Date: 2026-02-23 Branch: main SDK Version: 1.1.0-SNAPSHOT (latest release: 1.0.0 GA) Conformance Suite Version: 0.1.15 Auditor: mcp-sdk-tier-audit skill (automated + subagent evaluation)
The Java SDK now has a stable 1.0.0 GA release on main. With spec-version scoping applied correctly — Tier 2 evaluated against 2025-06-18, Tier 1 against the full active suite — the SDK meets all Tier 2 requirements. Server conformance at 2025-06-18 scope is 92.3% (≥80% ✓), client conformance at 2025-06-18 scope is 100% ✓, repository health exceeds Tier 2 across the board, and all policy documents are substantive. Tier 1 is blocked by server conformance <100% (resources-subscribe/unsubscribe not implemented), client auth conformance <100% (scope-step-up), and documentation coverage lacking examples for ~17 features.
| # | Requirement | Tier 1 Standard | Tier 2 Standard | Current Value (T2 scope) | T1? | T2? | Gap |
|---|---|---|---|---|---|---|---|
| 1a | Server Conformance | 100% (full suite) | >= 80% (2025-06-18 scope) | T2: 92.3% (24/26) / T1: 93.3% (28/30) | FAIL | PASS | T1: resources-subscribe, resources-unsubscribe |
| 1b | Client Conformance | 100% (full suite) | >= 80% (2025-06-18 scope) | T2: 100% (53/53) / T1: 99.5% (185/186†) | FAIL | PASS | T1: auth/scope-step-up (1 check); sse-retry warnings only |
| 2 | Issue Triage | >= 90% within 2 biz days | >= 80% within 1 month | 98.6% (141/143) | PASS | PASS | None |
| 2b | Labels | 12 required labels | 12 required labels | 12/12 | PASS | PASS | None |
| 3 | Critical Bug Resolution | All P0s within 7 days | All P0s within 2 weeks | 0 open P0s | PASS | PASS | None |
| 4 | Stable Release | Required + clear versioning | At least one stable release | 1.0.0 (stable ✓) | PASS | PASS | None |
| 4b | Spec Tracking | Within 30d of latest spec | Within 30d of latest spec | 9d gap | PASS | PASS | None |
| 5 | Documentation | Comprehensive w/ examples | Basic docs for core features | 28/48 PASS, 17/48 PARTIAL | FAIL | PASS | T1: ~17 features lack examples |
| 6 | Dependency Policy | Published update policy | Published update policy | DEPENDENCY_POLICY.md + dependabot | PASS | PASS | None |
| 7 | Roadmap | Published roadmap | Plan toward Tier 1 | ROADMAP.md (substantive) | PASS | PASS | None |
| 8 | Versioning Policy | Documented breaking change policy | N/A | VERSIONING.md + MIGRATION-1.0.md | PASS | N/A | None |
† sse-retry on main branch: 1/1 passed (2 warnings only — not counted as failures in check totals). The one hard failure is auth/scope-step-up.
-
Tier 2: PASS — all 7 requirements met
- Server conformance 92.3% @ 2025-06-18 ≥ 80% ✓
- Client conformance 100% @ 2025-06-18 ✓
- Triage 98.6% ✓, Labels 12/12 ✓, P0s 0 ✓
- Stable release 1.0.0 ✓, Spec tracking 9d ✓
- Basic docs ✓, Dependency policy ✓, Roadmap ✓
-
Tier 1: FAIL — 3/8 requirements failing:
- Server conformance 93.3% (full suite) < 100% — failing: resources-subscribe, resources-unsubscribe
- Client conformance 99.5% (full suite) < 100% — failing: auth/scope-step-up (1 check)
- Documentation: 28/48 PASS — need all 48 with examples
-
Final Tier: 2
| 2025-06-18 scope (T2) | 2025-11-25 scope (T1 full) | |
|---|---|---|
| Server | 24/26 (92.3%) ✓ | 28/30 (93.3%) ✗ |
| Client: Core | 2/2 (100%) ✓ | 4/4 (100%)† ✗ |
| Client: Auth | 51/51 (100%) ✓ | 178/179 (99.4%) ✗ |
| Client Total | 53/53 (100%) ✓ | 182/183 (99.5%) ✗ |
† sse-retry: 1/1 passed on main (retry timing and Last-Event-ID are warnings, not failures). The T1 client failure is auth/scope-step-up only.
Baseline: 4 entries in conformance-tests/conformance-baseline.yml:
- Server: resources-subscribe, resources-unsubscribe (
[2025-06-18,2025-11-25]) — block Tier 1 only - Client Core: sse-retry (
[2025-11-25]) — now warnings-only on main, not blocking - Client Auth: auth/basic-cimd (
[2025-11-25], warning only), auth/scope-step-up ([2025-11-25], 1 fail)
Pass rate: 92.3% (24/26 scenarios)
| Scenario | Status | Checks | In Baseline? |
|---|---|---|---|
| server-initialize | PASS | 1/1 | — |
| logging-set-level | PASS | 1/1 | — |
| ping | PASS | 1/1 | — |
| completion-complete | PASS | 1/1 | — |
| tools-list | PASS | 1/1 | — |
| tools-call-simple-text | PASS | 1/1 | — |
| tools-call-image | PASS | 1/1 | — |
| tools-call-audio | PASS | 1/1 | — |
| tools-call-embedded-resource | PASS | 1/1 | — |
| tools-call-mixed-content | PASS | 1/1 | — |
| tools-call-with-logging | PASS | 1/1 | — |
| tools-call-error | PASS | 1/1 | — |
| tools-call-with-progress | PASS | 1/1 | — |
| tools-call-sampling | PASS | 1/1 | — |
| tools-call-elicitation | PASS | 1/1 | — |
| resources-list | PASS | 1/1 | — |
| resources-read-text | PASS | 1/1 | — |
| resources-read-binary | PASS | 1/1 | — |
| resources-templates-read | PASS | 1/1 | — |
| resources-subscribe | FAIL | 0/1 | Yes ✓ |
| resources-unsubscribe | FAIL | 0/1 | Yes ✓ |
| prompts-list | PASS | 1/1 | — |
| prompts-get-simple | PASS | 1/1 | — |
| prompts-get-with-args | PASS | 1/1 | — |
| prompts-get-embedded-resource | PASS | 1/1 | — |
| prompts-get-with-image | PASS | 1/1 | — |
4 extra scenarios vs 2025-06-18 scope — all pass:
| Scenario | Status | Checks |
|---|---|---|
| elicitation-sep1034-defaults | PASS | 5/5 |
| server-sse-multiple-streams | PASS | 2/2 |
| elicitation-sep1330-enums | PASS | 5/5 |
| dns-rebinding-protection | PASS | 2/2 |
Full suite total: 28/30 (93.3%). Same 2 failures as Tier 2 scope.
| Scenario | Status | Checks |
|---|---|---|
| initialize | PASS | 1/1 |
| tools_call | PASS | 1/1 |
Core T2: 2/2 (100%)
| Scenario | Status | Checks |
|---|---|---|
| auth/token-endpoint-auth-basic | PASS | 17/17 |
| auth/token-endpoint-auth-post | PASS | 17/17 |
| auth/token-endpoint-auth-none | PASS | 17/17 |
Auth T2: 51/51 (100%)
Client Tier 2 total: 53/53 (100%) ✓
| Scenario | Status | Checks | Notes |
|---|---|---|---|
| initialize | PASS | 1/1 | — |
| tools_call | PASS | 1/1 | — |
| elicitation-sep1034-client-defaults | PASS | 5/5 | — |
| sse-retry | PASS† | 1/1 + 2 warn | †Retry timing = WARNING (not FAIL) on main |
Core T1: 4/4 scenarios passing (1/1 checks each). sse-retry passes but with 2 warnings (retry timing, Last-Event-ID).
| Scenario | Status | Checks | In Baseline? |
|---|---|---|---|
| auth/metadata-default | PASS | 12/12 | — |
| auth/metadata-var1 | PASS | 12/12 | — |
| auth/metadata-var2 | PASS | 12/12 | — |
| auth/metadata-var3 | PASS | 12/12 | — |
| auth/basic-cimd | WARN | 12/12 + 1 warn | Yes ✓ |
| auth/scope-from-www-authenticate | PASS | 13/13 | — |
| auth/scope-from-scopes-supported | PASS | 13/13 | — |
| auth/scope-omitted-when-undefined | PASS | 13/13 | — |
| auth/scope-step-up | FAIL | 11/12 | Yes ✓ |
| auth/scope-retry-limit | PASS | 11/11 | — |
| auth/token-endpoint-auth-basic | PASS | 17/17 | — |
| auth/token-endpoint-auth-post | PASS | 17/17 | — |
| auth/token-endpoint-auth-none | PASS | 17/17 | — |
| auth/pre-registration | PASS | 6/6 | — |
Auth T1: 178/179 checks. 13/14 fully passing. 1 hard failure (auth/scope-step-up, in baseline).
Client Tier 1 total: 182/183 checks = 99.5%. Blocked from 100% by auth/scope-step-up.
Analysis period: 143 issues (as of 2026-02-23) Labels: All 12 required present (P0, P1, P2, P3, bug, enhancement, question, needs confirmation, needs repro, ready for work, good first issue, help wanted).
| Metric | Value | T1 Req | T2 Req | Verdict |
|---|---|---|---|---|
| Compliance rate | 98.6% | >= 90% | >= 80% | PASS |
| Triaged/total | 141/143 | — | — | — |
| Exceeding SLA | 2 | — | — | — |
| Open P0s | 0 | 0 | 0 | PASS |
SDK path: /Users/jdariusz/development/github/modelcontextprotocol/java-sdk (main branch) Documentation locations found:
docs/server.md: Comprehensive server-side API with Sync/Async code examplesdocs/client.md: Comprehensive client-side API with Sync/Async code examplesdocs/overview.md: Architecture and module overviewdocs/quickstart.md: Dependency setup (Maven + Gradle) with BOMMIGRATION-1.0.md: Migration guide 0.18.1 → 1.0.0 (breaking changes documented)VERSIONING.md,ROADMAP.md,DEPENDENCY_POLICY.md: Governance docs
| # | Feature | Documented? | Where | Has Examples? | Verdict |
|---|---|---|---|---|---|
| 1 | Tools - listing | Yes | client.md:334-368, server.md:330 | Yes | PASS |
| 2 | Tools - calling | Yes | client.md:334-368 | Yes | PASS |
| 3 | Tools - text results | Yes | server.md:340-398 | Yes | PASS |
| 4 | Tools - image results | Partial | server.md: capability mention only | No | PARTIAL |
| 5 | Tools - audio results | Partial | server.md: capability mention only | No | PARTIAL |
| 6 | Tools - embedded resources | Partial | server.md: capability mention only | No | PARTIAL |
| 7 | Tools - error handling | Yes | server.md:759-762 (McpError prose) | No | PARTIAL |
| 8 | Tools - change notifications | Yes | server.md:323, client.md:87-90 | Yes | PASS |
| 9 | Resources - listing | Yes | client.md:383-408 | Yes | PASS |
| 10 | Resources - reading text | Yes | client.md:383-408 | Yes | PASS |
| 11 | Resources - reading binary | Partial | mentioned in resource spec | No | PARTIAL |
| 12 | Resources - templates | Yes | server.md:443-458 | Yes | PASS |
| 13 | Resources - template reading | Yes | server.md:443-458 | Yes | PASS |
| 14 | Resources - subscribing | Partial | server.md:322 flag only | No | PARTIAL |
| 15 | Resources - unsubscribing | Partial | server.md:322 flag only | No | PARTIAL |
| 16 | Resources - change notifications | Yes | server.md:322, client.md:91-93 | Yes | PASS |
| 17 | Prompts - listing | Yes | client.md:413-438 | Yes | PASS |
| 18 | Prompts - getting simple | Yes | client.md:413-438, server.md:463 | Yes | PASS |
| 19 | Prompts - getting with arguments | Yes | client.md:413-438, server.md:463 | Yes | PASS |
| 20 | Prompts - embedded resources | Partial | server.md:496 mention only | No | PARTIAL |
| 21 | Prompts - image content | Partial | server.md:496 mention only | No | PARTIAL |
| 22 | Prompts - change notifications | Yes | server.md:324, client.md:92-94 | Yes | PASS |
| 23 | Sampling - creating messages | Yes | server.md:541-656, client.md:242 | Yes | PASS |
| 24 | Elicitation - form mode | Yes | server.md:661-703, client.md:268 | Yes | PASS |
| 25 | Elicitation - URL mode | Yes | client.md:208,216 | Yes | PASS |
| 26 | Elicitation - schema validation | Partial | client.md:277 requestedSchema | No | PARTIAL |
| 27 | Elicitation - default values | Partial | capability note only | No | PARTIAL |
| 28 | Elicitation - enum values | Partial | capability note only | No | PARTIAL |
| 29 | Elicitation - complete notification | Partial | not in user-facing docs | No | PARTIAL |
| 30 | Roots - listing | Yes | client.md:220-234 | Yes | PASS |
| 31 | Roots - change notifications | Yes | client.md:232 | Yes | PASS |
| 32 | Logging - sending log messages | Yes | server.md:707-756 | Yes | PASS |
| 33 | Logging - setting level | Yes | server.md:756, client.md:299-315 | Yes | PASS |
| 34 | Completions - resource argument | Yes | server.md:501-537 | Yes | PASS |
| 35 | Completions - prompt argument | Yes | server.md:501-537 | Yes | PASS |
| 36 | Ping | Partial | not explicitly documented | No | PARTIAL |
| 37 | Streamable HTTP transport (client) | Yes | client.md:152-168 | Yes | PASS |
| 38 | Streamable HTTP transport (server) | Yes | server.md:128-200 | Yes | PASS |
| 39 | SSE transport - legacy (client) | Yes | client.md:180-197 | Yes | PASS |
| 40 | SSE transport - legacy (server) | Yes | server.md:226-314 | Yes | PASS |
| 41 | stdio transport (client) | Yes | client.md:139-147 | Yes | PASS |
| 42 | stdio transport (server) | Yes | server.md:110-117 | Yes | PASS |
| 43 | Progress notifications | Yes | client.md:318-327 | Yes | PASS |
| 44 | Cancellation | Partial | not explicitly documented | No | PARTIAL |
| 45 | Pagination | Partial | not documented | No | PARTIAL |
| 46 | Capability negotiation | Yes | server.md:316-328, client.md:200 | Yes | PASS |
| 47 | Protocol version negotiation | Yes | client.md:10,168 + overview.md | Yes | PASS |
| 48 | JSON Schema 2020-12 support | Partial | client.md:372-378 mention only | No | PARTIAL |
| — | Tasks (experimental, 5) | No | Not implemented | No | INFO |
Total non-experimental features: 48 PASS (documented with examples): 28/48 (58%) PARTIAL (docs or examples but not both): 17/48 (35%) FAIL (not documented at all): 3/48 (6%)
Core features with at least basic docs: 45/48 (94%) — PASS for Tier 2
Tier 2 (basic docs covering core features): PASS — 45/48 features have at least prose or examples. The 3 undocumented features (resources-subscribe/unsubscribe — not implemented, cancellation API) are acceptable for Tier 2.
Tier 1 (all features documented with examples): FAIL — 20 features missing examples (tools image/audio/embedded/error, resources binary/subscribe/unsubscribe, prompts embedded/image, elicitation schema/defaults/enums/complete, ping, cancellation, pagination, JSON Schema 2020-12).
SDK path: /Users/jdariusz/development/github/modelcontextprotocol/java-sdk (main) Repository: modelcontextprotocol/java-sdk
| File | Exists (CLI) | Content Verdict |
|---|---|---|
| DEPENDENCY_POLICY.md | Yes | Substantive |
| docs/dependency-policy.md | No | N/A |
| .github/dependabot.yml | Yes | Configured |
| .github/renovate.json | No | N/A |
Verdict: PASS — DEPENDENCY_POLICY.md describes security-first conservative update policy. .github/dependabot.yml provides monthly automated updates for Actions and Maven (production deps intentionally frozen).
| File | Exists (CLI) | Content Verdict |
|---|---|---|
| ROADMAP.md | Yes | Substantive |
| docs/roadmap.md | No | N/A |
Verdict:
- Tier 1: PASS —
ROADMAP.mdlists concrete spec work items for2025-11-25revision, references GitHub Projects board, and explicitly names "Tier 1 SDK Support" as a goal. - Tier 2: PASS — Contains active development plan and clear path toward Tier 1.
| File | Exists (CLI) | Content Verdict |
|---|---|---|
| VERSIONING.md | Yes | Substantive |
| MIGRATION-1.0.md (new on main) | Yes | Substantive |
| docs/versioning.md | No | N/A |
| BREAKING_CHANGES.md | No | N/A |
Verdict:
- Tier 1: PASS —
VERSIONING.mddefines SemVer, 10 categories of breaking changes, and communication process (changelog,@Deprecated, migration guides, PR labels).MIGRATION-1.0.mddemonstrates the policy in practice with a comprehensive 0.18.1→1.0.0 migration guide.
| Policy Area | Tier 1 | Tier 2 |
|---|---|---|
| Dependency Update Policy | PASS | PASS |
| Roadmap | PASS | PASS |
| Versioning Policy | PASS | N/A |