@opentiny/next-sdk 0.1.13 → 0.1.14

package/dist/webmcp-full.dev.js

@@ -2970,58 +2970,81 @@
   };
   var uri$2 = {};
   var fastUri$1 = { exports: {} };
-  const isUUID$1 = RegExp.prototype.test.bind(/^[\da-f]{8}-[\da-f]{4}-[\da-f]{4}-[\da-f]{4}-[\da-f]{12}$/iu);
-  const isIPv4$1 = RegExp.prototype.test.bind(/^(?:(?:25[0-5]|2[0-4]\d|1\d{2}|[1-9]\d|\d)\.){3}(?:25[0-5]|2[0-4]\d|1\d{2}|[1-9]\d|\d)$/u);
-  function stringArrayToHexStripped(input) {
-    let acc = "";
-    let code2 = 0;
-    let i = 0;
-    for (i = 0; i < input.length; i++) {
-      code2 = input[i].charCodeAt(0);
-      if (code2 === 48) {
-        continue;
-      }
-      if (!(code2 >= 48 && code2 <= 57 || code2 >= 65 && code2 <= 70 || code2 >= 97 && code2 <= 102)) {
-        return "";
-      }
-      acc += input[i];
-      break;
-    }
-    for (i += 1; i < input.length; i++) {
-      code2 = input[i].charCodeAt(0);
-      if (!(code2 >= 48 && code2 <= 57 || code2 >= 65 && code2 <= 70 || code2 >= 97 && code2 <= 102)) {
-        return "";
-      }
-      acc += input[i];
+  const HEX$1 = {
+    0: 0,
+    1: 1,
+    2: 2,
+    3: 3,
+    4: 4,
+    5: 5,
+    6: 6,
+    7: 7,
+    8: 8,
+    9: 9,
+    a: 10,
+    A: 10,
+    b: 11,
+    B: 11,
+    c: 12,
+    C: 12,
+    d: 13,
+    D: 13,
+    e: 14,
+    E: 14,
+    f: 15,
+    F: 15
+  };
+  var scopedChars = {
+    HEX: HEX$1
+  };
+  const { HEX } = scopedChars;
+  const IPV4_REG = /^(?:(?:25[0-5]|2[0-4]\d|1\d{2}|[1-9]\d|\d)\.){3}(?:25[0-5]|2[0-4]\d|1\d{2}|[1-9]\d|\d)$/u;
+  function normalizeIPv4$1(host) {
+    if (findToken(host, ".") < 3) {
+      return { host, isIPV4: false };
+    }
+    const matches = host.match(IPV4_REG) || [];
+    const [address] = matches;
+    if (address) {
+      return { host: stripLeadingZeros(address, "."), isIPV4: true };
+    } else {
+      return { host, isIPV4: false };
     }
-    return acc;
   }
-  const nonSimpleDomain$1 = RegExp.prototype.test.bind(/[^!"$&'()*+,\-.;=_`a-z{}~]/u);
-  function consumeIsZone(buffer) {
-    buffer.length = 0;
-    return true;
-  }
-  function consumeHextets(buffer, address, output) {
-    if (buffer.length) {
-      const hex = stringArrayToHexStripped(buffer);
-      if (hex !== "") {
-        address.push(hex);
-      } else {
-        output.error = true;
-        return false;
-      }
-      buffer.length = 0;
+  function stringArrayToHexStripped(input, keepZero = false) {
+    let acc = "";
+    let strip = true;
+    for (const c of input) {
+      if (HEX[c] === void 0) return void 0;
+      if (c !== "0" && strip === true) strip = false;
+      if (!strip) acc += c;
     }
-    return true;
+    if (keepZero && acc.length === 0) acc = "0";
+    return acc;
   }
   function getIPV6(input) {
     let tokenCount = 0;
     const output = { error: false, address: "", zone: "" };
     const address = [];
     const buffer = [];
+    let isZone = false;
     let endipv6Encountered = false;
     let endIpv6 = false;
-    let consume = consumeHextets;
+    function consume() {
+      if (buffer.length) {
+        if (isZone === false) {
+          const hex = stringArrayToHexStripped(buffer);
+          if (hex !== void 0) {
+            address.push(hex);
+          } else {
+            output.error = true;
+            return false;
+          }
+        }
+        buffer.length = 0;
+      }
+      return true;
+    }
     for (let i = 0; i < input.length; i++) {
       const cursor = input[i];
       if (cursor === "[" || cursor === "]") {
@@ -3031,30 +3054,31 @@
         if (endipv6Encountered === true) {
           endIpv6 = true;
         }
-        if (!consume(buffer, address, output)) {
+        if (!consume()) {
           break;
         }
-        if (++tokenCount > 7) {
+        tokenCount++;
+        address.push(":");
+        if (tokenCount > 7) {
           output.error = true;
           break;
         }
-        if (i > 0 && input[i - 1] === ":") {
+        if (i - 1 >= 0 && input[i - 1] === ":") {
           endipv6Encountered = true;
         }
-        address.push(":");
         continue;
       } else if (cursor === "%") {
-        if (!consume(buffer, address, output)) {
+        if (!consume()) {
           break;
         }
-        consume = consumeIsZone;
+        isZone = true;
       } else {
         buffer.push(cursor);
         continue;
       }
     }
     if (buffer.length) {
-      if (consume === consumeIsZone) {
+      if (isZone) {
         output.zone = buffer.join("");
       } else if (endIpv6) {
         address.push(buffer.join(""));
@@ -3077,11 +3101,33 @@
         newHost += "%" + ipv6.zone;
         escapedHost += "%25" + ipv6.zone;
       }
-      return { host: newHost, isIPV6: true, escapedHost };
+      return { host: newHost, escapedHost, isIPV6: true };
     } else {
       return { host, isIPV6: false };
     }
   }
+  function stripLeadingZeros(str, token) {
+    let out = "";
+    let skip = true;
+    const l = str.length;
+    for (let i = 0; i < l; i++) {
+      const c = str[i];
+      if (c === "0" && skip) {
+        if (i + 1 <= l && str[i + 1] === token || i + 1 === l) {
+          out += c;
+          skip = false;
+        }
+      } else {
+        if (c === token) {
+          skip = true;
+        } else {
+          skip = false;
+        }
+        out += c;
+      }
+    }
+    return out;
+  }
   function findToken(str, token) {
     let ind = 0;
     for (let i = 0; i < str.length; i++) {
@@ -3089,339 +3135,246 @@
     }
     return ind;
   }
-  function removeDotSegments$1(path) {
-    let input = path;
+  const RDS1 = /^\.\.?\//u;
+  const RDS2 = /^\/\.(?:\/|$)/u;
+  const RDS3 = /^\/\.\.(?:\/|$)/u;
+  const RDS5 = /^\/?(?:.|\n)*?(?=\/|$)/u;
+  function removeDotSegments$1(input) {
     const output = [];
-    let nextSlash = -1;
-    let len = 0;
-    while (len = input.length) {
-      if (len === 1) {
-        if (input === ".") {
-          break;
-        } else if (input === "/") {
-          output.push("/");
-          break;
+    while (input.length) {
+      if (input.match(RDS1)) {
+        input = input.replace(RDS1, "");
+      } else if (input.match(RDS2)) {
+        input = input.replace(RDS2, "/");
+      } else if (input.match(RDS3)) {
+        input = input.replace(RDS3, "/");
+        output.pop();
+      } else if (input === "." || input === "..") {
+        input = "";
+      } else {
+        const im = input.match(RDS5);
+        if (im) {
+          const s = im[0];
+          input = input.slice(s.length);
+          output.push(s);
         } else {
-          output.push(input);
-          break;
-        }
-      } else if (len === 2) {
-        if (input[0] === ".") {
-          if (input[1] === ".") {
-            break;
-          } else if (input[1] === "/") {
-            input = input.slice(2);
-            continue;
-          }
-        } else if (input[0] === "/") {
-          if (input[1] === "." || input[1] === "/") {
-            output.push("/");
-            break;
-          }
-        }
-      } else if (len === 3) {
-        if (input === "/..") {
-          if (output.length !== 0) {
-            output.pop();
-          }
-          output.push("/");
-          break;
-        }
-      }
-      if (input[0] === ".") {
-        if (input[1] === ".") {
-          if (input[2] === "/") {
-            input = input.slice(3);
-            continue;
-          }
-        } else if (input[1] === "/") {
-          input = input.slice(2);
-          continue;
+          throw new Error("Unexpected dot segment condition");
         }
-      } else if (input[0] === "/") {
-        if (input[1] === ".") {
-          if (input[2] === "/") {
-            input = input.slice(2);
-            continue;
-          } else if (input[2] === ".") {
-            if (input[3] === "/") {
-              input = input.slice(3);
-              if (output.length !== 0) {
-                output.pop();
-              }
-              continue;
-            }
-          }
-        }
-      }
-      if ((nextSlash = input.indexOf("/", 1)) === -1) {
-        output.push(input);
-        break;
-      } else {
-        output.push(input.slice(0, nextSlash));
-        input = input.slice(nextSlash);
       }
     }
     return output.join("");
   }
-  function normalizeComponentEncoding$1(component, esc) {
+  function normalizeComponentEncoding$1(components, esc) {
     const func = esc !== true ? escape : unescape;
-    if (component.scheme !== void 0) {
-      component.scheme = func(component.scheme);
+    if (components.scheme !== void 0) {
+      components.scheme = func(components.scheme);
     }
-    if (component.userinfo !== void 0) {
-      component.userinfo = func(component.userinfo);
+    if (components.userinfo !== void 0) {
+      components.userinfo = func(components.userinfo);
     }
-    if (component.host !== void 0) {
-      component.host = func(component.host);
+    if (components.host !== void 0) {
+      components.host = func(components.host);
     }
-    if (component.path !== void 0) {
-      component.path = func(component.path);
+    if (components.path !== void 0) {
+      components.path = func(components.path);
     }
-    if (component.query !== void 0) {
-      component.query = func(component.query);
+    if (components.query !== void 0) {
+      components.query = func(components.query);
     }
-    if (component.fragment !== void 0) {
-      component.fragment = func(component.fragment);
+    if (components.fragment !== void 0) {
+      components.fragment = func(components.fragment);
     }
-    return component;
+    return components;
   }
-  function recomposeAuthority$1(component) {
+  function recomposeAuthority$1(components) {
     const uriTokens = [];
-    if (component.userinfo !== void 0) {
-      uriTokens.push(component.userinfo);
+    if (components.userinfo !== void 0) {
+      uriTokens.push(components.userinfo);
       uriTokens.push("@");
     }
-    if (component.host !== void 0) {
-      let host = unescape(component.host);
-      if (!isIPv4$1(host)) {
-        const ipV6res = normalizeIPv6$1(host);
+    if (components.host !== void 0) {
+      let host = unescape(components.host);
+      const ipV4res = normalizeIPv4$1(host);
+      if (ipV4res.isIPV4) {
+        host = ipV4res.host;
+      } else {
+        const ipV6res = normalizeIPv6$1(ipV4res.host);
         if (ipV6res.isIPV6 === true) {
           host = `[${ipV6res.escapedHost}]`;
         } else {
-          host = component.host;
+          host = components.host;
         }
       }
       uriTokens.push(host);
     }
-    if (typeof component.port === "number" || typeof component.port === "string") {
+    if (typeof components.port === "number" || typeof components.port === "string") {
       uriTokens.push(":");
-      uriTokens.push(String(component.port));
+      uriTokens.push(String(components.port));
     }
     return uriTokens.length ? uriTokens.join("") : void 0;
   }
   var utils = {
-    nonSimpleDomain: nonSimpleDomain$1,
     recomposeAuthority: recomposeAuthority$1,
     normalizeComponentEncoding: normalizeComponentEncoding$1,
     removeDotSegments: removeDotSegments$1,
-    isIPv4: isIPv4$1,
-    isUUID: isUUID$1,
+    normalizeIPv4: normalizeIPv4$1,
     normalizeIPv6: normalizeIPv6$1
   };
-  const { isUUID } = utils;
+  const UUID_REG = /^[\da-f]{8}-[\da-f]{4}-[\da-f]{4}-[\da-f]{4}-[\da-f]{12}$/iu;
   const URN_REG = /([\da-z][\d\-a-z]{0,31}):((?:[\w!$'()*+,\-.:;=@]|%[\da-f]{2})+)/iu;
-  function wsIsSecure(wsComponent) {
-    if (wsComponent.secure === true) {
-      return true;
-    } else if (wsComponent.secure === false) {
-      return false;
-    } else if (wsComponent.scheme) {
-      return wsComponent.scheme.length === 3 && (wsComponent.scheme[0] === "w" || wsComponent.scheme[0] === "W") && (wsComponent.scheme[1] === "s" || wsComponent.scheme[1] === "S") && (wsComponent.scheme[2] === "s" || wsComponent.scheme[2] === "S");
-    } else {
-      return false;
-    }
+  function isSecure(wsComponents) {
+    return typeof wsComponents.secure === "boolean" ? wsComponents.secure : String(wsComponents.scheme).toLowerCase() === "wss";
   }
-  function httpParse(component) {
-    if (!component.host) {
-      component.error = component.error || "HTTP URIs must have a host.";
+  function httpParse(components) {
+    if (!components.host) {
+      components.error = components.error || "HTTP URIs must have a host.";
     }
-    return component;
+    return components;
   }
-  function httpSerialize(component) {
-    const secure = String(component.scheme).toLowerCase() === "https";
-    if (component.port === (secure ? 443 : 80) || component.port === "") {
-      component.port = void 0;
+  function httpSerialize(components) {
+    const secure = String(components.scheme).toLowerCase() === "https";
+    if (components.port === (secure ? 443 : 80) || components.port === "") {
+      components.port = void 0;
     }
-    if (!component.path) {
-      component.path = "/";
+    if (!components.path) {
+      components.path = "/";
     }
-    return component;
+    return components;
   }
-  function wsParse(wsComponent) {
-    wsComponent.secure = wsIsSecure(wsComponent);
-    wsComponent.resourceName = (wsComponent.path || "/") + (wsComponent.query ? "?" + wsComponent.query : "");
-    wsComponent.path = void 0;
-    wsComponent.query = void 0;
-    return wsComponent;
+  function wsParse(wsComponents) {
+    wsComponents.secure = isSecure(wsComponents);
+    wsComponents.resourceName = (wsComponents.path || "/") + (wsComponents.query ? "?" + wsComponents.query : "");
+    wsComponents.path = void 0;
+    wsComponents.query = void 0;
+    return wsComponents;
   }
-  function wsSerialize(wsComponent) {
-    if (wsComponent.port === (wsIsSecure(wsComponent) ? 443 : 80) || wsComponent.port === "") {
-      wsComponent.port = void 0;
+  function wsSerialize(wsComponents) {
+    if (wsComponents.port === (isSecure(wsComponents) ? 443 : 80) || wsComponents.port === "") {
+      wsComponents.port = void 0;
     }
-    if (typeof wsComponent.secure === "boolean") {
-      wsComponent.scheme = wsComponent.secure ? "wss" : "ws";
-      wsComponent.secure = void 0;
+    if (typeof wsComponents.secure === "boolean") {
+      wsComponents.scheme = wsComponents.secure ? "wss" : "ws";
+      wsComponents.secure = void 0;
     }
-    if (wsComponent.resourceName) {
-      const [path, query] = wsComponent.resourceName.split("?");
-      wsComponent.path = path && path !== "/" ? path : void 0;
-      wsComponent.query = query;
-      wsComponent.resourceName = void 0;
+    if (wsComponents.resourceName) {
+      const [path, query] = wsComponents.resourceName.split("?");
+      wsComponents.path = path && path !== "/" ? path : void 0;
+      wsComponents.query = query;
+      wsComponents.resourceName = void 0;
     }
-    wsComponent.fragment = void 0;
-    return wsComponent;
+    wsComponents.fragment = void 0;
+    return wsComponents;
   }
-  function urnParse(urnComponent, options) {
-    if (!urnComponent.path) {
-      urnComponent.error = "URN can not be parsed";
-      return urnComponent;
+  function urnParse(urnComponents, options) {
+    if (!urnComponents.path) {
+      urnComponents.error = "URN can not be parsed";
+      return urnComponents;
     }
-    const matches = urnComponent.path.match(URN_REG);
+    const matches = urnComponents.path.match(URN_REG);
     if (matches) {
-      const scheme = options.scheme || urnComponent.scheme || "urn";
-      urnComponent.nid = matches[1].toLowerCase();
-      urnComponent.nss = matches[2];
-      const urnScheme = `${scheme}:${options.nid || urnComponent.nid}`;
-      const schemeHandler = getSchemeHandler$1(urnScheme);
-      urnComponent.path = void 0;
+      const scheme = options.scheme || urnComponents.scheme || "urn";
+      urnComponents.nid = matches[1].toLowerCase();
+      urnComponents.nss = matches[2];
+      const urnScheme = `${scheme}:${options.nid || urnComponents.nid}`;
+      const schemeHandler = SCHEMES$1[urnScheme];
+      urnComponents.path = void 0;
       if (schemeHandler) {
-        urnComponent = schemeHandler.parse(urnComponent, options);
+        urnComponents = schemeHandler.parse(urnComponents, options);
       }
     } else {
-      urnComponent.error = urnComponent.error || "URN can not be parsed.";
+      urnComponents.error = urnComponents.error || "URN can not be parsed.";
     }
-    return urnComponent;
+    return urnComponents;
   }
-  function urnSerialize(urnComponent, options) {
-    if (urnComponent.nid === void 0) {
-      throw new Error("URN without nid cannot be serialized");
-    }
-    const scheme = options.scheme || urnComponent.scheme || "urn";
-    const nid = urnComponent.nid.toLowerCase();
+  function urnSerialize(urnComponents, options) {
+    const scheme = options.scheme || urnComponents.scheme || "urn";
+    const nid = urnComponents.nid.toLowerCase();
     const urnScheme = `${scheme}:${options.nid || nid}`;
-    const schemeHandler = getSchemeHandler$1(urnScheme);
+    const schemeHandler = SCHEMES$1[urnScheme];
     if (schemeHandler) {
-      urnComponent = schemeHandler.serialize(urnComponent, options);
+      urnComponents = schemeHandler.serialize(urnComponents, options);
     }
-    const uriComponent = urnComponent;
-    const nss = urnComponent.nss;
-    uriComponent.path = `${nid || options.nid}:${nss}`;
+    const uriComponents = urnComponents;
+    const nss = urnComponents.nss;
+    uriComponents.path = `${nid || options.nid}:${nss}`;
     options.skipEscape = true;
-    return uriComponent;
-  }
-  function urnuuidParse(urnComponent, options) {
-    const uuidComponent = urnComponent;
-    uuidComponent.uuid = uuidComponent.nss;
-    uuidComponent.nss = void 0;
-    if (!options.tolerant && (!uuidComponent.uuid || !isUUID(uuidComponent.uuid))) {
-      uuidComponent.error = uuidComponent.error || "UUID is not valid.";
-    }
-    return uuidComponent;
-  }
-  function urnuuidSerialize(uuidComponent) {
-    const urnComponent = uuidComponent;
-    urnComponent.nss = (uuidComponent.uuid || "").toLowerCase();
-    return urnComponent;
-  }
-  const http = (
-    /** @type {SchemeHandler} */
-    {
-      scheme: "http",
-      domainHost: true,
-      parse: httpParse,
-      serialize: httpSerialize
-    }
-  );
-  const https = (
-    /** @type {SchemeHandler} */
-    {
-      scheme: "https",
-      domainHost: http.domainHost,
-      parse: httpParse,
-      serialize: httpSerialize
-    }
-  );
-  const ws = (
-    /** @type {SchemeHandler} */
-    {
-      scheme: "ws",
-      domainHost: true,
-      parse: wsParse,
-      serialize: wsSerialize
-    }
-  );
-  const wss = (
-    /** @type {SchemeHandler} */
-    {
-      scheme: "wss",
-      domainHost: ws.domainHost,
-      parse: ws.parse,
-      serialize: ws.serialize
-    }
-  );
-  const urn = (
-    /** @type {SchemeHandler} */
-    {
-      scheme: "urn",
-      parse: urnParse,
-      serialize: urnSerialize,
-      skipNormalize: true
-    }
-  );
-  const urnuuid = (
-    /** @type {SchemeHandler} */
-    {
-      scheme: "urn:uuid",
-      parse: urnuuidParse,
-      serialize: urnuuidSerialize,
-      skipNormalize: true
-    }
-  );
-  const SCHEMES$1 = (
-    /** @type {Record<SchemeName, SchemeHandler>} */
-    {
-      http,
-      https,
-      ws,
-      wss,
-      urn,
-      "urn:uuid": urnuuid
-    }
-  );
-  Object.setPrototypeOf(SCHEMES$1, null);
-  function getSchemeHandler$1(scheme) {
-    return scheme && (SCHEMES$1[
-      /** @type {SchemeName} */
-      scheme
-    ] || SCHEMES$1[
-      /** @type {SchemeName} */
-      scheme.toLowerCase()
-    ]) || void 0;
-  }
-  var schemes = {
-    SCHEMES: SCHEMES$1,
-    getSchemeHandler: getSchemeHandler$1
+    return uriComponents;
+  }
+  function urnuuidParse(urnComponents, options) {
+    const uuidComponents = urnComponents;
+    uuidComponents.uuid = uuidComponents.nss;
+    uuidComponents.nss = void 0;
+    if (!options.tolerant && (!uuidComponents.uuid || !UUID_REG.test(uuidComponents.uuid))) {
+      uuidComponents.error = uuidComponents.error || "UUID is not valid.";
+    }
+    return uuidComponents;
+  }
+  function urnuuidSerialize(uuidComponents) {
+    const urnComponents = uuidComponents;
+    urnComponents.nss = (uuidComponents.uuid || "").toLowerCase();
+    return urnComponents;
+  }
+  const http = {
+    scheme: "http",
+    domainHost: true,
+    parse: httpParse,
+    serialize: httpSerialize
+  };
+  const https = {
+    scheme: "https",
+    domainHost: http.domainHost,
+    parse: httpParse,
+    serialize: httpSerialize
+  };
+  const ws = {
+    scheme: "ws",
+    domainHost: true,
+    parse: wsParse,
+    serialize: wsSerialize
+  };
+  const wss = {
+    scheme: "wss",
+    domainHost: ws.domainHost,
+    parse: ws.parse,
+    serialize: ws.serialize
   };
-  const { normalizeIPv6, removeDotSegments, recomposeAuthority, normalizeComponentEncoding, isIPv4, nonSimpleDomain } = utils;
-  const { SCHEMES, getSchemeHandler } = schemes;
+  const urn = {
+    scheme: "urn",
+    parse: urnParse,
+    serialize: urnSerialize,
+    skipNormalize: true
+  };
+  const urnuuid = {
+    scheme: "urn:uuid",
+    parse: urnuuidParse,
+    serialize: urnuuidSerialize,
+    skipNormalize: true
+  };
+  const SCHEMES$1 = {
+    http,
+    https,
+    ws,
+    wss,
+    urn,
+    "urn:uuid": urnuuid
+  };
+  var schemes = SCHEMES$1;
+  const { normalizeIPv6, normalizeIPv4, removeDotSegments, recomposeAuthority, normalizeComponentEncoding } = utils;
+  const SCHEMES = schemes;
   function normalize(uri2, options) {
     if (typeof uri2 === "string") {
-      uri2 = /** @type {T} */
-      serialize(parse(uri2, options), options);
+      uri2 = serialize(parse(uri2, options), options);
     } else if (typeof uri2 === "object") {
-      uri2 = /** @type {T} */
-      parse(serialize(uri2, options), options);
+      uri2 = parse(serialize(uri2, options), options);
     }
     return uri2;
   }
   function resolve$4(baseURI, relativeURI, options) {
-    const schemelessOptions = options ? Object.assign({ scheme: "null" }, options) : { scheme: "null" };
-    const resolved = resolveComponent(parse(baseURI, schemelessOptions), parse(relativeURI, schemelessOptions), schemelessOptions, true);
-    schemelessOptions.skipEscape = true;
-    return serialize(resolved, schemelessOptions);
+    const schemelessOptions = Object.assign({ scheme: "null" }, options);
+    const resolved = resolveComponents(parse(baseURI, schemelessOptions), parse(relativeURI, schemelessOptions), schemelessOptions, true);
+    return serialize(resolved, { ...schemelessOptions, skipEscape: true });
   }
-  function resolveComponent(base, relative, options, skipNormalization) {
+  function resolveComponents(base, relative, options, skipNormalization) {
     const target = {};
     if (!skipNormalization) {
       base = parse(serialize(base, options), options);
@@ -3451,7 +3404,7 @@
             target.query = base.query;
           }
         } else {
-          if (relative.path[0] === "/") {
+          if (relative.path.charAt(0) === "/") {
             target.path = removeDotSegments(relative.path);
           } else {
             if ((base.userinfo !== void 0 || base.host !== void 0 || base.port !== void 0) && !base.path) {
@@ -3490,7 +3443,7 @@
     return uriA.toLowerCase() === uriB.toLowerCase();
   }
   function serialize(cmpts, opts) {
-    const component = {
+    const components = {
       host: cmpts.host,
       scheme: cmpts.scheme,
       userinfo: cmpts.userinfo,
@@ -3508,49 +3461,60 @@
     };
     const options = Object.assign({}, opts);
     const uriTokens = [];
-    const schemeHandler = getSchemeHandler(options.scheme || component.scheme);
-    if (schemeHandler && schemeHandler.serialize) schemeHandler.serialize(component, options);
-    if (component.path !== void 0) {
+    const schemeHandler = SCHEMES[(options.scheme || components.scheme || "").toLowerCase()];
+    if (schemeHandler && schemeHandler.serialize) schemeHandler.serialize(components, options);
+    if (components.path !== void 0) {
       if (!options.skipEscape) {
-        component.path = escape(component.path);
-        if (component.scheme !== void 0) {
-          component.path = component.path.split("%3A").join(":");
+        components.path = escape(components.path);
+        if (components.scheme !== void 0) {
+          components.path = components.path.split("%3A").join(":");
         }
       } else {
-        component.path = unescape(component.path);
+        components.path = unescape(components.path);
       }
     }
-    if (options.reference !== "suffix" && component.scheme) {
-      uriTokens.push(component.scheme, ":");
+    if (options.reference !== "suffix" && components.scheme) {
+      uriTokens.push(components.scheme, ":");
     }
-    const authority = recomposeAuthority(component);
+    const authority = recomposeAuthority(components);
     if (authority !== void 0) {
       if (options.reference !== "suffix") {
         uriTokens.push("//");
       }
       uriTokens.push(authority);
-      if (component.path && component.path[0] !== "/") {
+      if (components.path && components.path.charAt(0) !== "/") {
         uriTokens.push("/");
       }
     }
-    if (component.path !== void 0) {
-      let s = component.path;
+    if (components.path !== void 0) {
+      let s = components.path;
       if (!options.absolutePath && (!schemeHandler || !schemeHandler.absolutePath)) {
         s = removeDotSegments(s);
       }
-      if (authority === void 0 && s[0] === "/" && s[1] === "/") {
-        s = "/%2F" + s.slice(2);
+      if (authority === void 0) {
+        s = s.replace(/^\/\//u, "/%2F");
       }
       uriTokens.push(s);
     }
-    if (component.query !== void 0) {
-      uriTokens.push("?", component.query);
+    if (components.query !== void 0) {
+      uriTokens.push("?", components.query);
     }
-    if (component.fragment !== void 0) {
-      uriTokens.push("#", component.fragment);
+    if (components.fragment !== void 0) {
+      uriTokens.push("#", components.fragment);
     }
     return uriTokens.join("");
   }
+  const hexLookUp = Array.from({ length: 127 }, (_v, k) => /[^!"$&'()*+,\-.;=_`a-z{}~]/u.test(String.fromCharCode(k)));
+  function nonSimpleDomain(value) {
+    let code2 = 0;
+    for (let i = 0, len = value.length; i < len; ++i) {
+      code2 = value.charCodeAt(i);
+      if (code2 > 126 || hexLookUp[code2]) {
+        return true;
+      }
+    }
+    return false;
+  }
   const URI_PARSE = /^(?:([^#/:?]+):)?(?:\/\/((?:([^#/?@]*)@)?(\[[^#/?\]]+\]|[^#/:?]*)(?::(\d*))?))?([^#?]*)(?:\?([^#]*))?(?:#((?:.|[\n\r])*))?/u;
   function parse(uri2, opts) {
     const options = Object.assign({}, opts);
@@ -3563,14 +3527,9 @@
       query: void 0,
       fragment: void 0
     };
+    const gotEncoding = uri2.indexOf("%") !== -1;
     let isIP = false;
-    if (options.reference === "suffix") {
-      if (options.scheme) {
-        uri2 = options.scheme + ":" + uri2;
-      } else {
-        uri2 = "//" + uri2;
-      }
-    }
+    if (options.reference === "suffix") uri2 = (options.scheme ? options.scheme + ":" : "") + "//" + uri2;
     const matches = uri2.match(URI_PARSE);
     if (matches) {
       parsed.scheme = matches[1];
@@ -3584,12 +3543,13 @@
         parsed.port = matches[5];
       }
       if (parsed.host) {
-        const ipv4result = isIPv4(parsed.host);
-        if (ipv4result === false) {
-          const ipv6result = normalizeIPv6(parsed.host);
+        const ipv4result = normalizeIPv4(parsed.host);
+        if (ipv4result.isIPV4 === false) {
+          const ipv6result = normalizeIPv6(ipv4result.host);
           parsed.host = ipv6result.host.toLowerCase();
           isIP = ipv6result.isIPV6;
         } else {
+          parsed.host = ipv4result.host;
           isIP = true;
         }
       }
@@ -3605,7 +3565,7 @@
       if (options.reference && options.reference !== "suffix" && options.reference !== parsed.reference) {
         parsed.error = parsed.error || "URI is not a " + options.reference + " reference.";
       }
-      const schemeHandler = getSchemeHandler(options.scheme || parsed.scheme);
+      const schemeHandler = SCHEMES[(options.scheme || parsed.scheme || "").toLowerCase()];
       if (!options.unicodeSupport && (!schemeHandler || !schemeHandler.unicodeSupport)) {
         if (parsed.host && (options.domainHost || schemeHandler && schemeHandler.domainHost) && isIP === false && nonSimpleDomain(parsed.host)) {
           try {
@@ -3616,13 +3576,11 @@
         }
       }
       if (!schemeHandler || schemeHandler && !schemeHandler.skipNormalize) {
-        if (uri2.indexOf("%") !== -1) {
-          if (parsed.scheme !== void 0) {
-            parsed.scheme = unescape(parsed.scheme);
-          }
-          if (parsed.host !== void 0) {
-            parsed.host = unescape(parsed.host);
-          }
+        if (gotEncoding && parsed.scheme !== void 0) {
+          parsed.scheme = unescape(parsed.scheme);
+        }
+        if (gotEncoding && parsed.host !== void 0) {
+          parsed.host = unescape(parsed.host);
         }
         if (parsed.path) {
           parsed.path = escape(unescape(parsed.path));
@@ -3643,7 +3601,7 @@
     SCHEMES,
     normalize,
     resolve: resolve$4,
-    resolveComponent,
+    resolveComponents,
     equal: equal$4,
     serialize,
     parse
@@ -10179,7 +10137,12 @@
     void: voidType
   }, Symbol.toStringTag, { value: "Module" }));
   const LATEST_PROTOCOL_VERSION = "2025-06-18";
-  const SUPPORTED_PROTOCOL_VERSIONS = [LATEST_PROTOCOL_VERSION, "2025-03-26", "2024-11-05", "2024-10-07"];
+  const SUPPORTED_PROTOCOL_VERSIONS = [
+    LATEST_PROTOCOL_VERSION,
+    "2025-03-26",
+    "2024-11-05",
+    "2024-10-07"
+  ];
   const JSONRPC_VERSION = "2.0";
   const ProgressTokenSchema = unionType([stringType(), numberType().int()]);
   const CursorSchema = stringType();
@@ -10259,7 +10222,12 @@
     })
   }).strict();
   const isJSONRPCError = (value) => JSONRPCErrorSchema.safeParse(value).success;
-  const JSONRPCMessageSchema = unionType([JSONRPCRequestSchema, JSONRPCNotificationSchema, JSONRPCResponseSchema, JSONRPCErrorSchema]);
+  const JSONRPCMessageSchema = unionType([
+    JSONRPCRequestSchema,
+    JSONRPCNotificationSchema,
+    JSONRPCResponseSchema,
+    JSONRPCErrorSchema
+  ]);
   const EmptyResultSchema = ResultSchema.strict();
   const CancelledNotificationSchema = NotificationSchema.extend({
     method: literalType("notifications/cancelled"),
@@ -10276,57 +10244,22 @@
       reason: stringType().optional()
     })
   });
-  const IconSchema = objectType({
-    /**
-     * URL or data URI for the icon.
-     */
-    src: stringType(),
-    /**
-     * Optional MIME type for the icon.
-     */
-    mimeType: optionalType(stringType()),
-    /**
-     * Optional array of strings that specify sizes at which the icon can be used.
-     * Each string should be in WxH format (e.g., `"48x48"`, `"96x96"`) or `"any"` for scalable formats like SVG.
-     *
-     * If not provided, the client should assume that the icon can be used at any size.
-     */
-    sizes: optionalType(arrayType(stringType()))
-  }).passthrough();
-  const IconsSchema = objectType({
-    /**
-     * Optional set of sized icons that the client can display in a user interface.
-     *
-     * Clients that support rendering icons MUST support at least the following MIME types:
-     * - `image/png` - PNG images (safe, universal compatibility)
-     * - `image/jpeg` (and `image/jpg`) - JPEG images (safe, universal compatibility)
-     *
-     * Clients that support rendering icons SHOULD also support:
-     * - `image/svg+xml` - SVG images (scalable but requires security precautions)
-     * - `image/webp` - WebP images (modern, efficient format)
-     */
-    icons: arrayType(IconSchema).optional()
-  }).passthrough();
   const BaseMetadataSchema = objectType({
     /** Intended for programmatic or logical use, but used as a display name in past specs or fallback */
     name: stringType(),
     /**
-     * Intended for UI and end-user contexts — optimized to be human-readable and easily understood,
-     * even by those unfamiliar with domain-specific terminology.
-     *
-     * If not provided, the name should be used for display (except for Tool,
-     * where `annotations.title` should be given precedence over using `name`,
-     * if present).
-     */
+    * Intended for UI and end-user contexts — optimized to be human-readable and easily understood,
+    * even by those unfamiliar with domain-specific terminology.
+    *
+    * If not provided, the name should be used for display (except for Tool,
+    * where `annotations.title` should be given precedence over using `name`,
+    * if present).
+    */
     title: optionalType(stringType())
   }).passthrough();
   const ImplementationSchema = BaseMetadataSchema.extend({
-    version: stringType(),
-    /**
-     * An optional URL of the website for this implementation.
-     */
-    websiteUrl: optionalType(stringType())
-  }).merge(IconsSchema);
+    version: stringType()
+  });
   const ClientCapabilitiesSchema = objectType({
     /**
      * Experimental, non-standard capabilities that the client supports.
@@ -10521,7 +10454,7 @@
      * for notes on _meta usage.
      */
     _meta: optionalType(objectType({}).passthrough())
-  }).merge(IconsSchema);
+  });
   const ResourceTemplateSchema = BaseMetadataSchema.extend({
     /**
      * A URI template (according to RFC 6570) that can be used to construct resource URIs.
@@ -10542,7 +10475,7 @@
      * for notes on _meta usage.
      */
     _meta: optionalType(objectType({}).passthrough())
-  }).merge(IconsSchema);
+  });
   const ListResourcesRequestSchema = PaginatedRequestSchema.extend({
     method: literalType("resources/list")
   });
@@ -10625,7 +10558,7 @@
      * for notes on _meta usage.
      */
     _meta: optionalType(objectType({}).passthrough())
-  }).merge(IconsSchema);
+  });
   const ListPromptsRequestSchema = PaginatedRequestSchema.extend({
     method: literalType("prompts/list")
   });
@@ -10792,7 +10725,7 @@
      * for notes on _meta usage.
      */
     _meta: optionalType(objectType({}).passthrough())
-  }).merge(IconsSchema);
+  });
   const ListToolsRequestSchema = PaginatedRequestSchema.extend({
     method: literalType("tools/list")
   });
@@ -10842,7 +10775,16 @@
   const ToolListChangedNotificationSchema = NotificationSchema.extend({
     method: literalType("notifications/tools/list_changed")
   });
-  const LoggingLevelSchema = enumType(["debug", "info", "notice", "warning", "error", "critical", "alert", "emergency"]);
+  const LoggingLevelSchema = enumType([
+    "debug",
+    "info",
+    "notice",
+    "warning",
+    "error",
+    "critical",
+    "alert",
+    "emergency"
+  ]);
   const SetLevelRequestSchema = RequestSchema.extend({
     method: literalType("logging/setLevel"),
     params: BaseRequestParamsSchema.extend({
@@ -10935,7 +10877,11 @@
      */
     stopReason: optionalType(enumType(["endTurn", "stopSequence", "maxTokens"]).or(stringType())),
     role: enumType(["user", "assistant"]),
-    content: discriminatedUnionType("type", [TextContentSchema, ImageContentSchema, AudioContentSchema])
+    content: discriminatedUnionType("type", [
+      TextContentSchema,
+      ImageContentSchema,
+      AudioContentSchema
+    ])
   });
   const BooleanSchemaSchema = objectType({
     type: literalType("boolean"),
@@ -10965,7 +10911,12 @@
     enum: arrayType(stringType()),
     enumNames: optionalType(arrayType(stringType()))
   }).passthrough();
-  const PrimitiveSchemaDefinitionSchema = unionType([BooleanSchemaSchema, StringSchemaSchema, NumberSchemaSchema, EnumSchemaSchema]);
+  const PrimitiveSchemaDefinitionSchema = unionType([
+    BooleanSchemaSchema,
+    StringSchemaSchema,
+    NumberSchemaSchema,
+    EnumSchemaSchema
+  ]);
   const ElicitRequestSchema = RequestSchema.extend({
     method: literalType("elicitation/create"),
     params: BaseRequestParamsSchema.extend({
@@ -11093,8 +11044,18 @@
     InitializedNotificationSchema,
     RootsListChangedNotificationSchema
   ]);
-  unionType([EmptyResultSchema, CreateMessageResultSchema, ElicitResultSchema, ListRootsResultSchema]);
-  unionType([PingRequestSchema, CreateMessageRequestSchema, ElicitRequestSchema, ListRootsRequestSchema]);
+  unionType([
+    EmptyResultSchema,
+    CreateMessageResultSchema,
+    ElicitResultSchema,
+    ListRootsResultSchema
+  ]);
+  unionType([
+    PingRequestSchema,
+    CreateMessageRequestSchema,
+    ElicitRequestSchema,
+    ListRootsRequestSchema
+  ]);
   unionType([
     CancelledNotificationSchema,
     ProgressNotificationSchema,
@@ -11166,10 +11127,7 @@
       const totalElapsed = Date.now() - info.startTime;
       if (info.maxTotalTimeout && totalElapsed >= info.maxTotalTimeout) {
         this._timeoutInfo.delete(messageId);
-        throw new McpError(ErrorCode.RequestTimeout, "Maximum total timeout exceeded", {
-          maxTotalTimeout: info.maxTotalTimeout,
-          totalElapsed
-        });
+        throw new McpError(ErrorCode.RequestTimeout, "Maximum total timeout exceeded", { maxTotalTimeout: info.maxTotalTimeout, totalElapsed });
       }
       clearTimeout(info.timeoutId);
       info.timeoutId = setTimeout(info.onTimeout, info.timeout);
@@ -11241,11 +11199,10 @@
       Promise.resolve().then(() => handler(notification)).catch((error2) => this._onerror(new Error(`Uncaught error in notification handler: ${error2}`)));
     }
     _onrequest(request, extra) {
-      var _a, _b;
+      var _a, _b, _c, _d;
       const handler = (_a = this._requestHandlers.get(request.method)) !== null && _a !== void 0 ? _a : this.fallbackRequestHandler;
-      const capturedTransport = this._transport;
       if (handler === void 0) {
-        capturedTransport === null || capturedTransport === void 0 ? void 0 : capturedTransport.send({
+        (_b = this._transport) === null || _b === void 0 ? void 0 : _b.send({
           jsonrpc: "2.0",
           id: request.id,
           error: {
@@ -11259,8 +11216,8 @@
       this._requestHandlerAbortControllers.set(request.id, abortController);
       const fullExtra = {
         signal: abortController.signal,
-        sessionId: capturedTransport === null || capturedTransport === void 0 ? void 0 : capturedTransport.sessionId,
-        _meta: (_b = request.params) === null || _b === void 0 ? void 0 : _b._meta,
+        sessionId: (_c = this._transport) === null || _c === void 0 ? void 0 : _c.sessionId,
+        _meta: (_d = request.params) === null || _d === void 0 ? void 0 : _d._meta,
         sendNotification: (notification) => this.notification(notification, { relatedRequestId: request.id }),
         sendRequest: (r, resultSchema, options) => this.request(r, resultSchema, { ...options, relatedRequestId: request.id }),
         authInfo: extra === null || extra === void 0 ? void 0 : extra.authInfo,
@@ -11268,25 +11225,26 @@
         requestInfo: extra === null || extra === void 0 ? void 0 : extra.requestInfo
       };
       Promise.resolve().then(() => handler(request, fullExtra)).then((result) => {
+        var _a2;
         if (abortController.signal.aborted) {
           return;
         }
-        return capturedTransport === null || capturedTransport === void 0 ? void 0 : capturedTransport.send({
+        return (_a2 = this._transport) === null || _a2 === void 0 ? void 0 : _a2.send({
           result,
           jsonrpc: "2.0",
           id: request.id
         });
       }, (error2) => {
-        var _a2;
+        var _a2, _b2;
         if (abortController.signal.aborted) {
           return;
         }
-        return capturedTransport === null || capturedTransport === void 0 ? void 0 : capturedTransport.send({
+        return (_a2 = this._transport) === null || _a2 === void 0 ? void 0 : _a2.send({
           jsonrpc: "2.0",
           id: request.id,
           error: {
             code: Number.isSafeInteger(error2["code"]) ? error2["code"] : ErrorCode.InternalError,
-            message: (_a2 = error2.message) !== null && _a2 !== void 0 ? _a2 : "Internal error"
+            message: (_b2 = error2.message) !== null && _b2 !== void 0 ? _b2 : "Internal error"
           }
         });
       }).catch((error2) => this._onerror(new Error(`Failed to send response: ${error2}`))).finally(() => {
@@ -12117,24 +12075,24 @@
         }
         return uriTokens.length ? uriTokens.join("") : void 0;
       }
-      var RDS1 = /^\.\.?\//;
-      var RDS2 = /^\/\.(\/|$)/;
-      var RDS3 = /^\/\.\.(\/|$)/;
-      var RDS5 = /^\/?(?:.|\n)*?(?=\/|$)/;
+      var RDS12 = /^\.\.?\//;
+      var RDS22 = /^\/\.(\/|$)/;
+      var RDS32 = /^\/\.\.(\/|$)/;
+      var RDS52 = /^\/?(?:.|\n)*?(?=\/|$)/;
       function removeDotSegments2(input) {
         var output = [];
         while (input.length) {
-          if (input.match(RDS1)) {
-            input = input.replace(RDS1, "");
-          } else if (input.match(RDS2)) {
-            input = input.replace(RDS2, "/");
-          } else if (input.match(RDS3)) {
-            input = input.replace(RDS3, "/");
+          if (input.match(RDS12)) {
+            input = input.replace(RDS12, "");
+          } else if (input.match(RDS22)) {
+            input = input.replace(RDS22, "/");
+          } else if (input.match(RDS32)) {
+            input = input.replace(RDS32, "/");
             output.pop();
           } else if (input === "." || input === "..") {
             input = "";
           } else {
-            var im = input.match(RDS5);
+            var im = input.match(RDS52);
             if (im) {
               var s = im[0];
               input = input.slice(s.length);
@@ -12197,7 +12155,7 @@
         }
         return uriTokens.join("");
       }
-      function resolveComponents(base2, relative) {
+      function resolveComponents2(base2, relative) {
         var options = arguments.length > 2 && arguments[2] !== void 0 ? arguments[2] : {};
         var skipNormalization = arguments[3];
         var target = {};
@@ -12254,7 +12212,7 @@
       }
       function resolve2(baseURI, relativeURI, options) {
         var schemelessOptions = assign({ scheme: "null" }, options);
-        return serialize2(resolveComponents(parse2(baseURI, schemelessOptions), parse2(relativeURI, schemelessOptions), schemelessOptions, true), schemelessOptions);
+        return serialize2(resolveComponents2(parse2(baseURI, schemelessOptions), parse2(relativeURI, schemelessOptions), schemelessOptions, true), schemelessOptions);
       }
       function normalize2(uri2, options) {
         if (typeof uri2 === "string") {
@@ -12309,7 +12267,7 @@
         parse: handler.parse,
         serialize: handler.serialize
       };
-      function isSecure(wsComponents) {
+      function isSecure2(wsComponents) {
         return typeof wsComponents.secure === "boolean" ? wsComponents.secure : String(wsComponents.scheme).toLowerCase() === "wss";
       }
       var handler$2 = {
@@ -12317,14 +12275,14 @@
         domainHost: true,
         parse: function parse3(components, options) {
           var wsComponents = components;
-          wsComponents.secure = isSecure(wsComponents);
+          wsComponents.secure = isSecure2(wsComponents);
           wsComponents.resourceName = (wsComponents.path || "/") + (wsComponents.query ? "?" + wsComponents.query : "");
           wsComponents.path = void 0;
           wsComponents.query = void 0;
           return wsComponents;
         },
         serialize: function serialize3(wsComponents, options) {
-          if (wsComponents.port === (isSecure(wsComponents) ? 443 : 80) || wsComponents.port === "") {
+          if (wsComponents.port === (isSecure2(wsComponents) ? 443 : 80) || wsComponents.port === "") {
             wsComponents.port = void 0;
           }
           if (typeof wsComponents.secure === "boolean") {
@@ -12515,7 +12473,7 @@
       exports4.parse = parse2;
       exports4.removeDotSegments = removeDotSegments2;
       exports4.serialize = serialize2;
-      exports4.resolveComponents = resolveComponents;
+      exports4.resolveComponents = resolveComponents2;
       exports4.resolve = resolve2;
       exports4.normalize = normalize2;
       exports4.equal = equal2;
@@ -17771,7 +17729,7 @@
       const crIndex = chunk.indexOf("\r", searchIndex), lfIndex = chunk.indexOf(`
 `, searchIndex);
       let lineEnd = -1;
-      if (crIndex !== -1 && lfIndex !== -1 ? lineEnd = Math.min(crIndex, lfIndex) : crIndex !== -1 ? crIndex === chunk.length - 1 ? lineEnd = -1 : lineEnd = crIndex : lfIndex !== -1 && (lineEnd = lfIndex), lineEnd === -1) {
+      if (crIndex !== -1 && lfIndex !== -1 ? lineEnd = Math.min(crIndex, lfIndex) : crIndex !== -1 ? lineEnd = crIndex : lfIndex !== -1 && (lineEnd = lfIndex), lineEnd === -1) {
         incompleteLine = chunk.slice(searchIndex);
         break;
       } else {
@@ -18084,22 +18042,9 @@
       code_challenge: challenge
     };
   }
-  const SafeUrlSchema = stringType().url().superRefine((val, ctx) => {
-    if (!URL.canParse(val)) {
-      ctx.addIssue({
-        code: ZodIssueCode.custom,
-        message: "URL must be parseable",
-        fatal: true
-      });
-      return NEVER;
-    }
-  }).refine((url) => {
-    const u = new URL(url);
-    return u.protocol !== "javascript:" && u.protocol !== "data:" && u.protocol !== "vbscript:";
-  }, { message: "URL cannot use javascript:, data:, or vbscript: scheme" });
   const OAuthProtectedResourceMetadataSchema = objectType({
     resource: stringType().url(),
-    authorization_servers: arrayType(SafeUrlSchema).optional(),
+    authorization_servers: arrayType(stringType().url()).optional(),
     jwks_uri: stringType().url().optional(),
     scopes_supported: arrayType(stringType()).optional(),
     bearer_methods_supported: arrayType(stringType()).optional(),
@@ -18115,17 +18060,17 @@
   }).passthrough();
   const OAuthMetadataSchema = objectType({
     issuer: stringType(),
-    authorization_endpoint: SafeUrlSchema,
-    token_endpoint: SafeUrlSchema,
-    registration_endpoint: SafeUrlSchema.optional(),
+    authorization_endpoint: stringType(),
+    token_endpoint: stringType(),
+    registration_endpoint: stringType().optional(),
     scopes_supported: arrayType(stringType()).optional(),
     response_types_supported: arrayType(stringType()),
     response_modes_supported: arrayType(stringType()).optional(),
     grant_types_supported: arrayType(stringType()).optional(),
     token_endpoint_auth_methods_supported: arrayType(stringType()).optional(),
     token_endpoint_auth_signing_alg_values_supported: arrayType(stringType()).optional(),
-    service_documentation: SafeUrlSchema.optional(),
-    revocation_endpoint: SafeUrlSchema.optional(),
+    service_documentation: stringType().optional(),
+    revocation_endpoint: stringType().optional(),
     revocation_endpoint_auth_methods_supported: arrayType(stringType()).optional(),
     revocation_endpoint_auth_signing_alg_values_supported: arrayType(stringType()).optional(),
     introspection_endpoint: stringType().optional(),
@@ -18135,11 +18080,11 @@
   }).passthrough();
   const OpenIdProviderMetadataSchema = objectType({
     issuer: stringType(),
-    authorization_endpoint: SafeUrlSchema,
-    token_endpoint: SafeUrlSchema,
-    userinfo_endpoint: SafeUrlSchema.optional(),
-    jwks_uri: SafeUrlSchema,
-    registration_endpoint: SafeUrlSchema.optional(),
+    authorization_endpoint: stringType(),
+    token_endpoint: stringType(),
+    userinfo_endpoint: stringType().optional(),
+    jwks_uri: stringType(),
+    registration_endpoint: stringType().optional(),
     scopes_supported: arrayType(stringType()).optional(),
     response_types_supported: arrayType(stringType()),
     response_modes_supported: arrayType(stringType()).optional(),
@@ -18167,8 +18112,8 @@
     request_parameter_supported: booleanType().optional(),
     request_uri_parameter_supported: booleanType().optional(),
     require_request_uri_registration: booleanType().optional(),
-    op_policy_uri: SafeUrlSchema.optional(),
-    op_tos_uri: SafeUrlSchema.optional()
+    op_policy_uri: stringType().optional(),
+    op_tos_uri: stringType().optional()
   }).passthrough();
   const OpenIdProviderDiscoveryMetadataSchema = OpenIdProviderMetadataSchema.merge(OAuthMetadataSchema.pick({
     code_challenge_methods_supported: true
@@ -18187,20 +18132,19 @@
     error_description: stringType().optional(),
     error_uri: stringType().optional()
   });
-  const OptionalSafeUrlSchema = SafeUrlSchema.optional().or(literalType("").transform(() => void 0));
   const OAuthClientMetadataSchema = objectType({
-    redirect_uris: arrayType(SafeUrlSchema),
+    redirect_uris: arrayType(stringType()).refine((uris) => uris.every((uri2) => URL.canParse(uri2)), { message: "redirect_uris must contain valid URLs" }),
     token_endpoint_auth_method: stringType().optional(),
     grant_types: arrayType(stringType()).optional(),
     response_types: arrayType(stringType()).optional(),
     client_name: stringType().optional(),
-    client_uri: SafeUrlSchema.optional(),
-    logo_uri: OptionalSafeUrlSchema,
+    client_uri: stringType().optional(),
+    logo_uri: stringType().optional(),
     scope: stringType().optional(),
     contacts: arrayType(stringType()).optional(),
-    tos_uri: OptionalSafeUrlSchema,
+    tos_uri: stringType().optional(),
     policy_uri: stringType().optional(),
-    jwks_uri: SafeUrlSchema.optional(),
+    jwks_uri: stringType().optional(),
     jwks: anyType().optional(),
     software_id: stringType().optional(),
     software_version: stringType().optional(),
@@ -18333,8 +18277,6 @@
       super(message !== null && message !== void 0 ? message : "Unauthorized");
     }
   }
-  const AUTHORIZATION_CODE_RESPONSE_TYPE = "code";
-  const AUTHORIZATION_CODE_CHALLENGE_METHOD = "S256";
   function selectClientAuthMethod(clientInformation, supportedMethods) {
     const hasClientSecret = clientInformation.client_secret !== void 0;
     if (supportedMethods.length === 0) {
@@ -18438,8 +18380,7 @@
       }
       const fullInformation = await registerClient(authorizationServerUrl, {
         metadata: metadata2,
-        clientMetadata: provider.clientMetadata,
-        fetchFn
+        clientMetadata: provider.clientMetadata
       });
       await provider.saveClientInformation(fullInformation);
       clientInformation = fullInformation;
@@ -18467,8 +18408,7 @@
           clientInformation,
           refreshToken: tokens.refresh_token,
           resource,
-          addClientAuthentication: provider.addClientAuthentication,
-          fetchFn
+          addClientAuthentication: provider.addClientAuthentication
         });
         await provider.saveTokens(newTokens);
         return "AUTHORIZED";
@@ -18565,7 +18505,7 @@
     return await fetchWithCorsRetry(url, headers, fetchFn);
   }
   function shouldAttemptFallback(response, pathname) {
-    return !response || response.status >= 400 && response.status < 500 && pathname !== "/";
+    return !response || response.status === 404 && pathname !== "/";
   }
   async function discoverMetadataWithFallback(serverUrl, wellKnownType, fetchFn, opts) {
     var _a, _b;
@@ -18624,15 +18564,13 @@
     return urlsToTry;
   }
   async function discoverAuthorizationServerMetadata(authorizationServerUrl, { fetchFn = fetch, protocolVersion = LATEST_PROTOCOL_VERSION } = {}) {
-    const headers = {
-      "MCP-Protocol-Version": protocolVersion,
-      Accept: "application/json"
-    };
+    var _a;
+    const headers = { "MCP-Protocol-Version": protocolVersion };
     const urlsToTry = buildDiscoveryUrls(authorizationServerUrl);
     for (const { url: endpointUrl, type: type2 } of urlsToTry) {
       const response = await fetchWithCorsRetry(endpointUrl, headers, fetchFn);
       if (!response) {
-        continue;
+        throw new Error(`CORS error trying to load ${type2 === "oauth" ? "OAuth" : "OpenID provider"} metadata from ${endpointUrl}`);
       }
       if (!response.ok) {
         if (response.status >= 400 && response.status < 500) {
@@ -18643,20 +18581,26 @@
       if (type2 === "oauth") {
         return OAuthMetadataSchema.parse(await response.json());
       } else {
-        return OpenIdProviderDiscoveryMetadataSchema.parse(await response.json());
+        const metadata2 = OpenIdProviderDiscoveryMetadataSchema.parse(await response.json());
+        if (!((_a = metadata2.code_challenge_methods_supported) === null || _a === void 0 ? void 0 : _a.includes("S256"))) {
+          throw new Error(`Incompatible OIDC provider at ${endpointUrl}: does not support S256 code challenge method required by MCP specification`);
+        }
+        return metadata2;
       }
     }
     return void 0;
   }
   async function startAuthorization(authorizationServerUrl, { metadata: metadata2, clientInformation, redirectUrl, scope: scope2, state, resource }) {
+    const responseType = "code";
+    const codeChallengeMethod = "S256";
     let authorizationUrl;
     if (metadata2) {
       authorizationUrl = new URL(metadata2.authorization_endpoint);
-      if (!metadata2.response_types_supported.includes(AUTHORIZATION_CODE_RESPONSE_TYPE)) {
-        throw new Error(`Incompatible auth server: does not support response type ${AUTHORIZATION_CODE_RESPONSE_TYPE}`);
+      if (!metadata2.response_types_supported.includes(responseType)) {
+        throw new Error(`Incompatible auth server: does not support response type ${responseType}`);
       }
-      if (metadata2.code_challenge_methods_supported && !metadata2.code_challenge_methods_supported.includes(AUTHORIZATION_CODE_CHALLENGE_METHOD)) {
-        throw new Error(`Incompatible auth server: does not support code challenge method ${AUTHORIZATION_CODE_CHALLENGE_METHOD}`);
+      if (!metadata2.code_challenge_methods_supported || !metadata2.code_challenge_methods_supported.includes(codeChallengeMethod)) {
+        throw new Error(`Incompatible auth server: does not support code challenge method ${codeChallengeMethod}`);
       }
     } else {
       authorizationUrl = new URL("/authorize", authorizationServerUrl);
@@ -18664,10 +18608,10 @@
     const challenge = await pkceChallenge();
     const codeVerifier = challenge.code_verifier;
     const codeChallenge = challenge.code_challenge;
-    authorizationUrl.searchParams.set("response_type", AUTHORIZATION_CODE_RESPONSE_TYPE);
+    authorizationUrl.searchParams.set("response_type", responseType);
     authorizationUrl.searchParams.set("client_id", clientInformation.client_id);
     authorizationUrl.searchParams.set("code_challenge", codeChallenge);
-    authorizationUrl.searchParams.set("code_challenge_method", AUTHORIZATION_CODE_CHALLENGE_METHOD);
+    authorizationUrl.searchParams.set("code_challenge_method", codeChallengeMethod);
     authorizationUrl.searchParams.set("redirect_uri", String(redirectUrl));
     if (state) {
       authorizationUrl.searchParams.set("state", state);
@@ -18692,7 +18636,7 @@
     }
     const headers = new Headers({
       "Content-Type": "application/x-www-form-urlencoded",
-      Accept: "application/json"
+      "Accept": "application/json"
     });
     const params = new URLSearchParams({
       grant_type: grantType,
@@ -18804,11 +18748,7 @@
       }
       let result;
       try {
-        result = await auth(this._authProvider, {
-          serverUrl: this._url,
-          resourceMetadataUrl: this._resourceMetadataUrl,
-          fetchFn: this._fetch
-        });
+        result = await auth(this._authProvider, { serverUrl: this._url, resourceMetadataUrl: this._resourceMetadataUrl, fetchFn: this._fetch });
       } catch (error2) {
         (_a = this.onerror) === null || _a === void 0 ? void 0 : _a.call(this, error2);
         throw error2;
@@ -18907,12 +18847,7 @@
       if (!this._authProvider) {
         throw new UnauthorizedError("No auth provider");
       }
-      const result = await auth(this._authProvider, {
-        serverUrl: this._url,
-        authorizationCode,
-        resourceMetadataUrl: this._resourceMetadataUrl,
-        fetchFn: this._fetch
-      });
+      const result = await auth(this._authProvider, { serverUrl: this._url, authorizationCode, resourceMetadataUrl: this._resourceMetadataUrl, fetchFn: this._fetch });
       if (result !== "AUTHORIZED") {
         throw new UnauthorizedError("Failed to authorize");
       }
@@ -18942,11 +18877,7 @@
         if (!response.ok) {
           if (response.status === 401 && this._authProvider) {
             this._resourceMetadataUrl = extractResourceMetadataUrl(response);
-            const result = await auth(this._authProvider, {
-              serverUrl: this._url,
-              resourceMetadataUrl: this._resourceMetadataUrl,
-              fetchFn: this._fetch
-            });
+            const result = await auth(this._authProvider, { serverUrl: this._url, resourceMetadataUrl: this._resourceMetadataUrl, fetchFn: this._fetch });
             if (result !== "AUTHORIZED") {
               throw new UnauthorizedError();
             }
@@ -19001,7 +18932,6 @@
   class StreamableHTTPClientTransport {
     constructor(url, opts) {
       var _a;
-      this._hasCompletedAuthFlow = false;
       this._url = url;
       this._resourceMetadataUrl = void 0;
       this._requestInit = opts === null || opts === void 0 ? void 0 : opts.requestInit;
@@ -19017,11 +18947,7 @@
       }
       let result;
       try {
-        result = await auth(this._authProvider, {
-          serverUrl: this._url,
-          resourceMetadataUrl: this._resourceMetadataUrl,
-          fetchFn: this._fetch
-        });
+        result = await auth(this._authProvider, { serverUrl: this._url, resourceMetadataUrl: this._resourceMetadataUrl, fetchFn: this._fetch });
       } catch (error2) {
         (_a = this.onerror) === null || _a === void 0 ? void 0 : _a.call(this, error2);
         throw error2;
@@ -19187,12 +19113,7 @@
       if (!this._authProvider) {
         throw new UnauthorizedError("No auth provider");
       }
-      const result = await auth(this._authProvider, {
-        serverUrl: this._url,
-        authorizationCode,
-        resourceMetadataUrl: this._resourceMetadataUrl,
-        fetchFn: this._fetch
-      });
+      const result = await auth(this._authProvider, { serverUrl: this._url, authorizationCode, resourceMetadataUrl: this._resourceMetadataUrl, fetchFn: this._fetch });
       if (result !== "AUTHORIZED") {
         throw new UnauthorizedError("Failed to authorize");
       }
@@ -19230,25 +19151,16 @@
         }
         if (!response.ok) {
           if (response.status === 401 && this._authProvider) {
-            if (this._hasCompletedAuthFlow) {
-              throw new StreamableHTTPError(401, "Server returned 401 after successful authentication");
-            }
             this._resourceMetadataUrl = extractResourceMetadataUrl(response);
-            const result = await auth(this._authProvider, {
-              serverUrl: this._url,
-              resourceMetadataUrl: this._resourceMetadataUrl,
-              fetchFn: this._fetch
-            });
+            const result = await auth(this._authProvider, { serverUrl: this._url, resourceMetadataUrl: this._resourceMetadataUrl, fetchFn: this._fetch });
             if (result !== "AUTHORIZED") {
               throw new UnauthorizedError();
             }
-            this._hasCompletedAuthFlow = true;
             return this.send(message);
           }
           const text = await response.text().catch(() => null);
           throw new Error(`Error POSTing to endpoint (HTTP ${response.status}): ${text}`);
         }
-        this._hasCompletedAuthFlow = false;
         if (response.status === 202) {
           if (isInitializedNotification(message)) {
             this._startOrAuthSse({ resumptionToken: void 0 }).catch((err) => {
@@ -20178,12 +20090,6 @@
       var _a;
       super(options);
       this._serverInfo = _serverInfo;
-      this._loggingLevels = /* @__PURE__ */ new Map();
-      this.LOG_LEVEL_SEVERITY = new Map(LoggingLevelSchema.options.map((level, index) => [level, index]));
-      this.isMessageIgnored = (level, sessionId) => {
-        const currentLevel = this._loggingLevels.get(sessionId);
-        return currentLevel ? this.LOG_LEVEL_SEVERITY.get(level) < this.LOG_LEVEL_SEVERITY.get(currentLevel) : false;
-      };
       this._capabilities = (_a = options === null || options === void 0 ? void 0 : options.capabilities) !== null && _a !== void 0 ? _a : {};
       this._instructions = options === null || options === void 0 ? void 0 : options.instructions;
       this.setRequestHandler(InitializeRequestSchema, (request) => this._oninitialize(request));
@@ -20191,18 +20097,6 @@
         var _a2;
         return (_a2 = this.oninitialized) === null || _a2 === void 0 ? void 0 : _a2.call(this);
       });
-      if (this._capabilities.logging) {
-        this.setRequestHandler(SetLevelRequestSchema, async (request, extra) => {
-          var _a2;
-          const transportSessionId = extra.sessionId || ((_a2 = extra.requestInfo) === null || _a2 === void 0 ? void 0 : _a2.headers["mcp-session-id"]) || void 0;
-          const { level } = request.params;
-          const parseResult = LoggingLevelSchema.safeParse(level);
-          if (parseResult.success) {
-            this._loggingLevels.set(transportSessionId, parseResult.data);
-          }
-          return {};
-        });
-      }
     }
     /**
      * Registers new capabilities. This can only be called before connecting to a transport.
@@ -20348,19 +20242,8 @@
     async listRoots(params, options) {
       return this.request({ method: "roots/list", params }, ListRootsResultSchema, options);
     }
-    /**
-     * Sends a logging message to the client, if connected.
-     * Note: You only need to send the parameters object, not the entire JSON RPC message
-     * @see LoggingMessageNotification
-     * @param params
-     * @param sessionId optional for stateless and backward compatibility
-     */
-    async sendLoggingMessage(params, sessionId) {
-      if (this._capabilities.logging) {
-        if (!this.isMessageIgnored(params.level, sessionId)) {
-          return this.notification({ method: "notifications/message", params });
-        }
-      }
+    async sendLoggingMessage(params) {
+      return this.notification({ method: "notifications/message", params });
     }
     async sendResourceUpdated(params) {
       return this.notification({
@@ -21909,13 +21792,10 @@
             inputSchema: tool.inputSchema ? zodToJsonSchema(tool.inputSchema, {
               strictUnions: true
             }) : EMPTY_OBJECT_JSON_SCHEMA,
-            annotations: tool.annotations,
-            _meta: tool._meta
+            annotations: tool.annotations
           };
           if (tool.outputSchema) {
-            toolDefinition.outputSchema = zodToJsonSchema(tool.outputSchema, {
-              strictUnions: true
-            });
+            toolDefinition.outputSchema = zodToJsonSchema(tool.outputSchema, { strictUnions: true });
           }
           return toolDefinition;
         })
@@ -22278,14 +22158,13 @@
       this._registeredPrompts[name] = registeredPrompt;
       return registeredPrompt;
     }
-    _createRegisteredTool(name, title2, description2, inputSchema, outputSchema, annotations, _meta, callback) {
+    _createRegisteredTool(name, title2, description2, inputSchema, outputSchema, annotations, callback) {
       const registeredTool = {
         title: title2,
         description: description2,
         inputSchema: inputSchema === void 0 ? void 0 : objectType(inputSchema),
         outputSchema: outputSchema === void 0 ? void 0 : objectType(outputSchema),
         annotations,
-        _meta,
         callback,
         enabled: true,
         disable: () => registeredTool.update({ enabled: false }),
@@ -22307,8 +22186,6 @@
             registeredTool.callback = updates.callback;
           if (typeof updates.annotations !== "undefined")
             registeredTool.annotations = updates.annotations;
-          if (typeof updates._meta !== "undefined")
-            registeredTool._meta = updates._meta;
           if (typeof updates.enabled !== "undefined")
             registeredTool.enabled = updates.enabled;
           this.sendToolListChanged();
@@ -22345,7 +22222,7 @@
         }
       }
       const callback = rest[0];
-      return this._createRegisteredTool(name, void 0, description2, inputSchema, outputSchema, annotations, void 0, callback);
+      return this._createRegisteredTool(name, void 0, description2, inputSchema, outputSchema, annotations, callback);
     }
     /**
      * Registers a tool with a config object and callback.
@@ -22354,8 +22231,8 @@
       if (this._registeredTools[name]) {
         throw new Error(`Tool ${name} is already registered`);
       }
-      const { title: title2, description: description2, inputSchema, outputSchema, annotations, _meta } = config;
-      return this._createRegisteredTool(name, title2, description2, inputSchema, outputSchema, annotations, _meta, cb);
+      const { title: title2, description: description2, inputSchema, outputSchema, annotations } = config;
+      return this._createRegisteredTool(name, title2, description2, inputSchema, outputSchema, annotations, cb);
     }
     prompt(name, ...rest) {
       if (this._registeredPrompts[name]) {
@@ -22395,16 +22272,6 @@
     isConnected() {
       return this.server.transport !== void 0;
     }
-    /**
-     * Sends a logging message to the client, if connected.
-     * Note: You only need to send the parameters object, not the entire JSON RPC message
-     * @see LoggingMessageNotification
-     * @param params
-     * @param sessionId optional for stateless and backward compatibility
-     */
-    async sendLoggingMessage(params, sessionId) {
-      return this.server.sendLoggingMessage(params, sessionId);
-    }
     /**
      * Sends a resource list changed event to the client, if connected.
      */