mcp-deprecate
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@mcp-deprecatescan ./src for deprecated protocol features"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
mcp-deprecate
Scan an MCP server for protocol features deprecated or removed by the 2026-07-28 specification release candidate, and get a dated migration checklist.
The 2026-07-28 RC is the largest revision of the Model Context Protocol since launch โ it makes the protocol stateless, removes the initialize handshake and Mcp-Session-Id, and deprecates Roots, Sampling, and Logging. The spec ships the deprecation list as prose with a 12-month feature-lifecycle policy, but no tooling to find where your code is affected. mcp-deprecate is that tooling.
It ships as three surfaces over one rule engine: a CLI, a GitHub Action CI gate, and an MCP server.
What it flags
Two severities, and the difference matters:
Severity | Meaning | Examples |
๐ด error | Removed in the RC โ breaking against a final-spec server |
|
๐ก warning | Deprecated โ still works, removable no sooner than 12 months out (HTTP+SSE transport is shorter โ 3 months after the RC reaches Final) | Roots, Sampling, Logging, the HTTP+SSE transport, |
It also prints a manual-review checklist for changes that have no reliable static signature (e.g. the new required resultType field, server/discover, CacheableResult fields). Every rule cites its originating SEP.
Related MCP server: MCP Observatory
Install
npm install -g mcp-deprecate
# or run without installing:
npx mcp-deprecate ./src1. CLI
mcp-deprecate [path] [options]$ mcp-deprecate ./src # line:column and migration text below are illustrative
...
ERROR 12:3 initialize / notifications/initialized handshake [mcp-2575-initialize ยท SEP-2575]
MCP is now stateless: the initialize / notifications/initialized handshake is removed.
โ Carry protocol version, client identity, and capabilities in _meta on every request.
Summary: 1 error(s), 0 warning(s) across 1 file(s).Option | Default | Description |
|
|
|
|
| Non-zero-exit threshold: |
| Hide the manual-review checklist | |
| Print the full rule table and exit | |
| Print version and exit | |
| Print this help and exit |
Generate a migration document:
mcp-deprecate . --format md --fail-on none > MIGRATION.md # --fail-on none = always exit 0Exit codes: 0 clean ยท 1 findings at/above --fail-on ยท 2 usage/scan error.
2. GitHub Action
Gate pull requests so no one reintroduces a removed feature:
# .github/workflows/mcp-compat.yml
name: MCP compat
on: [pull_request]
jobs:
mcp-deprecate:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: shurugiken/mcp-deprecate@v1 # pin to a released tag
with:
path: "src"
fail-on: "error" # use "warning" for a strict gateInputs: path (default .), fail-on (error/warning/none, default error), format (text/md/json, default text), version (npm dist-tag or version, default latest), advisories (true/false, default true).
3. MCP server
Security: the server reads any file path its client requests โ it has no path allow-list. Connect it only to trusted MCP clients.
Run mcp-deprecate itself as an MCP server so an agent can lint other MCP servers:
{
"mcpServers": {
"mcp-deprecate": {
"command": "npx",
"args": ["-y", "--package", "mcp-deprecate", "mcp-deprecate-server"]
}
}
}Tools: scan_source(path, format?) (format defaults to md), check_spec_compat(path), list_rules().
Library
import { scanPath, render, summarize } from "mcp-deprecate";
const findings = await scanPath("./src");
console.log(render(findings, { format: "md" }));
console.log(summarize(findings)); // { errors, warnings, total, filesWithFindings }How it works & limitations
Detection is signature-based: distinctive protocol method strings (logging/setLevel), headers (Mcp-Session-Id), error codes (-32002), and official TypeScript SDK schema symbols (InitializeRequestSchema). This favors precision over recall โ a clean scan is not a proof of compatibility, only the absence of known high-signal markers. Scans .ts/.tsx/.js/.jsx/.mjs/.cjs/.py/.json.
Known limits: comments are stripped before matching, but only single-line ones โ Python triple-quoted docstrings and multi-line JS/TS template literals aren't tracked (tokens mentioned inside them are still matched); method values passed through a variable rather than a string literal, and values split across lines (includeContext: with the value on the next line), are not detected; rules keyed to TypeScript SDK symbols (e.g. InitializeRequestSchema) won't fire on Python servers or hand-built raw JSON-RPC strings; symlinks to files are followed but symlinked directories are not; an explicitly-passed file over 2 MB errors, and files over 2 MB are skipped during directory walks; the directory walk also skips node_modules, dist, build, out, coverage, vendor, __pycache__, and any hidden directory (names starting with ., e.g. .next, .turbo); the programmatic library entrypoint is ESM-only (require() works on Node 22.12+; on Node 20 import it as ESM or via dynamic import()) โ the CLI and GitHub Action are unaffected and run on Node โฅ20. The MCP server reads whatever path its client asks for, so grant it only to trusted clients.
Roadmap: AST-based call-site analysis (ts-morph), deeper Python SDK coverage, and a runtime prober that boots a server and checks advertised capabilities against the RC.
Sources
License
MIT ยฉ Kwashawn Warren
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/shurugiken/mcp-deprecate'
If you have feedback or need assistance with the MCP directory API, please join our Discord server