@zereight/mcp-gitlab 2.0.28 → 2.0.30

package/README.md

@@ -356,6 +356,46 @@ docker run -i --rm \
 - `USE_GITLAB_WIKI`: When set to 'true', enables the wiki-related tools (list_wiki_pages, get_wiki_page, create_wiki_page, update_wiki_page, delete_wiki_page). By default, wiki features are disabled.
 - `USE_MILESTONE`: When set to 'true', enables the milestone-related tools (list_milestones, get_milestone, create_milestone, edit_milestone, delete_milestone, get_milestone_issue, get_milestone_merge_requests, promote_milestone, get_milestone_burndown_events). By default, milestone features are disabled.
 - `USE_PIPELINE`: When set to 'true', enables the pipeline-related tools (list_pipelines, get_pipeline, list_pipeline_jobs, list_pipeline_trigger_jobs, get_pipeline_job, get_pipeline_job_output, create_pipeline, retry_pipeline, cancel_pipeline, play_pipeline_job, retry_pipeline_job, cancel_pipeline_job). By default, pipeline features are disabled.
+- `GITLAB_TOOLSETS`: Comma-separated list of toolset IDs to enable. When empty or unset, default toolsets are used. Set to `"all"` to enable every toolset. Available toolsets (default toolsets marked with `*`):
+  - `merge_requests`\* — MR operations, notes, discussions, draft notes, threads (31 tools)
+  - `issues`\* — Issue CRUD, notes, links, discussions (14 tools)
+  - `repositories`\* — Search, create, file contents, push, fork, tree (7 tools)
+  - `branches`\* — Branch creation, commits, diffs (4 tools)
+  - `projects`\* — Project/namespace info, group projects, iterations (8 tools)
+  - `labels`\* — Label CRUD (5 tools)
+  - `pipelines` — Pipeline and job operations (12 tools)
+  - `milestones` — Milestone CRUD, issues, MRs, burndown (9 tools)
+  - `wiki` — Wiki page CRUD (5 tools)
+  - `releases`\* — Release CRUD, evidence, asset download (7 tools)
+  - `users`\* — User info, events, markdown upload, attachments (5 tools)
+
+  Note: `execute_graphql` is not in any toolset and must be added individually via `GITLAB_TOOLS` if needed.
+  Exposing arbitrary GraphQL would allow bypassing toolset boundaries (e.g. querying data that the user intentionally disabled via toolsets like wiki or pipelines), which is a security and permission-containment concern. Keeping `execute_graphql` out of all toolsets and requiring explicit opt-in via `GITLAB_TOOLS=execute_graphql` is intentional, to align with that principle rather than for backward compatibility.
+  CLI arg: `--toolsets`
+- `GITLAB_TOOLS`: Comma-separated list of individual tool names to add on top of the enabled toolsets (additive). Useful for cherry-picking specific tools without enabling an entire toolset. Example: `GITLAB_TOOLS="list_pipelines,execute_graphql"`. CLI arg: `--tools`
+
+  Combined logic: `final tools = (tools from enabled toolsets) ∪ (GITLAB_TOOLS) ∪ (legacy flag overrides)`
+
+  Examples:
+  ```bash
+  # Default behavior (unchanged)
+  GITLAB_PERSONAL_ACCESS_TOKEN=xxx npx @zereight/mcp-gitlab
+
+  # Only issues and repositories
+  GITLAB_TOOLSETS="issues,repositories" npx @zereight/mcp-gitlab
+
+  # All toolsets
+  GITLAB_TOOLSETS="all" npx @zereight/mcp-gitlab
+
+  # Default toolsets + one extra pipeline tool
+  GITLAB_TOOLS="list_pipelines" npx @zereight/mcp-gitlab
+
+  # Specific toolsets + individual tools
+  GITLAB_TOOLSETS="issues,merge_requests" GITLAB_TOOLS="list_pipelines,get_pipeline" npx @zereight/mcp-gitlab
+
+  # Legacy flags still work (backward compatible)
+  USE_PIPELINE=true npx @zereight/mcp-gitlab
+  ```
 - `GITLAB_AUTH_COOKIE_PATH`: Path to an authentication cookie file for GitLab instances that require cookie-based authentication. When provided, the cookie will be included in all GitLab API requests.
 - `SSE`: When set to 'true', enables the Server-Sent Events transport.
 - `STREAMABLE_HTTP`: When set to 'true', enables the Streamable HTTP transport. If both **SSE** and **STREAMABLE_HTTP** are set to 'true', the server will prioritize Streamable HTTP over SSE transport.

package/build/index.js

@@ -95,6 +95,29 @@ catch {
  * cross-client data leakage (GHSA-345p-7cg4-v4c7).
  */
 function createServer() {
+    // Precompute filtered tool list once at server creation (Steps 1–5 are static)
+    // Step 1: Toolset filter — keep tools in enabled toolsets
+    const toolsAfterToolsets = allTools.filter(tool => isToolInEnabledToolset(tool.name, enabledToolsets));
+    // Step 2: Add GITLAB_TOOLS (individual tools bypass toolset filter)
+    const toolsetToolNames = new Set(toolsAfterToolsets.map(t => t.name));
+    const toolsAfterIndividual = [
+        ...toolsAfterToolsets,
+        ...allTools.filter(tool => individuallyEnabledTools.has(tool.name) && !toolsetToolNames.has(tool.name)),
+    ];
+    // Step 3: Add legacy flag overrides (USE_PIPELINE, USE_MILESTONE, USE_GITLAB_WIKI)
+    const afterIndividualNames = new Set(toolsAfterIndividual.map(t => t.name));
+    const toolsAfterLegacy = [
+        ...toolsAfterIndividual,
+        ...allTools.filter(tool => featureFlagOverrides.has(tool.name) && !afterIndividualNames.has(tool.name)),
+    ];
+    // Step 4: Read-only filter
+    const toolsAfterReadOnly = GITLAB_READ_ONLY_MODE
+        ? toolsAfterLegacy.filter(tool => readOnlyTools.has(tool.name))
+        : toolsAfterLegacy;
+    // Step 5: Regex denial filter
+    const precomputedFilteredTools = GITLAB_DENIED_TOOLS_REGEX
+        ? toolsAfterReadOnly.filter(tool => !GITLAB_DENIED_TOOLS_REGEX.test(tool.name))
+        : toolsAfterReadOnly;
     const serverInstance = new Server({
         name: "better-gitlab-mcp-server",
         version: SERVER_VERSION,
@@ -104,39 +127,25 @@ function createServer() {
         },
     });
     serverInstance.setRequestHandler(ListToolsRequestSchema, async () => {
-        // Apply read-only filter first
-        const tools0 = GITLAB_READ_ONLY_MODE
-            ? allTools.filter(tool => readOnlyTools.has(tool.name))
-            : allTools;
-        // Toggle wiki tools by USE_GITLAB_WIKI flag
-        const tools1 = USE_GITLAB_WIKI ? tools0 : tools0.filter(tool => !wikiToolNames.has(tool.name));
-        // Toggle milestone tools by USE_MILESTONE flag
-        const tools2 = USE_MILESTONE
-            ? tools1
-            : tools1.filter(tool => !milestoneToolNames.has(tool.name));
-        // Toggle pipeline tools by USE_PIPELINE flag
-        let tools = USE_PIPELINE ? tools2 : tools2.filter(tool => !pipelineToolNames.has(tool.name));
-        tools = GITLAB_DENIED_TOOLS_REGEX
-            ? tools.filter(tool => !GITLAB_DENIED_TOOLS_REGEX.test(tool.name))
-            : tools;
-        // <<< START: Gemini 호환성을 위해 $schema 제거 >>>
-        tools = tools.map(tool => {
-            // inputSchema가 존재하고 객체인지 확인
+        // Step 6: Gemini $schema cleanup (only dynamic step per request)
+        // <<< START: Remove $schema for Gemini compatibility >>>
+        const tools = precomputedFilteredTools.map(tool => {
+            // Check if inputSchema exists and is an object
             if (tool.inputSchema && typeof tool.inputSchema === "object" && tool.inputSchema !== null) {
-                // $schema 키가 존재하면 삭제
+                // Remove $schema key if present
                 if ("$schema" in tool.inputSchema) {
-                    // 불변성을 위해 새로운 객체 생성 (선택적이지만 권장)
+                    // Create a new object to preserve immutability (optional but recommended)
                     const modifiedSchema = { ...tool.inputSchema };
                     delete modifiedSchema.$schema;
                     return { ...tool, inputSchema: modifiedSchema };
                 }
             }
-            // 변경이 필요 없으면 그대로 반환
+            // Return as-is if no modification needed
             return tool;
         });
-        // <<< END: Gemini 호환성을 위해 $schema 제거 >>>
+        // <<< END: Remove $schema for Gemini compatibility >>>
         return {
-            tools, // $schema가 제거된 도구 목록 반환
+            tools, // return tool list with $schema removed
         };
     });
     serverInstance.setRequestHandler(CallToolRequestSchema, async (request) => {
@@ -269,6 +278,8 @@ const GITLAB_DENIED_TOOLS_REGEX = (() => {
 const USE_GITLAB_WIKI = getConfig("use-wiki", "USE_GITLAB_WIKI") === "true";
 const USE_MILESTONE = getConfig("use-milestone", "USE_MILESTONE") === "true";
 const USE_PIPELINE = getConfig("use-pipeline", "USE_PIPELINE") === "true";
+const GITLAB_TOOLSETS_RAW = getConfig("toolsets", "GITLAB_TOOLSETS");
+const GITLAB_TOOLS_RAW = getConfig("tools", "GITLAB_TOOLS");
 const SSE = getConfig("sse", "SSE") === "true";
 const STREAMABLE_HTTP = getConfig("streamable-http", "STREAMABLE_HTTP") === "true";
 const REMOTE_AUTHORIZATION = getConfig("remote-auth", "REMOTE_AUTHORIZATION") === "true";
@@ -315,7 +326,7 @@ httpsAgent = httpsAgent || new HttpsAgent(sslOptions);
 httpAgent = httpAgent || new Agent();
 // Initialize the client pool for managing multiple GitLab instances
 const clientPool = new GitLabClientPool({
-    apiUrls: (process.env.GITLAB_API_URL || "https://gitlab.com")
+    apiUrls: (getConfig("api-url", "GITLAB_API_URL") || "https://gitlab.com")
         .split(",")
         .map(normalizeGitLabApiUrl),
     httpProxy: HTTP_PROXY,
@@ -1036,7 +1047,7 @@ const allTools = [
     },
     {
         name: "download_attachment",
-        description: "Download an uploaded file from a GitLab project by secret and filename",
+        description: "Download an uploaded file from a GitLab project by secret and filename. Image files (png, jpg, gif, webp, svg, bmp, ico) are returned inline as base64 image content so the AI can view them directly. Non-image files are saved to disk. Use local_path to force saving image files to disk instead.",
         inputSchema: toJSONSchema(DownloadAttachmentSchema),
     },
     {
@@ -1176,6 +1187,259 @@ const pipelineToolNames = new Set([
     "retry_pipeline_job",
     "cancel_pipeline_job",
 ]);
+const TOOLSET_DEFINITIONS = [
+    {
+        id: "merge_requests",
+        isDefault: true,
+        tools: new Set([
+            "merge_merge_request",
+            "approve_merge_request",
+            "unapprove_merge_request",
+            "get_merge_request_approval_state",
+            "get_merge_request",
+            "get_merge_request_diffs",
+            "list_merge_request_diffs",
+            "list_merge_request_versions",
+            "get_merge_request_version",
+            "update_merge_request",
+            "create_merge_request",
+            "list_merge_requests",
+            "get_branch_diffs",
+            "mr_discussions",
+            "create_merge_request_note",
+            "update_merge_request_note",
+            "delete_merge_request_note",
+            "get_merge_request_note",
+            "get_merge_request_notes",
+            "delete_merge_request_discussion_note",
+            "update_merge_request_discussion_note",
+            "create_merge_request_discussion_note",
+            "get_draft_note",
+            "list_draft_notes",
+            "create_draft_note",
+            "update_draft_note",
+            "delete_draft_note",
+            "publish_draft_note",
+            "bulk_publish_draft_notes",
+            "create_merge_request_thread",
+            "resolve_merge_request_thread",
+        ]),
+    },
+    {
+        id: "issues",
+        isDefault: true,
+        tools: new Set([
+            "create_issue",
+            "list_issues",
+            "my_issues",
+            "get_issue",
+            "update_issue",
+            "delete_issue",
+            "create_issue_note",
+            "update_issue_note",
+            "list_issue_links",
+            "list_issue_discussions",
+            "get_issue_link",
+            "create_issue_link",
+            "delete_issue_link",
+            "create_note",
+        ]),
+    },
+    {
+        id: "repositories",
+        isDefault: true,
+        tools: new Set([
+            "search_repositories",
+            "create_repository",
+            "get_file_contents",
+            "push_files",
+            "create_or_update_file",
+            "fork_repository",
+            "get_repository_tree",
+        ]),
+    },
+    {
+        id: "branches",
+        isDefault: true,
+        tools: new Set([
+            "create_branch",
+            "list_commits",
+            "get_commit",
+            "get_commit_diff",
+        ]),
+    },
+    {
+        id: "projects",
+        isDefault: true,
+        tools: new Set([
+            "get_project",
+            "list_projects",
+            "list_project_members",
+            "list_namespaces",
+            "get_namespace",
+            "verify_namespace",
+            "list_group_projects",
+            "list_group_iterations",
+        ]),
+    },
+    {
+        id: "labels",
+        isDefault: true,
+        tools: new Set([
+            "list_labels",
+            "get_label",
+            "create_label",
+            "update_label",
+            "delete_label",
+        ]),
+    },
+    {
+        id: "pipelines",
+        isDefault: false,
+        tools: new Set([
+            "list_pipelines",
+            "get_pipeline",
+            "list_pipeline_jobs",
+            "list_pipeline_trigger_jobs",
+            "get_pipeline_job",
+            "get_pipeline_job_output",
+            "create_pipeline",
+            "retry_pipeline",
+            "cancel_pipeline",
+            "play_pipeline_job",
+            "retry_pipeline_job",
+            "cancel_pipeline_job",
+        ]),
+    },
+    {
+        id: "milestones",
+        isDefault: false,
+        tools: new Set([
+            "list_milestones",
+            "get_milestone",
+            "create_milestone",
+            "edit_milestone",
+            "delete_milestone",
+            "get_milestone_issue",
+            "get_milestone_merge_requests",
+            "promote_milestone",
+            "get_milestone_burndown_events",
+        ]),
+    },
+    {
+        id: "wiki",
+        isDefault: false,
+        tools: new Set([
+            "list_wiki_pages",
+            "get_wiki_page",
+            "create_wiki_page",
+            "update_wiki_page",
+            "delete_wiki_page",
+        ]),
+    },
+    {
+        id: "releases",
+        isDefault: true,
+        tools: new Set([
+            "list_releases",
+            "get_release",
+            "create_release",
+            "update_release",
+            "delete_release",
+            "create_release_evidence",
+            "download_release_asset",
+        ]),
+    },
+    {
+        id: "users",
+        isDefault: true,
+        tools: new Set([
+            "get_users",
+            "list_events",
+            "get_project_events",
+            "upload_markdown",
+            "download_attachment",
+        ]),
+    },
+];
+// Derived lookup: tool name → toolset ID
+const TOOLSET_BY_TOOL_NAME = new Map();
+for (const def of TOOLSET_DEFINITIONS) {
+    for (const tool of def.tools) {
+        if (TOOLSET_BY_TOOL_NAME.has(tool)) {
+            logger.warn(`Tool "${tool}" is defined in multiple toolsets: "${TOOLSET_BY_TOOL_NAME.get(tool)}" and "${def.id}"`);
+        }
+        TOOLSET_BY_TOOL_NAME.set(tool, def.id);
+    }
+}
+const DEFAULT_TOOLSET_IDS = new Set(TOOLSET_DEFINITIONS.filter(d => d.isDefault).map(d => d.id));
+const ALL_TOOLSET_IDS = new Set(TOOLSET_DEFINITIONS.map(d => d.id));
+function parseEnabledToolsets(raw) {
+    if (!raw || raw.trim() === "") {
+        return DEFAULT_TOOLSET_IDS;
+    }
+    const trimmed = raw.trim().toLowerCase();
+    if (trimmed === "all") {
+        return ALL_TOOLSET_IDS;
+    }
+    const selected = new Set(trimmed
+        .split(",")
+        .map(s => s.trim())
+        .filter((s) => ALL_TOOLSET_IDS.has(s)));
+    if (selected.size === 0) {
+        logger.warn(`No valid toolsets found in configuration (${raw}). Falling back to default toolsets.`);
+        return DEFAULT_TOOLSET_IDS;
+    }
+    return selected;
+}
+function parseIndividualTools(raw) {
+    if (!raw || raw.trim() === "") {
+        return new Set();
+    }
+    const allToolNames = new Set(allTools.map((t) => t.name));
+    const parsed = raw
+        .trim()
+        .split(",")
+        .map(s => s.trim().toLowerCase())
+        .filter(Boolean);
+    const unknown = parsed.filter(name => !allToolNames.has(name));
+    if (unknown.length > 0) {
+        logger.warn(`Unknown tool names in GITLAB_TOOLS (will be ignored): ${unknown.join(", ")}`);
+    }
+    return new Set(parsed);
+}
+function buildFeatureFlagOverrides() {
+    const overrides = new Set();
+    if (USE_GITLAB_WIKI) {
+        for (const t of wikiToolNames)
+            overrides.add(t);
+    }
+    if (USE_MILESTONE) {
+        for (const t of milestoneToolNames)
+            overrides.add(t);
+    }
+    if (USE_PIPELINE) {
+        for (const t of pipelineToolNames)
+            overrides.add(t);
+    }
+    return overrides;
+}
+function isToolInEnabledToolset(toolName, enabledToolsets) {
+    const toolsetId = TOOLSET_BY_TOOL_NAME.get(toolName);
+    // Tools not in any toolset (e.g. execute_graphql) are excluded by default
+    if (toolsetId === undefined)
+        return false;
+    return enabledToolsets.has(toolsetId);
+}
+// Compute at startup
+const enabledToolsets = parseEnabledToolsets(GITLAB_TOOLSETS_RAW);
+const individuallyEnabledTools = parseIndividualTools(GITLAB_TOOLS_RAW);
+const featureFlagOverrides = buildFeatureFlagOverrides();
+// Warn about potentially confusing configuration
+if (GITLAB_TOOLSETS_RAW && (USE_PIPELINE || USE_MILESTONE || USE_GITLAB_WIKI)) {
+    logger.warn("GITLAB_TOOLSETS is set alongside legacy flags (USE_PIPELINE, USE_MILESTONE, USE_GITLAB_WIKI). " +
+        "Legacy flags add tools additively on top of the toolset selection and may produce unexpected results.");
+}
 /**
  * Smart URL handling for GitLab API
  *
@@ -1196,7 +1460,7 @@ function normalizeGitLabApiUrl(url) {
     return normalizedUrl;
 }
 // Use the normalizeGitLabApiUrl function to handle various URL formats
-const GITLAB_API_URLS = (process.env.GITLAB_API_URL || "https://gitlab.com")
+const GITLAB_API_URLS = (getConfig("api-url", "GITLAB_API_URL") || "https://gitlab.com")
     .split(",")
     .map(normalizeGitLabApiUrl);
 const GITLAB_API_URL = GITLAB_API_URLS[0];
@@ -1292,7 +1556,7 @@ async function forkProject(projectId, namespace) {
         ...getFetchConfig(),
         method: "POST",
     });
-    // 이미 존재하는 프로젝트인 경우 처리
+    // Handle case where project already exists
     if (response.status === 409) {
         throw new Error("Project already exists in the target namespace");
     }
@@ -1354,7 +1618,7 @@ async function getFileContents(projectId, filePath, ref) {
     projectId = decodeURIComponent(projectId); // Decode project ID
     const effectiveProjectId = getEffectiveProjectId(projectId);
     const encodedPath = encodeURIComponent(filePath);
-    // ref가 없는 경우 default branch를 가져옴
+    // Fall back to default branch if ref is not provided
     if (!ref) {
         ref = await getDefaultBranchRef(projectId);
     }
@@ -1363,14 +1627,14 @@ async function getFileContents(projectId, filePath, ref) {
     const response = await fetch(url.toString(), {
         ...getFetchConfig(),
     });
-    // 파일을 찾을 수 없는 경우 처리
+    // Handle file not found
     if (response.status === 404) {
         throw new Error(`File not found: ${filePath}`);
     }
     await handleGitLabError(response);
     const data = await response.json();
     const parsedData = GitLabContentSchema.parse(data);
-    // Base64로 인코딩된 파일 내용을 UTF-8로 디코딩
+    // Decode Base64-encoded file content to UTF-8
     if (!Array.isArray(parsedData) && parsedData.content) {
         parsedData.content = Buffer.from(parsedData.content, "base64").toString("utf8");
         parsedData.encoding = "utf8";
@@ -1400,7 +1664,7 @@ async function createIssue(projectId, options) {
             labels: options.labels?.join(","),
         }),
     });
-    // 잘못된 요청 처리
+    // Handle bad request
     if (response.status === 400) {
         const errorBody = await response.text();
         throw new Error(`Invalid request: ${errorBody}`);
@@ -2421,10 +2685,10 @@ async function getMergeRequestApprovalState(projectId, mergeRequestIid) {
  * @param {string} body - The content of the note
  * @returns {Promise<any>} The created note
  */
-async function createNote(projectId, noteableType, // 'issue' 또는 'merge_request' 타입 명시
+async function createNote(projectId, noteableType, // specifies 'issue' or 'merge_request' type
 noteableIid, body) {
     projectId = decodeURIComponent(projectId); // Decode project ID
-    // ⚙️ 응답 타입은 GitLab API 문서에 따라 조정 가능
+    // ⚙️ Response type can be adjusted according to the GitLab API documentation
     const url = new URL(`${getEffectiveApiUrl()}/projects/${encodeURIComponent(getEffectiveProjectId(projectId))}/${noteableType}s/${noteableIid}/notes` // Using plural form (issues/merge_requests) as per GitLab API documentation
     );
     const response = await fetch(url.toString(), {
@@ -2472,14 +2736,18 @@ async function listDraftNotes(projectId, mergeRequestIid) {
  * @param {string} projectId - The ID or URL-encoded path of the project
  * @param {number|string} mergeRequestIid - The internal ID of the merge request
  * @param {string} body - The content of the draft note
+ * @param {string} [inReplyToDiscussionId] - The ID of a discussion the draft note replies to
  * @param {MergeRequestThreadPosition} [position] - Position information for diff notes
  * @param {boolean} [resolveDiscussion] - Whether to resolve the discussion when publishing
  * @returns {Promise<GitLabDraftNote>} The created draft note
  */
-async function createDraftNote(projectId, mergeRequestIid, body, position, resolveDiscussion) {
+async function createDraftNote(projectId, mergeRequestIid, body, inReplyToDiscussionId, position, resolveDiscussion) {
     projectId = decodeURIComponent(projectId);
     const url = new URL(`${getEffectiveApiUrl()}/projects/${encodeURIComponent(getEffectiveProjectId(projectId))}/merge_requests/${mergeRequestIid}/draft_notes`);
     const requestBody = { note: body };
+    if (inReplyToDiscussionId) {
+        requestBody.in_reply_to_discussion_id = inReplyToDiscussionId;
+    }
     if (position) {
         requestBody.position = position;
     }
@@ -3902,6 +4170,20 @@ async function markdownUpload(projectId, filePath) {
     const data = await response.json();
     return GitLabMarkdownUploadSchema.parse(data);
 }
+const IMAGE_MIME_TYPES = {
+    ".png": "image/png",
+    ".jpg": "image/jpeg",
+    ".jpeg": "image/jpeg",
+    ".gif": "image/gif",
+    ".webp": "image/webp",
+    ".svg": "image/svg+xml",
+    ".bmp": "image/bmp",
+    ".ico": "image/x-icon",
+};
+function getImageMimeType(filename) {
+    const ext = path.extname(filename).toLowerCase();
+    return IMAGE_MIME_TYPES[ext] ?? null;
+}
 async function downloadAttachment(projectId, secret, filename, localPath) {
     const effectiveProjectId = getEffectiveProjectId(projectId);
     const url = new URL(`${getEffectiveApiUrl()}/projects/${encodeURIComponent(effectiveProjectId)}/uploads/${secret}/${filename}`);
@@ -3916,12 +4198,33 @@ async function downloadAttachment(projectId, secret, filename, localPath) {
         await handleGitLabError(response);
     }
     // Get the file content as buffer
-    const buffer = await response.arrayBuffer();
-    // Determine the save path
-    const savePath = localPath ? path.join(localPath, filename) : filename;
-    // Write the file to disk
-    fs.writeFileSync(savePath, Buffer.from(buffer));
-    return savePath;
+    const buffer = Buffer.from(await response.arrayBuffer());
+    const mimeType = getImageMimeType(filename);
+    // For non-image files, always save to disk.
+    // For image files, only save to disk if local_path is explicitly provided.
+    if (!mimeType || localPath) {
+        let savePath;
+        if (localPath) {
+            const normalizedLocalPath = path.normalize(localPath);
+            if (path.isAbsolute(normalizedLocalPath) ||
+                normalizedLocalPath === ".." ||
+                normalizedLocalPath.startsWith(".." + path.sep) ||
+                normalizedLocalPath.includes(path.sep + ".." + path.sep)) {
+                throw new Error("Invalid local_path: directory traversal is not allowed.");
+            }
+            savePath = path.join(normalizedLocalPath, filename);
+        }
+        else {
+            savePath = filename;
+        }
+        const dir = path.dirname(savePath);
+        if (!fs.existsSync(dir)) {
+            fs.mkdirSync(dir, { recursive: true });
+        }
+        fs.writeFileSync(savePath, buffer);
+        return { buffer, filename, mimeType, savedPath: savePath };
+    }
+    return { buffer, filename, mimeType };
 }
 /**
  * List all events for the currently authenticated user
@@ -4573,8 +4876,8 @@ async function handleToolCall(params) {
             }
             case "create_draft_note": {
                 const args = CreateDraftNoteSchema.parse(params.arguments);
-                const { project_id, merge_request_iid, body, position, resolve_discussion } = args;
-                const draftNote = await createDraftNote(project_id, merge_request_iid, body, position, resolve_discussion);
+                const { project_id, merge_request_iid, body, in_reply_to_discussion_id, position, resolve_discussion } = args;
+                const draftNote = await createDraftNote(project_id, merge_request_iid, body, in_reply_to_discussion_id, position, resolve_discussion);
                 return {
                     content: [{ type: "text", text: JSON.stringify(draftNote, null, 2) }],
                 };
@@ -5110,10 +5413,26 @@ async function handleToolCall(params) {
             }
             case "download_attachment": {
                 const args = DownloadAttachmentSchema.parse(params.arguments);
-                const filePath = await downloadAttachment(args.project_id, args.secret, args.filename, args.local_path);
+                const result = await downloadAttachment(args.project_id, args.secret, args.filename, args.local_path);
+                if (result.mimeType && !args.local_path) {
+                    // Return image inline as base64 so the AI can see it
+                    const base64 = result.buffer.toString("base64");
+                    return {
+                        content: [
+                            { type: "image", data: base64, mimeType: result.mimeType },
+                            {
+                                type: "text",
+                                text: JSON.stringify({ filename: result.filename, mimeType: result.mimeType }, null, 2),
+                            },
+                        ],
+                    };
+                }
                 return {
                     content: [
-                        { type: "text", text: JSON.stringify({ success: true, file_path: filePath }, null, 2) },
+                        {
+                            type: "text",
+                            text: JSON.stringify({ success: true, file_path: result.savedPath }, null, 2),
+                        },
                     ],
                 };
             }