@zereight/mcp-gitlab 2.1.26 → 2.1.27

package/README.ko.md

@@ -238,6 +238,7 @@ MCP 클라이언트 설정:
 | `REMOTE_AUTHORIZATION`   | 예   | 활성화하려면 `true`                 |
 | `STREAMABLE_HTTP`        | 예   | 반드시 `true`                       |
 | `ENABLE_DYNAMIC_API_URL` | 선택 | 요청별 `X-GitLab-API-URL` 헤더 허용 |
+| `GITLAB_ALLOWED_HOSTS` | 선택 | 허용할 호스트의 쉼표 구분 목록; `GITLAB_API_URL` 호스트는 항상 허용 |
 
 **예시 요청 헤더:**
 

package/README.md

@@ -111,6 +111,7 @@ docker run -i --rm \
   -e USE_MILESTONE=true \
   -e USE_PIPELINE=true \
   -e SSE=true \
+  -e SSE_AUTH_TOKEN=your_mcp_sse_token \
   -p 3333:3002 \
   zereight050/gitlab-mcp
 ```
@@ -120,7 +121,10 @@ docker run -i --rm \
   "mcpServers": {
     "gitlab": {
       "type": "sse",
-      "url": "http://localhost:3333/sse"
+      "url": "http://localhost:3333/sse",
+      "headers": {
+        "Authorization": "Bearer your_mcp_sse_token"
+      }
     }
   }
 }
@@ -267,6 +271,7 @@ the token to GitLab on behalf of the caller.
 | `REMOTE_AUTHORIZATION`   | ✅       | Set to `true` to enable                                    |
 | `STREAMABLE_HTTP`        | ✅       | Must be `true`                                             |
 | `ENABLE_DYNAMIC_API_URL` | optional | Allow per-request GitLab URL via `X-GitLab-API-URL` header |
+| `GITLAB_ALLOWED_HOSTS` | optional | Comma-separated allowed `X-GitLab-API-URL` hosts; `GITLAB_API_URL` hosts are always allowed |
 | `GITLAB_ALLOW_UNAUTHENTICATED_TOOL_DISCOVERY` | optional | Allow unauthenticated `initialize`, `notifications/initialized`, and `tools/list` only (tool calls still require auth) |
 | `MCP_TRUST_PROXY`        | optional | Trust `Forwarded` / `X-Forwarded-*` headers behind a reverse proxy (download URLs, Express `req.ip`, OAuth rate limits) |
 

package/README.zh-CN.md

@@ -238,6 +238,7 @@ MCP 客户端配置：
 | `REMOTE_AUTHORIZATION`   | 是   | 设置为 `true` 以启用                                    |
 | `STREAMABLE_HTTP`        | 是   | 必须为 `true`                                           |
 | `ENABLE_DYNAMIC_API_URL` | 可选 | 允许按请求通过 `X-GitLab-API-URL` 请求头指定 GitLab URL |
+| `GITLAB_ALLOWED_HOSTS` | 可选 | 逗号分隔的允许主机；`GITLAB_API_URL` 中的主机始终允许 |
 
 **示例请求头：**
 

package/build/index.js

@@ -467,6 +467,14 @@ function createServer() {
 /**
  * Validate configuration at startup
  */
+function isLoopbackBindHost(host) {
+    const normalized = host.trim().toLowerCase().replace(/^\[|\]$/g, "");
+    const isIpv4Loopback = /^127(?:\.\d{1,3}){3}$/.test(normalized);
+    return (normalized === "localhost" ||
+        isIpv4Loopback ||
+        normalized === "::1" ||
+        normalized === "0:0:0:0:0:0:0:1");
+}
 function validateConfiguration() {
     const errors = [];
     // Validate SESSION_TIMEOUT_SECONDS
@@ -517,6 +525,12 @@ function validateConfiguration() {
             }
         }
     }
+    const allowedHosts = getConfig("allowed-hosts", "GITLAB_ALLOWED_HOSTS")?.split(",") || [];
+    for (const host of allowedHosts) {
+        if (host.trim() && !toAllowedGitLabApiUrl(host)) {
+            errors.push(`GITLAB_ALLOWED_HOSTS contains an invalid host or URL: ${host.trim()}`);
+        }
+    }
     // Validate auth configuration
     const remoteAuth = getConfig("remote-auth", "REMOTE_AUTHORIZATION") === "true";
     const useOAuth = getConfig("use-oauth", "GITLAB_USE_OAUTH") === "true";
@@ -526,12 +540,19 @@ function validateConfiguration() {
     const mcpOAuth = getConfig("mcp-oauth", "GITLAB_MCP_OAUTH") === "true";
     const mcpServerUrl = getConfig("mcp-server-url", "MCP_SERVER_URL");
     const streamableHttp = getConfig("streamable-http", "STREAMABLE_HTTP") === "true";
+    const sse = getConfig("sse", "SSE") === "true";
+    const bindHost = getConfig("host", "HOST") || "127.0.0.1";
+    const sseAuthToken = getConfig("sse-auth-token", "SSE_AUTH_TOKEN");
+    const allowUnauthenticatedRemoteSse = getConfig("sse-dangerously-allow-unauthenticated-remote", "SSE_DANGEROUSLY_ALLOW_UNAUTHENTICATED_REMOTE") === "true";
     if (!remoteAuth && !useOAuth && !hasToken && !hasJobToken && !hasCookie && !mcpOAuth) {
         errors.push("Either --token, --job-token, --cookie-path, --use-oauth=true, --remote-auth=true, or --mcp-oauth=true must be set (or use environment variables)");
     }
     if (streamableHttp && (hasToken || hasJobToken) && !remoteAuth && !mcpOAuth) {
         errors.push("STREAMABLE_HTTP=true/--streamable-http with GITLAB_PERSONAL_ACCESS_TOKEN/--token or GITLAB_JOB_TOKEN/--job-token requires REMOTE_AUTHORIZATION=true/--remote-auth=true or GITLAB_MCP_OAUTH=true/--mcp-oauth=true");
     }
+    if (sse && !isLoopbackBindHost(bindHost) && !sseAuthToken && !allowUnauthenticatedRemoteSse) {
+        errors.push("SSE=true on a non-loopback HOST requires SSE_AUTH_TOKEN (or explicitly set SSE_DANGEROUSLY_ALLOW_UNAUTHENTICATED_REMOTE=true)");
+    }
     if (mcpOAuth) {
         if (!mcpServerUrl) {
             errors.push("MCP_SERVER_URL is required when GITLAB_MCP_OAUTH=true (e.g. https://mcp.example.com)");
@@ -986,11 +1007,57 @@ if (GITLAB_TOOLSETS_RAW && (USE_PIPELINE || USE_MILESTONE || USE_GITLAB_WIKI)) {
         "Legacy flags add tools additively on top of the toolset selection and may produce unexpected results.");
 }
 const MERGE_REQUEST_DEPLOYMENT_SUMMARY_LIMIT = 10;
+function toAllowedGitLabApiUrl(value) {
+    const trimmed = value.trim();
+    if (!trimmed)
+        return null;
+    try {
+        const url = new URL(trimmed.includes("://") ? trimmed : `https://${trimmed}`);
+        if (url.protocol !== "http:" && url.protocol !== "https:")
+            return null;
+        return { host: url.host, apiUrl: normalizeGitLabApiUrl(url.toString()) };
+    }
+    catch {
+        return null;
+    }
+}
+function parseAllowedGitLabApiUrls(value) {
+    return value
+        .split(",")
+        .map(toAllowedGitLabApiUrl)
+        .filter((entry) => Boolean(entry));
+}
+function encodeGitLabPathSegment(value) {
+    return encodeURIComponent(decodeURIComponent(value));
+}
+function encodeGitLabPath(value) {
+    return value.split("/").map(encodeGitLabPathSegment).join("/");
+}
+function resolveTrustedGitLabApiUrl(value) {
+    const parsed = new URL(normalizeGitLabApiUrl(value));
+    if (parsed.protocol !== "http:" && parsed.protocol !== "https:") {
+        throw new Error("GitLab API URL must use HTTP or HTTPS");
+    }
+    const allowedApiUrl = GITLAB_ALLOWED_API_URLS_BY_HOST.get(parsed.host);
+    if (!allowedApiUrl) {
+        throw new Error(`GitLab API URL host is not allowed: ${parsed.host}`);
+    }
+    return allowedApiUrl;
+}
 // Use the normalizeGitLabApiUrl function to handle various URL formats
 const GITLAB_API_URLS = (getConfig("api-url", "GITLAB_API_URL") || "https://gitlab.com")
     .split(",")
     .map(normalizeGitLabApiUrl);
 const GITLAB_API_URL = GITLAB_API_URLS[0];
+const GITLAB_ALLOWED_API_URLS_BY_HOST = new Map();
+for (const { host, apiUrl } of [
+    ...GITLAB_API_URLS.map(toAllowedGitLabApiUrl).filter((entry) => Boolean(entry)),
+    ...parseAllowedGitLabApiUrls(getConfig("allowed-hosts", "GITLAB_ALLOWED_HOSTS") || ""),
+]) {
+    if (!GITLAB_ALLOWED_API_URLS_BY_HOST.has(host)) {
+        GITLAB_ALLOWED_API_URLS_BY_HOST.set(host, apiUrl);
+    }
+}
 const GITLAB_PROJECT_ID = process.env.GITLAB_PROJECT_ID;
 const GITLAB_ALLOWED_PROJECT_IDS = process.env.GITLAB_ALLOWED_PROJECT_IDS?.split(",")
     .map(id => id.trim())
@@ -8844,18 +8911,15 @@ function registerDownloadProxy(app, maxRequestsPerMinute = Number.parseInt(proce
             return;
         }
         // API URL: prefer token-embedded URL, then X-GitLab-API-URL header, then default
-        let apiUrl = tokenApiUrl || GITLAB_API_URL;
-        if (!tokenApiUrl) {
-            const dynamicApiUrl = req.headers["x-gitlab-api-url"]?.trim();
-            if (ENABLE_DYNAMIC_API_URL && dynamicApiUrl) {
-                try {
-                    new URL(dynamicApiUrl);
-                    apiUrl = normalizeGitLabApiUrl(dynamicApiUrl);
-                }
-                catch {
-                    res.status(400).json({ error: "Invalid X-GitLab-API-URL" });
-                    return;
-                }
+        let apiUrl = GITLAB_API_URL;
+        const requestedApiUrl = tokenApiUrl || req.headers["x-gitlab-api-url"]?.trim();
+        if (ENABLE_DYNAMIC_API_URL && requestedApiUrl) {
+            try {
+                apiUrl = resolveTrustedGitLabApiUrl(requestedApiUrl);
+            }
+            catch {
+                res.status(400).json({ error: "Invalid X-GitLab-API-URL" });
+                return;
             }
         }
         const { type } = req.params;
@@ -8869,7 +8933,7 @@ function registerDownloadProxy(app, maxRequestsPerMinute = Number.parseInt(proce
                         return;
                     }
                     const effectiveProjectId = getEffectiveProjectId(decodeURIComponent(project_id));
-                    gitlabUrl = `${apiUrl}/projects/${encodeURIComponent(effectiveProjectId)}/jobs/${job_id}/artifacts`;
+                    gitlabUrl = `${apiUrl}/projects/${encodeURIComponent(effectiveProjectId)}/jobs/${encodeGitLabPathSegment(job_id)}/artifacts`;
                     break;
                 }
                 case "attachment": {
@@ -8879,7 +8943,7 @@ function registerDownloadProxy(app, maxRequestsPerMinute = Number.parseInt(proce
                         return;
                     }
                     const effectiveProjectId = getEffectiveProjectId(decodeURIComponent(project_id));
-                    gitlabUrl = `${apiUrl}/projects/${encodeURIComponent(effectiveProjectId)}/uploads/${secret}/${filename}`;
+                    gitlabUrl = `${apiUrl}/projects/${encodeURIComponent(effectiveProjectId)}/uploads/${encodeGitLabPathSegment(secret)}/${encodeGitLabPath(filename)}`;
                     break;
                 }
                 case "release-asset": {
@@ -8891,7 +8955,7 @@ function registerDownloadProxy(app, maxRequestsPerMinute = Number.parseInt(proce
                         return;
                     }
                     const effectiveProjectId = getEffectiveProjectId(decodeURIComponent(project_id));
-                    gitlabUrl = `${apiUrl}/projects/${encodeURIComponent(effectiveProjectId)}/releases/${encodeURIComponent(tag_name)}/downloads/${direct_asset_path}`;
+                    gitlabUrl = `${apiUrl}/projects/${encodeURIComponent(effectiveProjectId)}/releases/${encodeURIComponent(tag_name)}/downloads/${encodeGitLabPath(direct_asset_path)}`;
                     break;
                 }
                 default:
@@ -8943,12 +9007,21 @@ function registerDownloadProxy(app, maxRequestsPerMinute = Number.parseInt(proce
  */
 async function startSSEServer() {
     const app = express();
+    const sseAuthToken = getConfig("sse-auth-token", "SSE_AUTH_TOKEN");
     if (MCP_TRUST_PROXY) {
         app.set("trust proxy", 1);
     }
+    const requireSseAuth = (req, res, next) => {
+        if (!sseAuthToken)
+            return next();
+        const match = /^Bearer\s+(\S+)$/i.exec(req.headers.authorization || "");
+        if (match?.[1] === sseAuthToken)
+            return next();
+        res.status(401).json({ error: "SSE authentication required" });
+    };
     const transports = {};
     let shuttingDown = false;
-    app.get("/sse", async (_, res) => {
+    app.get("/sse", requireSseAuth, async (_, res) => {
         const serverInstance = createServer();
         const transport = new SSEServerTransport("/messages", res);
         transports[transport.sessionId] = transport;
@@ -8957,7 +9030,7 @@ async function startSSEServer() {
         });
         await serverInstance.connect(transport);
     });
-    app.post("/messages", async (req, res) => {
+    app.post("/messages", requireSseAuth, async (req, res) => {
         const sessionId = req.query.sessionId;
         const transport = transports[sessionId];
         if (transport) {
@@ -9081,12 +9154,11 @@ async function startStreamableHTTPServer() {
         // Only process dynamic URL if the feature is enabled
         if (ENABLE_DYNAMIC_API_URL && dynamicApiUrl) {
             try {
-                new URL(dynamicApiUrl); // Ensure it's a valid URL format
-                apiUrl = normalizeGitLabApiUrl(dynamicApiUrl);
+                apiUrl = resolveTrustedGitLabApiUrl(dynamicApiUrl);
             }
             catch {
                 logger.warn(`Invalid X-GitLab-API-URL provided: ${dynamicApiUrl}. Auth will fail.`);
-                return null; // Reject if URL is malformed
+                return null; // Reject if URL is malformed or not allowed
             }
         }
         // Extract token — priority: Private-Token > JOB-TOKEN > Authorization Bearer

package/build/test/dynamic-api-url-allowlist.test.js

@@ -0,0 +1,104 @@
+import { after, before, describe, test } from "node:test";
+import assert from "node:assert";
+import { createServer } from "node:http";
+import { cleanupServers, findAvailablePort, HOST, launchServer, TransportMode, } from "./utils/server-launcher.js";
+import { MockGitLabServer, findMockServerPort } from "./utils/mock-gitlab-server.js";
+import { CustomHeaderClient } from "./clients/custom-header-client.js";
+const MOCK_TOKEN = "glpat-dynamic-url-token";
+async function startAttackerServer(port) {
+    let hits = 0;
+    const server = createServer((_req, res) => {
+        hits++;
+        res.writeHead(200, { "content-type": "application/json" });
+        res.end("[]");
+    });
+    await new Promise((resolve, reject) => {
+        server.once("error", reject);
+        server.listen(port, HOST, () => {
+            server.off("error", reject);
+            resolve();
+        });
+    });
+    return { server, getHits: () => hits };
+}
+describe("Dynamic API URL allowlist", () => {
+    let primaryGitLab;
+    let secondaryGitLab;
+    let attackerServer;
+    let mcpServer;
+    let mcpUrl;
+    let secondaryHit = false;
+    let getAttackerHits = () => 0;
+    before(async () => {
+        const primaryPort = await findMockServerPort(9100);
+        primaryGitLab = new MockGitLabServer({ port: primaryPort, validTokens: [MOCK_TOKEN] });
+        await primaryGitLab.start();
+        const secondaryPort = await findMockServerPort(9200);
+        secondaryGitLab = new MockGitLabServer({ port: secondaryPort, validTokens: [MOCK_TOKEN] });
+        secondaryGitLab.addMockHandler("get", "/projects/1/issues", (_req, res) => {
+            secondaryHit = true;
+            res.json([]);
+        });
+        await secondaryGitLab.start();
+        const attackerPort = await findAvailablePort(9300);
+        const attacker = await startAttackerServer(attackerPort);
+        attackerServer = attacker.server;
+        getAttackerHits = attacker.getHits;
+        const mcpPort = await findAvailablePort(3100);
+        mcpServer = await launchServer({
+            mode: TransportMode.STREAMABLE_HTTP,
+            port: mcpPort,
+            timeout: 5000,
+            env: {
+                STREAMABLE_HTTP: "true",
+                REMOTE_AUTHORIZATION: "true",
+                ENABLE_DYNAMIC_API_URL: "true",
+                GITLAB_API_URL: `${primaryGitLab.getUrl()}/api/v4`,
+                GITLAB_ALLOWED_HOSTS: `${secondaryGitLab.getUrl()}/api/v4`,
+            },
+        });
+        mcpUrl = `http://${HOST}:${mcpPort}/mcp`;
+    });
+    after(async () => {
+        if (mcpServer)
+            cleanupServers([mcpServer]);
+        await primaryGitLab?.stop();
+        await secondaryGitLab?.stop();
+        const server = attackerServer;
+        if (server)
+            await new Promise(resolve => server.close(() => resolve()));
+    });
+    test("allows dynamic API URLs on configured hosts", async () => {
+        const client = new CustomHeaderClient({
+            authorization: `Bearer ${MOCK_TOKEN}`,
+            "x-gitlab-api-url": `${secondaryGitLab.getUrl()}/api/v4`,
+        });
+        await client.connect(mcpUrl);
+        await client.callTool("list_issues", { project_id: "1" });
+        await client.disconnect();
+        assert.strictEqual(secondaryHit, true, "allowed dynamic host should receive GitLab calls");
+    });
+    test("rejects dynamic API URLs on unconfigured hosts before forwarding tokens", async () => {
+        const server = attackerServer;
+        assert.ok(server, "attacker server should be running");
+        const attackerUrl = `http://${HOST}:${server.address().port}/api/v4`;
+        const client = new CustomHeaderClient({
+            authorization: `Bearer ${MOCK_TOKEN}`,
+            "x-gitlab-api-url": attackerUrl,
+        });
+        let connected = false;
+        try {
+            await client.connect(mcpUrl);
+            connected = true;
+            await client.callTool("list_issues", { project_id: "1" });
+        }
+        catch {
+            // Expected: the session is rejected before any GitLab API request is made.
+        }
+        finally {
+            await client.disconnect();
+        }
+        assert.strictEqual(connected, false, "untrusted dynamic host should not initialize a session");
+        assert.strictEqual(getAttackerHits(), 0, "token-bearing requests must not reach untrusted hosts");
+    });
+});

package/build/test/sse-auth-guard.test.js

@@ -0,0 +1,96 @@
+import assert from "node:assert/strict";
+import { spawn } from "node:child_process";
+import { once } from "node:events";
+import { afterEach, describe, test } from "node:test";
+import * as path from "node:path";
+import { findAvailablePort } from "./utils/server-launcher.js";
+const ERROR_MESSAGE = "SSE=true on a non-loopback HOST requires SSE_AUTH_TOKEN (or explicitly set SSE_DANGEROUSLY_ALLOW_UNAUTHENTICATED_REMOTE=true)";
+const LOOPBACK = "127.0.0.1";
+const SERVER_PATH = path.resolve(process.cwd(), "build/index.js");
+const running = new Set();
+function startSseServer(env, port) {
+    const child = spawn("node", [SERVER_PATH], {
+        env: {
+            ...process.env,
+            GITLAB_API_URL: "https://gitlab.example.com/api/v4",
+            HOST: "0.0.0.0",
+            PORT: String(port),
+            SSE: "true",
+            STREAMABLE_HTTP: "false",
+            REMOTE_AUTHORIZATION: "false",
+            GITLAB_MCP_OAUTH: "false",
+            GITLAB_USE_OAUTH: "false",
+            GITLAB_PERSONAL_ACCESS_TOKEN: "glpat_test",
+            GITLAB_JOB_TOKEN: "",
+            GITLAB_AUTH_COOKIE_PATH: "",
+            ...env,
+        },
+        stdio: ["ignore", "pipe", "pipe"],
+    });
+    running.add(child);
+    child.once("exit", () => running.delete(child));
+    return child;
+}
+async function waitForExit(child, timeoutMs = 5000) {
+    let output = "";
+    child.stdout?.on("data", chunk => {
+        output += chunk.toString();
+    });
+    child.stderr?.on("data", chunk => {
+        output += chunk.toString();
+    });
+    let timeoutHandle;
+    const timeout = new Promise((_, reject) => {
+        timeoutHandle = setTimeout(() => reject(new Error(`server did not exit within ${timeoutMs}ms`)), timeoutMs);
+    });
+    try {
+        const [code] = (await Promise.race([once(child, "exit"), timeout]));
+        return { code, output };
+    }
+    finally {
+        clearTimeout(timeoutHandle);
+    }
+}
+async function waitForHealth(port, timeoutMs = 5000) {
+    const deadline = Date.now() + timeoutMs;
+    let lastError;
+    while (Date.now() < deadline) {
+        try {
+            const response = await fetch(`http://${LOOPBACK}:${port}/health`);
+            if (response.ok)
+                return;
+        }
+        catch (error) {
+            lastError = error;
+        }
+        await new Promise(resolve => setTimeout(resolve, 100));
+    }
+    throw new Error(`server did not become healthy: ${String(lastError)}`);
+}
+afterEach(() => {
+    for (const child of running) {
+        if (!child.killed)
+            child.kill("SIGTERM");
+    }
+    running.clear();
+});
+describe("SSE remote auth guard", () => {
+    test("refuses unauthenticated SSE on non-loopback hosts", async () => {
+        const port = await findAvailablePort(4400);
+        const child = startSseServer({}, port);
+        const { code, output } = await waitForExit(child);
+        assert.notEqual(code, 0);
+        assert.match(output, new RegExp(ERROR_MESSAGE.replace(/[.*+?^${}()|[\]\\]/g, "\\$&")));
+    });
+    test("requires bearer auth on SSE endpoints when SSE_AUTH_TOKEN is configured", async () => {
+        const port = await findAvailablePort(4410);
+        startSseServer({ SSE_AUTH_TOKEN: "mcp_sse_secret" }, port);
+        await waitForHealth(port);
+        const sseResponse = await fetch(`http://${LOOPBACK}:${port}/sse`);
+        assert.equal(sseResponse.status, 401);
+        const unauthenticatedMessage = await fetch(`http://${LOOPBACK}:${port}/messages?sessionId=missing`, { method: "POST" });
+        assert.equal(unauthenticatedMessage.status, 401);
+        const authenticatedMessage = await fetch(`http://${LOOPBACK}:${port}/messages?sessionId=missing`, { method: "POST", headers: { Authorization: "Bearer mcp_sse_secret" } });
+        assert.equal(authenticatedMessage.status, 400);
+    });
+});

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@zereight/mcp-gitlab",
-  "version": "2.1.26",
+  "version": "2.1.27",
   "mcpName": "io.github.zereight/gitlab-mcp",
   "description": "GitLab MCP server for projects, merge requests, issues, pipelines, wiki, releases, and more",
   "keywords": [
@@ -51,7 +51,7 @@
     "changelog": "auto-changelog -p",
     "test": "npm run test:all",
     "test:all": "npm run build && npm run test:mock && npm run test:live",
-    "test:mock": "node --import tsx/esm --test test/remote-auth-simple-test.ts && node --import tsx/esm --test test/mcp-oauth-tests.ts && node --import tsx/esm --test test/test-oauth-proxy-rate-limit.ts && node --import tsx/esm --test test/streamable-http-static-token-auth.test.ts && node --import tsx/esm --test test/streamable-http-concurrent-session.test.ts && node --import tsx/esm --test test/streamable-http-unauthenticated-discovery.test.ts && tsx test/oauth-tests.ts && tsx test/test-list-merge-requests.ts && tsx test/test-list-issues.ts && node --import tsx/esm --test test/test-create-repository.ts && node --import tsx/esm --test test/test-update-project.ts && node --import tsx/esm --test test/test-merge-request-pipelines.ts && tsx test/test-list-project-members.ts && tsx test/test-download-attachment.ts && node --import tsx/esm --test test/test-upload-markdown.ts && node --import tsx/esm --test test/test-job-artifacts.ts && node --import tsx/esm --test test/test-remote-downloads.ts && node --import tsx/esm --test test/test-deployment-tools.ts && node --import tsx/esm --test test/test-merge-request-approval-state-tools.ts && node --import tsx/esm --test test/test-search-code.ts && node --import tsx/esm --test test/test-tags.ts && node --import tsx/esm --test test/test-protected-branches.ts && node --import tsx/esm --test test/test-toolset-filtering.ts && node --import tsx/esm --test test/test-ci-lint.ts && node --import tsx/esm --test test/test-ci-catalog.ts && node --import tsx/esm --test test/test-todos.ts && node --import tsx/esm --test test/test-auth-retry.ts && node --import tsx/esm --test test/test-issue-description-patch.ts && node --import tsx/esm --test test/test-geteffectiveprojectid.ts && node --import tsx/esm --test test/test-get-file-blame.ts && node --import tsx/esm --test test/stateless/codec.test.ts test/stateless/client-id.test.ts test/stateless/callback-proxy.test.ts test/stateless/session-id.test.ts test/stateless/session-id-integration.test.ts test/stateless/config-ttl.test.ts && node --import tsx/esm --test test/utils/tool-args.test.ts && node --import tsx/esm --test test/utils/proxy-client-ip.test.ts && node --import tsx/esm --test test/utils/forwarded-public-base-url.test.ts && node --import tsx/esm --test test/utils/graphql-query.test.ts && node --import tsx/esm --test test/utils/wiki-title.test.ts && node --import tsx/esm --test test/utils/merge-request-position.test.ts && node --import tsx/esm --test test/nullish-tool-arguments-schema.test.ts && node --import tsx/esm --test test/test-ci-variables.ts && node --import tsx/esm --test test/test-dependency-proxy.ts",
+    "test:mock": "node --import tsx/esm --test test/remote-auth-simple-test.ts && node --import tsx/esm --test test/dynamic-api-url-allowlist.test.ts && node --import tsx/esm --test test/mcp-oauth-tests.ts && node --import tsx/esm --test test/test-oauth-proxy-rate-limit.ts && node --import tsx/esm --test test/streamable-http-static-token-auth.test.ts && node --import tsx/esm --test test/sse-auth-guard.test.ts && node --import tsx/esm --test test/streamable-http-concurrent-session.test.ts && node --import tsx/esm --test test/streamable-http-unauthenticated-discovery.test.ts && tsx test/oauth-tests.ts && tsx test/test-list-merge-requests.ts && tsx test/test-list-issues.ts && node --import tsx/esm --test test/test-create-repository.ts && node --import tsx/esm --test test/test-update-project.ts && node --import tsx/esm --test test/test-merge-request-pipelines.ts && tsx test/test-list-project-members.ts && tsx test/test-download-attachment.ts && node --import tsx/esm --test test/test-upload-markdown.ts && node --import tsx/esm --test test/test-job-artifacts.ts && node --import tsx/esm --test test/test-remote-downloads.ts && node --import tsx/esm --test test/test-deployment-tools.ts && node --import tsx/esm --test test/test-merge-request-approval-state-tools.ts && node --import tsx/esm --test test/test-search-code.ts && node --import tsx/esm --test test/test-tags.ts && node --import tsx/esm --test test/test-protected-branches.ts && node --import tsx/esm --test test/test-toolset-filtering.ts && node --import tsx/esm --test test/test-ci-lint.ts && node --import tsx/esm --test test/test-ci-catalog.ts && node --import tsx/esm --test test/test-todos.ts && node --import tsx/esm --test test/test-auth-retry.ts && node --import tsx/esm --test test/test-issue-description-patch.ts && node --import tsx/esm --test test/test-geteffectiveprojectid.ts && node --import tsx/esm --test test/test-get-file-blame.ts && node --import tsx/esm --test test/stateless/codec.test.ts test/stateless/client-id.test.ts test/stateless/callback-proxy.test.ts test/stateless/session-id.test.ts test/stateless/session-id-integration.test.ts test/stateless/config-ttl.test.ts && node --import tsx/esm --test test/utils/tool-args.test.ts && node --import tsx/esm --test test/utils/proxy-client-ip.test.ts && node --import tsx/esm --test test/utils/forwarded-public-base-url.test.ts && node --import tsx/esm --test test/utils/graphql-query.test.ts && node --import tsx/esm --test test/utils/wiki-title.test.ts && node --import tsx/esm --test test/utils/merge-request-position.test.ts && node --import tsx/esm --test test/nullish-tool-arguments-schema.test.ts && node --import tsx/esm --test test/test-ci-variables.ts && node --import tsx/esm --test test/test-dependency-proxy.ts",
     "test:stateless": "npm run build && node --import tsx/esm --test test/stateless/codec.test.ts test/stateless/client-id.test.ts test/stateless/callback-proxy.test.ts test/stateless/session-id.test.ts test/stateless/session-id-integration.test.ts test/stateless/config-ttl.test.ts",
     "test:mcp-oauth": "npm run build && node --import tsx/esm --test test/mcp-oauth-tests.ts",
     "test:live": "node test/validate-api.js",