched; as such 1.23 is not necessarily a breaking SDK change but it is "breaking" for certain FastMCP behaviors.

As a precaution, this release pins mcp<1.23. FastMCP 2.14 will introduce 11/25/25 support (and require mcp>=1.23).

v2.13.2: : Refreshing Changes

Compare Source

FastMCP 2.13.2 polishes the authentication stack with fixes for token refresh, scope handling, and multi-instance deployments. Discord joins the growing roster of built-in OAuth providers, Azure and Google token handling gets more reliable, and proxy classes now properly forward icons and titles. This release also adds CSP customization for consent screens and fixes an edge case where $defs could mutate during tool transforms.

Welcome to 7 new contributors who made their first FastMCP contributions in this release!

What's Changed

New Features 🎉

• Add Discord OAuth provider and corresponding tests by @​Aisha630 in jlowin#2428

Enhancements 🔧

• Bump actions/checkout from 4 to 5 by @​dependabot[bot] in jlowin#2433
• feat: Made Changes to DescopeProvider to Support New Well Known URLs by @​gaokevin1 in jlowin#2392
• Scalekit provider updates by @​AkshayParihar33 in jlowin#2413
• Add consent_csp_policy parameter for CSP customization by @​jlowin in jlowin#2484
• Add icons support to proxy classes by @​jlowin in jlowin#2502

Fixes 🐞

• Add refresh token support defaults to GoogleProvider by @​jlowin in jlowin#2438
• Fix exclude_args with non-serializable types by @​jlowin in jlowin#2440
• Fix Azure OAuth token refresh with unprefixed scopes by @​Neet-Nestor in jlowin#2462
• fix: prevent $defs mutation in Tool.from_tool transforms by @​jtanningbed in jlowin#2493
• Add title attribute to ProxyTool, ProxyResource, … by @​CNSeniorious000 in jlowin#2497
• Fix OAuth proxy refresh token storage for multi-instance deployments by @​jlowin in jlowin#2483
• Fix get_access_token() returning stale token after OAuth refresh by @​jlowin in jlowin#2505
• Fix version badges for icons and website_url; add Discord example by @​jlowin in jlowin#2509
• Fix Azure provider OIDC scope handling by @​jlowin in jlowin#2506

Docs 📚

• Update http.mdx by @​Shengshenlan in jlowin#2446
• Fix version number in VersionBadge: change 2.14.0 to 2.13.0 by @​ShaikAyesha17 in jlowin#2491
• Add Discord OAuth integration documentation by @​jlowin in jlowin#2508

Dependencies 📦

• Bump actions/setup-python from 5 to 6 by @​dependabot[bot] in jlowin#2432
• Bump py-key-value-aio to 0.3.0 by @​strawgate in jlowin#2437
• Bump actions/checkout from 5 to 6 by @​dependabot[bot] in jlowin#2474

Other Changes 🦾

• Add extra_authorize_params and extra_token_params to OIDCProxy by @​jlowin in jlowin#2439

New Contributors

• @​Neet-Nestor made their first contribution in jlowin#2462
• @​Shengshenlan made their first contribution in jlowin#2446
• @​gaokevin1 made their first contribution in jlowin#2392
• @​ShaikAyesha17 made their first contribution in jlowin#2491
• @​jtanningbed made their first contribution in jlowin#2493
• @​CNSeniorious000 made their first contribution in jlowin#2497
• @​Aisha630 made their first contribution in jlowin#2428

Full Changelog: PrefectHQ/fastmcp@v2.13.1...v2.13.2

v2.13.1: : Heavy Meta

Compare Source

FastMCP 2.13.1 introduces meta parameter support for ToolResult (#​2283), letting tools return metadata alongside results to enable new use cases such as OpenAI's Apps SDK. It also supports client-sent meta (#​2206) as well as improved OAuth capabilities and custom token verifiers (including the new DebugTokenVerifier) and an OCI authentication provider. A large list of enhancements and bugfixes round out the release.

Note that #​2422 excludes MCP SDK 1.21.1 as a permitted dependency version due to a bug that fails FastMCP integration tests.

What's Changed

Enhancements 🔧

• Cleanly render auth errors from OAuth Proxy by @​jlowin in jlowin#2268
• Add custom token verifier support to OIDCProxy by @​jlowin in jlowin#2279
• Supporting Multiple Issuers For JWTVerifier Oauth Workflow by @​mhassaninmsft in jlowin#2233
• Switch to logger.exception for fastmcp run/inspect by @​jakekaplan in jlowin#2294
• Add base_authority parameter to AzureProvider for Azure Government support by @​jlowin in jlowin#2306
• Add DebugTokenVerifier with custom sync/async validation by @​jlowin in jlowin#2296
• Added to_data_uri method for Image class. by @​Hyperclaw79 in jlowin#2227
• Remove test warnings by @​jlowin in jlowin#2331
• Mark flaky Windows test for retry by @​jlowin in jlowin#2344
• Add meta support to ToolResult by @​BrandonShar in jlowin#2283
• switch from pre-commit to prek by @​zzstoatzz in jlowin#2309
• Add manual initialization control to Client by @​jlowin in jlowin#2355
• Pin Cyclopts to v4.0.0 + compliance note by @​jlowin in jlowin#2354
• Switch marvin to prek from pre-commit by @​strawgate in jlowin#2361
• Add meta to call tool by @​aiorga-sherpas in jlowin#2206
• feat: add algorithm configuration to Supabase auth provider by @​cemalkilic in jlowin#2376
• chore(typos): fix additional typos by @​pstoeckle in jlowin#2396
• Martian triage for test failures by @​strawgate in jlowin#2407
• OCI Provider with Docs by @​kiranthakkar in jlowin#2389

Fixes 🐞

• Fix OAuth token storage documentation by @​jlowin in jlowin#2272
• fix(docs): correct the key_value repo link by @​JonZeolla in jlowin#2276
• Remove trailing slashes from MCP endpoint URLs by @​jlowin in jlowin#2277
• Fix py-key-value-aio minimum version to 0.2.8 by @​jlowin in jlowin#2288
• Fix Chrome CSP blocking OAuth consent form with custom protocol redirects by @​jlowin in jlowin#2305
• Add OIDCProxy to auth module exports by @​jlowin in jlowin#2308
• Require uvicorn>=0.35 for websockets-sansio support by @​jlowin in jlowin#2307
• Fix query-only resource templates not matching URIs without query strings by @​joshuadavidthomas in jlowin#2323
• Security: Update authlib to 1.6.5 (CVE-2025-61920) by @​ColeMurray in jlowin#2347
• Security: Validate Cursor deeplink URLs and use safer Windows API by @​ColeMurray in jlowin#2348
• fix: on_initialize is not using request params but the whole request by @​Maxi91f in jlowin#2357
• Fix OAuth metadata endpoint URLs when base_url differs from issuer_url by @​jlowin in jlowin#2353
• Fix Windows test timeouts from SQLite locking by @​jlowin in jlowin#2368
• Fix: URL-encode server name in Cursor deeplinks by @​jlowin in jlowin#2369
• Fix get_http_headers() returning empty dict in on_initialize middleware by @​jlowin in jlowin#2370
• Allow OAuth instance to use the same httpx factory as the Transport by @​guschnwg in jlowin#2324
• Fix consent form action for subpath mounting by @​jlowin in jlowin#2382
• Fix Windows test timeout and restore parallel testing by @​jlowin in jlowin#2383
• Fix duplicate keyword argument error in configure_logging by @​strawgate in jlowin#2381
• Update CSP to allow data URI images on OAuth screens by @​lawrence-law in jlowin#2405
• fix: upstream token cache expires when refresh expires by @​wipash in jlowin#2410
• fix(oauth_proxy): 🐛 add extra_token_params as kwargs in refresh… by @​EdenTrainorCDL in jlowin#2387
• fix(OpenAPIParser): Fix missing $defs for response schemas in experimental OpenAPI parser by @​ChristophNetsch in jlowin#2398
• docs: fix run_server_async documentation by @​jlowin in jlowin#2423
• Fix self-referencing types not being recognized as object schemas by @​jlowin in jlowin#2424
• Simplify _is_object_schema helper by @​jlowin in jlowin#2426

Docs 📚

• Update Azure sidebar title to include Entra ID by @​jlowin in jlowin#2266
• Improve OAuth client token storage security documentation by @​jlowin in jlowin#2270
• Add note about docs version by @​jlowin in jlowin#2271
• 📝 Add docstrings to enhancement/support-jwt-multiple-issuers by @​coderabbitai[bot] in jlowin#2282
• Add maturity warnings for py-key-value backends by @​strawgate in jlowin#2311
• Improve ToolResult and structured output documentation by @​jlowin in jlowin#2349
• Document client meta parameter by @​jlowin in jlowin#2367
• docs: clarify pytest-asyncio dependency and asyncio mode configuration by @​strawgate in jlowin#2399

Dependencies 📦

• Bump ty to ==0.0.1a25 by @​jlowin in jlowin#2350

Other Changes 🦾

• Replace openapi-core with jsonschema-path by @​jlowin in jlowin#2291
• Fix lowest-direct dependency tests to actually test minimum versions by @​Copilot in jlowin#2295
• Add version badge for DebugTokenVerifier by @​jlowin in jlowin#2390
• Handle request_context availability during MCP initialization by @​jlowin in jlowin#2400
• Exclude MCP SDK 1.21.1 and add scope validation to InMemoryOAuthProvider by @​jlowin in jlowin#2422

New Contributors

• @​JonZeolla made their first contribution in jlowin#2276
• @​mhassaninmsft made their first contribution in jlowin#2233
• @​coderabbitai[bot] made their first contribution in jlowin#2282
• @​jakekaplan made their first contribution in jlowin#2294
• @​joshuadavidthomas made their first contribution in jlowin#2323
• @​Hyperclaw79 made their first contribution in jlowin#2227
• @​ColeMurray made their first contribution in jlowin#2347
• @​BrandonShar made their first contribution in jlowin#2283
• @​aiorga-sherpas made their first contribution in jlowin#2206
• @​guschnwg made their first contribution in jlowin#2324
• @​cemalkilic made their first contribution in jlowin#2376
• @​pstoeckle made their first contribution in jlowin#2396
• @​lawrence-law made their first contribution in jlowin#2405
• @​wipash made their first contribution in jlowin#2410
• @​EdenTrainorCDL made their first contribution in jlowin#2387
• @​ChristophNetsch made their first contribution in jlowin#2398
• @​kiranthakkar made their first contribution in jlowin#2389

Full Changelog: PrefectHQ/fastmcp@v2.13.0.1...v2.13.1

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • ""
• Automerge
  • "after 9am every weekday,before 5pm every weekday"

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: libs/fleet-mcp/uv.lock

Command failed: uv lock --upgrade-package fastmcp
Downloading cpython-3.10.20-linux-x86_64-gnu (download) (28.4MiB)
 Downloaded cpython-3.10.20-linux-x86_64-gnu (download)
Using CPython 3.10.20
  × No solution found when resolving dependencies for split (markers:
  │ python_full_version >= '3.10' and platform_python_implementation !=
  │ 'PyPy'):
  ╰─▶ Because fastmcp==2.14.0 depends on uvicorn>=0.35 and your project
      depends on fastmcp==2.14.0, we can conclude that your project depends
      on uvicorn>=0.35.
      And because your project depends on uvicorn==0.34.0, we can conclude
      that your project's requirements are unsatisfiable.

[github-actions]

Run report for 056b9439 (macos-latest, macOS, 0, 1, 1)

Total time: 5m 27s | Comparison time: 11m 4s | Estimated savings: 5m 36s (50.7% faster)

	Action	Time	Status	Info
🟩	SyncWorkspace	10.8ms	Passed
🟩	SyncProject(vendir)	0.5ms	Passed
🟩	SyncProject(devenv)	0.3ms	Passed
🟦	RunTask(vendir:build)	49.7s	Cached
🟩	RunTask(devenv:apply)	4m 37s	Passed	SLOW
🟦	RunTask(devenv:test)	727.1ms	Cached

Environment

OS: macOS
Matrix:

os = macos-latest
name = macOS
index = 0
total = 1
job_number = 1

Variables:

MOON_TOOLCHAIN_FORCE_GLOBALS = true

Touched files

libs/fleet-mcp/pyproject.toml

[github-actions]

Run report for 056b9439 (ubuntu-latest, Linux, 0, 2, 1)

Total time: 14m 49s | Comparison time: 23m 34s | Estimated savings: 8m 44s (37.1% faster)

	Action	Time	Status	Info
🟩	SyncWorkspace	9ms	Passed
🟩	SyncProject(fleet-mcp)	0.5ms	Passed
🟩	SyncProject(devcontainer)	0.4ms	Passed
🟦	RunTask(talos-image:generate-sha)	1.1s	Cached
🟦	RunTask(fleet-mcp:build)	1.9s	Cached
🟩	RunTask(docker:buildx_run)	2s	Passed
🟦	RunTask(devcontainers-cli:build)	5.1s	Cached
🟥	RunTask(fleet-mcp:lint)	7.7s	Failed
🟦	RunTask(vendir:build)	1m 10s	Cached
🟦	RunTask(vendir:test)	370.1ms	Cached
🟦	RunTask(talos-image:generate-profile)	1.1s	Cached
🟩	RunTask(devenv:apply)	30.6s	Passed
🟩	RunTask(devcontainer:build)	12m 57s	Passed	SLOW
🟩	RunTask(devcontainer:test)	41s	Passed

Environment

OS: Linux
Matrix:

os = ubuntu-latest
name = Linux
index = 0
total = 2
job_number = 1

Variables:

MOON_TOOLCHAIN_FORCE_GLOBALS = true

Touched files

libs/fleet-mcp/pyproject.toml

[github-actions]

Run report for 056b9439 (ubuntu-latest, Linux, 1, 2, 2)

Total time: 12m 54s | Comparison time: 19m 42s | Estimated savings: 6m 47s (34.5% faster)

	Action	Time	Status	Info
🟩	SyncWorkspace	6.7ms	Passed
🟩	SyncProject(fleet-mcp)	0.4ms	Passed
🟩	SyncProject(devcontainer)	0.3ms	Passed
🟩	SyncProject(escaperoom)	0.2ms	Passed
🟦	RunTask(talos-image:generate-sha)	639.1ms	Cached
🟦	RunTask(devcontainers-cli:build)	1.2s	Cached
🟦	RunTask(escaperoom:test)	319ms	Cached
🟥	RunTask(fleet-mcp:test)	8.4s	Failed
🟩	RunTask(docker:buildx_run)	11.3s	Passed
🟦	RunTask(vendir:build)	59s	Cached
🟦	RunTask(vendir:test)	380.9ms	Cached
🟦	RunTask(talos-image:generate-profile)	1.1s	Cached
🟩	RunTask(devenv:apply)	29.2s	Passed
🟩	RunTask(devcontainer:build)	11m 55s	Passed	SLOW

Environment

OS: Linux
Matrix:

os = ubuntu-latest
name = Linux
index = 1
total = 2
job_number = 2

Variables:

MOON_TOOLCHAIN_FORCE_GLOBALS = true

Touched files

libs/fleet-mcp/pyproject.toml