github taylorwilsdon/google_workspace_mcp v1.20.4
on GitHub

3 hours ago

What's Changed

  • API reliability and testing improvements - Added configurable API retry logic for Drive/Docs/Gmail write operations,
    included driveId field in detailed file listings, enhanced import_to_google_doc to accept file_path for batch operations, and
    expanded Drive tools test coverage by @taylorwilsdon in #742
  • Security fix: GitHub Actions workflow vulnerability - Split ruff workflow into separate validation and autofix jobs,
    preventing fork PRs from executing arbitrary code with write permissions (CWE-77) by @taylorwilsdon in
    #747
  • Security fix: GitHub Actions workflow vulnerability - Prevented fork PR code execution in ruff workflow by removing
    attacker-controlled repository checkout and restricting write permissions (CWE-77) by @sebastiondev in
    #746
  • Per-request impersonation for service accounts - Added DWD_ALLOW_REQUEST_IMPERSONATION option enabling domain-wide
    delegation to impersonate different users per tool call instead of a single static user, with optional domain allowlist via
    DWD_ALLOWED_DOMAINS by @taylorwilsdon in #749
  • Configuration and scope handling fixes - Fixed limited tools configuration and improved OAuth scope management for custom
    tool subsets by @taylorwilsdon in #748
  • Shared Drives enumeration - Added list_shared_drives tool to enumerate accessible shared drives with metadata
    (capabilities, restrictions, creation time) and optional organizer listing via include_organizers parameter by @lacotousek in
    #751
  • Apps Script execution scopes - Added required Apps Script API scopes to enable script execution functionality by
    @taylorwilsdon in #757
  • Slides API validation - Added preflight validator for batch_update_presentation that detects and prevents invalid
    insertText operations targeting slide/page objects instead of text-capable shapes or table cells by @taylorwilsdon in
    #760
  • OAuth callback resilience - Added missing state parameter fallback for single-user stdio OAuth callbacks, recovering PKCE
    verifiers from recently stored states when Google omits the state parameter by @taylorwilsdon in
    #762
  • Slides validation refactoring - Extracted batch update validation logic into slides_helpers module with comprehensive
    request type checking, improving maintainability and test coverage by @taylorwilsdon in
    #770

New Contributors

Full Changelog: v1.20.3...v1.20.4

Check out latest releases or
releases around taylorwilsdon/google_workspace_mcp v1.20.4

Don't miss a new google_workspace_mcp release

NewReleases is sending notifications on new releases.

Get notifications