This patch release fixes an HTTP transport timeout bug where connections were defaulting to 5 seconds instead of respecting MCP's 30-second default, causing premature timeouts for slower operations. Also includes OAuth token storage fixes, Redis key isolation for ACL compliance, and improved ContextVar propagation for ASGI-mounted servers. Plus, the CLI will now nudge you when updates are available (you're welcome, future you).

What's Changed

Enhancements 🔧

• Add debug logging for OAuth token expiry diagnostics by @jlowin in https://github.com/jlowin/fastmcp/pull/2789
• Add CLI update notifications by @jlowin in https://github.com/jlowin/fastmcp/pull/2839
• Use pip instead of uv pip in upgrade instructions by @jlowin in https://github.com/jlowin/fastmcp/pull/2841

Fixes 🐞

• Backport OAuth token storage TTL fix to release/2.x by @jlowin in https://github.com/jlowin/fastmcp/pull/2798
• Prefix Redis keys with docket name for ACL isolation (2.x backport) by @chrisguidry in https://github.com/jlowin/fastmcp/pull/2812
• Fix ContextVar propagation for ASGI-mounted servers with tasks by @chrisguidry in https://github.com/jlowin/fastmcp/pull/2843
• Fix HTTP transport timeout defaulting to 5 seconds by @jlowin in https://github.com/jlowin/fastmcp/pull/2848

Full Changelog: https://github.com/jlowin/fastmcp/compare/v2.14.2...v2.14.3