Skip to content

feat(auth/google): require audience or clientId for mcpEnabled#3450

Merged
duwenxin99 merged 4 commits into
mainfrom
feat/google-auth-require-audience
Jun 18, 2026
Merged

feat(auth/google): require audience or clientId for mcpEnabled#3450
duwenxin99 merged 4 commits into
mainfrom
feat/google-auth-require-audience

Conversation

@duwenxin99

@duwenxin99 duwenxin99 commented Jun 16, 2026

Copy link
Copy Markdown
Contributor

Make audience validation mandatory.

Reported by: HE WEI(ギカク)

@duwenxin99 duwenxin99 requested a review from a team as a code owner June 16, 2026 12:45
@duwenxin99 duwenxin99 added the release candidate Use label to signal PR should be included in the next release. label Jun 16, 2026

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates the Google auth service initialization logic to enforce that either audience or clientId is provided when mcpEnabled is true. It also adds corresponding unit tests to validate these configuration constraints. There are no review comments to address.

@Yuan325 Yuan325 assigned averikitsch and unassigned Yuan325 Jun 17, 2026
@duwenxin99 duwenxin99 enabled auto-merge (squash) June 17, 2026 21:45
@duwenxin99 duwenxin99 merged commit 59f7b6e into main Jun 18, 2026
24 checks passed
@duwenxin99 duwenxin99 deleted the feat/google-auth-require-audience branch June 18, 2026 02:49
@github-actions

Copy link
Copy Markdown
Contributor

🧨 Preview deployments removed.

Cloudflare Pages environments for pr-3450 have been deleted.

Yuan325 added a commit that referenced this pull request Jun 18, 2026
🤖 I have created a release *beep* *boop*
---


##
[1.5.0](v1.4.0...v1.5.0)
(2026-06-18)


### Features

* **auth/google:** Require audience or clientId for mcpEnabled
([#3450](#3450))
([59f7b6e](59f7b6e))
* Enable per source level flags for sql commenter
([#3465](#3465))
([ecce6b7](ecce6b7))
* **mcp:** Add URL parameter binding for HTTP transport
([#3112](#3112))
([0cc7b37](0cc7b37))
* **scylladb:** Adding support for ScyllaDB source and tool
([#3119](#3119))
([2dada83](2dada83))
* **server:** Add support for toolset filtering in prebuilt CLI flag
([#3245](#3245))
([7cc4f65](7cc4f65))
* **skills:** Generate skills offline without live source connections
([#3388](#3388))
([4c860b6](4c860b6))
* **skills:** Tolerate missing env vars during offline skills-generate
([#3399](#3399))
([ea5d3e5](ea5d3e5))
* **source/cloud-storage:** Restrict bucket and local path access
([#3454](#3454))
([2c3ca5d](2c3ca5d))
* **tools/bigquery:** Add per tool query label in BigQuery jobs
([#1975](#1975))
([3f6a49f](3f6a49f))
* **tools/dataplex:** Add tools to support metadata enrichment workflow
([#3270](#3270))
([05289aa](05289aa))
* **tools/mysql:** Add show-query-stats and list-all-locks tools for
MySQL and Cloud SQL MySQL source
([#2954](#2954))
([a9693bd](a9693bd))
* **tools:** Decouple tool initialization from sources
([#3355](#3355))
([32a24e3](32a24e3))


### Bug Fixes

* **auth/dataplex:** Fix failing source with service account credentials
([#3369](#3369))
([ba4deef](ba4deef))
* **bigquery:** Wire maximumBytesBilled into prebuilt config
([#3385](#3385))
([4abbf6e](4abbf6e))
* Bound MCP HTTP body size
([#3216](#3216))
([d4f4342](d4f4342))
* **config:** Add doc/line context to parse errors
([#2957](#2957))
([4b097da](4b097da))
* Escape delimiter characters in applyEscape to prevent SQL injection
([#2811](#2811))
([932519a](932519a))
* **npm:** Source binary version from cmd/version.txt
([#3417](#3417))
([6ffbdec](6ffbdec))
* **prebuilt/alloydb-omni:** Require password env var explicitly
([#3398](#3398))
([fcbe3e7](fcbe3e7))
* **server:** Fail if MCP auth is enabled together with enable-api
([#3435](#3435))
([a6ff910](a6ff910))
* **server:** Return errors instead of panicking in InitializeConfigs
([#3397](#3397))
([f48b01d](f48b01d))
* **source/cloudhealthcare:** Validate pageURL parameter to prevent SSRF
([#3453](#3453))
([9abf47d](9abf47d))
* **source/dataplex,source/datalineage:** Specify cloud-platform scope
for default credentials
([#3376](#3376))
([13e8c36](13e8c36))
* **source/http:** Implement SSRF guard
([#3448](#3448))
([24d7d29](24d7d29))
* **tool/bigquery-execute-sql:** Prevent dataset restriction bypass
([#3452](#3452))
([ca6d5e3](ca6d5e3))
* **tool/mysql-get-query-plan:** Prevent query execution bypass and
statement injection
([#3235](#3235))
([7ed1e7b](7ed1e7b))
* **tool/spanner-sql,tool/spanner-execute-sql:** Use read-only
annotations when readOnly is set
([#3338](#3338))
([8bde0ec](8bde0ec))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

---------

Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com>
Co-authored-by: Yuan Teoh <[email protected]>
github-actions Bot pushed a commit that referenced this pull request Jun 18, 2026
🤖 I have created a release *beep* *boop*
---

##
[1.5.0](v1.4.0...v1.5.0)
(2026-06-18)

### Features

* **auth/google:** Require audience or clientId for mcpEnabled
([#3450](#3450))
([59f7b6e](59f7b6e))
* Enable per source level flags for sql commenter
([#3465](#3465))
([ecce6b7](ecce6b7))
* **mcp:** Add URL parameter binding for HTTP transport
([#3112](#3112))
([0cc7b37](0cc7b37))
* **scylladb:** Adding support for ScyllaDB source and tool
([#3119](#3119))
([2dada83](2dada83))
* **server:** Add support for toolset filtering in prebuilt CLI flag
([#3245](#3245))
([7cc4f65](7cc4f65))
* **skills:** Generate skills offline without live source connections
([#3388](#3388))
([4c860b6](4c860b6))
* **skills:** Tolerate missing env vars during offline skills-generate
([#3399](#3399))
([ea5d3e5](ea5d3e5))
* **source/cloud-storage:** Restrict bucket and local path access
([#3454](#3454))
([2c3ca5d](2c3ca5d))
* **tools/bigquery:** Add per tool query label in BigQuery jobs
([#1975](#1975))
([3f6a49f](3f6a49f))
* **tools/dataplex:** Add tools to support metadata enrichment workflow
([#3270](#3270))
([05289aa](05289aa))
* **tools/mysql:** Add show-query-stats and list-all-locks tools for
MySQL and Cloud SQL MySQL source
([#2954](#2954))
([a9693bd](a9693bd))
* **tools:** Decouple tool initialization from sources
([#3355](#3355))
([32a24e3](32a24e3))

### Bug Fixes

* **auth/dataplex:** Fix failing source with service account credentials
([#3369](#3369))
([ba4deef](ba4deef))
* **bigquery:** Wire maximumBytesBilled into prebuilt config
([#3385](#3385))
([4abbf6e](4abbf6e))
* Bound MCP HTTP body size
([#3216](#3216))
([d4f4342](d4f4342))
* **config:** Add doc/line context to parse errors
([#2957](#2957))
([4b097da](4b097da))
* Escape delimiter characters in applyEscape to prevent SQL injection
([#2811](#2811))
([932519a](932519a))
* **npm:** Source binary version from cmd/version.txt
([#3417](#3417))
([6ffbdec](6ffbdec))
* **prebuilt/alloydb-omni:** Require password env var explicitly
([#3398](#3398))
([fcbe3e7](fcbe3e7))
* **server:** Fail if MCP auth is enabled together with enable-api
([#3435](#3435))
([a6ff910](a6ff910))
* **server:** Return errors instead of panicking in InitializeConfigs
([#3397](#3397))
([f48b01d](f48b01d))
* **source/cloudhealthcare:** Validate pageURL parameter to prevent SSRF
([#3453](#3453))
([9abf47d](9abf47d))
* **source/dataplex,source/datalineage:** Specify cloud-platform scope
for default credentials
([#3376](#3376))
([13e8c36](13e8c36))
* **source/http:** Implement SSRF guard
([#3448](#3448))
([24d7d29](24d7d29))
* **tool/bigquery-execute-sql:** Prevent dataset restriction bypass
([#3452](#3452))
([ca6d5e3](ca6d5e3))
* **tool/mysql-get-query-plan:** Prevent query execution bypass and
statement injection
([#3235](#3235))
([7ed1e7b](7ed1e7b))
* **tool/spanner-sql,tool/spanner-execute-sql:** Use read-only
annotations when readOnly is set
([#3338](#3338))
([8bde0ec](8bde0ec))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

---------

Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com>
Co-authored-by: Yuan Teoh <[email protected]> 45c0f86
github-actions Bot pushed a commit to renovate-bot/googleapis-_-genai-toolbox that referenced this pull request Jun 18, 2026
🤖 I have created a release *beep* *boop*
---

##
[1.5.0](googleapis/mcp-toolbox@v1.4.0...v1.5.0)
(2026-06-18)

### Features

* **auth/google:** Require audience or clientId for mcpEnabled
([googleapis#3450](googleapis#3450))
([59f7b6e](googleapis@59f7b6e))
* Enable per source level flags for sql commenter
([googleapis#3465](googleapis#3465))
([ecce6b7](googleapis@ecce6b7))
* **mcp:** Add URL parameter binding for HTTP transport
([googleapis#3112](googleapis#3112))
([0cc7b37](googleapis@0cc7b37))
* **scylladb:** Adding support for ScyllaDB source and tool
([googleapis#3119](googleapis#3119))
([2dada83](googleapis@2dada83))
* **server:** Add support for toolset filtering in prebuilt CLI flag
([googleapis#3245](googleapis#3245))
([7cc4f65](googleapis@7cc4f65))
* **skills:** Generate skills offline without live source connections
([googleapis#3388](googleapis#3388))
([4c860b6](googleapis@4c860b6))
* **skills:** Tolerate missing env vars during offline skills-generate
([googleapis#3399](googleapis#3399))
([ea5d3e5](googleapis@ea5d3e5))
* **source/cloud-storage:** Restrict bucket and local path access
([googleapis#3454](googleapis#3454))
([2c3ca5d](googleapis@2c3ca5d))
* **tools/bigquery:** Add per tool query label in BigQuery jobs
([googleapis#1975](googleapis#1975))
([3f6a49f](googleapis@3f6a49f))
* **tools/dataplex:** Add tools to support metadata enrichment workflow
([googleapis#3270](googleapis#3270))
([05289aa](googleapis@05289aa))
* **tools/mysql:** Add show-query-stats and list-all-locks tools for
MySQL and Cloud SQL MySQL source
([googleapis#2954](googleapis#2954))
([a9693bd](googleapis@a9693bd))
* **tools:** Decouple tool initialization from sources
([googleapis#3355](googleapis#3355))
([32a24e3](googleapis@32a24e3))

### Bug Fixes

* **auth/dataplex:** Fix failing source with service account credentials
([googleapis#3369](googleapis#3369))
([ba4deef](googleapis@ba4deef))
* **bigquery:** Wire maximumBytesBilled into prebuilt config
([googleapis#3385](googleapis#3385))
([4abbf6e](googleapis@4abbf6e))
* Bound MCP HTTP body size
([googleapis#3216](googleapis#3216))
([d4f4342](googleapis@d4f4342))
* **config:** Add doc/line context to parse errors
([googleapis#2957](googleapis#2957))
([4b097da](googleapis@4b097da))
* Escape delimiter characters in applyEscape to prevent SQL injection
([googleapis#2811](googleapis#2811))
([932519a](googleapis@932519a))
* **npm:** Source binary version from cmd/version.txt
([googleapis#3417](googleapis#3417))
([6ffbdec](googleapis@6ffbdec))
* **prebuilt/alloydb-omni:** Require password env var explicitly
([googleapis#3398](googleapis#3398))
([fcbe3e7](googleapis@fcbe3e7))
* **server:** Fail if MCP auth is enabled together with enable-api
([googleapis#3435](googleapis#3435))
([a6ff910](googleapis@a6ff910))
* **server:** Return errors instead of panicking in InitializeConfigs
([googleapis#3397](googleapis#3397))
([f48b01d](googleapis@f48b01d))
* **source/cloudhealthcare:** Validate pageURL parameter to prevent SSRF
([googleapis#3453](googleapis#3453))
([9abf47d](googleapis@9abf47d))
* **source/dataplex,source/datalineage:** Specify cloud-platform scope
for default credentials
([googleapis#3376](googleapis#3376))
([13e8c36](googleapis@13e8c36))
* **source/http:** Implement SSRF guard
([googleapis#3448](googleapis#3448))
([24d7d29](googleapis@24d7d29))
* **tool/bigquery-execute-sql:** Prevent dataset restriction bypass
([googleapis#3452](googleapis#3452))
([ca6d5e3](googleapis@ca6d5e3))
* **tool/mysql-get-query-plan:** Prevent query execution bypass and
statement injection
([googleapis#3235](googleapis#3235))
([7ed1e7b](googleapis@7ed1e7b))
* **tool/spanner-sql,tool/spanner-execute-sql:** Use read-only
annotations when readOnly is set
([googleapis#3338](googleapis#3338))
([8bde0ec](googleapis@8bde0ec))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

---------

Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com>
Co-authored-by: Yuan Teoh <[email protected]> 45c0f86
github-actions Bot pushed a commit to rodineyw/mcp-toolbox that referenced this pull request Jun 19, 2026
🤖 I have created a release *beep* *boop*
---

##
[1.5.0](googleapis/mcp-toolbox@v1.4.0...v1.5.0)
(2026-06-18)

### Features

* **auth/google:** Require audience or clientId for mcpEnabled
([googleapis#3450](googleapis#3450))
([59f7b6e](googleapis@59f7b6e))
* Enable per source level flags for sql commenter
([googleapis#3465](googleapis#3465))
([ecce6b7](googleapis@ecce6b7))
* **mcp:** Add URL parameter binding for HTTP transport
([googleapis#3112](googleapis#3112))
([0cc7b37](googleapis@0cc7b37))
* **scylladb:** Adding support for ScyllaDB source and tool
([googleapis#3119](googleapis#3119))
([2dada83](googleapis@2dada83))
* **server:** Add support for toolset filtering in prebuilt CLI flag
([googleapis#3245](googleapis#3245))
([7cc4f65](googleapis@7cc4f65))
* **skills:** Generate skills offline without live source connections
([googleapis#3388](googleapis#3388))
([4c860b6](googleapis@4c860b6))
* **skills:** Tolerate missing env vars during offline skills-generate
([googleapis#3399](googleapis#3399))
([ea5d3e5](googleapis@ea5d3e5))
* **source/cloud-storage:** Restrict bucket and local path access
([googleapis#3454](googleapis#3454))
([2c3ca5d](googleapis@2c3ca5d))
* **tools/bigquery:** Add per tool query label in BigQuery jobs
([googleapis#1975](googleapis#1975))
([3f6a49f](googleapis@3f6a49f))
* **tools/dataplex:** Add tools to support metadata enrichment workflow
([googleapis#3270](googleapis#3270))
([05289aa](googleapis@05289aa))
* **tools/mysql:** Add show-query-stats and list-all-locks tools for
MySQL and Cloud SQL MySQL source
([googleapis#2954](googleapis#2954))
([a9693bd](googleapis@a9693bd))
* **tools:** Decouple tool initialization from sources
([googleapis#3355](googleapis#3355))
([32a24e3](googleapis@32a24e3))

### Bug Fixes

* **auth/dataplex:** Fix failing source with service account credentials
([googleapis#3369](googleapis#3369))
([ba4deef](googleapis@ba4deef))
* **bigquery:** Wire maximumBytesBilled into prebuilt config
([googleapis#3385](googleapis#3385))
([4abbf6e](googleapis@4abbf6e))
* Bound MCP HTTP body size
([googleapis#3216](googleapis#3216))
([d4f4342](googleapis@d4f4342))
* **config:** Add doc/line context to parse errors
([googleapis#2957](googleapis#2957))
([4b097da](googleapis@4b097da))
* Escape delimiter characters in applyEscape to prevent SQL injection
([googleapis#2811](googleapis#2811))
([932519a](googleapis@932519a))
* **npm:** Source binary version from cmd/version.txt
([googleapis#3417](googleapis#3417))
([6ffbdec](googleapis@6ffbdec))
* **prebuilt/alloydb-omni:** Require password env var explicitly
([googleapis#3398](googleapis#3398))
([fcbe3e7](googleapis@fcbe3e7))
* **server:** Fail if MCP auth is enabled together with enable-api
([googleapis#3435](googleapis#3435))
([a6ff910](googleapis@a6ff910))
* **server:** Return errors instead of panicking in InitializeConfigs
([googleapis#3397](googleapis#3397))
([f48b01d](googleapis@f48b01d))
* **source/cloudhealthcare:** Validate pageURL parameter to prevent SSRF
([googleapis#3453](googleapis#3453))
([9abf47d](googleapis@9abf47d))
* **source/dataplex,source/datalineage:** Specify cloud-platform scope
for default credentials
([googleapis#3376](googleapis#3376))
([13e8c36](googleapis@13e8c36))
* **source/http:** Implement SSRF guard
([googleapis#3448](googleapis#3448))
([24d7d29](googleapis@24d7d29))
* **tool/bigquery-execute-sql:** Prevent dataset restriction bypass
([googleapis#3452](googleapis#3452))
([ca6d5e3](googleapis@ca6d5e3))
* **tool/mysql-get-query-plan:** Prevent query execution bypass and
statement injection
([googleapis#3235](googleapis#3235))
([7ed1e7b](googleapis@7ed1e7b))
* **tool/spanner-sql,tool/spanner-execute-sql:** Use read-only
annotations when readOnly is set
([googleapis#3338](googleapis#3338))
([8bde0ec](googleapis@8bde0ec))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

---------

Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com>
Co-authored-by: Yuan Teoh <[email protected]> 45c0f86
github-actions Bot pushed a commit to Jaleel-zhu/genai-toolbox that referenced this pull request Jun 19, 2026
🤖 I have created a release *beep* *boop*
---

##
[1.5.0](googleapis/mcp-toolbox@v1.4.0...v1.5.0)
(2026-06-18)

### Features

* **auth/google:** Require audience or clientId for mcpEnabled
([googleapis#3450](googleapis#3450))
([59f7b6e](googleapis@59f7b6e))
* Enable per source level flags for sql commenter
([googleapis#3465](googleapis#3465))
([ecce6b7](googleapis@ecce6b7))
* **mcp:** Add URL parameter binding for HTTP transport
([googleapis#3112](googleapis#3112))
([0cc7b37](googleapis@0cc7b37))
* **scylladb:** Adding support for ScyllaDB source and tool
([googleapis#3119](googleapis#3119))
([2dada83](googleapis@2dada83))
* **server:** Add support for toolset filtering in prebuilt CLI flag
([googleapis#3245](googleapis#3245))
([7cc4f65](googleapis@7cc4f65))
* **skills:** Generate skills offline without live source connections
([googleapis#3388](googleapis#3388))
([4c860b6](googleapis@4c860b6))
* **skills:** Tolerate missing env vars during offline skills-generate
([googleapis#3399](googleapis#3399))
([ea5d3e5](googleapis@ea5d3e5))
* **source/cloud-storage:** Restrict bucket and local path access
([googleapis#3454](googleapis#3454))
([2c3ca5d](googleapis@2c3ca5d))
* **tools/bigquery:** Add per tool query label in BigQuery jobs
([googleapis#1975](googleapis#1975))
([3f6a49f](googleapis@3f6a49f))
* **tools/dataplex:** Add tools to support metadata enrichment workflow
([googleapis#3270](googleapis#3270))
([05289aa](googleapis@05289aa))
* **tools/mysql:** Add show-query-stats and list-all-locks tools for
MySQL and Cloud SQL MySQL source
([googleapis#2954](googleapis#2954))
([a9693bd](googleapis@a9693bd))
* **tools:** Decouple tool initialization from sources
([googleapis#3355](googleapis#3355))
([32a24e3](googleapis@32a24e3))

### Bug Fixes

* **auth/dataplex:** Fix failing source with service account credentials
([googleapis#3369](googleapis#3369))
([ba4deef](googleapis@ba4deef))
* **bigquery:** Wire maximumBytesBilled into prebuilt config
([googleapis#3385](googleapis#3385))
([4abbf6e](googleapis@4abbf6e))
* Bound MCP HTTP body size
([googleapis#3216](googleapis#3216))
([d4f4342](googleapis@d4f4342))
* **config:** Add doc/line context to parse errors
([googleapis#2957](googleapis#2957))
([4b097da](googleapis@4b097da))
* Escape delimiter characters in applyEscape to prevent SQL injection
([googleapis#2811](googleapis#2811))
([932519a](googleapis@932519a))
* **npm:** Source binary version from cmd/version.txt
([googleapis#3417](googleapis#3417))
([6ffbdec](googleapis@6ffbdec))
* **prebuilt/alloydb-omni:** Require password env var explicitly
([googleapis#3398](googleapis#3398))
([fcbe3e7](googleapis@fcbe3e7))
* **server:** Fail if MCP auth is enabled together with enable-api
([googleapis#3435](googleapis#3435))
([a6ff910](googleapis@a6ff910))
* **server:** Return errors instead of panicking in InitializeConfigs
([googleapis#3397](googleapis#3397))
([f48b01d](googleapis@f48b01d))
* **source/cloudhealthcare:** Validate pageURL parameter to prevent SSRF
([googleapis#3453](googleapis#3453))
([9abf47d](googleapis@9abf47d))
* **source/dataplex,source/datalineage:** Specify cloud-platform scope
for default credentials
([googleapis#3376](googleapis#3376))
([13e8c36](googleapis@13e8c36))
* **source/http:** Implement SSRF guard
([googleapis#3448](googleapis#3448))
([24d7d29](googleapis@24d7d29))
* **tool/bigquery-execute-sql:** Prevent dataset restriction bypass
([googleapis#3452](googleapis#3452))
([ca6d5e3](googleapis@ca6d5e3))
* **tool/mysql-get-query-plan:** Prevent query execution bypass and
statement injection
([googleapis#3235](googleapis#3235))
([7ed1e7b](googleapis@7ed1e7b))
* **tool/spanner-sql,tool/spanner-execute-sql:** Use read-only
annotations when readOnly is set
([googleapis#3338](googleapis#3338))
([8bde0ec](googleapis@8bde0ec))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

---------

Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com>
Co-authored-by: Yuan Teoh <[email protected]> 45c0f86
github-actions Bot pushed a commit to pepe57/genai-toolbox that referenced this pull request Jun 19, 2026
🤖 I have created a release *beep* *boop*
---

##
[1.5.0](googleapis/mcp-toolbox@v1.4.0...v1.5.0)
(2026-06-18)

### Features

* **auth/google:** Require audience or clientId for mcpEnabled
([googleapis#3450](googleapis#3450))
([59f7b6e](googleapis@59f7b6e))
* Enable per source level flags for sql commenter
([googleapis#3465](googleapis#3465))
([ecce6b7](googleapis@ecce6b7))
* **mcp:** Add URL parameter binding for HTTP transport
([googleapis#3112](googleapis#3112))
([0cc7b37](googleapis@0cc7b37))
* **scylladb:** Adding support for ScyllaDB source and tool
([googleapis#3119](googleapis#3119))
([2dada83](googleapis@2dada83))
* **server:** Add support for toolset filtering in prebuilt CLI flag
([googleapis#3245](googleapis#3245))
([7cc4f65](googleapis@7cc4f65))
* **skills:** Generate skills offline without live source connections
([googleapis#3388](googleapis#3388))
([4c860b6](googleapis@4c860b6))
* **skills:** Tolerate missing env vars during offline skills-generate
([googleapis#3399](googleapis#3399))
([ea5d3e5](googleapis@ea5d3e5))
* **source/cloud-storage:** Restrict bucket and local path access
([googleapis#3454](googleapis#3454))
([2c3ca5d](googleapis@2c3ca5d))
* **tools/bigquery:** Add per tool query label in BigQuery jobs
([googleapis#1975](googleapis#1975))
([3f6a49f](googleapis@3f6a49f))
* **tools/dataplex:** Add tools to support metadata enrichment workflow
([googleapis#3270](googleapis#3270))
([05289aa](googleapis@05289aa))
* **tools/mysql:** Add show-query-stats and list-all-locks tools for
MySQL and Cloud SQL MySQL source
([googleapis#2954](googleapis#2954))
([a9693bd](googleapis@a9693bd))
* **tools:** Decouple tool initialization from sources
([googleapis#3355](googleapis#3355))
([32a24e3](googleapis@32a24e3))

### Bug Fixes

* **auth/dataplex:** Fix failing source with service account credentials
([googleapis#3369](googleapis#3369))
([ba4deef](googleapis@ba4deef))
* **bigquery:** Wire maximumBytesBilled into prebuilt config
([googleapis#3385](googleapis#3385))
([4abbf6e](googleapis@4abbf6e))
* Bound MCP HTTP body size
([googleapis#3216](googleapis#3216))
([d4f4342](googleapis@d4f4342))
* **config:** Add doc/line context to parse errors
([googleapis#2957](googleapis#2957))
([4b097da](googleapis@4b097da))
* Escape delimiter characters in applyEscape to prevent SQL injection
([googleapis#2811](googleapis#2811))
([932519a](googleapis@932519a))
* **npm:** Source binary version from cmd/version.txt
([googleapis#3417](googleapis#3417))
([6ffbdec](googleapis@6ffbdec))
* **prebuilt/alloydb-omni:** Require password env var explicitly
([googleapis#3398](googleapis#3398))
([fcbe3e7](googleapis@fcbe3e7))
* **server:** Fail if MCP auth is enabled together with enable-api
([googleapis#3435](googleapis#3435))
([a6ff910](googleapis@a6ff910))
* **server:** Return errors instead of panicking in InitializeConfigs
([googleapis#3397](googleapis#3397))
([f48b01d](googleapis@f48b01d))
* **source/cloudhealthcare:** Validate pageURL parameter to prevent SSRF
([googleapis#3453](googleapis#3453))
([9abf47d](googleapis@9abf47d))
* **source/dataplex,source/datalineage:** Specify cloud-platform scope
for default credentials
([googleapis#3376](googleapis#3376))
([13e8c36](googleapis@13e8c36))
* **source/http:** Implement SSRF guard
([googleapis#3448](googleapis#3448))
([24d7d29](googleapis@24d7d29))
* **tool/bigquery-execute-sql:** Prevent dataset restriction bypass
([googleapis#3452](googleapis#3452))
([ca6d5e3](googleapis@ca6d5e3))
* **tool/mysql-get-query-plan:** Prevent query execution bypass and
statement injection
([googleapis#3235](googleapis#3235))
([7ed1e7b](googleapis@7ed1e7b))
* **tool/spanner-sql,tool/spanner-execute-sql:** Use read-only
annotations when readOnly is set
([googleapis#3338](googleapis#3338))
([8bde0ec](googleapis@8bde0ec))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

---------

Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com>
Co-authored-by: Yuan Teoh <[email protected]> 45c0f86
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

release candidate Use label to signal PR should be included in the next release.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants