Releases: zereight/gitlab-mcp
Releases Β· zereight/gitlab-mcp
v2.1.0
What's Changed
- chore(deps): bump the npm_and_yarn group across 1 directory with 2 updates by @dependabot[bot] in #407
Full Changelog: v2.0.36...v2.1.0
Contributors
dependabot
Assets 2
v2.0.36
Changes in v2.0.36
β¨ Features
- feat: add MCP OAuth mode #359
- feat: add work items toolset via GraphQL API #362
- feat: Optimization for heavy AI workload on code review #385
- feat: group-level wiki support #389
- feat(oauth): allow providing PAT as header and prefer PAT over job token #400
π Bug Fixes
- Fix getEffectiveProjectId to prioritize passed projectId over GITLAB_PROJECT_ID #320
- fix: use agent function to support HTTP/HTTPS protocol switching in self-hosted GitLab #372
- fix: allow lookahead/lookbehind patterns in GITLAB_DENIED_TOOLS_REGEX #387
- fix: prevent 400 errors from mutually exclusive params in list_merge_requests #388
- fix: Fix app installation instruction #394
- fix(oauth): allow customizing oauth scopes #399
- fix(issues): make discussion_id optional in create_issue_note #404
π¨ Chore
v2.0.35
Changes in v2.0.35
β¨ Features
- feat: add MCP OAuth mode #359
- feat: add work items toolset via GraphQL API #362
- feat: configurable GitLab repository file payload encoding (text/base64) #382
- feat: Optimization for heavy AI workload on code review #385
- feat: group-level wiki support #389
π Bug Fixes
- Fix getEffectiveProjectId to prioritize passed projectId over GITLAB_PROJECT_ID #320
- fix: use agent function to support HTTP/HTTPS protocol switching in self-hosted GitLab #372
- fix: request read_api OAuth scope when GITLAB_READ_ONLY_MODE is enabled #381
- fix: harden OAuth security (CSRF, XSS, stdio log leak) #384
- fix: allow lookahead/lookbehind patterns in GITLAB_DENIED_TOOLS_REGEX #387
- fix: prevent 400 errors from mutually exclusive params in list_merge_requests #388
- fix: Fix app installation instruction #394
v2.0.34
Changes in v2.0.34
β¨ Features
- feat: allow job tokens for remote authorization #377
- feat: configurable GitLab repository file payload encoding (text/base64) #382
π Bug Fixes
- Fix getEffectiveProjectId to prioritize passed projectId over GITLAB_PROJECT_ID #320
- fix: use agent function to support HTTP/HTTPS protocol switching in self-hosted GitLab #372
- fix(auth): allow only job token to be specified #375
- fix: amend fetch calls that missing default config and fix tool "markdown upload" returns 406 #378
- fix: request read_api OAuth scope when GITLAB_READ_ONLY_MODE is enabled #381
- fix: harden OAuth security (CSRF, XSS, stdio log leak) #384
π¨ Chore
- chore(deps): bump the npm_and_yarn group across 1 directory with 5 updates #374
- chore(deps-dev): bump flatted from 3.3.3 to 3.4.2 in the npm_and_yarn group across 1 directory #386
Other Changes
v2.0.33
v2.0.32
Changes in v2.0.32
β¨ Features
- feat: add artifacts and deployment visibility for pipelines and merge requests [#353]
- feat: add inputs support to create_pipeline for GitLab CI/CD [#355]
π Bug Fixes
- fix: Fix get_file_contents failing in Trae [#311]
- fix: auto-refresh OAuth token before expiry [#347]
π¨ Chore
- chore(deps): bump hono from 4.11.7 to 4.12.0 in the npm_and_yarn group across 1 directory [#352]
Other Changes
v2.0.30
Changes in v2.0.30
β¨ Features
- feat: add in_reply_to_discussion_id to create_draft_note #339
- feat: return inline base64 images from download_attachment #343
- feat: add GitHub-style toolset and tool filtering (GITLAB_TOOLSETS, GITLAB_TOOLS) #345
π Bug Fixes
- fix: use getConfig for all GITLAB_API_URL usages to support --api-url CLI argument #349
Thanks
Contributors
alfonsodg, lukeisontheroad, and wufei-png
Assets 2
v2.0.28
Changes in v2.0.28
π Bug Fixes
- fix: use per-session Server instances to prevent cross-client data leakage #344
- fix: name change in dockerhub #341
- fix: sanitize GITLAB_DENIED_TOOLS_REGEX to prevent ReDoS
- fix: prevent regex injection from GITLAB_DENIED_TOOLS_REGEX input
π Documentation
- docs: enhance JSDoc for updateIssueNote with examples and constraints
Contributors
7 Taeyo
1 dependabot[bot]
v2.0.25
v2.0.24
v2.0.24 Release Notes
π New Features
Merge Request Approvals (#308)
- Added
approve_merge_requesttool to approve merge requests - Added
unapprove_merge_requesttool to remove approval from merge requests - Helps streamline code review workflows directly from MCP
Inherited Project Members (#316)
- Added
include_inheritanceoption tolist_project_memberstool - When enabled, returns members inherited from parent groups via
/members/allendpoint - Comprehensive test coverage included
Cookie File Reload & Session Warmup (#315)
- Cookie file is now automatically reloaded when modified (mtime polling)
- New session warmup feature for proxy authentication
- Improved reliability for proxy-based auth setups
Diff Filtering Improvements (#313)
- Added
excluded_file_patternsparameter toget_merge_request_diffs - Unified filtering logic between
get_branch_diffsandget_merge_request_diffs - Security: Added ReDoS protection for user-supplied regex patterns
π οΈ Improvements
CI/CD
- Added
test:mockto PR validation workflow - All mock tests now run automatically on pull requests
Code Quality
- Extracted
filterDiffsByPatternsutility function (DRY principle) - Removed obsolete
readonly-mcp-tests.ts - Updated documentation for additional application compatibility
π¦ Installation
npm install @zereight/mcp-gitlab@2.0.24π Full Changelog
Full Changelog: v2.0.23...v2.0.24