Skip to content

fix: preserve tool properties named 'title' during schema compression#3582

Merged
jlowin merged 1 commit intomainfrom
fix/prune-titles-property-name-collision
Mar 22, 2026
Merged

fix: preserve tool properties named 'title' during schema compression#3582
jlowin merged 1 commit intomainfrom
fix/prune-titles-property-name-collision

Conversation

@jlowin
Copy link
Copy Markdown
Member

@jlowin jlowin commented Mar 22, 2026

Schema compression's prune_titles heuristic was stripping user-defined tool parameters named title when the properties dict also contained a key matching a JSON Schema keyword (like type). The heuristic saw "type" in the dict — actually a parameter name, not the schema keyword — and concluded "title" was metadata to prune. This removed the entire property definition while leaving "title" in required, producing an unsatisfiable schema.

The fix checks isinstance(node["title"], str) before pruning. Schema metadata titles are always strings; a property named title in a properties dict is always a dict (a sub-schema). One type check, no ambiguity.

@mcp.tool()
def broken(dashboard_id: str, title: str, type: str = "vis") -> str:
    return ""

# Before: title missing from properties, present in required
# After: schema is correct

Also updates the triage bot's too-long label criteria to better distinguish genuine root-cause analysis from noise, and points the canned comment at CONTRIBUTING.md instead of a pinned issue.

Closes #3576

@marvin-context-protocol marvin-context-protocol Bot added bug Something isn't working. Reports of errors, unexpected behavior, or broken functionality. server Related to FastMCP server implementation or server-side functionality. tests labels Mar 22, 2026
@jlowin jlowin merged commit 718ed8b into main Mar 22, 2026
8 checks passed
@jlowin jlowin deleted the fix/prune-titles-property-name-collision branch March 22, 2026 13:48
@marvin-context-protocol
Copy link
Copy Markdown
Contributor

marvin-context-protocol Bot commented Mar 22, 2026

Test Failure Analysis

Summary: A single test is failing due to a timing race condition in TestJWTIssuer::test_verify_token_validates_expiration — unrelated to the changes in this PR.

Root Cause: The test creates a JWT with expires_in=1 second, then immediately calls verify_token expecting the token to still be valid. However, issue_access_token computes expiry as int(time.time()) + 1, which truncates the current time. Under CI load (this job ran 5070+ tests in parallel via pytest-xdist), the tiny delay between token issuance and the "immediate" verification call can cross a second boundary, causing the token to be already expired when first checked.

Concretely: if a token is issued at t=999.999exp=1000, and verify_token runs at t=1000.001, the check exp < time.time() (1000 < 1000.001) is True and the token is rejected as expired — even though this is the "should be valid immediately" assertion at line 175.

Suggested Solution: In tests/server/auth/test_jwt_issuer.py, increase expires_in to something like 5 seconds and increase time.sleep to 5.1 seconds. This gives enough headroom to avoid the race while still testing expiry behaviour. The longer sleep is a trade-off; alternatively, mock time.time with unittest.mock.patch so the test controls the clock entirely and no real sleeping is needed.

The fix is in tests/server/auth/test_jwt_issuer.py:164-183.

Detailed Analysis

Relevant log excerpt:

tests/server/auth/test_jwt_issuer.py:175:
>       payload = issuer.verify_token(token)   # "Should be valid immediately"

E  authlib.jose.errors.JoseError: Token has expired:
   src/fastmcp/server/auth/jwt_issuer.py:251: JoseError

FAILED tests/server/auth/test_jwt_issuer.py::TestJWTIssuer::test_verify_token_validates_expiration
1 failed, 5070 passed, 1 skipped, 1 xfailed in 140.34s

The problematic expiry logic in src/fastmcp/server/auth/jwt_issuer.py:129,137:

now = int(time.time())          # truncates — token may expire in <1s
...
"exp": now + expires_in,        # expires_in=1 → could expire almost immediately

Verification check at line 249:

if exp and exp < time.time():   # float comparison — any sub-second overrun triggers this
    raise JoseError("Token has expired")

The race: int(999.999) + 1 = 1000, but time.time() after even a few ms of CI load = 1000.003 → token is already expired before the "immediate" check passes.

This failure is unrelated to the PR's changes (schema compression / title property preservation).

Related Files
  • tests/server/auth/test_jwt_issuer.py:164-183 — the flaky test (test_verify_token_validates_expiration)
  • src/fastmcp/server/auth/jwt_issuer.py:129,137 — token issuance using int(time.time())
  • src/fastmcp/server/auth/jwt_issuer.py:248-251 — expiry check using time.time() float

🤖 Posted by marvin triage bot

@jlowin jlowin mentioned this pull request Mar 24, 2026
Closed
jlowin added a commit that referenced this pull request Mar 30, 2026
@jlowin @claude
@voidborne-d @marvin-context-protocol @dependabot @strawgate @Sumanshu-Nankana @ericrobinson-indeed @martimfasantos @mtthidoteu @saschabuehrle @hkc5 @nightcityblade @mhallo @zzstoatzz @shulkx @radoshi @shigechika @jer805 @pandego @4444J99 @mostafa6765
Publish docs for v3.2.0 (#3713)
3a9717e 
Co-authored-by: Claude Opus 4.6 <[email protected]>
Co-authored-by: Jeremiah Lowin <[email protected]>
Co-authored-by: Marvin Context Protocol <41898282+Marvin Context [email protected]>
Co-authored-by: voidborne-d <[email protected]>
Co-authored-by: marvin-context-protocol[bot] <225465937+marvin-context-protocol[bot]@users.noreply.github.com>
Co-authored-by: Claude <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: d 🔹 <[email protected]>
Co-authored-by: Jeremiah Lowin <[email protected]>
Co-authored-by: nightcityblade <[email protected]>
Co-authored-by: Claude Opus 4.6 (1M context) <[email protected]>
Co-authored-by: Claude Sonnet 4.6 <[email protected]>
Co-authored-by: Bill Easton <[email protected]>
Co-authored-by: Sumanshu Nankana <[email protected]>
Co-authored-by: Eric Robinson <[email protected]>
Co-authored-by: Martim Santos <[email protected]>
Co-authored-by: d 🔹 <[email protected]>
Co-authored-by: Matthieu B <[email protected]>
Co-authored-by: Sascha Buehrle <[email protected]>
Co-authored-by: Hakancan <[email protected]>
Co-authored-by: nightcityblade <[email protected]>
Co-authored-by: Matt Hallowell <[email protected]>
Co-authored-by: nate nowack <[email protected]>
Co-authored-by: Bill Easton <[email protected]>
Co-authored-by: Marcus Shu <[email protected]>
Co-authored-by: Rushabh Doshi <[email protected]>
Co-authored-by: AIKAWA Shigechika <[email protected]>
Co-authored-by: Jeremy Simon <[email protected]>
Co-authored-by: Miguel Miranda Dias <[email protected]>
Co-authored-by: Anthony James Padavano <[email protected]>
Co-authored-by: Mostafa Kamal <[email protected]>
Fix auto-close MRE script posting comment without closing (#3386)
Fix WorkOS token scope verification bypass 🤖 Generated with Codex (#3407)
Fix initialize McpError fallthrough 🤖 Generated with Codex (#3413)
Fix transform arg collisions with passthrough params (#3431)
Fix get_* returning None when latest version is disabled (#3439)
Fix get_* returning None when latest version is disabled (#3421)
Fix server lifespan overlap teardown (#3415)
Fix $ref output schema object detection regression (#3420)
resolved annotations (#3429)
Fix async partial callables rejected by iscoroutinefunction (#3438)
Fix async partial callables rejected by iscoroutinefunction (#3423)
fix: add version to components (#3458)
fix: use intent-based flag for OIDC scope patch in load_access_token (#3465)
Fixes #3461
fix: normalize Google scope shorthands and surface valid_scopes (#3477)
fix: resolve ty 0.0.23 type-checking errors and bump pin (#3481)
fix: shield lifespan teardown from cancellation (#3480)
fix: forward custom_route endpoints from mounted servers (#3462)
fix updates _get_additional_http_routes() to traverse providers,
Fixes #3457
fix: remove hardcoded version from CLI help text (#3456)
fix: monty 0.0.8 compatibility, drop external_functions from constructor (#3468)
fix: task test teardown hanging 5s per test (#3499)
Closes #3498
fix: validate workspace path is a directory before cursor install (#3440)
Fixes #3426
fix: handle re.error from malformed URI templates in build_regex (#3501)
fix: reject empty/OIDC-only required_scopes in AzureProvider (#3503)
fix: restrict $ref resolution to local refs only (SSRF/LFI) (#3502)
fix warnings and timeouts (#3504)
close upgrade check issue when build passes (#3505)
Closes #3484
fix: URL-encode path params to prevent SSRF/path traversal (GHSA-vv7q-7jx5-f767) (#3507)
fix: prevent path traversal in skill download (#3493)
fix: prefer IdP-granted scopes over client-requested scopes in OAuthProxy (#3492)
fix: remove unrelated transform and http.py changes from PR scope
fix: remove forced follow_redirects from httpx_client_factory calls (#3496)
fix: stop passing follow_redirects to httpx_client_factory
fix: restore follow_redirects=True for custom httpx client factories
Closes #3509
fix: CSRF double-submit cookie check in consent flow (#3519)
fix: validate server names in install commands (#3522)
fix: use raw strings for regex in pytest.raises match (#3523)
fix: reject refresh tokens used as Bearer access tokens (#3524)
fix: route ResourcesAsTools/PromptsAsTools through server middleware (#3495)
fix: resolve Pyright "Module is not callable" on @tool, @resource, @prompt decorators (#3540)
fix: filter warnings by message in KEY_PREFIX test (#3549)
fix: suppress output schema for ToolResult subclass annotations (#3548)
fix: increase sleep duration in proxy cache tests (#3567)
fix: store absolute token expiry to prevent stale expires_in on reload (#3572)
fix: preserve tool properties named 'title' during schema compression (#3582)
Fix loopback redirect URI port matching per RFC 8252 §7.3 (#3589)
Fix app tool routing: visibility check and middleware propagation (#3591)
Fix query parameter serialization to respect OpenAPI explode/style settings (#3595)
Fix dev apps form: union types, textarea support, JSON parsing (#3597)
fix(google): replace deprecated /oauth2/v1/tokeninfo with /oauth2/v3/userinfo (#3603)
fix: resolve EntraOBOToken dependency injection through MultiAuth (#3609)
fix(docs): correct misleading stateless_http header (#3622)
fix: filesystem provider import machinery (#3626)
Closes #3625 (issues 2, 3, 6)
fix: recover StdioTransport after subprocess exits (#3630)
fix(server): preserve mounted tool task metadata (#3632)
fix: scope deprecation warning filter to FastMCPDeprecationWarning (#3649)
fix imports, add PrefabAppConfig (#3650)
fix: resolve CurrentFastMCP/ctx.fastmcp to child server in mounted background tasks (#3651)
Fix blocking docs issues: chart imports, Select API, Rx consistency (#3652)
closed by default (#3657)
Fix prompt caching middleware missing wrap/unwrap round-trip (#3666)
fix: serialize object query params per OpenAPI style/explode rules (#3662)
Fixes #2857
fix: HTTP request headers not accessible in background task workers (#3631)
fix: restore HTTP headers in worker execution path for background tasks (#3681)
fix: strip discriminator after dereferencing schemas (#3682)
fix: remove stale ty:ignore directives for ty 0.0.26 (#3684)
Fix docs gaps in app provider pages (#3690)
fix: dev apps log panel UX improvements (#3698)
fix dev server empty string args (#3700)
@lgacnik lgacnik mentioned this pull request Apr 23, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

bug Something isn't working. Reports of errors, unexpected behavior, or broken functionality. server Related to FastMCP server implementation or server-side functionality. tests

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

compress_schema strips user-defined 'title' properties from tool inputSchema

1 participant

@jlowin