publishConfig access public fix

[KKonstantinov]

Motivation and Context

How Has This Been Tested?

Breaking Changes

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)
• Documentation update

Checklist

• I have read the MCP Documentation
• My code follows the repository's style guidelines
• New and existing tests pass locally
• I have added appropriate error handling
• I have added or updated documentation as needed

Additional context

[changeset-bot]

⚠️ No Changeset found

Latest commit: aba45ec

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[pkg-pr-new]

Open in StackBlitz

@modelcontextprotocol/client

npm i https://pkg.pr.new/modelcontextprotocol/typescript-sdk/@modelcontextprotocol/client@1837

@modelcontextprotocol/server

npm i https://pkg.pr.new/modelcontextprotocol/typescript-sdk/@modelcontextprotocol/server@1837

@modelcontextprotocol/express

npm i https://pkg.pr.new/modelcontextprotocol/typescript-sdk/@modelcontextprotocol/express@1837

@modelcontextprotocol/fastify

npm i https://pkg.pr.new/modelcontextprotocol/typescript-sdk/@modelcontextprotocol/fastify@1837

@modelcontextprotocol/hono

npm i https://pkg.pr.new/modelcontextprotocol/typescript-sdk/@modelcontextprotocol/hono@1837

@modelcontextprotocol/node

npm i https://pkg.pr.new/modelcontextprotocol/typescript-sdk/@modelcontextprotocol/node@1837

commit: aba45ec

[claude]

LGTM — straightforward addition of publishConfig: { access: "public" } to all scoped packages to ensure they publish correctly to npm.

Extended reasoning...

Overview

This PR adds "publishConfig": { "access": "public" } to the package.json of six scoped packages: @modelcontextprotocol/client, @modelcontextprotocol/server, and the four middleware packages (express, fastify, hono, node). The change is identical across all six files and is purely additive — no logic, no tests, no runtime behavior is modified.

Security Risks

None. This is a package metadata change that only affects how npm publish behaves. It explicitly sets the npm publish access to public, which is the standard requirement for scoped packages (@scope/name) to be published to the public npm registry. Without this field, scoped packages default to restricted (private), which would cause publish failures unless the org has paid npm access configured. There is no security concern here.

Level of Scrutiny

Minimal scrutiny required. This is a mechanical, well-understood npm configuration fix. The pattern is identical in all six files, the field values are correct, and the fix directly matches the PR title. The recent commit history shows a sibling fix (#1836, #1833, #1829) around CI/release configuration, so this fits the same housekeeping pattern.

Other Factors

No bugs were found by the bug hunting system. No prior reviews exist on this PR. The changeset-bot note about no changeset is acceptable here since publishConfig is infrastructure metadata, not a user-facing API change.