npm - @azure/mcp - Versions diffs - 0.9.9 → 1.0.1 - Mend

@azure/mcp 0.9.9 → 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/README.md +27 -0
package/package.json +9 -9

package/README.md CHANGED Viewed

@@ -13,7 +13,12 @@ All Azure MCP tools in a single server. The Azure MCP Server implements the [MCP
     - [Documentation](#documentation)
     - [Feedback and Support](#feedback-and-support)
     - [Security](#security)
+    - [Permissions and Risk](#permissions-and-risk)
     - [Data Collection](#data-collection)
+    - [Compliance Responsibility](#compliance-responsibility)
+    - [Third Party Components](#third-party-components)
+    - [Export Control](#export-control)
+    - [No Warranty / Limitation of Liability](#no-warranty--limitation-of-liability)
     - [Contributing](#contributing)
     - [Code of Conduct](#code-of-conduct)
@@ -291,6 +296,12 @@ Your credentials are always handled securely through the official [Azure Identit
 MCP as a phenomenon is very novel and cutting-edge. As with all new technology standards, consider doing a security review to ensure any systems that integrate with MCP servers follow all regulations and standards your system is expected to adhere to. This includes not only the Azure MCP Server, but any MCP client/agent that you choose to implement down to the model provider.
+You should follow Microsoft security guidance for MCP servers, including enabling Entra ID authentication, secure token management, and network isolation. Refer to [Microsoft Security Documentation](https://learn.microsoft.com/azure/api-management/secure-mcp-servers) for details.
+## Permissions and Risk
+MCP clients can invoke operations based on the user’s Azure RBAC permissions. Autonomous or misconfigured clients may perform destructive actions. You should review and apply least-privilege RBAC roles and implement safeguards before deployment. Certain safeguards, such as flags to prevent destructive operations, are not standardized in the MCP specification and may not be supported by all clients.
 ## Data Collection
 The software may collect information about you and your use of the software and send it to Microsoft. Microsoft may use this information to provide services and improve our products and services. You may turn off the telemetry as described in the repository. There are also some features in the software that may enable you and Microsoft to collect data from users of your applications. If you use these features, you must comply with applicable law, including providing appropriate notices to users of your applications together with a copy of Microsoft's [privacy statement](https://www.microsoft.com/privacy/privacystatement). You can learn more about data collection and use in the help documentation and our privacy statement. Your use of the software operates as your consent to these practices.
@@ -301,6 +312,22 @@ Telemetry collection is on by default.
 To opt out, set the environment variable `AZURE_MCP_COLLECT_TELEMETRY` to `false` in your environment.
+## Compliance Responsibility
+This MCP server may interact with clients and services outside Microsoft compliance boundaries. You are responsible for ensuring that any integration complies with applicable organizational, regulatory, and contractual requirements.
+## Third Party Components
+This MCP server may use or depend on third party components. You are responsible for reviewing and complying with the licenses and security posture of any third-party components.
+## Export Control
+Use of this software must comply with all applicable export laws and regulations, including U.S. Export Administration Regulations and local jurisdiction requirements.
+## No Warranty / Limitation of Liability
+This software is provided “as is” without warranties or conditions of any kind, either express or implied. Microsoft shall not be liable for any damages arising from use, misuse, or misconfiguration of this software.
 ## Contributing
 We welcome contributions to the Azure MCP Server! Whether you're fixing bugs, adding new features, or improving documentation, your contributions are welcome.

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@azure/mcp",
-  "version": "0.9.9",
+  "version": "1.0.1",
   "description": "Azure MCP Server - Model Context Protocol implementation for Azure",
   "author": "Microsoft",
   "homepage": "https://github.com/Microsoft/mcp/blob/main/servers/Azure.Mcp.Server#readme",
@@ -14,8 +14,8 @@
     "url": "https://github.com/microsoft/mcp/issues"
   },
   "repository": {
-    "url": "https://github.com/microsoft/mcp.git",
-    "type": "git"
+    "type": "git",
+    "url": "https://github.com/microsoft/mcp.git"
   },
   "engines": {
     "node": ">=20.0.0"
@@ -33,12 +33,12 @@
     "arm64"
   ],
   "optionalDependencies": {
-    "@azure/mcp-linux-arm64": "0.9.9",
-    "@azure/mcp-win32-arm64": "0.9.9",
-    "@azure/mcp-darwin-arm64": "0.9.9",
-    "@azure/mcp-darwin-x64": "0.9.9",
-    "@azure/mcp-linux-x64": "0.9.9",
-    "@azure/mcp-win32-x64": "0.9.9"
+    "@azure/mcp-linux-x64": "1.0.1",
+    "@azure/mcp-darwin-arm64": "1.0.1",
+    "@azure/mcp-win32-arm64": "1.0.1",
+    "@azure/mcp-linux-arm64": "1.0.1",
+    "@azure/mcp-darwin-x64": "1.0.1",
+    "@azure/mcp-win32-x64": "1.0.1"
   },
   "scripts": {
     "postinstall": "node ./scripts/post-install-script.js"