Skip to content

Moving beta tools to GA #75

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
viratatwebflow merged 19 commits into from
Jan 16, 2026
Merged

Moving beta tools to GA #75

viratatwebflow merged 19 commits into from
Jan 16, 2026

Conversation

@viratatwebflow
Copy link
Collaborator

@viratatwebflow viratatwebflow commented Jan 16, 2026

No description provided.

@viratatwebflow
Enhance response formatting with new types and utility functions
36fd48c 
Added TypeScript types for text and image content, along with a unified ToolResponse type. Introduced utility functions for creating text and image content, and for formatting tool responses. This improves type safety and clarity in handling different response formats.
@viratatwebflow
CMS Tool consolidation
e30e6cf
@viratatwebflow
Sites tool consolidation
5d0a445
@viratatwebflow
Script tool consolidation
f7ac218
@viratatwebflow
Data Page tool consolidation
e4c21ca
@viratatwebflow
Data Component tool consolidation
fef7bcc
@viratatwebflow
fixed cms tool description
81a368c
@viratatwebflow
Refactor CMS tool for improved type safety and consistency
791097c 
Updated the CMS tool to enhance TypeScript type definitions for function arguments and responses, ensuring better clarity and maintainability. Consolidated import statements and improved formatting for better readability. This refactor aligns with recent updates across other tools for a unified codebase.
@viratatwebflow
Merge pull request #65 from webflow/data-tool-consolidation
51f7fff 
Data tool consolidation
@viratatwebflow
Merge pull request #69 from webflow/main
e15b7bf 
pulling latest changes from main
@viratatwebflow
chore: update package dependencies and refactor tools for improved co…
69cf041 
…nsistency

- Updated dependencies in package.json and package-lock.json, including @modelcontextprotocol/sdk to version 1.21.1 and webflow-api to version 3.2.1.
- Refactored various tools to use registerTool method for better consistency across the codebase.
- Enhanced input schemas and descriptions for several tools, including data scripts, pages, and styles, to improve clarity and maintainability.
- Removed deprecated or unnecessary code segments to streamline functionality.
@viratatwebflow
Merge pull request #70 from webflow/mcp-sdk-update
893033b
@viratatwebflow
chore: update @modelcontextprotocol/sdk to version 1.23.0 and enhance…
8ca531a 
… tools registration

- Updated the @modelcontextprotocol/sdk dependency in package.json to version 1.23.0.
- Added registration for new tools: registerCommentsTools and registerEnterpriseTools in mcp.ts.
- Exported new tools from index.ts for better modularity.
- Enhanced the rules.ts file with additional guidance on localizations.
- Introduced new script management functions in scripts.ts for handling custom scripts on pages.
@viratatwebflow
chore: simplify build scripts in package.json
f950924 
- Removed the --clean flag from the build script for a more straightforward build process.
- Maintained the watch functionality in the build:watch script for continuous development.
@viratatwebflow
Merge pull request #71 from webflow/new-beta-tools
1e85990 
chore: update @modelcontextprotocol/sdk to version 1.23.0 and enhance…
@viratatwebflow
feat: add element snapshot tool for visual debugging
ebe8295 
- Introduced the element_snapshot_tool to capture visual snapshots of elements, sections, or components.
- Enhanced the rules documentation with usage instructions for the new tool, emphasizing its utility for debugging and visual validation.
- Implemented RPC call handling for the snapshot tool, returning PNG images for specified elements.
@viratatwebflow
fix: remove base64 prefix from image data in registerDEElementTools
a558424 
- Updated the image data handling in the registerDEElementTools function to remove the "data:image/png;base64," prefix, ensuring cleaner data processing for PNG images.
@viratatwebflow viratatwebflow requested a review from a team as a code owner January 16, 2026 17:51
@viratatwebflow viratatwebflow requested review from memo-pineda and removed request for a team January 16, 2026 17:51
@viratatwebflow
Merge branch 'main' into sai
f643e46
@viratatwebflow
feat: enhance comments tool registration with openWorldHint
dab4dda 
- Added openWorldHint to the annotations in the registerCommentsTools function for improved user guidance.
- Updated zod import to version 3 in enterprise.ts for consistency with other schema files.
@socket-security
Copy link

socket-security bot commented Jan 16, 2026

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updatednpm/​@​modelcontextprotocol/​sdk@​1.24.0 ⏵ 1.21.199 +179 -510099 +1100
Updatednpm/​webflow-api@​3.1.1 ⏵ 3.2.199 +1100100 +188100

View full report

@socket-security
Copy link

socket-security bot commented Jan 16, 2026

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn High
High CVE: Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default in npm @modelcontextprotocol/sdk

CVE: GHSA-w48q-cv73-mx4w Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default (HIGH)

Affected versions: < 1.24.0

Patched version: 1.24.0

From: package-lock.jsonnpm/@modelcontextprotocol/[email protected]

ℹ Read more on: This package | This alert | What is a CVE?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected].

Suggestion: Remove or replace dependencies that include known high severity CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@modelcontextprotocol/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

@viratatwebflow viratatwebflow removed the request for review from memo-pineda January 16, 2026 19:29
@viratatwebflow viratatwebflow merged commit 4b192e6 into main Jan 16, 2026
6 checks passed
@viratatwebflow viratatwebflow deleted the sai branch January 16, 2026 19:30
@viratatwebflow viratatwebflow restored the sai branch January 16, 2026 19:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@viratatwebflow