Bump com.alibaba.nacos:nacos-client from 3.1.0 to 3.1.1

[dependabot]

Bumps com.alibaba.nacos:nacos-client from 3.1.0 to 3.1.1.

Release notes

Sourced from com.alibaba.nacos:nacos-client's releases.

3.1.1 (Nov 26th 2025)

This release focuses on enhancing the MCP and A2A (Agent-to-Agent) capabilities of Nacos, improving system stability, and refining security and configuration management. Key additions include support for batch registration of agent endpoints, merging versions during MCP server import, and enhanced flexibility in updating MCP servers with an overrideExisting option. The release also introduces default security configuration support for both inbound and outbound communication, laying the foundation for secure AI agent interactions.

Detail changes in this version are listed below:

Feature

#13867 Support override existing configuration when updating MCP server. #13922 Add thread pool configuration to allow core thread timeout. #13946 Refactor AgentEndpoint model and add new fields to support advanced protocol and queries. #13953 Add support for default security configurations, including selection and setup for inbound and outbound security schemes. #13957 Support batch registration of agent endpoints. #13951 Add configurable CORS filter for console module.

Enhancement/Refactor

#13822 Separate responsibilities between client executor and login scheduled executor to prevent thread pool exhaustion. #13863 Optimize shutdown.sh script to combine multiple PIDs into a single line for cleaner process termination. #13911 Enhance importToolsFromMcp API to support streamable protocol servers. #13914 Upgrade checkStyle plugin version to improve code linting and maintainability. #13945 Support merging versions when importing MCP server specifications. #13963 Refactor List config apis to support return configTags and desc.

BugFix

#13140 Fix consistent namespace handling for ConfigChangeNotifyRequest when client namespace is empty. #13860 Fix potential null pointer exception risk in ConfigMigrateService. #13866 Fix inability to edit imported MCP servers in the console. #13869 Fix error creating bean 'consoleHealthController' due to missing dependency injection. #13877 Fix namespaceId issue in McpRemoteHandler causing incorrect context propagation. #13882 Fix synchronization lock and add volatile keyword for TpsControlManager to ensure thread safety. #13884 Fix JSON parsing error in MCP server validation API during import. #13902 Fix deprecated Log4j2 package scanning warnings by updating logger initialization logic. #13948 Fix failure when updating agent card through the console interface. #13959 Fix Password update fails when deployed with independent console/server. #13964 Fix when nacos.extension.ai.enabled is false, nacos start failed.

Dependencies

#13879 Add unit tests for AI-related components. #13881 Add utility APIs for development and testing purposes.

Deployment Required

Module	Java Required
Nacos-Server/Nacos-Console	Java 17
Nacos-Client	Java 8
Nacos-Maintainer-Client	Java 8

... (truncated)

Commits

• 7bfadea build: Upgrade version to 3.1.1. (#13971)
• 3e3beb0 [ISSUE #13964] Fix when nacos.extension.ai.enabled is false, nacos start fa… ...
• 19b24f5 [ISSUE #13951] Add configurable CORS filter for console module (#13966)
• ce3b2ac feat(config):List config api support return configTags and desc (#13963)
• 90946e1 fix(auth): Fix Password update fails when deployed with independent console/s...
• a5ff5b9 Support batch register agent endpoint (#13957)
• 69e04d8 添加默认安全配置支持，包括下行和上行安全方案的选择与配置 (#13953)
• f9b17e1 fix(ai): Fix update agent card failed by console. (#13948)
• 699a720 feat(a2a): Refactor AgentEndpoint and add new fields (#13946)
• c2d4365 Support merge versions when import mcp (#13945)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)