test

Author: KianNH

package-lock.json

@@ -50,8 +50,8 @@
 		"@types/node": "22.13.13",
 		"@types/react": "19.0.7",
 		"@types/react-dom": "19.0.4",
-		"@typescript-eslint/parser": "8.27.0",
-		"algoliasearch": "5.21.0",
+		"@typescript-eslint/parser": "8.28.0",
+		"algoliasearch": "5.23.0",
 		"astro": "5.5.4",
 		"astro-breadcrumbs": "3.3.1",
 		"astro-icon": "1.1.5",
@@ -116,7 +116,7 @@
 		"ts-blank-space": "0.6.1",
 		"tsx": "4.19.3",
 		"typescript": "5.8.2",
-		"typescript-eslint": "8.27.0",
+		"typescript-eslint": "8.28.0",
 		"unified": "11.0.5",
 		"unist-util-visit": "5.0.0",
 		"vite-tsconfig-paths": "5.1.4",

package.json

@@ -1,17 +1,25 @@
 ---
 import { z } from "astro:schema";
 import { Icon } from "@astrojs/starlight/components";
+import type { StarlightIcon } from "@astrojs/starlight/types";
 
 const props = z
 	.object({
-		changelog: z
-			.string()
-			.transform((val) => val.toLowerCase().replaceAll(" ", "-")),
+		text: z.string().default("Subscribe to RSS"),
+		icon: z.custom<StarlightIcon>().default("rss"),
 	})
-	.or(
-		z.object({
-			href: z.string(),
-		}),
+	.and(
+		z
+			.object({
+				changelog: z
+					.string()
+					.transform((val) => val.toLowerCase().replaceAll(" ", "-")),
+			})
+			.or(
+				z.object({
+					href: z.string(),
+				}),
+			),
 	);
 
 const input = props.parse(Astro.props);
@@ -22,6 +30,6 @@ const input = props.parse(Astro.props);
 	class="inline-flex items-center justify-center gap-1 rounded font-semibold no-underline"
 	target="_blank"
 >
-	Subscribe to RSS
-	<Icon name="rss" size="1.25rem" />
+	{input.text}
+	<Icon name={input.icon} size="1.25rem" />
 </a>

src/components/RSSButton.astro

@@ -3,7 +3,9 @@ import { Image } from "astro:assets";
 import { z } from "astro:schema";
 import { getEntry, type CollectionEntry } from "astro:content";
 
-import { StarlightIcon } from "..";
+import { Icon } from "@astrojs/starlight/components";
+import RSSButton from "~/components/RSSButton.astro";
+
 import HeroImage from "~/assets/images/changelog/hero.svg";
 
 type Props = z.input<typeof props>;
@@ -35,21 +37,11 @@ const products = await uniqueProducts(notes);
 	<div class="text-center sm:text-left">
 		<h1>Changelog</h1>
 		<p>New updates and improvements at Cloudflare.</p>
-		<div class="changelog-rss-links">
-			<a
-				href="/changelog/rss/index.xml"
-				class="dark:!hover:text-[#79B1FF] -mx-2 whitespace-nowrap px-2 text-[#056DFF] no-underline hover:rounded-[4px] hover:bg-[#DCEBFF] hover:!text-[#056DFF] dark:text-[#79B1FF] dark:hover:bg-[#002B66] max-sm:block"
-			>
-				Subscribe to RSS
-				<StarlightIcon name="rss" size="18px" class="!inline align-text-top" />
-			</a>
-			<a
-				href="/fundamentals/new-features/available-rss-feeds/"
-				class="dark:!hover:text-[#79B1FF] -mx-2 whitespace-nowrap px-2 text-[#056DFF] no-underline hover:rounded-[4px] hover:bg-[#DCEBFF] hover:!text-[#056DFF] dark:text-[#79B1FF] dark:hover:bg-[#002B66] max-sm:block"
-			>
-				View all RSS feeds &gt;
-			</a>
-		</div>
+		<p>
+			<RSSButton changelog="index" />
+			<br />
+			<RSSButton href="index" text="View all RSS feeds" icon="right-caret" />
+		</p>
 		{
 			products.length > 0 && (
 				<div>

src/components/changelog/Header.astro

@@ -0,0 +1,122 @@
+---
+pcx_content_type: concept
+title: McpAgent — API Reference
+sidebar:
+  order: 6
+---
+
+import { Render, TypeScriptExample } from "~/components";
+
+When you build MCP Servers on Cloudflare, you extend the [`McpAgent` class](https://github.com/cloudflare/agents/blob/5881c5d23a7f4580600029f69307cfc94743e6b8/packages/agents/src/mcp.ts), from the Agents SDK, like this:
+
+<TypeScriptExample>
+
+```ts title="src/index.ts"
+import { McpAgent } from "agents/mcp";
+import { DurableMCP } from "@cloudflare/model-context-protocol";
+
+export class MyMCP extends McpAgent {
+	server = new McpServer({ name: "Demo", version: "1.0.0" });
+
+	async init() {
+		this.server.tool(
+			"add",
+			{ a: z.number(), b: z.number() },
+			async ({ a, b }) => ({
+				content: [{ type: "text", text: String(a + b) }],
+			}),
+		);
+	}
+}
+```
+
+</TypeScriptExample>
+
+This means that each instance of your MCP server has its own durable state, backed by a [Durable Object](/durable-objects/), with its own [SQL database](/agents/api-reference/store-and-sync-state).
+
+Your MCP server doesn't necessarily have to be an Agent. You can build MCP servers that are stateless, and just add [tools](/agents/model-context-protocol/tools) to your MCP server using the `@modelcontextprotocol/typescript-sdk` package.
+
+But if you want your MCP server to:
+
+- remember previous tool calls, and responses it provided
+- provide a game to the MCP client, remembering the state of the game board, previous moves, and the score
+- cache the state of a previous external API call, so that subsequent tool calls can reuse it
+- do anything that an Agent can do, but allow MCP clients to communicate with it
+
+You can use the following APIs in order to do so.
+
+### State synchronization APIs
+
+The `McpAgent` class makes the following subset of methods from the [Agents SDK](/agents/api-reference/agents-api/) available:
+
+- [`state`](/agents/api-reference/store-and-sync-state/)
+- [`initialState`](/agents/api-reference/store-and-sync-state/#set-the-initial-state-for-an-agent)
+- [`setState`](/agents/api-reference/store-and-sync-state/)
+- [`onStateUpdate`](/agents/api-reference/store-and-sync-state/#synchronizing-state)
+- [`sql`](/agents/api-reference/agents-api/#sql-api)
+
+:::note[State resets after the session ends]
+Currently, each client session is backed by an instance of the `McpAgent` class. This is handled automatically for you, as shown in the [getting started guide](/agents/guides/remote-mcp-server). This means that when the same client reconnects, they will start a new session, and the state will be reset.
+:::
+
+For example, the following code implements an MCP server that remembers a counter value, and updates the counter when the `add` tool is called:
+
+<TypeScriptExample>
+
+```ts title="src/index.ts"
+import { McpAgent } from "agents/mcp";
+import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+import { z } from "zod";
+
+type State = { counter: number };
+
+export class MyMCP extends McpAgent<Env, State, {}> {
+	server = new McpServer({
+		name: "Demo",
+		version: "1.0.0",
+	});
+
+	initialState: State = {
+		counter: 1,
+	};
+
+	async init() {
+		this.server.resource(`counter`, `mcp://resource/counter`, (uri) => {
+			return {
+				contents: [{ uri: uri.href, text: String(this.state.counter) }],
+			};
+		});
+
+		this.server.tool(
+			"add",
+			"Add to the counter, stored in the MCP",
+			{ a: z.number() },
+			async ({ a }) => {
+				this.setState({ ...this.state, counter: this.state.counter + a });
+
+				return {
+					content: [
+						{
+							type: "text",
+							text: String(`Added ${a}, total is now ${this.state.counter}`),
+						},
+					],
+				};
+			},
+		);
+	}
+
+	onStateUpdate(state: State) {
+		console.log({ stateUpdate: state });
+	}
+}
+```
+
+</TypeScriptExample>
+
+### Not yet supported APIs
+
+The following APIs from the Agents SDK are not yet available on `McpAgent`:
+
+- [WebSocket APIs](/agents/api-reference/websockets/) (`onMessage`, `onError`, `onClose`, `onConnect`)
+- [Scheduling APIs](/agents/api-reference/schedule-tasks/) `this.schedule`

src/content/docs/agents/model-context-protocol/mcp-agent-api.mdx

@@ -5,7 +5,7 @@ sidebar:
   order: 2
 ---
 
-import { Details, GlossaryTooltip, Render } from "~/components";
+import { Details, GlossaryTooltip, Render, Badge } from "~/components";
 
 If you plan to direct your users to manually download and configure the WARP client, users will need to connect the client to your organization's Cloudflare Zero Trust instance.
 
@@ -15,13 +15,13 @@ If you plan to direct your users to manually download and configure the WARP cli
 
 ## Windows, macOS, and Linux
 
-### Enroll via the GUI
+### Enroll using the GUI
 
 <Render file="warp/enroll-desktop" />
 
 The device is now protected by your organization's Zero Trust policies.
 
-### Enroll via the CLI
+### Enroll using the CLI
 
 To enroll your device using the terminal:
 
@@ -74,10 +74,75 @@ The device is now protected by your organization's Zero Trust policies. For more
 
 ## iOS, Android, and ChromeOS
 
+### Enroll manually
+
 <Render file="warp/enroll-ios-android" />
 
 The device is now protected by your organization's Zero Trust policies.
 
+### Enroll using a URL <Badge text="Beta" variant="caution"/>
+
+<Details header="Feature availability">
+
+| System   | Availability | Minimum WARP version |
+| -------- | ------------ | -------------------- |
+| Windows  | ❌           |                      |
+| macOS    | ❌           |                      |
+| Linux    | ❌           |                      |
+| iOS      | ✅           | 1.10                  |
+| Android  | ✅           | 2.4                   |
+| ChromeOS | ✅           | 2.4                   |
+
+</Details>
+
+Administrators can provide users with a custom login URL that automatically fills in your organization's <GlossaryTooltip term="team name">team name</GlossaryTooltip> during device enrollment. Using a URL reduces the potential for error that comes with manual entry of the team name.
+
+The WARP client supports URLs accessed through a direct link or with a URL handler such as a QR code. Direct links are currently only supported in Safari and Firefox. If your default browser is Chrome (or another unsupported browser), we recommend embedding the link in a QR code.
+
+#### Generate a login URL
+
+To generate a URL for device enrollment:
+
+1. Copy the following link, replacing `<your-team-name>` with your Zero Trust <GlossaryTooltip term="team name">team name</GlossaryTooltip>:
+		```txt
+		cf1app://oneapp.cloudflare.com/team?name=<your-team-name>
+		```
+2. (Optional) Use any QR code generator to embed the link in a QR code.
+3. Distribute the link or QR code to users.
+
+#### Use the login URL
+
+To enroll a device using a login URL:
+
+1. [Download](/cloudflare-one/connections/connect-devices/warp/download-warp/) and install the Cloudflare One Agent app.
+2. Go to the [login URL](#generate-a-login-url) provided by your account administrator. To use a QR code, open the QR scanner app on your device and scan the QR code.
+
+		The Cloudflare One Agent app will open and start the onboarding flow.
+
+		:::note
+		If the device is already enrolled in the account associated with this URL, Cloudflare One agent will bypass onboarding and show the **Connected** switch.
+		:::
+
+3. To complete the onboarding flow:
+
+		a. Review the privacy policy and select **Accept**.
+
+    b. On the **Enter team name** screen, confirm that the pre-populated <GlossaryTooltip term="team name">team name</GlossaryTooltip> matches your organization.
+
+		:::note[`Already Authenticated` error]
+		If Cloudflare One Agent is logged in using another team name, you must first log out of that account. Go to **Settings** > **Account** to log out, and then retry the QR code or login link.
+		:::
+
+    c. Complete the authentication steps required by your organization.
+
+ 		d. After authenticating, select **Install VPN Profile**.
+
+		e. In the **Connection request** popup window, select **OK**.
+
+4. If you did not enable [auto-connect](/cloudflare-one/connections/connect-devices/warp/configure-warp/warp-settings/#auto-connect), manually turn on the switch to **Connected**.
+
+The device is now protected by your organization's Zero Trust policies.
+
 ## Virtual machines
 
 By default, virtual machines (VMs) are subject to the WARP client settings of the host. If you want to deploy a separate instance of WARP in a VM, you must configure the VM to operate in bridged networking mode.

src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/manual-deployment.mdx

@@ -43,12 +43,25 @@ Data Loss Prevention will now store a portion of the payload for HTTP requests t
 3. Select **Decrypt Payload Log**.
 4. Enter your private key and select **Decrypt**.
 
-You will see the [ID of the matched DLP Profile](/api/resources/zero_trust/subresources/dlp/subresources/profiles/methods/list/) followed by the decrypted payload. Note that DLP currently logs only the first match.
+You will see the [ID of the matched DLP Profile](/api/resources/zero_trust/subresources/dlp/subresources/profiles/methods/list/) followed by the decrypted payload.
 
 :::note
-Neither the key nor the decrypted payload will be stored by Cloudflare.
+Cloudflare does not store the key or the decrypted payload.
 :::
 
+### Report false and true positives to AI context analysis
+
+When you have [AI context analysis](/cloudflare-one/policies/data-loss-prevention/dlp-profiles/advanced-settings/#ai-context-analysis) turned on for a DLP profile, you can train the AI model to adjust its confident threshold by reporting false and true positives.
+
+To report a DLP match payload as a false or true positive:
+
+1. [Find and decrypt](#4-view-payload-logs) the payload log you want to report.
+2. In **Log details**, choose a detected context match.
+3. In **Context**, select the redacted match data.
+4. In **Match details**, choose whether you want to report the match as a false positive or a true positive.
+
+Based on your report, DLP's machine learning will adjust its confidence in future matches for the associated profile.
+
 ### Data privacy
 
 - All Cloudflare logs are encrypted at rest. Encrypting the payload content adds a second layer of encryption for the matched values that triggered a DLP rule.