@zereight/mcp-gitlab 2.1.12 → 2.1.13

package/README.md

@@ -495,157 +495,158 @@ Register the skill directory in your AI client to get optimal tool usage guidanc
 2. `create_or_update_file` - Create or update a single file in a GitLab project
 3. `search_repositories` - Search for GitLab projects
 4. `create_repository` - Create a new GitLab project
-5. `get_file_contents` - Get the contents of a file or directory from a GitLab project
-6. `push_files` - Push multiple files to a GitLab project in a single commit
-7. `create_issue` - Create a new issue in a GitLab project
-8. `create_merge_request` - Create a new merge request in a GitLab project
-9. `fork_repository` - Fork a GitLab project to your account or specified namespace
-10. `create_branch` - Create a new branch in a GitLab project
-11. `get_merge_request` - Get details of a merge request with compact deployment summary, behind-count, commit addition summary, and approval summary (Either mergeRequestIid or branchName must be provided)
-12. `get_merge_request_diffs` - Get the changes/diffs of a merge request (Either mergeRequestIid or branchName must be provided)
-13. `list_merge_request_diffs` - List merge request diffs with pagination support (Either mergeRequestIid or branchName must be provided)
-14. `get_merge_request_conflicts` - Get the conflicts of a merge request in a GitLab project
-15. `list_merge_request_changed_files` - STEP 1 of code review workflow. Returns ONLY the list of changed file paths in a merge request — WITHOUT diff content. Call this first to get file paths, then call get_merge_request_file_diff with multiple files in a single batched call (recommended 3-5 files per call). Supports excluded_file_patterns filtering using regex. (Either mergeRequestIid or branchName must be provided)
-16. `get_merge_request_file_diff` - STEP 2 of code review workflow. Get diffs for one or more files from a merge request. Call list_merge_request_changed_files first, then pass them as an array to fetch diffs efficiently. Batching multiple files (recommended 3-5) is supported. (Either mergeRequestIid or branchName must be provided)
-17. `list_merge_request_versions` - List all versions of a merge request
-18. `get_merge_request_version` - Get a specific version of a merge request
-19. `get_branch_diffs` - Get the changes/diffs between two branches or commits in a GitLab project
-20. `update_merge_request` - Update a merge request (Either mergeRequestIid or branchName must be provided)
-21. `create_note` - Create a new note (comment) to an issue or merge request
-22. `create_merge_request_thread` - Create a new thread on a merge request
-23. `mr_discussions` - List discussion items for a merge request
-24. `resolve_merge_request_thread` - Resolve a thread on a merge request
-25. `update_merge_request_note` - Modify an existing merge request thread note
-26. `create_merge_request_note` - Add a new note to an existing merge request thread
-27. `delete_merge_request_discussion_note` - Delete a discussion note on a merge request
-28. `update_merge_request_discussion_note` - Update a discussion note on a merge request
-29. `create_merge_request_discussion_note` - Add a new discussion note to an existing merge request thread
-30. `delete_merge_request_note` - Delete an existing merge request note
-31. `get_merge_request_note` - Get a specific note for a merge request
-32. `get_merge_request_notes` - List notes for a merge request
-33. `get_draft_note` - Get a single draft note from a merge request
-34. `list_draft_notes` - List draft notes for a merge request
-35. `create_draft_note` - Create a draft note for a merge request
-36. `update_draft_note` - Update an existing draft note
-37. `delete_draft_note` - Delete a draft note
-38. `publish_draft_note` - Publish a single draft note
-39. `bulk_publish_draft_notes` - Publish all draft notes for a merge request
-40. `list_merge_requests` - List merge requests globally or in a specific GitLab project with filtering options (project_id is now optional)
-41. `approve_merge_request` - Approve a merge request (requires appropriate permissions)
-42. `unapprove_merge_request` - Unapprove a previously approved merge request
-43. `get_merge_request_approval_state` - Get merge request approval details including approvers (uses `approval_state` when available, otherwise falls back to `approvals`)
-44. `update_issue_note` - Modify an existing issue thread note
-45. `create_issue_note` - Add a new note to an existing issue thread
-46. `list_issues` - List issues (default: created by current user only; use scope='all' for all accessible issues)
-47. `my_issues` - List issues assigned to the authenticated user (defaults to open issues)
-48. `get_issue` - Get details of a specific issue in a GitLab project
-49. `update_issue` - Update an issue in a GitLab project
-50. `update_issue_description_patch` - Apply a patch (search/replace or unified diff) to an issue description. Reduces token usage by sending only the change instead of the full description. Supports `dry_run` to preview and `create_note` to summarize.
-51. `delete_issue` - Delete an issue from a GitLab project
-52. `list_todos` - List GitLab to-do items for the current user
-53. `mark_todo_done` - Mark a GitLab to-do item as done
-54. `mark_all_todos_done` - Mark all pending GitLab to-do items as done for the current user
-55. `list_issue_links` - List all issue links for a specific issue
-56. `list_issue_discussions` - List discussions for an issue in a GitLab project
-57. `get_issue_link` - Get a specific issue link
-58. `create_issue_link` - Create an issue link between two issues
-59. `delete_issue_link` - Delete an issue link
-60. `list_namespaces` - List all namespaces available to the current user
-61. `get_namespace` - Get details of a namespace by ID or path
-62. `verify_namespace` - Verify if a namespace path exists
-63. `get_project` - Get details of a specific project
-64. `list_projects` - List projects accessible by the current user
-65. `list_project_members` - List members of a GitLab project
-66. `list_group_projects` - List projects in a GitLab group with filtering options
-67. `list_group_iterations` - List group iterations with filtering options
-68. `list_labels` - List labels for a project
-69. `get_label` - Get a single label from a project
-70. `create_label` - Create a new label in a project
-71. `update_label` - Update an existing label in a project
-72. `delete_label` - Delete a label from a project
-73. `list_pipelines` - List pipelines in a GitLab project with filtering options
-74. `get_pipeline` - Get details of a specific pipeline in a GitLab project
-75. `list_pipeline_jobs` - List all jobs in a specific pipeline
-76. `list_pipeline_trigger_jobs` - List all trigger jobs (bridges) in a specific pipeline that trigger downstream pipelines
-77. `get_pipeline_job` - Get details of a GitLab pipeline job number
-78. `get_pipeline_job_output` - Get the output/trace of a GitLab pipeline job with optional pagination to limit context window usage
-79. `validate_ci_lint` - Validate provided GitLab CI/CD YAML content for a project
-80. `validate_project_ci_lint` - Validate an existing `.gitlab-ci.yml` configuration for a project
-81. `create_pipeline` - Create a new pipeline for a branch or tag
-82. `retry_pipeline` - Retry a failed or canceled pipeline
-83. `cancel_pipeline` - Cancel a running pipeline
-84. `play_pipeline_job` - Run a manual pipeline job
-85. `retry_pipeline_job` - Retry a failed or canceled pipeline job
-86. `cancel_pipeline_job` - Cancel a running pipeline job
-87. `list_deployments` - List deployments in a GitLab project with filtering options
-88. `get_deployment` - Get details of a specific deployment in a GitLab project
-89. `list_environments` - List environments in a GitLab project
-90. `get_environment` - Get details of a specific environment in a GitLab project
-91. `list_job_artifacts` - List artifact files in a job's artifacts archive. Returns file names, paths, types, and sizes
-92. `download_job_artifacts` - Download the entire artifact archive (zip) for a job to a local path. Returns the saved file path
-93. `get_job_artifact_file` - Get the content of a single file from a job's artifacts by its path within the archive
-94. `list_milestones` - List milestones in a GitLab project with filtering options
-95. `get_milestone` - Get details of a specific milestone
-96. `create_milestone` - Create a new milestone in a GitLab project
-97. `edit_milestone` - Edit an existing milestone in a GitLab project
-98. `delete_milestone` - Delete a milestone from a GitLab project
-99. `get_milestone_issue` - Get issues associated with a specific milestone
-100. `get_milestone_merge_requests` - Get merge requests associated with a specific milestone
-101. `promote_milestone` - Promote a milestone to the next stage
-102. `get_milestone_burndown_events` - Get burndown events for a specific milestone
-103. `list_wiki_pages` - List wiki pages in a GitLab project
-104. `get_wiki_page` - Get details of a specific wiki page
-105. `create_wiki_page` - Create a new wiki page in a GitLab project
-106. `update_wiki_page` - Update an existing wiki page in a GitLab project
-107. `delete_wiki_page` - Delete a wiki page from a GitLab project
-108. `list_group_wiki_pages` - List wiki pages in a GitLab group
-109. `get_group_wiki_page` - Get details of a specific group wiki page
-110. `create_group_wiki_page` - Create a new wiki page in a GitLab group
-111. `update_group_wiki_page` - Update an existing wiki page in a GitLab group
-112. `delete_group_wiki_page` - Delete a wiki page from a GitLab group
-113. `get_repository_tree` - Get the repository tree for a GitLab project (list files and directories)
-114. `list_commits` - List repository commits with filtering options
-115. `get_commit` - Get details of a specific commit
-116. `get_commit_diff` - Get changes/diffs of a specific commit
-117. `list_commit_statuses` - List statuses for a specific commit
-118. `create_commit_status` - Create or update the status of a specific commit
-119. `list_releases` - List all releases for a project
-120. `get_release` - Get a release by tag name
-121. `create_release` - Create a new release in a GitLab project
-122. `update_release` - Update an existing release in a GitLab project
-123. `delete_release` - Delete a release from a GitLab project (does not delete the associated tag)
-124. `create_release_evidence` - Create release evidence for an existing release (GitLab Premium/Ultimate only)
-125. `download_release_asset` - Download a release asset file by direct asset path
-126. `list_tags` - List repository tags with filtering and pagination support
-127. `get_tag` - Get details of a specific repository tag
-128. `create_tag` - Create a new tag in the repository
-129. `delete_tag` - Delete a tag from the repository
-130. `get_tag_signature` - Get the signature of a signed tag
-131. `get_users` - Get GitLab user details by usernames
-132. `list_events` - List all events for the currently authenticated user
-133. `get_project_events` - List all visible events for a specified project
-134. `upload_markdown` - Upload a file to a GitLab project for use in markdown content
-135. `download_attachment` - Download an uploaded file from a GitLab project by secret and filename
-136. `get_work_item` - Get a single work item with full details including status, hierarchy (parent/children), type, labels, assignees, and all widgets
-137. `list_work_items` - List work items in a project with filters (type, state, search, assignees, labels). Returns items with status and hierarchy info
-138. `create_work_item` - Create a new work item (issue, task, incident, test_case, epic, key_result, objective, requirement, ticket). Supports setting title, description, labels, assignees, weight, parent, health status, start/due dates, milestone, and confidentiality
-139. `update_work_item` - Update a work item. Can modify title, description, labels, assignees, weight, state, status, parent hierarchy, children, health status, start/due dates, milestone, confidentiality, linked items, and custom fields
-140. `convert_work_item_type` - Convert a work item to a different type (e.g. issue to task, task to incident)
-141. `list_work_item_statuses` - List available statuses for a work item type in a project. Requires GitLab Premium/Ultimate with configurable statuses
-142. `list_custom_field_definitions` - List available custom field definitions for a work item type in a project. Returns field names, types, and IDs needed for setting custom fields via update_work_item
-143. `move_work_item` - Move a work item (issue, task, etc.) to a different project. Uses GitLab GraphQL issueMove mutation
-144. `list_work_item_notes` - List notes and discussions on a work item. Returns threaded discussions with author, body, timestamps, and system/internal flags
-145. `create_work_item_note` - Add a note/comment to a work item. Supports Markdown, internal notes, and threaded replies
-146. `get_timeline_events` - List timeline events for an incident. Returns chronological events with notes, timestamps, and tags
-147. `create_timeline_event` - Create a timeline event on an incident. Supports tags: 'Start time', 'End time', 'Impact detected', 'Response initiated', 'Impact mitigated', 'Cause identified'
-148. `list_webhooks` - List all configured webhooks for a GitLab project or group. Provide either project_id or group_id
-149. `list_webhook_events` - List recent webhook events (past 7 days) for a project or group webhook. Use summary mode for overview, then get_webhook_event for full details
-150. `get_webhook_event` - Get full details of a specific webhook event by ID, including request/response payloads
-151. `search_code` - Search for code across all projects on the GitLab instance (requires advanced search or exact code search to be enabled)
-152. `search_project_code` - Search for code within a specific GitLab project (requires advanced search or exact code search to be enabled)
-153. `search_group_code` - Search for code within a specific GitLab group (requires advanced search or exact code search to be enabled)
-154. `execute_graphql` - Execute a GitLab GraphQL query
-155. `list_merge_request_pipelines` - List pipelines for a merge request with pagination support
+5. `create_group` - Create a new GitLab group or subgroup (name, path, description, visibility, and optional parent_id)
+6. `get_file_contents` - Get the contents of a file or directory from a GitLab project
+7. `push_files` - Push multiple files to a GitLab project in a single commit
+8. `create_issue` - Create a new issue in a GitLab project
+9. `create_merge_request` - Create a new merge request in a GitLab project
+10. `fork_repository` - Fork a GitLab project to your account or specified namespace
+11. `create_branch` - Create a new branch in a GitLab project
+12. `get_merge_request` - Get details of a merge request with compact deployment summary, behind-count, commit addition summary, and approval summary (Either mergeRequestIid or branchName must be provided)
+13. `get_merge_request_diffs` - Get the changes/diffs of a merge request (Either mergeRequestIid or branchName must be provided)
+14. `list_merge_request_diffs` - List merge request diffs with pagination support (Either mergeRequestIid or branchName must be provided)
+15. `get_merge_request_conflicts` - Get the conflicts of a merge request in a GitLab project
+16. `list_merge_request_changed_files` - STEP 1 of code review workflow. Returns ONLY the list of changed file paths in a merge request — WITHOUT diff content. Call this first to get file paths, then call get_merge_request_file_diff with multiple files in a single batched call (recommended 3-5 files per call). Supports excluded_file_patterns filtering using regex. (Either mergeRequestIid or branchName must be provided)
+17. `get_merge_request_file_diff` - STEP 2 of code review workflow. Get diffs for one or more files from a merge request. Call list_merge_request_changed_files first, then pass them as an array to fetch diffs efficiently. Batching multiple files (recommended 3-5) is supported. (Either mergeRequestIid or branchName must be provided)
+18. `list_merge_request_versions` - List all versions of a merge request
+19. `get_merge_request_version` - Get a specific version of a merge request
+20. `get_branch_diffs` - Get the changes/diffs between two branches or commits in a GitLab project
+21. `update_merge_request` - Update a merge request (Either mergeRequestIid or branchName must be provided)
+22. `create_note` - Create a new note (comment) to an issue or merge request
+23. `create_merge_request_thread` - Create a new thread on a merge request
+24. `mr_discussions` - List discussion items for a merge request
+25. `resolve_merge_request_thread` - Resolve a thread on a merge request
+26. `update_merge_request_note` - Modify an existing merge request thread note
+27. `create_merge_request_note` - Add a new note to an existing merge request thread
+28. `delete_merge_request_discussion_note` - Delete a discussion note on a merge request
+29. `update_merge_request_discussion_note` - Update a discussion note on a merge request
+30. `create_merge_request_discussion_note` - Add a new discussion note to an existing merge request thread
+31. `delete_merge_request_note` - Delete an existing merge request note
+32. `get_merge_request_note` - Get a specific note for a merge request
+33. `get_merge_request_notes` - List notes for a merge request
+34. `get_draft_note` - Get a single draft note from a merge request
+35. `list_draft_notes` - List draft notes for a merge request
+36. `create_draft_note` - Create a draft note for a merge request
+37. `update_draft_note` - Update an existing draft note
+38. `delete_draft_note` - Delete a draft note
+39. `publish_draft_note` - Publish a single draft note
+40. `bulk_publish_draft_notes` - Publish all draft notes for a merge request
+41. `list_merge_requests` - List merge requests globally or in a specific GitLab project with filtering options (project_id is now optional)
+42. `approve_merge_request` - Approve a merge request (requires appropriate permissions)
+43. `unapprove_merge_request` - Unapprove a previously approved merge request
+44. `get_merge_request_approval_state` - Get merge request approval details including approvers (uses `approval_state` when available, otherwise falls back to `approvals`)
+45. `update_issue_note` - Modify an existing issue thread note
+46. `create_issue_note` - Add a new note to an existing issue thread
+47. `list_issues` - List issues (default: created by current user only; use scope='all' for all accessible issues)
+48. `my_issues` - List issues assigned to the authenticated user (defaults to open issues)
+49. `get_issue` - Get details of a specific issue in a GitLab project
+50. `update_issue` - Update an issue in a GitLab project
+51. `update_issue_description_patch` - Apply a patch (search/replace or unified diff) to an issue description. Reduces token usage by sending only the change instead of the full description. Supports `dry_run` to preview and `create_note` to summarize.
+52. `delete_issue` - Delete an issue from a GitLab project
+53. `list_todos` - List GitLab to-do items for the current user
+54. `mark_todo_done` - Mark a GitLab to-do item as done
+55. `mark_all_todos_done` - Mark all pending GitLab to-do items as done for the current user
+56. `list_issue_links` - List all issue links for a specific issue
+57. `list_issue_discussions` - List discussions for an issue in a GitLab project
+58. `get_issue_link` - Get a specific issue link
+59. `create_issue_link` - Create an issue link between two issues
+60. `delete_issue_link` - Delete an issue link
+61. `list_namespaces` - List all namespaces available to the current user
+62. `get_namespace` - Get details of a namespace by ID or path
+63. `verify_namespace` - Verify if a namespace path exists
+64. `get_project` - Get details of a specific project
+65. `list_projects` - List projects accessible by the current user
+66. `list_project_members` - List members of a GitLab project
+67. `list_group_projects` - List projects in a GitLab group with filtering options
+68. `list_group_iterations` - List group iterations with filtering options
+69. `list_labels` - List labels for a project
+70. `get_label` - Get a single label from a project
+71. `create_label` - Create a new label in a project
+72. `update_label` - Update an existing label in a project
+73. `delete_label` - Delete a label from a project
+74. `list_pipelines` - List pipelines in a GitLab project with filtering options
+75. `get_pipeline` - Get details of a specific pipeline in a GitLab project
+76. `list_pipeline_jobs` - List all jobs in a specific pipeline
+77. `list_pipeline_trigger_jobs` - List all trigger jobs (bridges) in a specific pipeline that trigger downstream pipelines
+78. `get_pipeline_job` - Get details of a GitLab pipeline job number
+79. `get_pipeline_job_output` - Get the output/trace of a GitLab pipeline job with optional pagination to limit context window usage
+80. `validate_ci_lint` - Validate provided GitLab CI/CD YAML content for a project
+81. `validate_project_ci_lint` - Validate an existing `.gitlab-ci.yml` configuration for a project
+82. `create_pipeline` - Create a new pipeline for a branch or tag
+83. `retry_pipeline` - Retry a failed or canceled pipeline
+84. `cancel_pipeline` - Cancel a running pipeline
+85. `play_pipeline_job` - Run a manual pipeline job
+86. `retry_pipeline_job` - Retry a failed or canceled pipeline job
+87. `cancel_pipeline_job` - Cancel a running pipeline job
+88. `list_deployments` - List deployments in a GitLab project with filtering options
+89. `get_deployment` - Get details of a specific deployment in a GitLab project
+90. `list_environments` - List environments in a GitLab project
+91. `get_environment` - Get details of a specific environment in a GitLab project
+92. `list_job_artifacts` - List artifact files in a job's artifacts archive. Returns file names, paths, types, and sizes
+93. `download_job_artifacts` - Download the entire artifact archive (zip) for a job to a local path. Returns the saved file path
+94. `get_job_artifact_file` - Get the content of a single file from a job's artifacts by its path within the archive
+95. `list_milestones` - List milestones in a GitLab project with filtering options
+96. `get_milestone` - Get details of a specific milestone
+97. `create_milestone` - Create a new milestone in a GitLab project
+98. `edit_milestone` - Edit an existing milestone in a GitLab project
+99. `delete_milestone` - Delete a milestone from a GitLab project
+100. `get_milestone_issue` - Get issues associated with a specific milestone
+101. `get_milestone_merge_requests` - Get merge requests associated with a specific milestone
+102. `promote_milestone` - Promote a milestone to the next stage
+103. `get_milestone_burndown_events` - Get burndown events for a specific milestone
+104. `list_wiki_pages` - List wiki pages in a GitLab project
+105. `get_wiki_page` - Get details of a specific wiki page
+106. `create_wiki_page` - Create a new wiki page in a GitLab project
+107. `update_wiki_page` - Update an existing wiki page in a GitLab project
+108. `delete_wiki_page` - Delete a wiki page from a GitLab project
+109. `list_group_wiki_pages` - List wiki pages in a GitLab group
+110. `get_group_wiki_page` - Get details of a specific group wiki page
+111. `create_group_wiki_page` - Create a new wiki page in a GitLab group
+112. `update_group_wiki_page` - Update an existing wiki page in a GitLab group
+113. `delete_group_wiki_page` - Delete a wiki page from a GitLab group
+114. `get_repository_tree` - Get the repository tree for a GitLab project (list files and directories)
+115. `list_commits` - List repository commits with filtering options
+116. `get_commit` - Get details of a specific commit
+117. `get_commit_diff` - Get changes/diffs of a specific commit
+118. `list_commit_statuses` - List statuses for a specific commit
+119. `create_commit_status` - Create or update the status of a specific commit
+120. `list_releases` - List all releases for a project
+121. `get_release` - Get a release by tag name
+122. `create_release` - Create a new release in a GitLab project
+123. `update_release` - Update an existing release in a GitLab project
+124. `delete_release` - Delete a release from a GitLab project (does not delete the associated tag)
+125. `create_release_evidence` - Create release evidence for an existing release (GitLab Premium/Ultimate only)
+126. `download_release_asset` - Download a release asset file by direct asset path
+127. `list_tags` - List repository tags with filtering and pagination support
+128. `get_tag` - Get details of a specific repository tag
+129. `create_tag` - Create a new tag in the repository
+130. `delete_tag` - Delete a tag from the repository
+131. `get_tag_signature` - Get the signature of a signed tag
+132. `get_users` - Get GitLab user details by usernames
+133. `list_events` - List all events for the currently authenticated user
+134. `get_project_events` - List all visible events for a specified project
+135. `upload_markdown` - Upload a file to a GitLab project for use in markdown content
+136. `download_attachment` - Download an uploaded file from a GitLab project by secret and filename
+137. `get_work_item` - Get a single work item with full details including status, hierarchy (parent/children), type, labels, assignees, and all widgets
+138. `list_work_items` - List work items in a project with filters (type, state, search, assignees, labels). Returns items with status and hierarchy info
+139. `create_work_item` - Create a new work item (issue, task, incident, test_case, epic, key_result, objective, requirement, ticket). Supports setting title, description, labels, assignees, weight, parent, health status, start/due dates, milestone, and confidentiality
+140. `update_work_item` - Update a work item. Can modify title, description, labels, assignees, weight, state, status, parent hierarchy, children, health status, start/due dates, milestone, confidentiality, linked items, and custom fields
+141. `convert_work_item_type` - Convert a work item to a different type (e.g. issue to task, task to incident)
+142. `list_work_item_statuses` - List available statuses for a work item type in a project. Requires GitLab Premium/Ultimate with configurable statuses
+143. `list_custom_field_definitions` - List available custom field definitions for a work item type in a project. Returns field names, types, and IDs needed for setting custom fields via update_work_item
+144. `move_work_item` - Move a work item (issue, task, etc.) to a different project. Uses GitLab GraphQL issueMove mutation
+145. `list_work_item_notes` - List notes and discussions on a work item. Returns threaded discussions with author, body, timestamps, and system/internal flags
+146. `create_work_item_note` - Add a note/comment to a work item. Supports Markdown, internal notes, and threaded replies
+147. `get_timeline_events` - List timeline events for an incident. Returns chronological events with notes, timestamps, and tags
+148. `create_timeline_event` - Create a timeline event on an incident. Supports tags: 'Start time', 'End time', 'Impact detected', 'Response initiated', 'Impact mitigated', 'Cause identified'
+149. `list_webhooks` - List all configured webhooks for a GitLab project or group. Provide either project_id or group_id
+150. `list_webhook_events` - List recent webhook events (past 7 days) for a project or group webhook. Use summary mode for overview, then get_webhook_event for full details
+151. `get_webhook_event` - Get full details of a specific webhook event by ID, including request/response payloads
+152. `search_code` - Search for code across all projects on the GitLab instance (requires advanced search or exact code search to be enabled)
+153. `search_project_code` - Search for code within a specific GitLab project (requires advanced search or exact code search to be enabled)
+154. `search_group_code` - Search for code within a specific GitLab group (requires advanced search or exact code search to be enabled)
+155. `execute_graphql` - Execute a GitLab GraphQL query
+156. `list_merge_request_pipelines` - List pipelines for a merge request with pagination support
 
 <!-- TOOLS-END -->
 

package/build/index.js

@@ -26,12 +26,12 @@ import { requireBearerAuth } from "@modelcontextprotocol/sdk/server/auth/middlew
 import { GitLabClientPool } from "./gitlab-client-pool.js";
 import { allTools, readOnlyTools, destructiveTools, parseEnabledToolsets, parseIndividualTools, buildFeatureFlagOverrides, isToolInEnabledToolset, TOOLSET_DEFINITIONS, ALL_TOOLSET_IDS, } from "./tools/registry.js";
 import { BulkPublishDraftNotesSchema, CancelPipelineJobSchema, CancelPipelineSchema, CreateBranchSchema, CreateDraftNoteSchema, CreateIssueLinkSchema, CreateIssueNoteSchema, CreateIssueSchema, CreateIssueEmojiReactionSchema, CreateIssueNoteEmojiReactionSchema, ListIssueEmojiReactionsSchema, ListIssueNoteEmojiReactionsSchema, CreateLabelSchema, // Added
-CreateMergeRequestNoteSchema, CreateMergeRequestDiscussionNoteSchema, CreateMergeRequestEmojiReactionSchema, CreateMergeRequestNoteEmojiReactionSchema, ListMergeRequestEmojiReactionsSchema, ListMergeRequestNoteEmojiReactionsSchema, CreateMergeRequestSchema, CreateMergeRequestThreadSchema, CreateNoteSchema, CreateCommitStatusSchema, CreateOrUpdateFileSchema, CreatePipelineSchema, CreateProjectMilestoneSchema, CreateRepositorySchema, CreateWikiPageSchema, CreateGroupWikiPageSchema, DeleteBranchSchema, DeleteDraftNoteSchema, DeleteGroupWikiPageSchema, DeleteIssueLinkSchema, DeleteIssueSchema, DeleteIssueEmojiReactionSchema, DeleteIssueNoteEmojiReactionSchema, DeleteLabelSchema, DeleteProjectMilestoneSchema, DeleteWikiPageSchema, DeleteMergeRequestNoteSchema, DeleteMergeRequestEmojiReactionSchema, DeleteMergeRequestNoteEmojiReactionSchema, EditProjectMilestoneSchema, ForkRepositorySchema, GetBranchDiffsSchema, GetBranchSchema, GetCommitDiffSchema, GetCommitSchema, GetDraftNoteSchema, GetFileContentsSchema, GetIssueLinkSchema, GetIssueSchema, GetLabelSchema, GetMergeRequestDiffsSchema, GetMergeRequestSchema, GetMilestoneBurndownEventsSchema, GetMilestoneIssuesSchema, GetMilestoneMergeRequestsSchema, GetDeploymentSchema, GetEnvironmentSchema, GetNamespaceSchema, GitLabCiLintResultSchema, GetPipelineJobOutputSchema, GetPipelineSchema, GetProjectMilestoneSchema, GetProjectSchema, GetRepositoryTreeSchema, GetUsersSchema, GetUserSchema, GitLabUserFullSchema, WhoAmISchema, GitLabCurrentUserSchema, GetWikiPageSchema, GitLabCommitSchema, GitLabCommitStatusSchema, GitLabCompareResultSchema, GitLabContentSchema, GitLabCreateUpdateFileResponseSchema, GitLabDiffSchema, 
+CreateMergeRequestNoteSchema, CreateMergeRequestDiscussionNoteSchema, CreateMergeRequestEmojiReactionSchema, CreateMergeRequestNoteEmojiReactionSchema, ListMergeRequestEmojiReactionsSchema, ListMergeRequestNoteEmojiReactionsSchema, CreateMergeRequestSchema, CreateMergeRequestThreadSchema, CreateNoteSchema, CreateCommitStatusSchema, CreateOrUpdateFileSchema, CreatePipelineSchema, CreateProjectMilestoneSchema, CreateRepositorySchema, CreateGroupSchema, CreateWikiPageSchema, CreateGroupWikiPageSchema, DeleteBranchSchema, DeleteDraftNoteSchema, DeleteGroupWikiPageSchema, DeleteIssueLinkSchema, DeleteIssueSchema, DeleteIssueEmojiReactionSchema, DeleteIssueNoteEmojiReactionSchema, DeleteLabelSchema, DeleteProjectMilestoneSchema, DeleteWikiPageSchema, DeleteMergeRequestNoteSchema, DeleteMergeRequestEmojiReactionSchema, DeleteMergeRequestNoteEmojiReactionSchema, EditProjectMilestoneSchema, ForkRepositorySchema, GetBranchDiffsSchema, GetBranchSchema, GetCommitDiffSchema, GetCommitSchema, GetFileBlameSchema, GitLabBlameEntrySchema, GetDraftNoteSchema, GetFileContentsSchema, GetIssueLinkSchema, GetIssueSchema, GetLabelSchema, GetMergeRequestDiffsSchema, GetMergeRequestSchema, GetMilestoneBurndownEventsSchema, GetMilestoneIssuesSchema, GetMilestoneMergeRequestsSchema, GetDeploymentSchema, GetEnvironmentSchema, GetNamespaceSchema, GitLabCiLintResultSchema, GetPipelineJobOutputSchema, GetPipelineSchema, GetProjectMilestoneSchema, GetProjectSchema, GetRepositoryTreeSchema, GetUsersSchema, GetUserSchema, GitLabUserFullSchema, WhoAmISchema, GitLabCurrentUserSchema, GetWikiPageSchema, GitLabCommitSchema, GitLabCommitStatusSchema, GitLabCompareResultSchema, GitLabContentSchema, GitLabCreateUpdateFileResponseSchema, GitLabDiffSchema, 
 // Discussion Schemas
 GitLabDiscussionNoteSchema, // Added
 GitLabDiscussionSchema, 
 // Draft Notes Schemas
-GitLabDraftNoteSchema, GitLabForkSchema, GitLabBranchSchema, GitLabIssueLinkSchema, GitLabIssueSchema, GitLabIssueWithLinkDetailsSchema, GitLabMarkdownUploadSchema, GitLabMergeRequestPipelineSchema, GitLabMergeRequestSchema, GitLabMilestonesSchema, GitLabNamespaceExistsResponseSchema, GitLabNamespaceSchema, GitLabPipelineJobSchema, GitLabDeploymentSchema, GitLabEnvironmentSchema, GitLabPipelineSchema, GitLabPipelineTriggerJobSchema, GitLabProjectMemberSchema, GitLabProjectSchema, GitLabTodoSchema, GitLabReferenceSchema, GitLabRepositorySchema, GitLabSearchBlobResultSchema, GitLabSearchResponseSchema, GitLabTreeItemSchema, GitLabUserSchema, GitLabUsersResponseSchema, GitLabWikiPageSchema, GroupIteration, ListCommitStatusesSchema, ListBranchesSchema, ListCommitsSchema, ListDraftNotesSchema, ListGroupIterationsSchema, ListGroupProjectsSchema, ListIssueDiscussionsSchema, ListIssueLinksSchema, ListIssuesSchema, ListTodosSchema, ListLabelsSchema, ListMergeRequestDiffsSchema, // Added
+GitLabDraftNoteSchema, GitLabForkSchema, GitLabBranchSchema, GitLabGroupSchema, GitLabIssueLinkSchema, GitLabIssueSchema, GitLabIssueWithLinkDetailsSchema, GitLabMarkdownUploadSchema, GitLabMergeRequestPipelineSchema, GitLabMergeRequestSchema, GitLabMilestonesSchema, GitLabNamespaceExistsResponseSchema, GitLabNamespaceSchema, GitLabPipelineJobSchema, GitLabDeploymentSchema, GitLabEnvironmentSchema, GitLabPipelineSchema, GitLabPipelineTriggerJobSchema, GitLabProjectMemberSchema, GitLabProjectSchema, GitLabTodoSchema, GitLabReferenceSchema, GitLabRepositorySchema, GitLabSearchBlobResultSchema, GitLabSearchResponseSchema, GitLabTreeItemSchema, GitLabUserSchema, GitLabUsersResponseSchema, GitLabWikiPageSchema, GroupIteration, ListCommitStatusesSchema, ListBranchesSchema, ListCommitsSchema, ListDraftNotesSchema, ListGroupIterationsSchema, ListGroupProjectsSchema, ListIssueDiscussionsSchema, ListIssueLinksSchema, ListIssuesSchema, ListTodosSchema, ListLabelsSchema, ListMergeRequestDiffsSchema, // Added
 GetMergeRequestFileDiffSchema, ListMergeRequestChangedFilesSchema, ListMergeRequestDiscussionsSchema, ListMergeRequestPipelinesSchema, ListMergeRequestsSchema, ListMergeRequestVersionsSchema, GetMergeRequestVersionSchema, GitLabMergeRequestVersionSchema, GitLabMergeRequestVersionDetailSchema, ListNamespacesSchema, ListPipelineJobsSchema, ListPipelinesSchema, ListDeploymentsSchema, ListEnvironmentsSchema, ListPipelineTriggerJobsSchema, ValidateCiLintSchema, ValidateProjectCiLintSchema, ListProjectMembersSchema, ListProjectMilestonesSchema, ListProjectsSchema, ListWikiPagesSchema, GetGroupWikiPageSchema, ListGroupWikiPagesSchema, UpdateGroupWikiPageSchema, MarkdownUploadSchema, DownloadAttachmentSchema, DownloadJobArtifactsSchema, GetJobArtifactFileSchema, GitLabArtifactEntrySchema, ListJobArtifactsSchema, MergeMergeRequestSchema, ApproveMergeRequestSchema, UnapproveMergeRequestSchema, GetMergeRequestApprovalStateSchema, GetMergeRequestConflictsSchema, GitLabMergeRequestApprovalsResponseSchema, GitLabMergeRequestApprovalStateSchema, MyIssuesSchema, MarkAllTodosDoneSchema, MarkTodoDoneSchema, PaginatedDiscussionsResponseSchema, PromoteProjectMilestoneSchema, PublishDraftNoteSchema, PlayPipelineJobSchema, PushFilesSchema, RetryPipelineJobSchema, RetryPipelineSchema, SearchCodeSchema, SearchGroupCodeSchema, SearchProjectCodeSchema, SearchRepositoriesSchema, UpdateDraftNoteSchema, UpdateIssueNoteSchema, UpdateIssueSchema, UpdateIssueDescriptionPatchSchema, UpdateLabelSchema, UpdateMergeRequestNoteSchema, UpdateMergeRequestDiscussionNoteSchema, UpdateMergeRequestSchema, UpdateWikiPageSchema, VerifyNamespaceSchema, GitLabEventSchema, ListEventsSchema, GetProjectEventsSchema, ExecuteGraphQLSchema, GitLabReleaseSchema, ListReleasesSchema, GetReleaseSchema, CreateReleaseSchema, UpdateReleaseSchema, DeleteReleaseSchema, CreateReleaseEvidenceSchema, DownloadReleaseAssetSchema, ListTagsSchema, GetTagSchema, CreateTagSchema, DeleteTagSchema, GetTagSignatureSchema, GitLabTagSchema, GitLabTagSignatureSchema, GetMergeRequestNotesSchema, GetMergeRequestNoteSchema, DeleteMergeRequestDiscussionNoteSchema, ResolveMergeRequestThreadSchema, GetWorkItemSchema, ListWorkItemsSchema, CreateWorkItemSchema, UpdateWorkItemSchema, ConvertWorkItemTypeSchema, ListWorkItemStatusesSchema, ListWorkItemNotesSchema, CreateWorkItemNoteSchema, CreateWorkItemEmojiReactionSchema, CreateWorkItemNoteEmojiReactionSchema, ListWorkItemEmojiReactionsSchema, ListWorkItemNoteEmojiReactionsSchema, DeleteWorkItemEmojiReactionSchema, DeleteWorkItemNoteEmojiReactionSchema, MoveWorkItemSchema, ListCustomFieldDefinitionsSchema, GetTimelineEventsSchema, CreateTimelineEventSchema, ListWebhooksSchema, ListWebhookEventsSchema, GetWebhookEventSchema, HealthCheckSchema, } from "./schemas.js";
 import { randomUUID } from "node:crypto";
 import { pino } from "pino";
@@ -937,6 +937,14 @@ function getEffectiveProjectId(projectId) {
     }
     throw new Error("No project ID provided and GITLAB_PROJECT_ID is not set");
 }
+function rejectIfProjectScopedDeployment(toolName) {
+    if (GITLAB_PROJECT_ID) {
+        throw new Error(`${toolName} is not allowed when GITLAB_PROJECT_ID is set (server is locked to a single project)`);
+    }
+    if (GITLAB_ALLOWED_PROJECT_IDS.length > 0) {
+        throw new Error(`${toolName} is not allowed when GITLAB_ALLOWED_PROJECT_IDS is set (server access is restricted to configured projects)`);
+    }
+}
 /**
  * Create a fork of a GitLab project
  * 프로젝트 포크 생성 (Create a project fork)
@@ -5416,6 +5424,33 @@ async function getCommitDiff(projectId, sha, full_diff) {
     }
     return allDiffs;
 }
+/**
+ * Get blame for a file at a specific ref.
+ *
+ * Wraps GitLab REST endpoint
+ *   GET /projects/:id/repository/files/:file_path/blame?ref=
+ * Returns an array of entries; each entry has `lines` (the source lines covered)
+ * and `commit` (the commit that last changed those lines: id, author, message, ...).
+ *
+ * @param {string} projectId  - Project ID or URL-encoded path
+ * @param {Omit<GetFileBlameOptions,"project_id">} options - file_path, ref, optional range_start/range_end
+ * @returns {Promise<GitLabBlameEntry[]>} Blame entries in source order.
+ */
+async function getFileBlame(projectId, options) {
+    projectId = decodeURIComponent(projectId);
+    const url = new URL(`${getEffectiveApiUrl()}/projects/${encodeURIComponent(getEffectiveProjectId(projectId))}/repository/files/${encodeURIComponent(options.file_path)}/blame`);
+    url.searchParams.append("ref", options.ref);
+    if (options.range_start !== undefined && options.range_end !== undefined) {
+        url.searchParams.append("range[start]", options.range_start.toString());
+        url.searchParams.append("range[end]", options.range_end.toString());
+    }
+    const response = await fetch(url.toString(), {
+        ...getFetchConfig(),
+    });
+    await handleGitLabError(response);
+    const data = await response.json();
+    return z.array(GitLabBlameEntrySchema).parse(data);
+}
 /**
  * List statuses for a commit.
  *
@@ -5959,6 +5994,10 @@ async function handleToolCall(params) {
                 delete args.work_item_iid;
             }
         }
+        // Centralized read-only guard: reject write tools even if client bypasses list_tools filtering
+        if (GITLAB_READ_ONLY_MODE && !readOnlyTools.has(params.name)) {
+            throw new Error(`${params.name} is not allowed in read-only mode`);
+        }
         logger.info({ tool: params.name, event: "tool_call_start" }, `tool_call_start: ${params.name}`);
         switch (params.name) {
             case "execute_graphql": {
@@ -6009,9 +6048,7 @@ async function handleToolCall(params) {
                 }
             }
             case "fork_repository": {
-                if (GITLAB_PROJECT_ID) {
-                    throw new Error("Direct project ID is set. So fork_repository is not allowed");
-                }
+                rejectIfProjectScopedDeployment("fork_repository");
                 const forkArgs = ForkRepositorySchema.parse(params.arguments);
                 try {
                     const forkedProject = await forkProject(forkArgs.project_id, forkArgs.namespace);
@@ -6110,15 +6147,40 @@ async function handleToolCall(params) {
                 };
             }
             case "create_repository": {
-                if (GITLAB_PROJECT_ID) {
-                    throw new Error("Direct project ID is set. So fork_repository is not allowed");
-                }
+                rejectIfProjectScopedDeployment("create_repository");
                 const args = CreateRepositorySchema.parse(params.arguments);
                 const repository = await createRepository(args);
                 return {
                     content: [{ type: "text", text: JSON.stringify(repository, null, 2) }],
                 };
             }
+            case "create_group": {
+                rejectIfProjectScopedDeployment("create_group");
+                const args = CreateGroupSchema.parse(params.arguments);
+                const url = new URL(`${getEffectiveApiUrl()}/groups`);
+                const body = {
+                    name: args.name,
+                    path: args.path,
+                };
+                if (args.description)
+                    body.description = args.description;
+                if (args.visibility)
+                    body.visibility = args.visibility;
+                if (args.parent_id)
+                    body.parent_id = args.parent_id;
+                const response = await fetch(url.toString(), {
+                    ...getFetchConfig(),
+                    method: "POST",
+                    headers: { ...getFetchConfig().headers, "Content-Type": "application/json" },
+                    body: JSON.stringify(body),
+                });
+                await handleGitLabError(response);
+                const data = await response.json();
+                const group = GitLabGroupSchema.parse(data);
+                return {
+                    content: [{ type: "text", text: JSON.stringify(group, null, 2) }],
+                };
+            }
             case "get_file_contents": {
                 const args = GetFileContentsSchema.parse(params.arguments);
                 const contents = await getFileContents(args.project_id, args.file_path, args.ref);
@@ -7466,6 +7528,14 @@ async function handleToolCall(params) {
                     content: [{ type: "text", text: JSON.stringify(diff, null, 2) }],
                 };
             }
+            case "get_file_blame": {
+                const args = GetFileBlameSchema.parse(params.arguments);
+                const { project_id, ...options } = args;
+                const blame = await getFileBlame(project_id, options);
+                return {
+                    content: [{ type: "text", text: JSON.stringify(blame, null, 2) }],
+                };
+            }
             case "list_commit_statuses": {
                 const args = ListCommitStatusesSchema.parse(params.arguments);
                 const { project_id, sha, ...options } = args;

package/build/schemas.js

@@ -595,6 +595,39 @@ export const GitLabCurrentUserSchema = z.object({
         extern_uid: z.string(),
     })).optional(),
 }).passthrough();
+// Group related schemas
+export const CreateGroupSchema = z.object({
+    name: z.string().describe("The name of the group"),
+    path: z.string().describe("The path of the group"),
+    description: z.string().optional().describe("The group's description"),
+    visibility: z.enum(["private", "internal", "public"]).optional().describe("The group's visibility level"),
+    parent_id: z.coerce.number().optional().describe("The parent group ID for creating a subgroup"),
+});
+export const GitLabGroupSchema = z.object({
+    id: z.coerce.string(),
+    name: z.string(),
+    path: z.string(),
+    description: z.string().nullable(),
+    visibility: z.string().optional(),
+    share_with_group_lock: z.boolean().optional(),
+    require_two_factor_authentication: z.boolean().optional(),
+    two_factor_grace_period: z.number().optional(),
+    project_creation_level: z.string().optional(),
+    auto_devops_enabled: z.boolean().nullable().optional(),
+    subgroup_creation_level: z.string().optional(),
+    emails_disabled: z.boolean().nullable().optional(),
+    mentions_disabled: z.boolean().nullable().optional(),
+    lfs_enabled: z.boolean().nullable().optional(),
+    avatar_url: z.string().nullable().optional(),
+    web_url: z.string(),
+    request_access_enabled: z.boolean().nullable().optional(),
+    full_name: z.string(),
+    full_path: z.string(),
+    file_template_project_id: z.number().nullable().optional(),
+    parent_id: z.coerce.string().nullable().optional(),
+    created_at: z.string().optional(),
+    statistics: z.any().optional(),
+});
 // Namespace related schemas
 // Base schema for project-related operations
 const ProjectParamsSchema = z.object({
@@ -2404,6 +2437,50 @@ export const GetCommitDiffSchema = z.object({
         .optional()
         .describe("Whether to return the full diff or only first page (default: false)"),
 });
+export const GetFileBlameSchema = z
+    .object({
+    project_id: z.coerce.string().describe("Project ID or complete URL-encoded path to project"),
+    file_path: z.string().describe("The full path of the file to blame, relative to repo root"),
+    ref: z
+        .string()
+        .describe("The name of branch, tag or commit (required by GitLab blame API)"),
+    range_start: z
+        .coerce.number()
+        .int()
+        .optional()
+        .describe("First line of the blame range (inclusive, 1-based). Both range[start] and range[end] must be set together."),
+    range_end: z
+        .coerce.number()
+        .int()
+        .optional()
+        .describe("Last line of the blame range (inclusive, 1-based). Both range[start] and range[end] must be set together."),
+})
+    .refine((v) => (v.range_start === undefined) === (v.range_end === undefined), {
+    message: "range_start and range_end must be provided together (both or neither). Passing only one silently returned full-file blame on GitLab side.",
+    path: ["range_end"],
+})
+    .refine((v) => v.range_start === undefined ||
+    v.range_end === undefined ||
+    v.range_start <= v.range_end, {
+    message: "range_start must be less than or equal to range_end.",
+    path: ["range_start"],
+});
+export const GitLabBlameEntrySchema = z.object({
+    lines: z.array(z.string()).describe("Source lines covered by this blame range"),
+    commit: z
+        .object({
+        id: z.string(),
+        parent_ids: z.array(z.string()).optional(),
+        message: z.string().optional(),
+        authored_date: z.string().optional(),
+        author_name: z.string().optional(),
+        author_email: z.string().optional(),
+        committed_date: z.string().optional(),
+        committer_name: z.string().optional(),
+        committer_email: z.string().optional(),
+    })
+        .passthrough(),
+});
 export const ListCommitStatusesSchema = z
     .object({
     project_id: z.coerce.string().describe("Project ID or complete URL-encoded path to project"),

package/build/test/test-get-file-blame.js

@@ -0,0 +1,145 @@
+import { describe, test, before, after } from "node:test";
+import assert from "node:assert";
+import { spawn } from "child_process";
+import { MockGitLabServer, findMockServerPort } from "./utils/mock-gitlab-server.js";
+const MOCK_TOKEN = "glpat-mock-token-12345";
+const TEST_PROJECT_ID = "123";
+const MOCK_BLAME = [
+    {
+        lines: ["line one", ""],
+        commit: {
+            id: "1111111111111111111111111111111111111111",
+            message: "feat: initial commit",
+            authored_date: "2024-01-01T00:00:00.000Z",
+            author_name: "Alice",
+            author_email: "alice@example.com",
+        },
+    },
+    {
+        lines: ["line three"],
+        commit: {
+            id: "2222222222222222222222222222222222222222",
+            message: "feat: add second change",
+            authored_date: "2024-02-02T00:00:00.000Z",
+            author_name: "Bob",
+            author_email: "bob@example.com",
+        },
+    },
+];
+async function callGetFileBlame(args, env) {
+    return new Promise((resolve, reject) => {
+        const proc = spawn("node", ["build/index.js"], {
+            stdio: ["pipe", "pipe", "pipe"],
+            env: {
+                ...process.env,
+                ...env,
+                GITLAB_READ_ONLY_MODE: "true",
+            },
+        });
+        let output = "";
+        let errorOutput = "";
+        proc.stdout?.on("data", (d) => (output += d));
+        proc.stderr?.on("data", (d) => (errorOutput += d));
+        proc.on("close", (code) => {
+            if (code !== 0)
+                return reject(new Error(`Process exited with code ${code}: ${errorOutput}`));
+            const line = output.split("\n").find((l) => l.startsWith("{"));
+            if (!line)
+                return reject(new Error("No JSON output found"));
+            try {
+                const response = JSON.parse(line);
+                if (response.error)
+                    return reject(response.error);
+                const content = response.result?.content?.[0]?.text;
+                if (content)
+                    return resolve(JSON.parse(content));
+                resolve(response.result);
+            }
+            catch (e) {
+                reject(e);
+            }
+        });
+        proc.stdin?.end(JSON.stringify({
+            jsonrpc: "2.0",
+            id: 1,
+            method: "tools/call",
+            params: { name: "get_file_blame", arguments: args },
+        }) + "\n");
+    });
+}
+describe("get_file_blame", () => {
+    let mockGitLab;
+    let mockGitLabUrl;
+    let lastQuery = {};
+    before(async () => {
+        const mockPort = await findMockServerPort(9000);
+        mockGitLab = new MockGitLabServer({
+            port: mockPort,
+            validTokens: [MOCK_TOKEN],
+        });
+        mockGitLab.addMockHandler("get", `/projects/${TEST_PROJECT_ID}/repository/files/src%2Fexample.txt/blame`, (req, res) => {
+            lastQuery = req.query;
+            res.json(MOCK_BLAME);
+        });
+        await mockGitLab.start();
+        mockGitLabUrl = mockGitLab.getUrl();
+    });
+    after(async () => {
+        await mockGitLab.stop();
+    });
+    test("returns blame entries for a file at ref", async () => {
+        const blame = await callGetFileBlame({
+            project_id: TEST_PROJECT_ID,
+            file_path: "src/example.txt",
+            ref: "main",
+        }, {
+            GITLAB_API_URL: `${mockGitLabUrl}/api/v4`,
+            GITLAB_PERSONAL_ACCESS_TOKEN: MOCK_TOKEN,
+        });
+        assert.ok(Array.isArray(blame), "Response should be an array");
+        assert.strictEqual(blame.length, 2, "Two blame entries expected");
+        assert.strictEqual(blame[1].commit.id, "2222222222222222222222222222222222222222", "second entry commit id matches");
+        assert.deepStrictEqual(blame[1].lines, ["line three"]);
+        assert.strictEqual(lastQuery.ref, "main", "ref propagated to GitLab API");
+        assert.ok(!("range[start]" in lastQuery) && !("range[end]" in lastQuery), "no range params when omitted");
+    });
+    test("passes range[start]/range[end] when both set", async () => {
+        await callGetFileBlame({
+            project_id: TEST_PROJECT_ID,
+            file_path: "src/example.txt",
+            ref: "main",
+            range_start: 10,
+            range_end: 20,
+        }, {
+            GITLAB_API_URL: `${mockGitLabUrl}/api/v4`,
+            GITLAB_PERSONAL_ACCESS_TOKEN: MOCK_TOKEN,
+        });
+        assert.strictEqual(lastQuery["range[start]"], "10");
+        assert.strictEqual(lastQuery["range[end]"], "20");
+    });
+    test("rejects partial range (range_start only) at schema layer", async () => {
+        await assert.rejects(() => callGetFileBlame({
+            project_id: TEST_PROJECT_ID,
+            file_path: "src/example.txt",
+            ref: "main",
+            range_start: 10,
+        }, {
+            GITLAB_API_URL: `${mockGitLabUrl}/api/v4`,
+            GITLAB_PERSONAL_ACCESS_TOKEN: MOCK_TOKEN,
+        }), (e) => typeof e?.message === "string" &&
+            e.message.includes("range_start and range_end must be provided together"));
+    });
+    test("rejects inverted range (start > end) at schema layer", async () => {
+        await assert.rejects(() => callGetFileBlame({
+            project_id: TEST_PROJECT_ID,
+            file_path: "src/example.txt",
+            ref: "main",
+            range_start: 20,
+            range_end: 10,
+        }, {
+            GITLAB_API_URL: `${mockGitLabUrl}/api/v4`,
+            GITLAB_PERSONAL_ACCESS_TOKEN: MOCK_TOKEN,
+        }), (e) => typeof e?.message === "string" &&
+            e.message.includes("range_start must be less than or equal to range_end"));
+    });
+});

package/build/test/test-geteffectiveprojectid.js

@@ -6,7 +6,7 @@ import { describe, test, before, after } from 'node:test';
 import assert from 'node:assert';
 import { launchServer, findAvailablePort, cleanupServers, TransportMode, HOST } from './utils/server-launcher.js';
 import { MockGitLabServer, findMockServerPort } from './utils/mock-gitlab-server.js';
-import { StreamableHTTPTestClient } from './clients/streamable-http-client.js';
+import { CustomHeaderClient } from './clients/custom-header-client.js';
 // Use the same token that will be passed via GITLAB_TOKEN_TEST environment variable
 const MOCK_TOKEN = process.env.GITLAB_TOKEN_TEST || 'glpat-mock-token-12345';
 const DEFAULT_PROJECT_ID = '123';
@@ -43,6 +43,7 @@ describe('getEffectiveProjectId', { concurrency: 1 }, () => {
                 timeout: 5000,
                 env: {
                     STREAMABLE_HTTP: 'true',
+                    REMOTE_AUTHORIZATION: 'true',
                     GITLAB_API_URL: `${mockGitLabUrl}/api/v4`,
                     GITLAB_PROJECT_ID: DEFAULT_PROJECT_ID,
                     GITLAB_READ_ONLY_MODE: 'true',
@@ -50,7 +51,9 @@ describe('getEffectiveProjectId', { concurrency: 1 }, () => {
             });
             servers.push(server);
             mcpUrl = `http://${HOST}:${mcpPort}/mcp`;
-            client = new StreamableHTTPTestClient();
+            client = new CustomHeaderClient({
+                authorization: `Bearer ${MOCK_TOKEN}`,
+            });
             await client.connect(mcpUrl);
             console.log(`Mock GitLab: ${mockGitLabUrl}`);
             console.log(`MCP Server: ${mcpUrl}`);
@@ -113,7 +116,7 @@ describe('getEffectiveProjectId', { concurrency: 1 }, () => {
                 port: mcpPort,
                 timeout: 5000,
                 env: {
-                    STREAMABLE_HTTP: 'true',
+                    REMOTE_AUTHORIZATION: 'true',
                     GITLAB_API_URL: `${mockGitLabUrl}/api/v4`,
                     GITLAB_PROJECT_ID: DEFAULT_PROJECT_ID,
                     GITLAB_ALLOWED_PROJECT_IDS: DEFAULT_PROJECT_ID,
@@ -122,7 +125,9 @@ describe('getEffectiveProjectId', { concurrency: 1 }, () => {
             });
             servers.push(server);
             mcpUrl = `http://${HOST}:${mcpPort}/mcp`;
-            client = new StreamableHTTPTestClient();
+            client = new CustomHeaderClient({
+                authorization: `Bearer ${MOCK_TOKEN}`,
+            });
             await client.connect(mcpUrl);
             console.log(`Mock GitLab: ${mockGitLabUrl}`);
             console.log(`MCP Server: ${mcpUrl}`);
@@ -183,7 +188,7 @@ describe('getEffectiveProjectId', { concurrency: 1 }, () => {
                 port: mcpPort,
                 timeout: 5000,
                 env: {
-                    STREAMABLE_HTTP: 'true',
+                    REMOTE_AUTHORIZATION: 'true',
                     GITLAB_API_URL: `${mockGitLabUrl}/api/v4`,
                     GITLAB_ALLOWED_PROJECT_IDS: `${DEFAULT_PROJECT_ID},${OTHER_PROJECT_ID}`,
                     GITLAB_READ_ONLY_MODE: 'true',
@@ -191,7 +196,9 @@ describe('getEffectiveProjectId', { concurrency: 1 }, () => {
             });
             servers.push(server);
             mcpUrl = `http://${HOST}:${mcpPort}/mcp`;
-            client = new StreamableHTTPTestClient();
+            client = new CustomHeaderClient({
+                authorization: `Bearer ${MOCK_TOKEN}`,
+            });
             await client.connect(mcpUrl);
             console.log(`Mock GitLab: ${mockGitLabUrl}`);
             console.log(`MCP Server: ${mcpUrl}`);
@@ -242,4 +249,221 @@ describe('getEffectiveProjectId', { concurrency: 1 }, () => {
             console.log(`  ✓ Allowed access to second project ${OTHER_PROJECT_ID}`);
         });
     });
+    describe('GITLAB_PROJECT_ID guards repository and group mutators', () => {
+        let mcpUrl;
+        let mockGitLab;
+        let servers = [];
+        let client;
+        before(async () => {
+            const mockPort = await findMockServerPort(9400);
+            mockGitLab = new MockGitLabServer({
+                port: mockPort,
+                validTokens: [MOCK_TOKEN]
+            });
+            await mockGitLab.start();
+            const mockGitLabUrl = mockGitLab.getUrl();
+            const mcpPort = await findAvailablePort(3400);
+            const server = await launchServer({
+                mode: TransportMode.STREAMABLE_HTTP,
+                port: mcpPort,
+                timeout: 5000,
+                env: {
+                    REMOTE_AUTHORIZATION: 'true',
+                    GITLAB_API_URL: `${mockGitLabUrl}/api/v4`,
+                    GITLAB_PROJECT_ID: DEFAULT_PROJECT_ID,
+                }
+            });
+            servers.push(server);
+            mcpUrl = `http://${HOST}:${mcpPort}/mcp`;
+            client = new CustomHeaderClient({
+                authorization: `Bearer ${MOCK_TOKEN}`,
+            });
+            await client.connect(mcpUrl);
+        });
+        after(async () => {
+            if (client)
+                await client.disconnect();
+            cleanupServers(servers);
+            if (mockGitLab)
+                await mockGitLab.stop();
+        });
+        test('should reject create_repository when GITLAB_PROJECT_ID is set', async () => {
+            try {
+                await client.callTool('create_repository', { name: 'test-repo' });
+                assert.fail('Should have rejected create_repository');
+            }
+            catch (error) {
+                assert.ok(error instanceof Error);
+                assert.ok(error.message.includes('create_repository is not allowed'), 'Should mention create_repository');
+            }
+        });
+        test('should reject fork_repository when GITLAB_PROJECT_ID is set', async () => {
+            try {
+                await client.callTool('fork_repository', { project_id: '999' });
+                assert.fail('Should have rejected fork_repository');
+            }
+            catch (error) {
+                assert.ok(error instanceof Error);
+                assert.ok(error.message.includes('fork_repository is not allowed'), 'Should mention fork_repository');
+            }
+        });
+        test('should reject create_group when GITLAB_PROJECT_ID is set', async () => {
+            try {
+                await client.callTool('create_group', { name: 'test-group', path: 'test-group' });
+                assert.fail('Should have rejected create_group');
+            }
+            catch (error) {
+                assert.ok(error instanceof Error);
+                assert.ok(error.message.includes('create_group is not allowed'), 'Should mention create_group');
+            }
+        });
+        test('should allow get_project (non-mutator) when GITLAB_PROJECT_ID is set', async () => {
+            const result = await client.callTool('get_project', { project_id: '' });
+            assert.ok(result.content, 'Should have content');
+            const content = result.content[0];
+            assert.ok('text' in content, 'Content should have text');
+            const project = JSON.parse(content.text);
+            assert.strictEqual(project.id.toString(), DEFAULT_PROJECT_ID, 'Should use default project');
+        });
+    });
+    describe('GITLAB_ALLOWED_PROJECT_IDS guards repository and group mutators (allowlist-only, no GITLAB_PROJECT_ID)', () => {
+        let mcpUrl;
+        let mockGitLab;
+        let servers = [];
+        let client;
+        before(async () => {
+            const mockPort = await findMockServerPort(9600);
+            mockGitLab = new MockGitLabServer({
+                port: mockPort,
+                validTokens: [MOCK_TOKEN]
+            });
+            await mockGitLab.start();
+            const mockGitLabUrl = mockGitLab.getUrl();
+            const mcpPort = await findAvailablePort(3600);
+            const server = await launchServer({
+                mode: TransportMode.STREAMABLE_HTTP,
+                port: mcpPort,
+                timeout: 5000,
+                env: {
+                    REMOTE_AUTHORIZATION: 'true',
+                    GITLAB_API_URL: `${mockGitLabUrl}/api/v4`,
+                    GITLAB_ALLOWED_PROJECT_IDS: DEFAULT_PROJECT_ID,
+                }
+            });
+            servers.push(server);
+            mcpUrl = `http://${HOST}:${mcpPort}/mcp`;
+            client = new CustomHeaderClient({
+                authorization: `Bearer ${MOCK_TOKEN}`,
+            });
+            await client.connect(mcpUrl);
+        });
+        after(async () => {
+            if (client)
+                await client.disconnect();
+            cleanupServers(servers);
+            if (mockGitLab)
+                await mockGitLab.stop();
+        });
+        test('should reject create_repository with GITLAB_ALLOWED_PROJECT_IDS', async () => {
+            try {
+                await client.callTool('create_repository', { name: 'test-repo' });
+                assert.fail('Should have rejected create_repository');
+            }
+            catch (error) {
+                assert.ok(error instanceof Error);
+                assert.ok(error.message.includes('create_repository is not allowed'), 'Should mention create_repository');
+            }
+        });
+        test('should reject fork_repository with GITLAB_ALLOWED_PROJECT_IDS', async () => {
+            try {
+                await client.callTool('fork_repository', { project_id: '999' });
+                assert.fail('Should have rejected fork_repository');
+            }
+            catch (error) {
+                assert.ok(error instanceof Error);
+                assert.ok(error.message.includes('fork_repository is not allowed'), 'Should mention fork_repository');
+            }
+        });
+        test('should reject create_group with GITLAB_ALLOWED_PROJECT_IDS', async () => {
+            try {
+                await client.callTool('create_group', { name: 'test-group', path: 'test-group' });
+                assert.fail('Should have rejected create_group');
+            }
+            catch (error) {
+                assert.ok(error instanceof Error);
+                assert.ok(error.message.includes('create_group is not allowed'), 'Should mention create_group');
+            }
+        });
+        test('should allow get_project (non-mutator) with GITLAB_ALLOWED_PROJECT_IDS', async () => {
+            const result = await client.callTool('get_project', { project_id: '' });
+            assert.ok(result.content, 'Should have content');
+            const content = result.content[0];
+            assert.ok('text' in content, 'Content should have text');
+            const project = JSON.parse(content.text);
+            assert.strictEqual(project.id.toString(), DEFAULT_PROJECT_ID, 'Should use default project');
+        });
+    });
+    describe('GITLAB_READ_ONLY_MODE enforces read-only for all write tools', () => {
+        let mcpUrl;
+        let mockGitLab;
+        let servers = [];
+        let client;
+        before(async () => {
+            const mockPort = await findMockServerPort(9500);
+            mockGitLab = new MockGitLabServer({
+                port: mockPort,
+                validTokens: [MOCK_TOKEN]
+            });
+            await mockGitLab.start();
+            const mockGitLabUrl = mockGitLab.getUrl();
+            const mcpPort = await findAvailablePort(3500);
+            const server = await launchServer({
+                mode: TransportMode.STREAMABLE_HTTP,
+                port: mcpPort,
+                timeout: 5000,
+                env: {
+                    REMOTE_AUTHORIZATION: 'true',
+                    GITLAB_API_URL: `${mockGitLabUrl}/api/v4`,
+                    GITLAB_READ_ONLY_MODE: 'true',
+                }
+            });
+            servers.push(server);
+            mcpUrl = `http://${HOST}:${mcpPort}/mcp`;
+            client = new CustomHeaderClient({
+                authorization: `Bearer ${MOCK_TOKEN}`,
+            });
+            await client.connect(mcpUrl);
+        });
+        after(async () => {
+            if (client)
+                await client.disconnect();
+            cleanupServers(servers);
+            if (mockGitLab)
+                await mockGitLab.stop();
+        });
+        test('should reject create_group in read-only mode (no project ID)', async () => {
+            try {
+                await client.callTool('create_group', { name: 'test-group', path: 'test-group' });
+                assert.fail('Should have rejected create_group in read-only mode');
+            }
+            catch (error) {
+                assert.ok(error instanceof Error);
+                assert.ok(error.message.includes('create_group is not allowed'), 'Should mention create_group');
+            }
+        });
+        test('should reject create_repository in read-only mode', async () => {
+            try {
+                await client.callTool('create_repository', { name: 'test-repo' });
+                assert.fail('Should have rejected create_repository in read-only mode');
+            }
+            catch (error) {
+                assert.ok(error instanceof Error);
+                assert.ok(error.message.includes('create_repository is not allowed'), 'Should mention create_repository');
+            }
+        });
+        test('should allow get_project (read-only) in read-only mode', async () => {
+            const result = await client.callTool('get_project', { project_id: DEFAULT_PROJECT_ID });
+            assert.ok(result.content, 'Should have content');
+        });
+    });
 }); // end wrapper describe

package/build/test/test-toolset-filtering.js

@@ -19,7 +19,7 @@ const TOOLSET_TOOL_COUNTS = {
     merge_requests: 41,
     issues: 24,
     repositories: 7,
-    branches: 9,
+    branches: 10,
     projects: 9,
     labels: 5,
     ci: 2,
@@ -32,6 +32,7 @@ const TOOLSET_TOOL_COUNTS = {
     search: 3,
     workitems: 18,
     webhooks: 3,
+    groups: 1,
 };
 const LEGACY_PIPELINE_TOOL_COUNT = TOOLSET_TOOL_COUNTS.pipelines + TOOLSET_TOOL_COUNTS.ci;
 const DEFAULT_TOOLSETS = [
@@ -43,6 +44,7 @@ const DEFAULT_TOOLSETS = [
     "labels",
     "ci",
     "users",
+    "groups",
 ];
 const NON_DEFAULT_TOOLSETS = [
     "pipelines",
@@ -75,6 +77,7 @@ const TOOLSET_SAMPLE_TOOLS = {
     users: ["get_users", "upload_markdown", "download_attachment"],
     search: ["search_code", "search_project_code", "search_group_code"],
     webhooks: ["list_webhooks", "list_webhook_events", "get_webhook_event"],
+    groups: ["create_group"],
 };
 // --- Helpers ---
 async function launchMcpServer(mockGitLabUrl, mcpPort, extraEnv = {}) {

package/build/tools/registry.js

@@ -1,7 +1,7 @@
 import { zodToJsonSchema } from "zod-to-json-schema";
 import { toJSONSchema } from "../utils/schema.js";
 import { USE_GITLAB_WIKI, USE_MILESTONE, USE_PIPELINE, } from "../config.js";
-import { ApproveMergeRequestSchema, BulkPublishDraftNotesSchema, CancelPipelineJobSchema, CancelPipelineSchema, ConvertWorkItemTypeSchema, CreateBranchSchema, CreateDraftNoteSchema, CreateGroupWikiPageSchema, CreateIssueLinkSchema, CreateIssueNoteSchema, CreateIssueSchema, CreateIssueEmojiReactionSchema, CreateIssueNoteEmojiReactionSchema, ListIssueEmojiReactionsSchema, ListIssueNoteEmojiReactionsSchema, CreateLabelSchema, MarkAllTodosDoneSchema, ListTodosSchema, MarkTodoDoneSchema, CreateMergeRequestDiscussionNoteSchema, CreateMergeRequestEmojiReactionSchema, ListMergeRequestEmojiReactionsSchema, ListMergeRequestNoteEmojiReactionsSchema, CreateMergeRequestNoteSchema, CreateMergeRequestNoteEmojiReactionSchema, CreateMergeRequestSchema, CreateMergeRequestThreadSchema, CreateNoteSchema, CreateCommitStatusSchema, CreateOrUpdateFileSchema, CreatePipelineSchema, CreateProjectMilestoneSchema, CreateReleaseEvidenceSchema, CreateReleaseSchema, CreateRepositorySchema, CreateTagSchema, CreateTimelineEventSchema, CreateWikiPageSchema, CreateWorkItemNoteSchema, CreateWorkItemEmojiReactionSchema, CreateWorkItemNoteEmojiReactionSchema, ListWorkItemEmojiReactionsSchema, ListWorkItemNoteEmojiReactionsSchema, CreateWorkItemSchema, DeleteBranchSchema, DeleteDraftNoteSchema, DeleteGroupWikiPageSchema, DeleteIssueLinkSchema, DeleteIssueSchema, DeleteIssueEmojiReactionSchema, DeleteIssueNoteEmojiReactionSchema, DeleteLabelSchema, DeleteMergeRequestDiscussionNoteSchema, DeleteMergeRequestNoteSchema, DeleteMergeRequestEmojiReactionSchema, DeleteMergeRequestNoteEmojiReactionSchema, DeleteProjectMilestoneSchema, DeleteReleaseSchema, DeleteTagSchema, DeleteWikiPageSchema, DeleteWorkItemEmojiReactionSchema, DeleteWorkItemNoteEmojiReactionSchema, DownloadAttachmentSchema, DownloadJobArtifactsSchema, DownloadReleaseAssetSchema, EditProjectMilestoneSchema, ExecuteGraphQLSchema, ForkRepositorySchema, HealthCheckSchema, GetBranchSchema, GetBranchDiffsSchema, GetCommitDiffSchema, GetCommitSchema, GetDeploymentSchema, GetDraftNoteSchema, GetEnvironmentSchema, GetFileContentsSchema, GetGroupWikiPageSchema, GetIssueLinkSchema, GetIssueSchema, GetJobArtifactFileSchema, GetLabelSchema, GetMergeRequestApprovalStateSchema, GetMergeRequestConflictsSchema, GetMergeRequestDiffsSchema, GetMergeRequestFileDiffSchema, GetMergeRequestNoteSchema, GetMergeRequestNotesSchema, GetMergeRequestSchema, GetMergeRequestVersionSchema, GetMilestoneBurndownEventsSchema, GetMilestoneIssuesSchema, GetMilestoneMergeRequestsSchema, GetNamespaceSchema, GetPipelineJobOutputSchema, GetPipelineSchema, GetProjectEventsSchema, GetProjectMilestoneSchema, GetProjectSchema, GetReleaseSchema, GetRepositoryTreeSchema, GetTagSchema, GetTagSignatureSchema, GetTimelineEventsSchema, GetUsersSchema, GetUserSchema, WhoAmISchema, GetWebhookEventSchema, GetWikiPageSchema, GetWorkItemSchema, ListBranchesSchema, ListCommitsSchema, ListCommitStatusesSchema, ListCustomFieldDefinitionsSchema, ListDeploymentsSchema, ListDraftNotesSchema, ListEnvironmentsSchema, ListEventsSchema, ListGroupIterationsSchema, ListGroupProjectsSchema, ListGroupWikiPagesSchema, ListIssueDiscussionsSchema, ListIssueLinksSchema, ListIssuesSchema, ListJobArtifactsSchema, ListLabelsSchema, ListMergeRequestChangedFilesSchema, ListMergeRequestDiffsSchema, ListMergeRequestDiscussionsSchema, ListMergeRequestPipelinesSchema, ListMergeRequestVersionsSchema, ListMergeRequestsSchema, ListNamespacesSchema, ListPipelineJobsSchema, ListPipelineTriggerJobsSchema, ValidateCiLintSchema, ValidateProjectCiLintSchema, ListPipelinesSchema, ListProjectMembersSchema, ListProjectMilestonesSchema, ListProjectsSchema, ListReleasesSchema, ListTagsSchema, ListWebhookEventsSchema, ListWebhooksSchema, ListWikiPagesSchema, ListWorkItemNotesSchema, ListWorkItemStatusesSchema, ListWorkItemsSchema, MarkdownUploadSchema, MergeMergeRequestSchema, MoveWorkItemSchema, MyIssuesSchema, PlayPipelineJobSchema, PromoteProjectMilestoneSchema, PublishDraftNoteSchema, PushFilesSchema, ResolveMergeRequestThreadSchema, RetryPipelineJobSchema, RetryPipelineSchema, SearchCodeSchema, SearchGroupCodeSchema, SearchProjectCodeSchema, SearchRepositoriesSchema, UnapproveMergeRequestSchema, UpdateDraftNoteSchema, UpdateGroupWikiPageSchema, UpdateIssueNoteSchema, UpdateIssueSchema, UpdateIssueDescriptionPatchSchema, UpdateLabelSchema, UpdateMergeRequestDiscussionNoteSchema, UpdateMergeRequestNoteSchema, UpdateMergeRequestSchema, UpdateReleaseSchema, UpdateWikiPageSchema, UpdateWorkItemSchema, VerifyNamespaceSchema, } from "../schemas.js";
+import { ApproveMergeRequestSchema, BulkPublishDraftNotesSchema, CancelPipelineJobSchema, CancelPipelineSchema, ConvertWorkItemTypeSchema, CreateBranchSchema, CreateDraftNoteSchema, CreateGroupSchema, CreateGroupWikiPageSchema, CreateIssueLinkSchema, CreateIssueNoteSchema, CreateIssueSchema, CreateIssueEmojiReactionSchema, CreateIssueNoteEmojiReactionSchema, ListIssueEmojiReactionsSchema, ListIssueNoteEmojiReactionsSchema, CreateLabelSchema, MarkAllTodosDoneSchema, ListTodosSchema, MarkTodoDoneSchema, CreateMergeRequestDiscussionNoteSchema, CreateMergeRequestEmojiReactionSchema, ListMergeRequestEmojiReactionsSchema, ListMergeRequestNoteEmojiReactionsSchema, CreateMergeRequestNoteSchema, CreateMergeRequestNoteEmojiReactionSchema, CreateMergeRequestSchema, CreateMergeRequestThreadSchema, CreateNoteSchema, CreateCommitStatusSchema, CreateOrUpdateFileSchema, CreatePipelineSchema, CreateProjectMilestoneSchema, CreateReleaseEvidenceSchema, CreateReleaseSchema, CreateRepositorySchema, CreateTagSchema, CreateTimelineEventSchema, CreateWikiPageSchema, CreateWorkItemNoteSchema, CreateWorkItemEmojiReactionSchema, CreateWorkItemNoteEmojiReactionSchema, ListWorkItemEmojiReactionsSchema, ListWorkItemNoteEmojiReactionsSchema, CreateWorkItemSchema, DeleteBranchSchema, DeleteDraftNoteSchema, DeleteGroupWikiPageSchema, DeleteIssueLinkSchema, DeleteIssueSchema, DeleteIssueEmojiReactionSchema, DeleteIssueNoteEmojiReactionSchema, DeleteLabelSchema, DeleteMergeRequestDiscussionNoteSchema, DeleteMergeRequestNoteSchema, DeleteMergeRequestEmojiReactionSchema, DeleteMergeRequestNoteEmojiReactionSchema, DeleteProjectMilestoneSchema, DeleteReleaseSchema, DeleteTagSchema, DeleteWikiPageSchema, DeleteWorkItemEmojiReactionSchema, DeleteWorkItemNoteEmojiReactionSchema, DownloadAttachmentSchema, DownloadJobArtifactsSchema, DownloadReleaseAssetSchema, EditProjectMilestoneSchema, ExecuteGraphQLSchema, ForkRepositorySchema, HealthCheckSchema, GetBranchSchema, GetBranchDiffsSchema, GetCommitDiffSchema, GetCommitSchema, GetFileBlameSchema, GetDeploymentSchema, GetDraftNoteSchema, GetEnvironmentSchema, GetFileContentsSchema, GetGroupWikiPageSchema, GetIssueLinkSchema, GetIssueSchema, GetJobArtifactFileSchema, GetLabelSchema, GetMergeRequestApprovalStateSchema, GetMergeRequestConflictsSchema, GetMergeRequestDiffsSchema, GetMergeRequestFileDiffSchema, GetMergeRequestNoteSchema, GetMergeRequestNotesSchema, GetMergeRequestSchema, GetMergeRequestVersionSchema, GetMilestoneBurndownEventsSchema, GetMilestoneIssuesSchema, GetMilestoneMergeRequestsSchema, GetNamespaceSchema, GetPipelineJobOutputSchema, GetPipelineSchema, GetProjectEventsSchema, GetProjectMilestoneSchema, GetProjectSchema, GetReleaseSchema, GetRepositoryTreeSchema, GetTagSchema, GetTagSignatureSchema, GetTimelineEventsSchema, GetUsersSchema, GetUserSchema, WhoAmISchema, GetWebhookEventSchema, GetWikiPageSchema, GetWorkItemSchema, ListBranchesSchema, ListCommitsSchema, ListCommitStatusesSchema, ListCustomFieldDefinitionsSchema, ListDeploymentsSchema, ListDraftNotesSchema, ListEnvironmentsSchema, ListEventsSchema, ListGroupIterationsSchema, ListGroupProjectsSchema, ListGroupWikiPagesSchema, ListIssueDiscussionsSchema, ListIssueLinksSchema, ListIssuesSchema, ListJobArtifactsSchema, ListLabelsSchema, ListMergeRequestChangedFilesSchema, ListMergeRequestDiffsSchema, ListMergeRequestDiscussionsSchema, ListMergeRequestPipelinesSchema, ListMergeRequestVersionsSchema, ListMergeRequestsSchema, ListNamespacesSchema, ListPipelineJobsSchema, ListPipelineTriggerJobsSchema, ValidateCiLintSchema, ValidateProjectCiLintSchema, ListPipelinesSchema, ListProjectMembersSchema, ListProjectMilestonesSchema, ListProjectsSchema, ListReleasesSchema, ListTagsSchema, ListWebhookEventsSchema, ListWebhooksSchema, ListWikiPagesSchema, ListWorkItemNotesSchema, ListWorkItemStatusesSchema, ListWorkItemsSchema, MarkdownUploadSchema, MergeMergeRequestSchema, MoveWorkItemSchema, MyIssuesSchema, PlayPipelineJobSchema, PromoteProjectMilestoneSchema, PublishDraftNoteSchema, PushFilesSchema, ResolveMergeRequestThreadSchema, RetryPipelineJobSchema, RetryPipelineSchema, SearchCodeSchema, SearchGroupCodeSchema, SearchProjectCodeSchema, SearchRepositoriesSchema, UnapproveMergeRequestSchema, UpdateDraftNoteSchema, UpdateGroupWikiPageSchema, UpdateIssueNoteSchema, UpdateIssueSchema, UpdateIssueDescriptionPatchSchema, UpdateLabelSchema, UpdateMergeRequestDiscussionNoteSchema, UpdateMergeRequestNoteSchema, UpdateMergeRequestSchema, UpdateReleaseSchema, UpdateWikiPageSchema, UpdateWorkItemSchema, VerifyNamespaceSchema, } from "../schemas.js";
 // Define all available tools
 export const allTools = [
     {
@@ -54,6 +54,11 @@ export const allTools = [
         description: "Create a new GitLab project",
         inputSchema: toJSONSchema(CreateRepositorySchema),
     },
+    {
+        name: "create_group",
+        description: "Create new group or subgroup",
+        inputSchema: toJSONSchema(CreateGroupSchema),
+    },
     {
         name: "get_file_contents",
         description: "Get contents of a file or directory from a GitLab project",
@@ -385,12 +390,12 @@ export const allTools = [
     },
     {
         name: "list_namespaces",
-        description: "List all namespaces available to the current user",
+        description: "List all namespaces (users and groups) available to the current user. Filter by kind='group' for groups only.",
         inputSchema: toJSONSchema(ListNamespacesSchema),
     },
     {
         name: "get_namespace",
-        description: "Get details of a namespace by ID or path",
+        description: "Get details of a namespace (user or group) by ID or path. Groups are namespaces with kind='group'.",
         inputSchema: toJSONSchema(GetNamespaceSchema),
     },
     {
@@ -683,6 +688,11 @@ export const allTools = [
         description: "Get changes/diffs of a specific commit",
         inputSchema: toJSONSchema(GetCommitDiffSchema),
     },
+    {
+        name: "get_file_blame",
+        description: "Get git blame for a file at a given ref. Each entry maps a contiguous range of source lines to the commit that last changed them (id, author, authored_date, message). Use range_start/range_end to limit blame to specific lines.",
+        inputSchema: toJSONSchema(GetFileBlameSchema),
+    },
     {
         name: "list_commit_statuses",
         description: "List statuses for a commit",
@@ -995,6 +1005,7 @@ export const readOnlyTools = new Set([
     "list_commits",
     "get_commit",
     "get_commit_diff",
+    "get_file_blame",
     "list_commit_statuses",
     "list_group_iterations",
     "get_group_iteration",
@@ -1203,6 +1214,7 @@ export const TOOLSET_DEFINITIONS = [
             "list_commits",
             "get_commit",
             "get_commit_diff",
+            "get_file_blame",
             "list_commit_statuses",
             "create_commit_status",
         ]),
@@ -1238,6 +1250,11 @@ export const TOOLSET_DEFINITIONS = [
         isDefault: true,
         tools: new Set(["validate_ci_lint", "validate_project_ci_lint"]),
     },
+    {
+        id: "groups",
+        isDefault: true,
+        tools: new Set(["create_group"]),
+    },
     {
         id: "pipelines",
         isDefault: false,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@zereight/mcp-gitlab",
-  "version": "2.1.12",
+  "version": "2.1.13",
   "mcpName": "io.github.zereight/gitlab-mcp",
   "description": "GitLab MCP server for projects, merge requests, issues, pipelines, wiki, releases, and more",
   "keywords": [
@@ -51,7 +51,7 @@
     "changelog": "auto-changelog -p",
     "test": "npm run test:all",
     "test:all": "npm run build && npm run test:mock && npm run test:live",
-    "test:mock": "node --import tsx/esm --test test/remote-auth-simple-test.ts && node --import tsx/esm --test test/mcp-oauth-tests.ts && node --import tsx/esm --test test/streamable-http-static-token-auth.test.ts && tsx test/oauth-tests.ts && tsx test/test-list-merge-requests.ts && node --import tsx/esm --test test/test-merge-request-pipelines.ts && tsx test/test-list-project-members.ts && tsx test/test-download-attachment.ts && node --import tsx/esm --test test/test-job-artifacts.ts && node --import tsx/esm --test test/test-deployment-tools.ts && node --import tsx/esm --test test/test-merge-request-approval-state-tools.ts && node --import tsx/esm --test test/test-search-code.ts && node --import tsx/esm --test test/test-tags.ts && node --import tsx/esm --test test/test-toolset-filtering.ts && node --import tsx/esm --test test/test-ci-lint.ts && node --import tsx/esm --test test/test-todos.ts && node --import tsx/esm --test test/test-auth-retry.ts && node --import tsx/esm --test test/test-issue-description-patch.ts && node --import tsx/esm --test test/stateless/codec.test.ts test/stateless/client-id.test.ts test/stateless/callback-proxy.test.ts test/stateless/session-id.test.ts test/stateless/session-id-integration.test.ts test/stateless/config-ttl.test.ts",
+    "test:mock": "node --import tsx/esm --test test/remote-auth-simple-test.ts && node --import tsx/esm --test test/mcp-oauth-tests.ts && node --import tsx/esm --test test/streamable-http-static-token-auth.test.ts && tsx test/oauth-tests.ts && tsx test/test-list-merge-requests.ts && node --import tsx/esm --test test/test-merge-request-pipelines.ts && tsx test/test-list-project-members.ts && tsx test/test-download-attachment.ts && node --import tsx/esm --test test/test-job-artifacts.ts && node --import tsx/esm --test test/test-deployment-tools.ts && node --import tsx/esm --test test/test-merge-request-approval-state-tools.ts && node --import tsx/esm --test test/test-search-code.ts && node --import tsx/esm --test test/test-tags.ts && node --import tsx/esm --test test/test-toolset-filtering.ts && node --import tsx/esm --test test/test-ci-lint.ts && node --import tsx/esm --test test/test-todos.ts && node --import tsx/esm --test test/test-auth-retry.ts && node --import tsx/esm --test test/test-issue-description-patch.ts && node --import tsx/esm --test test/test-geteffectiveprojectid.ts && node --import tsx/esm --test test/test-get-file-blame.ts && node --import tsx/esm --test test/stateless/codec.test.ts test/stateless/client-id.test.ts test/stateless/callback-proxy.test.ts test/stateless/session-id.test.ts test/stateless/session-id-integration.test.ts test/stateless/config-ttl.test.ts",
     "test:stateless": "npm run build && node --import tsx/esm --test test/stateless/codec.test.ts test/stateless/client-id.test.ts test/stateless/callback-proxy.test.ts test/stateless/session-id.test.ts test/stateless/session-id-integration.test.ts test/stateless/config-ttl.test.ts",
     "test:mcp-oauth": "npm run build && node --import tsx/esm --test test/mcp-oauth-tests.ts",
     "test:live": "node test/validate-api.js",