context7

Minor Changes

• c921c8b: Replace the in-result sign-in nudge with an MCP form elicitation. When the backend signals (via X-Context7-Auth-Prompt: 1) that an anonymous client has crossed the per-IP threshold, the MCP server now fires an elicitation/create request instead of appending instructions into the tool result.
  • Surfaces the npx ctx7 setup --<client> --mcp[ --stdio] -y command in a client-rendered dialog rather than as model-visible text. The previous text-injection approach was treated as untrusted instruction content by some agents; elicitations are delivered out-of-band to the user so they bypass that path entirely.
  • Gated on the client advertising the elicitation capability — clients without it see no nudge, which is a safe no-op.
  • Presents a two-option radio: "I'll run the command to sign in" or "Continue anonymously with smaller limits".
  • The server holds no suppression state: the backend emits the header at most once per MCP session, so the dialog is shown whenever the header is present. Frequency is owned entirely by the backend.
  • Fire-and-forget: the elicitation does not block or alter the surrounding tool response.

Patch Changes

• cb6aee1: Bump runtime dependencies: @modelcontextprotocol/sdk 1.25 -> 1.29, undici 6 -> 7, and zod 4.3 -> 4.4.
• fcdc36e: Advertise empty prompts and resources capabilities with no-op prompts/list, resources/list, and resources/templates/list handlers. Some MCP clients (e.g. opencode) call these unconditionally and treat -32601 Method not found as a fatal connection error rather than honoring the negotiated capabilities, which previously prevented the server from loading.

Patch Changes

• cb6aee1: Bump runtime dependencies: commander 13 -> 15 and ora 9.0 -> 9.4.
• 428af3e: Recover Context7 library IDs that Git Bash mangles on Windows. Git Bash rewrites a leading-slash argument like /facebook/react into a Windows path under the Git install dir (C:/Program Files/Git/facebook/react), causing ctx7 docs to reject it as invalid; this mainly affected users running ctx7 through Claude Code. The CLI now detects and undoes the conversion before validation, accepts the //owner/repo escape, and points users at that workaround for install layouts it can't auto-detect.
• c03bc9c: Store CLI files in XDG Base Directory locations instead of ~/.context7. Credentials move to $XDG_CONFIG_HOME/context7 (default ~/.config/context7), updater state to $XDG_STATE_HOME/context7 (default ~/.local/state/context7), and generate previews to $XDG_CACHE_HOME/context7 (default ~/.cache/context7). Existing files in ~/.context7 are migrated automatically on first use; migration is best-effort and falls back to reading the legacy file if it cannot complete. The credentials file is always re-asserted to 0o600 after migration or write so it is never group/world-readable. Relative or empty XDG_* values are ignored per the spec.

Patch Changes

• f327589: Avoid throwing a raw SyntaxError when the server returns a non-JSON error body. HttpClient.request() now wraps the error-path res.json() in a .catch, so non-JSON responses (HTML 502s, plain-text 429s, Cloudflare challenge pages) fall back to res.statusText and always surface as a typed Context7Error.

Patch Changes

• ea91d7d: ctx7 login now always uses the device-code flow. The localhost-callback path is removed — every install (laptop, SSH, Codespace, Docker, CI) goes through the same boxed prompt and verification page. Drops the --device flag (it was the opt-in for what's now the default). Older CLI versions (≤ 0.5.0) continue to work against the unchanged auth endpoints, so pinned installs are unaffected.

Minor Changes

• 5a180d5: Add OAuth 2.0 device authorization flow (RFC 8628) for ctx7 login and ctx7 setup. Required for headless / remote hosts (SSH, Codespaces, Docker, CI) where the existing localhost-callback flow can't work — the browser was opening on the user's laptop while the callback listener ran on the remote host.

  The new flow prints a verification URL and short code, then polls a token endpoint. The user visits the URL on any device, signs in, and approves; the CLI receives the same ctx7sk-… API key it would have gotten from the legacy flow. Device flow is selected automatically when SSH_CONNECTION is set or $DISPLAY is missing on Linux, and can be forced with ctx7 login --device. Polling tolerates transient network errors and 5xx responses without ending the session.

Patch Changes

• 2affada: ctx7 setup now properly supports --antigravity, installing skills to .agent/skills, a GEMINI.md rule section (Antigravity reads Gemini-family config), and MCP config to Antigravity 2.0's documented global path ~/.gemini/config/mcp_config.json (with httpUrl for HTTP, matching the Gemini convention). Antigravity has no documented project-level MCP file, so setup --antigravity --project --mcp writes to the global location. Also removes the --universal flag from setup, which was advertised but silently ignored — it never propagated through agent selection, so passing it (e.g. setup --cli --universal --project) caused setup to fall back to auto-detection and write to the wrong directory.
• 268f52f: ctx7 setup --api-key <KEY> (without --cli, --mcp, or -y) now prompts to choose between MCP server and CLI + Skills modes. Previously, passing --api-key short-circuited to MCP, locking users out of the CLI + Skills option even though that mode also accepts an API key. Explicit --mcp / --cli / --stdio / --oauth / -y still skip the prompt as before.
• 2e97dae: Add deprecation warning to skill commands

Minor Changes

• 1fb2d42: Add multi-tenant Microsoft Entra ID validation for MCP tokens. The server now detects inbound Entra v2 tokens by issuer pattern, fetches per-teamspace configuration (tenantId, audience, requiredScope) from the Context7 app, and verifies the token against the matching tenant's JWKS, enforcing the required scope claim when configured. User resolution happens downstream in the Context7 app against a pre-provisioned user mapping table — the MCP server only validates. Per-tenant JWKS cache and a 5-minute in-memory config cache keyed by JWT audience reduce overhead under load.

Minor Changes

• f91b40c: Initial release. Adds an official Context7 extension for the pi coding agent — registers resolve-library-id and query-docs tools, ships the context7-docs skill, and exposes a /c7-docs slash command. Wire format, error messages, and tool descriptions are copied verbatim from @upstash/context7-mcp so pi and MCP clients give the LLM identical instructions and output. Self-contained — no Context7 runtime dependencies. Works out of the box at IP-based rate limits; set CONTEXT7_API_KEY for the higher tier. Install with pi install npm:@upstash/context7-pi.

Patch Changes

• 7cacc94: Add --json flag to ctx7 skills list for machine-parseable output. Emits { skills: [{ name, path, source }] } where path is absolute and source is the agent type (universal, claude, cursor, antigravity). Matches the existing --json pattern on ctx7 library and ctx7 docs.

Major Changes

• af6a7b5: Convert the stateless MCP implementation to a stateful one using Redis for session management.

Patch Changes

• 3d73145: Reduce Redis writes on refresh by checking the remaining TTL first and only issuing EXPIRE when the session is within one day of expiry.

Minor Changes

• 34fda7d: Prompt anonymous users to sign in. After the backend signals (via the X-Context7-Auth-Prompt: 1 response header on /v2/libs/search or /v2/context) that an anonymous client has crossed the per-IP threshold, the MCP server appends a one-time sign-in invitation to the tool result.
  • Both stdio and HTTP transports surface the same nudge: a tool-result notice asking the assistant to run npx ctx7 setup --<client> --mcp -y (with --stdio appended when the MCP server is running on stdio) after explicit user confirmation. The CLI handles OAuth and writes credentials into the MCP client's config; the user restarts their MCP server / editor to pick up the new credentials.
  • Detects the calling client from X-Context7-Client-IDE / User-Agent and selects the matching CLI flag (--cursor, --claude, --codex, --opencode, --gemini); falls back to interactive setup when unknown.
  • HTTP transport remains stateless — the threshold is tracked by the backend (per-IP, 24h TTL), the MCP server only reacts to the signal.

Patch Changes

• 6c71e4d: Handle malformed MCP config files gracefully during ctx7 remove agent detection. Previously, an unparseable JSON config at any agent's well-known path (e.g. a hand-edited ~/.claude.json) would crash the command with an unhandled SyntaxError before it could do anything. The detector now skips the offending file and logs a warning naming the path and parse error so the user can fix it, while detection continues for the remaining agents.
• 4056850: Respect CLAUDE_CONFIG_DIR env var when resolving Claude Code's global config, rules, skills, and detection paths

Patch Changes

• 187287c: Accept hallucinated argument names on tools/call requests by rewriting them to the canonical names before validation. userQuery and question are mapped to query on either tool; on query-docs, context7CompatibleLibraryID, libraryID, and libraryName are mapped to libraryId. Some LLM clients produce these alternative names — likely echoing phrasing from each tool's description — and previously triggered Invalid input: expected string, received undefined errors. libraryName is only rewritten on query-docs calls because it is the canonical arg for resolve-library-id. Tool input schemas published via tools/list are unchanged: canonical names remain the documented required fields, the rewrite is purely a server-side compatibility shim that runs only on tools/call and only when the canonical key is absent.
• 78b9826: Exit the stdio MCP server when the parent process closes its stdio. Previously, if the parent (e.g. Claude Code) was force-killed shortly after a tool call, an idle undici keep-alive socket to the Context7 API would keep libuv's event loop alive past stdin EOF, leaving an orphaned node process that consumed memory until the kernel tore the socket down (which on Cloudflare-fronted endpoints can take hours). The server now listens for end/close on stdin and SIGHUP and exits cleanly. Fixes #2542.

Patch Changes

• d0e4a48: Create a fresh McpServer per HTTP request. Sharing one across requests let any concurrent transport.close clear the shared Protocol._transport, which broke sendNotification for in-flight long-running tool calls.
• 1aa3430: Remove research mode entirely from the MCP server and CLI. The query-docs MCP tool no longer accepts or forwards a researchMode parameter, and the CLI no longer exposes a --research flag on ctx7 docs.

Patch Changes

• 772da3a: Stream MCP tool responses over SSE so HTTP headers flush before client fetch timeouts. Switching enableJsonResponse to false makes the SDK return the HTTP response synchronously after request validation, so headers are sent in milliseconds instead of being buffered until the tool completes. This fixes clients that cap the underlying fetch waiting for headers (e.g., Claude Code's 60s wrapFetchWithTimeout).

Patch Changes

• 8274bd0: Add missing tool annotations
• ff6c1be: Remove the researchMode parameter from the query-docs tool's input schema. The underlying API still supports research mode, but several MCP clients hit per-request timeouts (60s defaults) on long-running research calls in ways that can't always be solved server-side. Hiding the parameter prevents agents from invoking it through MCP until the timeout story is reliable across clients.

Patch Changes

• 1b0c211: Add endpoint for OpenAI Apps SDK domain verification.

Minor Changes

• 17b864f: Expose research mode through the MCP researchMode tool and the CLI docs --research flag for deep, agent-driven documentation answers.

Patch Changes

• 4feee15: Add CLI update notifications and a new ctx7 upgrade command. The CLI now checks for newer versions with cached state, shows a non-blocking notice before interactive commands, and provides safer upgrade guidance across npm, pnpm, bun, and ephemeral runner setups.
• f056b14: Add ctx7 remove as the cleanup counterpart to ctx7 setup, with safer detection and removal behavior. The command now prompts only for agents with actual Context7 artifacts, preserves non-Context7 MCP configuration when removing entries, and includes stronger test coverage for JSON and TOML cleanup.

Patch Changes

• 3f6e310: Fix skill installation path validation on Windows so valid files inside the target directory are not rejected due to backslash-separated resolved paths.

Patch Changes

• 00833f9: Preserve Node's default trusted CAs when NODE_EXTRA_CA_CERTS is configured, and add a regression test for custom CA loading.