claude[bot]
9b471ed627
All three MCP servers used `npx -y <package>` without version pins, causing npx to auto-install the latest version on each invocation. A compromised or breaking release would silently affect all users. Pinned to current stable versions verified against npm registry: - @playwright/mcp@0.0.70 - @upstash/context7-mcp@2.1.8 - deepwiki-mcp@0.0.6 Update these pins deliberately when upgrading rather than auto-pulling. Co-Authored-By: Claude Code <noreply@anthropic.com>
26 lines
388 B
JSON
26 lines
388 B
JSON
{
|
|
"mcpServers": {
|
|
"playwright": {
|
|
"command": "npx",
|
|
"args": [
|
|
"-y",
|
|
"@playwright/mcp@0.0.70"
|
|
]
|
|
},
|
|
"context7": {
|
|
"command": "npx",
|
|
"args": [
|
|
"-y",
|
|
"@upstash/context7-mcp@2.1.8"
|
|
]
|
|
},
|
|
"deepwiki": {
|
|
"command": "npx",
|
|
"args": [
|
|
"-y",
|
|
"deepwiki-mcp@0.0.6"
|
|
]
|
|
}
|
|
}
|
|
}
|