Skip to content

fix(prebuilt/alloydb-omni): require password env var explicitly#3398

Merged
twishabansal merged 1 commit into
mainfrom
fix/alloydb-omni-password-required
Jun 11, 2026
Merged

fix(prebuilt/alloydb-omni): require password env var explicitly#3398
twishabansal merged 1 commit into
mainfrom
fix/alloydb-omni-password-required

Conversation

@twishabansal

@twishabansal twishabansal commented Jun 11, 2026

Copy link
Copy Markdown
Contributor

Description

The alloydb-omni prebuilt config declared password: ${ALLOYDB_OMNI_PASSWORD:} (empty default), but the underlying postgres source marks Password as validate:"required". An unset ALLOYDB_OMNI_PASSWORD therefore resolves to ""null and fails config validation anyway — the empty default was misleading.

This drops the empty default and declares the var bare-required (${ALLOYDB_OMNI_PASSWORD}), matching the adjacent user field. Behavior is unchanged for the served path (an unset password already failed); it just makes the requirement honest and lets offline tooling substitute the placeholder.

Stacked on #3388.

@twishabansal twishabansal requested a review from a team as a code owner June 11, 2026 07:08

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates the prebuilt configuration for AlloyDB Omni by removing the default empty string fallback from the ALLOYDB_OMNI_PASSWORD environment variable placeholder. No review comments were provided, and there is no additional feedback to address.

@twishabansal twishabansal added the do not merge Indicates a pull request not ready for merge, due to either quality or timing. label Jun 11, 2026
@averikitsch averikitsch assigned averikitsch and unassigned Yuan325 Jun 11, 2026
@twishabansal twishabansal changed the base branch from feat/skills-generate-offline to main June 11, 2026 17:28
@twishabansal twishabansal requested review from a team as code owners June 11, 2026 17:28
@twishabansal twishabansal changed the base branch from main to feat/skills-generate-offline June 11, 2026 17:29
The postgres source marks Password as required, so an unset
ALLOYDB_OMNI_PASSWORD already fails config validation. Drop the
misleading empty default (${VAR:}) and declare it bare-required
(${VAR}), matching the user field, so the requirement is honest.
@twishabansal twishabansal force-pushed the fix/alloydb-omni-password-required branch from 1afbb08 to 540be1b Compare June 11, 2026 17:33
@twishabansal twishabansal changed the base branch from feat/skills-generate-offline to main June 11, 2026 17:33
@twishabansal twishabansal removed the do not merge Indicates a pull request not ready for merge, due to either quality or timing. label Jun 11, 2026
@twishabansal twishabansal enabled auto-merge (squash) June 11, 2026 17:33
@twishabansal twishabansal merged commit fcbe3e7 into main Jun 11, 2026
16 checks passed
@twishabansal twishabansal deleted the fix/alloydb-omni-password-required branch June 11, 2026 17:59
@github-actions

Copy link
Copy Markdown
Contributor

🧨 Preview deployments removed.

Cloudflare Pages environments for pr-3398 have been deleted.

Yuan325 added a commit that referenced this pull request Jun 18, 2026
🤖 I have created a release *beep* *boop*
---


##
[1.5.0](v1.4.0...v1.5.0)
(2026-06-18)


### Features

* **auth/google:** Require audience or clientId for mcpEnabled
([#3450](#3450))
([59f7b6e](59f7b6e))
* Enable per source level flags for sql commenter
([#3465](#3465))
([ecce6b7](ecce6b7))
* **mcp:** Add URL parameter binding for HTTP transport
([#3112](#3112))
([0cc7b37](0cc7b37))
* **scylladb:** Adding support for ScyllaDB source and tool
([#3119](#3119))
([2dada83](2dada83))
* **server:** Add support for toolset filtering in prebuilt CLI flag
([#3245](#3245))
([7cc4f65](7cc4f65))
* **skills:** Generate skills offline without live source connections
([#3388](#3388))
([4c860b6](4c860b6))
* **skills:** Tolerate missing env vars during offline skills-generate
([#3399](#3399))
([ea5d3e5](ea5d3e5))
* **source/cloud-storage:** Restrict bucket and local path access
([#3454](#3454))
([2c3ca5d](2c3ca5d))
* **tools/bigquery:** Add per tool query label in BigQuery jobs
([#1975](#1975))
([3f6a49f](3f6a49f))
* **tools/dataplex:** Add tools to support metadata enrichment workflow
([#3270](#3270))
([05289aa](05289aa))
* **tools/mysql:** Add show-query-stats and list-all-locks tools for
MySQL and Cloud SQL MySQL source
([#2954](#2954))
([a9693bd](a9693bd))
* **tools:** Decouple tool initialization from sources
([#3355](#3355))
([32a24e3](32a24e3))


### Bug Fixes

* **auth/dataplex:** Fix failing source with service account credentials
([#3369](#3369))
([ba4deef](ba4deef))
* **bigquery:** Wire maximumBytesBilled into prebuilt config
([#3385](#3385))
([4abbf6e](4abbf6e))
* Bound MCP HTTP body size
([#3216](#3216))
([d4f4342](d4f4342))
* **config:** Add doc/line context to parse errors
([#2957](#2957))
([4b097da](4b097da))
* Escape delimiter characters in applyEscape to prevent SQL injection
([#2811](#2811))
([932519a](932519a))
* **npm:** Source binary version from cmd/version.txt
([#3417](#3417))
([6ffbdec](6ffbdec))
* **prebuilt/alloydb-omni:** Require password env var explicitly
([#3398](#3398))
([fcbe3e7](fcbe3e7))
* **server:** Fail if MCP auth is enabled together with enable-api
([#3435](#3435))
([a6ff910](a6ff910))
* **server:** Return errors instead of panicking in InitializeConfigs
([#3397](#3397))
([f48b01d](f48b01d))
* **source/cloudhealthcare:** Validate pageURL parameter to prevent SSRF
([#3453](#3453))
([9abf47d](9abf47d))
* **source/dataplex,source/datalineage:** Specify cloud-platform scope
for default credentials
([#3376](#3376))
([13e8c36](13e8c36))
* **source/http:** Implement SSRF guard
([#3448](#3448))
([24d7d29](24d7d29))
* **tool/bigquery-execute-sql:** Prevent dataset restriction bypass
([#3452](#3452))
([ca6d5e3](ca6d5e3))
* **tool/mysql-get-query-plan:** Prevent query execution bypass and
statement injection
([#3235](#3235))
([7ed1e7b](7ed1e7b))
* **tool/spanner-sql,tool/spanner-execute-sql:** Use read-only
annotations when readOnly is set
([#3338](#3338))
([8bde0ec](8bde0ec))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

---------

Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com>
Co-authored-by: Yuan Teoh <[email protected]>
github-actions Bot pushed a commit that referenced this pull request Jun 18, 2026
🤖 I have created a release *beep* *boop*
---

##
[1.5.0](v1.4.0...v1.5.0)
(2026-06-18)

### Features

* **auth/google:** Require audience or clientId for mcpEnabled
([#3450](#3450))
([59f7b6e](59f7b6e))
* Enable per source level flags for sql commenter
([#3465](#3465))
([ecce6b7](ecce6b7))
* **mcp:** Add URL parameter binding for HTTP transport
([#3112](#3112))
([0cc7b37](0cc7b37))
* **scylladb:** Adding support for ScyllaDB source and tool
([#3119](#3119))
([2dada83](2dada83))
* **server:** Add support for toolset filtering in prebuilt CLI flag
([#3245](#3245))
([7cc4f65](7cc4f65))
* **skills:** Generate skills offline without live source connections
([#3388](#3388))
([4c860b6](4c860b6))
* **skills:** Tolerate missing env vars during offline skills-generate
([#3399](#3399))
([ea5d3e5](ea5d3e5))
* **source/cloud-storage:** Restrict bucket and local path access
([#3454](#3454))
([2c3ca5d](2c3ca5d))
* **tools/bigquery:** Add per tool query label in BigQuery jobs
([#1975](#1975))
([3f6a49f](3f6a49f))
* **tools/dataplex:** Add tools to support metadata enrichment workflow
([#3270](#3270))
([05289aa](05289aa))
* **tools/mysql:** Add show-query-stats and list-all-locks tools for
MySQL and Cloud SQL MySQL source
([#2954](#2954))
([a9693bd](a9693bd))
* **tools:** Decouple tool initialization from sources
([#3355](#3355))
([32a24e3](32a24e3))

### Bug Fixes

* **auth/dataplex:** Fix failing source with service account credentials
([#3369](#3369))
([ba4deef](ba4deef))
* **bigquery:** Wire maximumBytesBilled into prebuilt config
([#3385](#3385))
([4abbf6e](4abbf6e))
* Bound MCP HTTP body size
([#3216](#3216))
([d4f4342](d4f4342))
* **config:** Add doc/line context to parse errors
([#2957](#2957))
([4b097da](4b097da))
* Escape delimiter characters in applyEscape to prevent SQL injection
([#2811](#2811))
([932519a](932519a))
* **npm:** Source binary version from cmd/version.txt
([#3417](#3417))
([6ffbdec](6ffbdec))
* **prebuilt/alloydb-omni:** Require password env var explicitly
([#3398](#3398))
([fcbe3e7](fcbe3e7))
* **server:** Fail if MCP auth is enabled together with enable-api
([#3435](#3435))
([a6ff910](a6ff910))
* **server:** Return errors instead of panicking in InitializeConfigs
([#3397](#3397))
([f48b01d](f48b01d))
* **source/cloudhealthcare:** Validate pageURL parameter to prevent SSRF
([#3453](#3453))
([9abf47d](9abf47d))
* **source/dataplex,source/datalineage:** Specify cloud-platform scope
for default credentials
([#3376](#3376))
([13e8c36](13e8c36))
* **source/http:** Implement SSRF guard
([#3448](#3448))
([24d7d29](24d7d29))
* **tool/bigquery-execute-sql:** Prevent dataset restriction bypass
([#3452](#3452))
([ca6d5e3](ca6d5e3))
* **tool/mysql-get-query-plan:** Prevent query execution bypass and
statement injection
([#3235](#3235))
([7ed1e7b](7ed1e7b))
* **tool/spanner-sql,tool/spanner-execute-sql:** Use read-only
annotations when readOnly is set
([#3338](#3338))
([8bde0ec](8bde0ec))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

---------

Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com>
Co-authored-by: Yuan Teoh <[email protected]> 45c0f86
github-actions Bot pushed a commit to renovate-bot/googleapis-_-genai-toolbox that referenced this pull request Jun 18, 2026
🤖 I have created a release *beep* *boop*
---

##
[1.5.0](googleapis/mcp-toolbox@v1.4.0...v1.5.0)
(2026-06-18)

### Features

* **auth/google:** Require audience or clientId for mcpEnabled
([googleapis#3450](googleapis#3450))
([59f7b6e](googleapis@59f7b6e))
* Enable per source level flags for sql commenter
([googleapis#3465](googleapis#3465))
([ecce6b7](googleapis@ecce6b7))
* **mcp:** Add URL parameter binding for HTTP transport
([googleapis#3112](googleapis#3112))
([0cc7b37](googleapis@0cc7b37))
* **scylladb:** Adding support for ScyllaDB source and tool
([googleapis#3119](googleapis#3119))
([2dada83](googleapis@2dada83))
* **server:** Add support for toolset filtering in prebuilt CLI flag
([googleapis#3245](googleapis#3245))
([7cc4f65](googleapis@7cc4f65))
* **skills:** Generate skills offline without live source connections
([googleapis#3388](googleapis#3388))
([4c860b6](googleapis@4c860b6))
* **skills:** Tolerate missing env vars during offline skills-generate
([googleapis#3399](googleapis#3399))
([ea5d3e5](googleapis@ea5d3e5))
* **source/cloud-storage:** Restrict bucket and local path access
([googleapis#3454](googleapis#3454))
([2c3ca5d](googleapis@2c3ca5d))
* **tools/bigquery:** Add per tool query label in BigQuery jobs
([googleapis#1975](googleapis#1975))
([3f6a49f](googleapis@3f6a49f))
* **tools/dataplex:** Add tools to support metadata enrichment workflow
([googleapis#3270](googleapis#3270))
([05289aa](googleapis@05289aa))
* **tools/mysql:** Add show-query-stats and list-all-locks tools for
MySQL and Cloud SQL MySQL source
([googleapis#2954](googleapis#2954))
([a9693bd](googleapis@a9693bd))
* **tools:** Decouple tool initialization from sources
([googleapis#3355](googleapis#3355))
([32a24e3](googleapis@32a24e3))

### Bug Fixes

* **auth/dataplex:** Fix failing source with service account credentials
([googleapis#3369](googleapis#3369))
([ba4deef](googleapis@ba4deef))
* **bigquery:** Wire maximumBytesBilled into prebuilt config
([googleapis#3385](googleapis#3385))
([4abbf6e](googleapis@4abbf6e))
* Bound MCP HTTP body size
([googleapis#3216](googleapis#3216))
([d4f4342](googleapis@d4f4342))
* **config:** Add doc/line context to parse errors
([googleapis#2957](googleapis#2957))
([4b097da](googleapis@4b097da))
* Escape delimiter characters in applyEscape to prevent SQL injection
([googleapis#2811](googleapis#2811))
([932519a](googleapis@932519a))
* **npm:** Source binary version from cmd/version.txt
([googleapis#3417](googleapis#3417))
([6ffbdec](googleapis@6ffbdec))
* **prebuilt/alloydb-omni:** Require password env var explicitly
([googleapis#3398](googleapis#3398))
([fcbe3e7](googleapis@fcbe3e7))
* **server:** Fail if MCP auth is enabled together with enable-api
([googleapis#3435](googleapis#3435))
([a6ff910](googleapis@a6ff910))
* **server:** Return errors instead of panicking in InitializeConfigs
([googleapis#3397](googleapis#3397))
([f48b01d](googleapis@f48b01d))
* **source/cloudhealthcare:** Validate pageURL parameter to prevent SSRF
([googleapis#3453](googleapis#3453))
([9abf47d](googleapis@9abf47d))
* **source/dataplex,source/datalineage:** Specify cloud-platform scope
for default credentials
([googleapis#3376](googleapis#3376))
([13e8c36](googleapis@13e8c36))
* **source/http:** Implement SSRF guard
([googleapis#3448](googleapis#3448))
([24d7d29](googleapis@24d7d29))
* **tool/bigquery-execute-sql:** Prevent dataset restriction bypass
([googleapis#3452](googleapis#3452))
([ca6d5e3](googleapis@ca6d5e3))
* **tool/mysql-get-query-plan:** Prevent query execution bypass and
statement injection
([googleapis#3235](googleapis#3235))
([7ed1e7b](googleapis@7ed1e7b))
* **tool/spanner-sql,tool/spanner-execute-sql:** Use read-only
annotations when readOnly is set
([googleapis#3338](googleapis#3338))
([8bde0ec](googleapis@8bde0ec))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

---------

Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com>
Co-authored-by: Yuan Teoh <[email protected]> 45c0f86
github-actions Bot pushed a commit to rodineyw/mcp-toolbox that referenced this pull request Jun 19, 2026
🤖 I have created a release *beep* *boop*
---

##
[1.5.0](googleapis/mcp-toolbox@v1.4.0...v1.5.0)
(2026-06-18)

### Features

* **auth/google:** Require audience or clientId for mcpEnabled
([googleapis#3450](googleapis#3450))
([59f7b6e](googleapis@59f7b6e))
* Enable per source level flags for sql commenter
([googleapis#3465](googleapis#3465))
([ecce6b7](googleapis@ecce6b7))
* **mcp:** Add URL parameter binding for HTTP transport
([googleapis#3112](googleapis#3112))
([0cc7b37](googleapis@0cc7b37))
* **scylladb:** Adding support for ScyllaDB source and tool
([googleapis#3119](googleapis#3119))
([2dada83](googleapis@2dada83))
* **server:** Add support for toolset filtering in prebuilt CLI flag
([googleapis#3245](googleapis#3245))
([7cc4f65](googleapis@7cc4f65))
* **skills:** Generate skills offline without live source connections
([googleapis#3388](googleapis#3388))
([4c860b6](googleapis@4c860b6))
* **skills:** Tolerate missing env vars during offline skills-generate
([googleapis#3399](googleapis#3399))
([ea5d3e5](googleapis@ea5d3e5))
* **source/cloud-storage:** Restrict bucket and local path access
([googleapis#3454](googleapis#3454))
([2c3ca5d](googleapis@2c3ca5d))
* **tools/bigquery:** Add per tool query label in BigQuery jobs
([googleapis#1975](googleapis#1975))
([3f6a49f](googleapis@3f6a49f))
* **tools/dataplex:** Add tools to support metadata enrichment workflow
([googleapis#3270](googleapis#3270))
([05289aa](googleapis@05289aa))
* **tools/mysql:** Add show-query-stats and list-all-locks tools for
MySQL and Cloud SQL MySQL source
([googleapis#2954](googleapis#2954))
([a9693bd](googleapis@a9693bd))
* **tools:** Decouple tool initialization from sources
([googleapis#3355](googleapis#3355))
([32a24e3](googleapis@32a24e3))

### Bug Fixes

* **auth/dataplex:** Fix failing source with service account credentials
([googleapis#3369](googleapis#3369))
([ba4deef](googleapis@ba4deef))
* **bigquery:** Wire maximumBytesBilled into prebuilt config
([googleapis#3385](googleapis#3385))
([4abbf6e](googleapis@4abbf6e))
* Bound MCP HTTP body size
([googleapis#3216](googleapis#3216))
([d4f4342](googleapis@d4f4342))
* **config:** Add doc/line context to parse errors
([googleapis#2957](googleapis#2957))
([4b097da](googleapis@4b097da))
* Escape delimiter characters in applyEscape to prevent SQL injection
([googleapis#2811](googleapis#2811))
([932519a](googleapis@932519a))
* **npm:** Source binary version from cmd/version.txt
([googleapis#3417](googleapis#3417))
([6ffbdec](googleapis@6ffbdec))
* **prebuilt/alloydb-omni:** Require password env var explicitly
([googleapis#3398](googleapis#3398))
([fcbe3e7](googleapis@fcbe3e7))
* **server:** Fail if MCP auth is enabled together with enable-api
([googleapis#3435](googleapis#3435))
([a6ff910](googleapis@a6ff910))
* **server:** Return errors instead of panicking in InitializeConfigs
([googleapis#3397](googleapis#3397))
([f48b01d](googleapis@f48b01d))
* **source/cloudhealthcare:** Validate pageURL parameter to prevent SSRF
([googleapis#3453](googleapis#3453))
([9abf47d](googleapis@9abf47d))
* **source/dataplex,source/datalineage:** Specify cloud-platform scope
for default credentials
([googleapis#3376](googleapis#3376))
([13e8c36](googleapis@13e8c36))
* **source/http:** Implement SSRF guard
([googleapis#3448](googleapis#3448))
([24d7d29](googleapis@24d7d29))
* **tool/bigquery-execute-sql:** Prevent dataset restriction bypass
([googleapis#3452](googleapis#3452))
([ca6d5e3](googleapis@ca6d5e3))
* **tool/mysql-get-query-plan:** Prevent query execution bypass and
statement injection
([googleapis#3235](googleapis#3235))
([7ed1e7b](googleapis@7ed1e7b))
* **tool/spanner-sql,tool/spanner-execute-sql:** Use read-only
annotations when readOnly is set
([googleapis#3338](googleapis#3338))
([8bde0ec](googleapis@8bde0ec))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

---------

Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com>
Co-authored-by: Yuan Teoh <[email protected]> 45c0f86
github-actions Bot pushed a commit to Jaleel-zhu/genai-toolbox that referenced this pull request Jun 19, 2026
🤖 I have created a release *beep* *boop*
---

##
[1.5.0](googleapis/mcp-toolbox@v1.4.0...v1.5.0)
(2026-06-18)

### Features

* **auth/google:** Require audience or clientId for mcpEnabled
([googleapis#3450](googleapis#3450))
([59f7b6e](googleapis@59f7b6e))
* Enable per source level flags for sql commenter
([googleapis#3465](googleapis#3465))
([ecce6b7](googleapis@ecce6b7))
* **mcp:** Add URL parameter binding for HTTP transport
([googleapis#3112](googleapis#3112))
([0cc7b37](googleapis@0cc7b37))
* **scylladb:** Adding support for ScyllaDB source and tool
([googleapis#3119](googleapis#3119))
([2dada83](googleapis@2dada83))
* **server:** Add support for toolset filtering in prebuilt CLI flag
([googleapis#3245](googleapis#3245))
([7cc4f65](googleapis@7cc4f65))
* **skills:** Generate skills offline without live source connections
([googleapis#3388](googleapis#3388))
([4c860b6](googleapis@4c860b6))
* **skills:** Tolerate missing env vars during offline skills-generate
([googleapis#3399](googleapis#3399))
([ea5d3e5](googleapis@ea5d3e5))
* **source/cloud-storage:** Restrict bucket and local path access
([googleapis#3454](googleapis#3454))
([2c3ca5d](googleapis@2c3ca5d))
* **tools/bigquery:** Add per tool query label in BigQuery jobs
([googleapis#1975](googleapis#1975))
([3f6a49f](googleapis@3f6a49f))
* **tools/dataplex:** Add tools to support metadata enrichment workflow
([googleapis#3270](googleapis#3270))
([05289aa](googleapis@05289aa))
* **tools/mysql:** Add show-query-stats and list-all-locks tools for
MySQL and Cloud SQL MySQL source
([googleapis#2954](googleapis#2954))
([a9693bd](googleapis@a9693bd))
* **tools:** Decouple tool initialization from sources
([googleapis#3355](googleapis#3355))
([32a24e3](googleapis@32a24e3))

### Bug Fixes

* **auth/dataplex:** Fix failing source with service account credentials
([googleapis#3369](googleapis#3369))
([ba4deef](googleapis@ba4deef))
* **bigquery:** Wire maximumBytesBilled into prebuilt config
([googleapis#3385](googleapis#3385))
([4abbf6e](googleapis@4abbf6e))
* Bound MCP HTTP body size
([googleapis#3216](googleapis#3216))
([d4f4342](googleapis@d4f4342))
* **config:** Add doc/line context to parse errors
([googleapis#2957](googleapis#2957))
([4b097da](googleapis@4b097da))
* Escape delimiter characters in applyEscape to prevent SQL injection
([googleapis#2811](googleapis#2811))
([932519a](googleapis@932519a))
* **npm:** Source binary version from cmd/version.txt
([googleapis#3417](googleapis#3417))
([6ffbdec](googleapis@6ffbdec))
* **prebuilt/alloydb-omni:** Require password env var explicitly
([googleapis#3398](googleapis#3398))
([fcbe3e7](googleapis@fcbe3e7))
* **server:** Fail if MCP auth is enabled together with enable-api
([googleapis#3435](googleapis#3435))
([a6ff910](googleapis@a6ff910))
* **server:** Return errors instead of panicking in InitializeConfigs
([googleapis#3397](googleapis#3397))
([f48b01d](googleapis@f48b01d))
* **source/cloudhealthcare:** Validate pageURL parameter to prevent SSRF
([googleapis#3453](googleapis#3453))
([9abf47d](googleapis@9abf47d))
* **source/dataplex,source/datalineage:** Specify cloud-platform scope
for default credentials
([googleapis#3376](googleapis#3376))
([13e8c36](googleapis@13e8c36))
* **source/http:** Implement SSRF guard
([googleapis#3448](googleapis#3448))
([24d7d29](googleapis@24d7d29))
* **tool/bigquery-execute-sql:** Prevent dataset restriction bypass
([googleapis#3452](googleapis#3452))
([ca6d5e3](googleapis@ca6d5e3))
* **tool/mysql-get-query-plan:** Prevent query execution bypass and
statement injection
([googleapis#3235](googleapis#3235))
([7ed1e7b](googleapis@7ed1e7b))
* **tool/spanner-sql,tool/spanner-execute-sql:** Use read-only
annotations when readOnly is set
([googleapis#3338](googleapis#3338))
([8bde0ec](googleapis@8bde0ec))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

---------

Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com>
Co-authored-by: Yuan Teoh <[email protected]> 45c0f86
github-actions Bot pushed a commit to pepe57/genai-toolbox that referenced this pull request Jun 19, 2026
🤖 I have created a release *beep* *boop*
---

##
[1.5.0](googleapis/mcp-toolbox@v1.4.0...v1.5.0)
(2026-06-18)

### Features

* **auth/google:** Require audience or clientId for mcpEnabled
([googleapis#3450](googleapis#3450))
([59f7b6e](googleapis@59f7b6e))
* Enable per source level flags for sql commenter
([googleapis#3465](googleapis#3465))
([ecce6b7](googleapis@ecce6b7))
* **mcp:** Add URL parameter binding for HTTP transport
([googleapis#3112](googleapis#3112))
([0cc7b37](googleapis@0cc7b37))
* **scylladb:** Adding support for ScyllaDB source and tool
([googleapis#3119](googleapis#3119))
([2dada83](googleapis@2dada83))
* **server:** Add support for toolset filtering in prebuilt CLI flag
([googleapis#3245](googleapis#3245))
([7cc4f65](googleapis@7cc4f65))
* **skills:** Generate skills offline without live source connections
([googleapis#3388](googleapis#3388))
([4c860b6](googleapis@4c860b6))
* **skills:** Tolerate missing env vars during offline skills-generate
([googleapis#3399](googleapis#3399))
([ea5d3e5](googleapis@ea5d3e5))
* **source/cloud-storage:** Restrict bucket and local path access
([googleapis#3454](googleapis#3454))
([2c3ca5d](googleapis@2c3ca5d))
* **tools/bigquery:** Add per tool query label in BigQuery jobs
([googleapis#1975](googleapis#1975))
([3f6a49f](googleapis@3f6a49f))
* **tools/dataplex:** Add tools to support metadata enrichment workflow
([googleapis#3270](googleapis#3270))
([05289aa](googleapis@05289aa))
* **tools/mysql:** Add show-query-stats and list-all-locks tools for
MySQL and Cloud SQL MySQL source
([googleapis#2954](googleapis#2954))
([a9693bd](googleapis@a9693bd))
* **tools:** Decouple tool initialization from sources
([googleapis#3355](googleapis#3355))
([32a24e3](googleapis@32a24e3))

### Bug Fixes

* **auth/dataplex:** Fix failing source with service account credentials
([googleapis#3369](googleapis#3369))
([ba4deef](googleapis@ba4deef))
* **bigquery:** Wire maximumBytesBilled into prebuilt config
([googleapis#3385](googleapis#3385))
([4abbf6e](googleapis@4abbf6e))
* Bound MCP HTTP body size
([googleapis#3216](googleapis#3216))
([d4f4342](googleapis@d4f4342))
* **config:** Add doc/line context to parse errors
([googleapis#2957](googleapis#2957))
([4b097da](googleapis@4b097da))
* Escape delimiter characters in applyEscape to prevent SQL injection
([googleapis#2811](googleapis#2811))
([932519a](googleapis@932519a))
* **npm:** Source binary version from cmd/version.txt
([googleapis#3417](googleapis#3417))
([6ffbdec](googleapis@6ffbdec))
* **prebuilt/alloydb-omni:** Require password env var explicitly
([googleapis#3398](googleapis#3398))
([fcbe3e7](googleapis@fcbe3e7))
* **server:** Fail if MCP auth is enabled together with enable-api
([googleapis#3435](googleapis#3435))
([a6ff910](googleapis@a6ff910))
* **server:** Return errors instead of panicking in InitializeConfigs
([googleapis#3397](googleapis#3397))
([f48b01d](googleapis@f48b01d))
* **source/cloudhealthcare:** Validate pageURL parameter to prevent SSRF
([googleapis#3453](googleapis#3453))
([9abf47d](googleapis@9abf47d))
* **source/dataplex,source/datalineage:** Specify cloud-platform scope
for default credentials
([googleapis#3376](googleapis#3376))
([13e8c36](googleapis@13e8c36))
* **source/http:** Implement SSRF guard
([googleapis#3448](googleapis#3448))
([24d7d29](googleapis@24d7d29))
* **tool/bigquery-execute-sql:** Prevent dataset restriction bypass
([googleapis#3452](googleapis#3452))
([ca6d5e3](googleapis@ca6d5e3))
* **tool/mysql-get-query-plan:** Prevent query execution bypass and
statement injection
([googleapis#3235](googleapis#3235))
([7ed1e7b](googleapis@7ed1e7b))
* **tool/spanner-sql,tool/spanner-execute-sql:** Use read-only
annotations when readOnly is set
([googleapis#3338](googleapis#3338))
([8bde0ec](googleapis@8bde0ec))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

---------

Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com>
Co-authored-by: Yuan Teoh <[email protected]> 45c0f86
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants