From 6136dd4d76e5d636b30a9c202995e19efbf8457f Mon Sep 17 00:00:00 2001 From: RobertIskandaraniCodigo Date: Thu, 14 May 2026 15:10:48 -0300 Subject: [PATCH] chore(fastmcp): pin fastmcp to >=3.2,<4 The adapter consumes the v3 surface (`fastmcp.FastMCP` plus `fastmcp.server.auth.require_scopes`); resolving against fastmcp 2.x fails at import. Tightening the lower bound makes the failure show up at resolution time instead of runtime, and adding an upper bound keeps fastmcp 4.x out until we re-verify the surface. Verified: 33/33 unit tests on fastmcp 3.2.4 and 3.3.0b2, and the calculator demo boots end-to-end against a local authserver with both versions. Co-Authored-By: Claude Opus 4.7 (1M context) --- authplane-fastmcp/pyproject.toml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/authplane-fastmcp/pyproject.toml b/authplane-fastmcp/pyproject.toml index 18909e7..fe0e6d9 100644 --- a/authplane-fastmcp/pyproject.toml +++ b/authplane-fastmcp/pyproject.toml @@ -15,7 +15,10 @@ keywords = ["oauth", "jwt", "fastmcp", "adapter", "authplane"] requires-python = ">=3.11" dependencies = [ "authplane-sdk", - "fastmcp>=2.0", + # Upper bound on 4.x is anticipatory — when fastmcp 4 ships we need to + # re-verify the `FastMCP` constructor + `fastmcp.server.auth.require_scopes` + # surface the adapter consumes. + "fastmcp>=3.2,<4", "pydantic>=2.0", ]