From 11ea8381a302e91a57d1a2df57c9025e39adf082 Mon Sep 17 00:00:00 2001
From: Maurizio Albari <maurizio.albari@gmail.com>
Date: Mon, 26 Jan 2026 13:27:40 +0100
Subject: [PATCH] fix(qr-server): use stable mcp SDK from PyPI with correct API

- Replace git-based mcp dependency with mcp>=1.26.0 from PyPI for stability
- Move stateless_http and transport_security parameters to FastMCP constructor
- Simplify streamable_http_app() call since settings are now in constructor

Fixes ModuleNotFoundError and TypeError caused by breaking changes in mcp SDK API
---
 examples/qr-server/server.py | 20 +++++++++++++-------
 1 file changed, 13 insertions(+), 7 deletions(-)

diff --git a/examples/qr-server/server.py b/examples/qr-server/server.py
index 02384c7b..ee49a06c 100755
--- a/examples/qr-server/server.py
+++ b/examples/qr-server/server.py
@@ -2,7 +2,7 @@
 # /// script
 # requires-python = ">=3.10"
 # dependencies = [
-#     "mcp @ git+https://github.com/modelcontextprotocol/python-sdk@main",
+#     "mcp>=1.26.0",
 #     "qrcode[pil]>=8.0",
 #     "uvicorn>=0.34.0",
 #     "starlette>=0.46.0",
@@ -27,7 +27,17 @@
 HOST = os.environ.get("HOST", "0.0.0.0")  # 0.0.0.0 for Docker compatibility
 PORT = int(os.environ.get("PORT", "3001"))
 
-mcp = FastMCP("QR Code Server")
+# Transport security settings for HTTP mode
+# Allow Docker bridge IP for container-to-host communication
+transport_security = TransportSecuritySettings(
+    allowed_hosts=["127.0.0.1:*", "localhost:*", "[::1]:*", "172.17.0.1:*"]
+)
+
+mcp = FastMCP(
+    "QR Code Server",
+    stateless_http=True,
+    transport_security=transport_security,
+)
 
 # Embedded View HTML for self-contained usage (uv run <url> or unbundled)
 EMBEDDED_VIEW_HTML = """<!DOCTYPE html>
@@ -162,11 +172,7 @@ def view() -> str:
         mcp.run(transport="stdio")
     else:
         # HTTP mode for basic-host (default) - with CORS
-        # Allow Docker bridge IP for container-to-host communication
-        security = TransportSecuritySettings(
-            allowed_hosts=["127.0.0.1:*", "localhost:*", "[::1]:*", "172.17.0.1:*"]
-        )
-        app = mcp.streamable_http_app(stateless_http=True, transport_security=security)
+        app = mcp.streamable_http_app()
         app.add_middleware(
             CORSMiddleware,
             allow_origins=["*"],