mirror of
https://github.com/googleapis/genai-toolbox.git
synced 2026-01-09 07:28:05 -05:00
integration-test
591 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Wenxin Du
|
9c62f313ff |
feat: Add embeddingModel support (#2121)
First part of the implementation to support semantic search in tools. Second part: https://github.com/googleapis/genai-toolbox/pull/2151 |
||
|
Divyansh
|
53885e6c0d |
docs: Updating dataplex docs to include new syntax for semantic search (#2165)
## Description Dataplex.md is currently misaligned with the Dataplex backend, leading to failed search queries. ## PR Checklist > Thank you for opening a Pull Request! Before submitting your PR, there are a > few things you can do to make sure it goes smoothly: - [x] Make sure you reviewed [CONTRIBUTING.md](https://github.com/googleapis/genai-toolbox/blob/main/CONTRIBUTING.md) - [] Make sure to open an issue as a [bug/issue](https://github.com/googleapis/genai-toolbox/issues/new/choose) before writing your code! That way we can discuss the change, evaluate designs, and agree on the general idea - [x ] Ensure the tests and linter pass - [x] Code coverage does not decrease (if any source code was changed) - [x] Appropriate docs were updated (if necessary) - [x] Make sure to add `!` if this involve a breaking change 🛠️ Fixes #<issue_number_goes_here> --------- Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Averi Kitsch <akitsch@google.com> Co-authored-by: Yuan Teoh <45984206+Yuan325@users.noreply.github.com> |
||
|
dependabot[bot]
|
b4346dcb8f |
chore(deps): bump qs from 6.14.0 to 6.14.1 in /docs/en/getting-started/quickstart/js/adk (#2250)
Bumps [qs](https://github.com/ljharb/qs) from 6.14.0 to 6.14.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/ljharb/qs/blob/main/CHANGELOG.md">qs's changelog</a>.</em></p> <blockquote> <h2><strong>6.14.1</strong></h2> <ul> <li>[Fix] ensure arrayLength applies to <code>[]</code> notation as well</li> <li>[Fix] <code>parse</code>: when a custom decoder returns <code>null</code> for a key, ignore that key</li> <li>[Refactor] <code>parse</code>: extract key segment splitting helper</li> <li>[meta] add threat model</li> <li>[actions] add workflow permissions</li> <li>[Tests] <code>stringify</code>: increase coverage</li> <li>[Dev Deps] update <code>eslint</code>, <code>@ljharb/eslint-config</code>, <code>npmignore</code>, <code>es-value-fixtures</code>, <code>for-each</code>, <code>object-inspect</code></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Mend Renovate
|
38d127a354 |
chore(deps): update dependency langchain to v1.2.3 [security] (#2248)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [langchain](https://redirect.github.com/langchain-ai/langchainjs/tree/main/libs/langchain/) ([source](https://redirect.github.com/langchain-ai/langchainjs)) | [`1.0.2` → `1.2.3`](https://renovatebot.com/diffs/npm/langchain/1.0.2/1.2.3) |  |  | ### GitHub Vulnerability Alerts #### [CVE-2025-68665](https://redirect.github.com/langchain-ai/langchainjs/security/advisories/GHSA-r399-636x-v7f6) ## Context A serialization injection vulnerability exists in LangChain JS's `toJSON()` method (and subsequently when string-ifying objects using `JSON.stringify()`. The method did not escape objects with `'lc'` keys when serializing free-form data in kwargs. The `'lc'` key is used internally by LangChain to mark serialized objects. When user-controlled data contains this key structure, it is treated as a legitimate LangChain object during deserialization rather than plain user data. ### Attack surface The core vulnerability was in `Serializable.toJSON()`: this method failed to escape user-controlled objects containing `'lc'` keys within kwargs (e.g., `additional_kwargs`, `metadata`, `response_metadata`). When this unescaped data was later deserialized via `load()`, the injected structures were treated as legitimate LangChain objects rather than plain user data. This escaping bug enabled several attack vectors: 1. **Injection via user data**: Malicious LangChain object structures could be injected through user-controlled fields like `metadata`, `additional_kwargs`, or `response_metadata` 2. **Secret extraction**: Injected secret structures could extract environment variables when `secretsFromEnv` was enabled (which had no explicit default, effectively defaulting to `true` behavior) 3. **Class instantiation via import maps**: Injected constructor structures could instantiate any class available in the provided import maps with attacker-controlled parameters **Note on import maps:** Classes must be explicitly included in import maps to be instantiatable. The core import map includes standard types (messages, prompts, documents), and users can extend this via `importMap` and `optionalImportsMap` options. This architecture naturally limits the attack surface—an `allowedObjects` parameter is not necessary because users control which classes are available through the import maps they provide. **Security hardening:** This patch fixes the escaping bug in `toJSON()` and introduces new restrictive defaults in `load()`: `secretsFromEnv` now explicitly defaults to `false`, and a `maxDepth` parameter protects against DoS via deeply nested structures. JSDoc security warnings have been added to all import map options. ## Who is affected? Applications are vulnerable if they: 1. **Serialize untrusted data via `JSON.stringify()` on Serializable objects, then deserialize with `load()`** — Trusting your own serialization output makes you vulnerable if user-controlled data (e.g., from LLM responses, metadata fields, or user inputs) contains `'lc'` key structures. 2. **Deserialize untrusted data with `load()`** — Directly deserializing untrusted data that may contain injected `'lc'` structures. 3. **Use LangGraph checkpoints** — Checkpoint serialization/deserialization paths may be affected. The most common attack vector is through **LLM response fields** like `additional_kwargs` or `response_metadata`, which can be controlled via prompt injection and then serialized/deserialized in streaming operations. ## Impact Attackers who control serialized data can extract environment variable secrets by injecting `{"lc": 1, "type": "secret", "id": ["ENV_VAR"]}` to load environment variables during deserialization (when `secretsFromEnv: true`). They can also instantiate classes with controlled parameters by injecting constructor structures to instantiate any class within the provided import maps with attacker-controlled parameters, potentially triggering side effects such as network calls or file operations. Key severity factors: - Affects the serialization path—applications trusting their own serialization output are vulnerable - Enables secret extraction when combined with `secretsFromEnv: true` - LLM responses in `additional_kwargs` can be controlled via prompt injection ## Exploit example ```typescript import { load } from "@​langchain/core/load"; // Attacker injects secret structure into user-controlled data const attackerPayload = JSON.stringify({ user_data: { lc: 1, type: "secret", id: ["OPENAI_API_KEY"], }, }); process.env.OPENAI_API_KEY = "sk-secret-key-12345"; // With secretsFromEnv: true, the secret is extracted const deserialized = await load(attackerPayload, { secretsFromEnv: true }); console.log(deserialized.user_data); // "sk-secret-key-12345" - SECRET LEAKED! ``` ## Security hardening changes This patch introduces the following changes to `load()`: 1. **`secretsFromEnv` default changed to `false`**: Disables automatic secret loading from environment variables. Secrets not found in `secretsMap` now throw an error instead of being loaded from `process.env`. This fail-safe behavior ensures missing secrets are caught immediately rather than silently continuing with `null`. 2. **New `maxDepth` parameter** (defaults to `50`): Protects against denial-of-service attacks via deeply nested JSON structures that could cause stack overflow. 3. **Escape mechanism in `toJSON()`**: User-controlled objects containing `'lc'` keys are now wrapped in `{"__lc_escaped__": {...}}` during serialization and unwrapped as plain data during deserialization. 4. **JSDoc security warnings**: All import map options (`importMap`, `optionalImportsMap`, `optionalImportEntrypoints`) now include security warnings about never populating them from user input. ## Migration guide ### No changes needed for most users If you're deserializing standard LangChain types (messages, documents, prompts) using the core import map, your code will work without changes: ```typescript import { load } from "@​langchain/core/load"; // Works with default settings const obj = await load(serializedData); ``` ### For secrets from environment `secretsFromEnv` now defaults to `false`, and missing secrets throw an error. If you need to load secrets: ```typescript import { load } from "@​langchain/core/load"; // Provide secrets explicitly (recommended) const obj = await load(serializedData, { secretsMap: { OPENAI_API_KEY: process.env.OPENAI_API_KEY }, }); // Or explicitly opt-in to load from env (only use with trusted data) const obj = await load(serializedData, { secretsFromEnv: true }); ``` > **Warning:** Only enable `secretsFromEnv` if you trust the serialized data. Untrusted data could extract any environment variable. > **Note:** If a secret reference is encountered but not found in `secretsMap` (and `secretsFromEnv` is `false` or the secret is not in the environment), an error is thrown. This fail-safe behavior ensures you're aware of missing secrets rather than silently receiving `null` values. ### For deeply nested structures If you have legitimate deeply nested data that exceeds the default depth limit of 50: ```typescript import { load } from "@​langchain/core/load"; const obj = await load(serializedData, { maxDepth: 100 }); ``` ### For custom import maps If you provide custom import maps, ensure they only contain trusted modules: ```typescript import { load } from "@​langchain/core/load"; import * as myModule from "./my-trusted-module"; // GOOD - explicitly include only trusted modules const obj = await load(serializedData, { importMap: { my_module: myModule }, }); // BAD - never populate from user input const obj = await load(serializedData, { importMap: userProvidedImports, // DANGEROUS! }); ``` --- ### Release Notes <details> <summary>langchain-ai/langchainjs (langchain)</summary> ### [`v1.2.3`](https://redirect.github.com/langchain-ai/langchainjs/releases/tag/%40langchain/anthropic%401.2.3) ##### Patch Changes - Updated dependencies \[[`0bade90`]( |
||
|
dependabot[bot]
|
3d140a657e |
chore(deps): bump golang.org/x/crypto from 0.43.0 to 0.45.0 in /docs/en/getting-started/quickstart/go/adkgo (#2249)
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.43.0 to 0.45.0. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
0714d3e126 |
chore(deps): bump golang.org/x/crypto from 0.43.0 to 0.45.0 in /docs/en/getting-started/quickstart/go/openAI (#2247)
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.43.0 to 0.45.0. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
0baffff3b5 |
chore(deps): bump @langchain/core and @langchain/google-genai in /docs/en/getting-started/quickstart/js/langchain (#2232)
Bumps [@langchain/core](https://github.com/langchain-ai/langchainjs) to 1.1.8 and updates ancestor dependency [@langchain/google-genai](https://github.com/langchain-ai/langchainjs). These dependencies need to be updated together. Updates `@langchain/core` from 1.1.0 to 1.1.8 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/langchain-ai/langchainjs/releases"><code>@langchain/core</code>'s releases</a>.</em></p> <blockquote> <h2><code>@langchain/core</code><a href="https://github.com/1"><code>@1</code></a>.1.8</h2> <h3>Patch Changes</h3> <ul> <li> <p><a href="https://redirect.github.com/langchain-ai/langchainjs/pull/9707">#9707</a> <a href=" |
||
|
Mend Renovate
|
f87ed05aac |
chore(deps): update pip (#2215)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [google-adk](https://redirect.github.com/google/adk-python) ([changelog](https://redirect.github.com/google/adk-python/blob/main/CHANGELOG.md)) | `==1.19.0` → `==1.21.0` |  |  | | [google-genai](https://redirect.github.com/googleapis/python-genai) | `==1.52.0` → `==1.56.0` |  |  | | [langchain](https://redirect.github.com/langchain-ai/langchain) ([source](https://redirect.github.com/langchain-ai/langchain/tree/HEAD/libs/langchain), [changelog](https://redirect.github.com/langchain-ai/langchain/releases?q=tag%3A%22langchain%3D%3D1%22)) | `==1.1.0` → `==1.2.0` |  |  | | [langchain-google-vertexai](https://redirect.github.com/langchain-ai/langchain-google) ([source](https://redirect.github.com/langchain-ai/langchain-google/tree/HEAD/libs/vertexai), [changelog](https://redirect.github.com/langchain-ai/langchain-google/releases?q=%22vertexai%22)) | `==3.1.0` → `==3.2.0` |  |  | | [langgraph](https://redirect.github.com/langchain-ai/langgraph) ([source](https://redirect.github.com/langchain-ai/langgraph/tree/HEAD/libs/langgraph), [changelog](https://redirect.github.com/langchain-ai/langgraph/releases)) | `==1.0.4` → `==1.0.5` |  |  | | [llama-index](https://redirect.github.com/run-llama/llama_index) | `==0.14.10` → `==0.14.12` |  |  | | llama-index-llms-google-genai | `==0.7.3` → `==0.8.3` |  |  | | [pytest](https://redirect.github.com/pytest-dev/pytest) ([changelog](https://docs.pytest.org/en/stable/changelog.html)) | `==9.0.1` → `==9.0.2` |  |  | | [toolbox-core](https://redirect.github.com/googleapis/mcp-toolbox-sdk-python) ([changelog](https://redirect.github.com/googleapis/mcp-toolbox-sdk-python/blob/main/packages/toolbox-core/CHANGELOG.md)) | `==0.5.3` → `==0.5.4` |  |  | | [toolbox-langchain](https://redirect.github.com/googleapis/mcp-toolbox-sdk-python) ([changelog](https://redirect.github.com/googleapis/mcp-toolbox-sdk-python/blob/main/packages/toolbox-langchain/CHANGELOG.md)) | `==0.5.3` → `==0.5.4` |  |  | | [toolbox-llamaindex](https://redirect.github.com/googleapis/mcp-toolbox-sdk-python) ([changelog](https://redirect.github.com/googleapis/mcp-toolbox-sdk-python/blob/main/packages/toolbox-llamaindex/CHANGELOG.md)) | `==0.5.3` → `==0.5.4` |  |  | --- ### Release Notes <details> <summary>google/adk-python (google-adk)</summary> ### [`v1.21.0`](https://redirect.github.com/google/adk-python/blob/HEAD/CHANGELOG.md#1210-2025-12-11) [Compare Source](https://redirect.github.com/google/adk-python/compare/v1.20.0...v1.21.0) ##### Features - **\[Interactions API Support]** - The newly released Gemini [Interactions API](https://ai.google.dev/gemini-api/docs/interactions) is supported in ADK now. To use it: ```Python Agent( model=Gemini( model="gemini-3-pro-preview", use_interactions_api=True, ), name="...", description="...", instruction="...", ) ``` see [samples](https://redirect.github.com/google/adk-python/tree/main/contributing/samples/interactions_api) for details - **\[Services]** - Add `add_session_to_memory` to `CallbackContext` and `ToolContext` to explicitly save the current session to memory ([7b356dd]( |
||
|
dependabot[bot]
|
a35f64ef7d |
chore(deps): bump jws from 4.0.0 to 4.0.1 in /docs/en/getting-started/quickstart/js/adk (#2143)
Bumps [jws](https://github.com/brianloveswords/node-jws) from 4.0.0 to 4.0.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/brianloveswords/node-jws/releases">jws's releases</a>.</em></p> <blockquote> <h2>v4.0.1</h2> <h3>Changed</h3> <ul> <li>Fix advisory GHSA-869p-cjfg-cm3x: createSign and createVerify now require that a non empty secret is provided (via opts.secret, opts.privateKey or opts.key) when using HMAC algorithms.</li> <li>Upgrading JWA version to 2.0.1, addressing a compatibility issue for Node >= 25.</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/auth0/node-jws/blob/master/CHANGELOG.md">jws's changelog</a>.</em></p> <blockquote> <h2>[4.0.1]</h2> <h3>Changed</h3> <ul> <li>Fix advisory GHSA-869p-cjfg-cm3x: createSign and createVerify now require that a non empty secret is provided (via opts.secret, opts.privateKey or opts.key) when using HMAC algorithms.</li> <li>Upgrading JWA version to 2.0.1, adressing a compatibility issue for Node >= 25.</li> </ul> <h2>[3.2.3]</h2> <h3>Changed</h3> <ul> <li>Fix advisory GHSA-869p-cjfg-cm3x: createSign and createVerify now require that a non empty secret is provided (via opts.secret, opts.privateKey or opts.key) when using HMAC algorithms.</li> <li>Upgrading JWA version to 1.4.2, adressing a compatibility issue for Node >= 25.</li> </ul> <h2>[3.0.0]</h2> <h3>Changed</h3> <ul> <li><strong>BREAKING</strong>: <code>jwt.verify</code> now requires an <code>algorithm</code> parameter, and <code>jws.createVerify</code> requires an <code>algorithm</code> option. The <code>"alg"</code> field signature headers is ignored. This mitigates a critical security flaw in the library which would allow an attacker to generate signatures with arbitrary contents that would be accepted by <code>jwt.verify</code>. See <a href="https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/">https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/</a> for details.</li> </ul> <h2><a href="https://github.com/brianloveswords/node-jws/compare/v1.0.1...v2.0.0">2.0.0</a> - 2015-01-30</h2> <h3>Changed</h3> <ul> <li> <p><strong>BREAKING</strong>: Default payload encoding changed from <code>binary</code> to <code>utf8</code>. <code>utf8</code> is a is a more sensible default than <code>binary</code> because many payloads, as far as I can tell, will contain user-facing strings that could be in any language. (<!-- raw HTML omitted -->[6b6de48]<!-- raw HTML omitted -->)</p> </li> <li> <p>Code reorganization, thanks [<a href="https://github.com/fearphage"><code>@fearphage</code></a>]! (<!-- raw HTML omitted --><a href="https://github.com/brianloveswords/node-jws/commit/7880050">7880050</a><!-- raw HTML omitted -->)</p> </li> </ul> <h3>Added</h3> <ul> <li>Option in all relevant methods for <code>encoding</code>. For those few users that might be depending on a <code>binary</code> encoding of the messages, this is for them. (<!-- raw HTML omitted -->[6b6de48]<!-- raw HTML omitted -->)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
f4c22b3e27 |
chore(deps): bump golang.org/x/crypto from 0.43.0 to 0.45.0 in /docs/en/getting-started/quickstart/go/genkit (#1999)
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.43.0 to 0.45.0. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Niraj Nandre
|
9695fc5eeb |
docs: Add Antigravity connection steps for Looker (#2192)
## Description This PR adds a new section to the `looker_mcp.md` document that explains how to connect Looker to Antigravity. The new **"Connect with Antigravity"** section provides two methods for connecting: - **MCP Store:** A straightforward method using the built-in MCP Store in Antigravity. - **Custom config:** For connecting to a custom MCP server by adding a configuration to the mcp_config.json file. These changes will help users easily connect Looker to Antigravity. ## PR Checklist > Thank you for opening a Pull Request! Before submitting your PR, there are a > few things you can do to make sure it goes smoothly: - [x] Make sure you reviewed [CONTRIBUTING.md](https://github.com/googleapis/genai-toolbox/blob/main/CONTRIBUTING.md) - [x] Make sure to open an issue as a [bug/issue](https://github.com/googleapis/genai-toolbox/issues/new/choose) before writing your code! That way we can discuss the change, evaluate designs, and agree on the general idea - [x] Ensure the tests and linter pass - [ ] Code coverage does not decrease (if any source code was changed) - [ ] Appropriate docs were updated (if necessary) - [ ] Make sure to add `!` if this involve a breaking change Co-authored-by: Averi Kitsch <akitsch@google.com> |
||
|
manuka rahul
|
5a09d38056 |
docs: fix broken links (#2223)
Fix broken links |
||
|
release-please[bot]
|
f520b4ed8a |
chore(main): release 0.24.0 (#2162)
🤖 I have created a release *beep* *boop* --- ## [0.24.0](https://github.com/googleapis/genai-toolbox/compare/v0.23.0...v0.24.0) (2025-12-19) ### Features * **sources/cloud-gemini-data-analytics:** Add the Gemini Data Analytics (GDA) integration for DB NL2SQL conversion to Toolbox ([#2181](https://github.com/googleapis/genai-toolbox/issues/2181)) ([ |
||
|
dishaprakash
|
5788605818 |
feat: Support combining prebuilt and custom tool configurations (#2188)
## Description This PR updates the CLI to allow the --prebuilt flag to be used simultaneously with custom tool flags (--tools-file, --tools-files, or --tools-folder). This enables users to extend a standard prebuilt environment with their own custom tools and configurations. ### Key changes - Sequential Loading: Load prebuilt configurations first, then accumulate any specified custom configurations before merging. - Smart Defaults: Updated logic to only default to tools.yaml if no configuration flags are provided. - Legacy Auth Compatibility: Implemented an additive merge strategy for authentication. Legacy authSources from custom files are merged into the modern authServices map used by prebuilt tools. - Strict Validation: To prevent ambiguity, the server will throw an explicit error if a legacy authSource name conflicts with an existing authService name (e.g., from a prebuilt config). ## PR Checklist > Thank you for opening a Pull Request! Before submitting your PR, there are a > few things you can do to make sure it goes smoothly: - [x] Make sure you reviewed [CONTRIBUTING.md](https://github.com/googleapis/genai-toolbox/blob/main/CONTRIBUTING.md) - [x] Make sure to open an issue as a [bug/issue](https://github.com/googleapis/genai-toolbox/issues/new/choose) before writing your code! That way we can discuss the change, evaluate designs, and agree on the general idea - [x] Ensure the tests and linter pass - [x] Code coverage does not decrease (if any source code was changed) - [x] Appropriate docs were updated (if necessary) - [x] Make sure to add `!` if this involve a breaking change 🛠️ Fixes https://github.com/googleapis/genai-toolbox/issues/1220 --------- Co-authored-by: Yuan Teoh <45984206+Yuan325@users.noreply.github.com> |
||
|
gRedHeadphone
|
0641da0353 |
feat(tools/mysql-get-query-plan): tool impl + docs + tests (#2123)
## Description Tool mysql-get-query-plan implementation, along with tests and docs. Tool used to get information about how MySQL executes a SQL statement (EXPLAIN). ## PR Checklist - [x] Make sure you reviewed [CONTRIBUTING.md](https://github.com/googleapis/genai-toolbox/blob/main/CONTRIBUTING.md) - [x] Make sure to open an issue as a [bug/issue](https://github.com/googleapis/genai-toolbox/issues/new/choose) before writing your code! That way we can discuss the change, evaluate designs, and agree on the general idea - [x] Ensure the tests and linter pass - [x] Code coverage does not decrease (if any source code was changed) - [x] Appropriate docs were updated (if necessary) - [x] Make sure to add `!` if this involve a breaking change 🛠️ Fixes #1692 --------- Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Averi Kitsch <akitsch@google.com> Co-authored-by: Yuan Teoh <45984206+Yuan325@users.noreply.github.com> |
||
|
Wenxin Du
|
8ea39ec32f |
feat(sources/oracle): Add Oracle OCI and Wallet support (#1945)
Previously we used go-ora (a pure Go Oracle driver) because our release pipeline did not support cross-compilation with CGO. Now that it's fixed, we want to add support for Oracle OCI driver for advanced features including digital wallet etc. Users will be able to configure a source to use OCI by specifying a `UseOCI: true` field. The source defaults to use the pure Go driver otherwise. Oracle Wallet: - OCI users should use the `tnsAdmin` to set the wallet location - Non-OCI users can should use the `walletLocation` field. fix: https://github.com/googleapis/genai-toolbox/issues/1779 |
||
|
Juexin Wang
|
aa270b2630 |
feat: add the Gemini Data Analytics (GDA) integration for DB NL2SQL conversion to Toolbox (#2181)
## Description This PR is to add the Gemini Data Analytics (GDA) integration for DB NL2SQL conversion to Toolbox. It allows the user to convert a natural language query to SQL statement based on their database instance. See the doc section for details. ## PR Checklist > Thank you for opening a Pull Request! Before submitting your PR, there are a > few things you can do to make sure it goes smoothly: - [x] Make sure you reviewed [CONTRIBUTING.md](https://github.com/googleapis/genai-toolbox/blob/main/CONTRIBUTING.md) - [x] Make sure to open an issue as a [bug/issue](https://github.com/googleapis/genai-toolbox/issues/new/choose) before writing your code! That way we can discuss the change, evaluate designs, and agree on the general idea - [x] Ensure the tests and linter pass - [x] Code coverage does not decrease (if any source code was changed) - [x] Appropriate docs were updated (if necessary) - [x] Make sure to add `!` if this involve a breaking change 🛠️ Fixes #2180 --------- Co-authored-by: Yuan Teoh <45984206+Yuan325@users.noreply.github.com> |
||
|
Yuan Teoh
|
6e87349431 |
docs: telemetry docs to provide endpoint without scheme or path (#2179)
## Description According to the OTEL ([docs](https://pkg.go.dev/go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp#WithEndpoint)), `WithEndpoint()` sets the target endpoint (host and port) the Exporter will connect to. The provided endpoint should resemble "example.com:4318" (no scheme or path). And it requires the endpoint to be secure using `https://`. To provide an insecure endpoint with `http://`, user will need to set `OTEL_EXPORTER_OTLP_INSECURE=true`. This PR update the docs to reflect this. 🛠️ Fixes #1539 |
||
|
dependabot[bot]
|
271f39d4b9 |
chore(deps): bump jws from 4.0.0 to 4.0.1 in /docs/en/getting-started/quickstart/js/langchain (#2118)
Bumps [jws](https://github.com/brianloveswords/node-jws) from 4.0.0 to 4.0.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/brianloveswords/node-jws/releases">jws's releases</a>.</em></p> <blockquote> <h2>v4.0.1</h2> <h3>Changed</h3> <ul> <li>Fix advisory GHSA-869p-cjfg-cm3x: createSign and createVerify now require that a non empty secret is provided (via opts.secret, opts.privateKey or opts.key) when using HMAC algorithms.</li> <li>Upgrading JWA version to 2.0.1, addressing a compatibility issue for Node >= 25.</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/auth0/node-jws/blob/master/CHANGELOG.md">jws's changelog</a>.</em></p> <blockquote> <h2>[4.0.1]</h2> <h3>Changed</h3> <ul> <li>Fix advisory GHSA-869p-cjfg-cm3x: createSign and createVerify now require that a non empty secret is provided (via opts.secret, opts.privateKey or opts.key) when using HMAC algorithms.</li> <li>Upgrading JWA version to 2.0.1, adressing a compatibility issue for Node >= 25.</li> </ul> <h2>[3.2.3]</h2> <h3>Changed</h3> <ul> <li>Fix advisory GHSA-869p-cjfg-cm3x: createSign and createVerify now require that a non empty secret is provided (via opts.secret, opts.privateKey or opts.key) when using HMAC algorithms.</li> <li>Upgrading JWA version to 1.4.2, adressing a compatibility issue for Node >= 25.</li> </ul> <h2>[3.0.0]</h2> <h3>Changed</h3> <ul> <li><strong>BREAKING</strong>: <code>jwt.verify</code> now requires an <code>algorithm</code> parameter, and <code>jws.createVerify</code> requires an <code>algorithm</code> option. The <code>"alg"</code> field signature headers is ignored. This mitigates a critical security flaw in the library which would allow an attacker to generate signatures with arbitrary contents that would be accepted by <code>jwt.verify</code>. See <a href="https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/">https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/</a> for details.</li> </ul> <h2><a href="https://github.com/brianloveswords/node-jws/compare/v1.0.1...v2.0.0">2.0.0</a> - 2015-01-30</h2> <h3>Changed</h3> <ul> <li> <p><strong>BREAKING</strong>: Default payload encoding changed from <code>binary</code> to <code>utf8</code>. <code>utf8</code> is a is a more sensible default than <code>binary</code> because many payloads, as far as I can tell, will contain user-facing strings that could be in any language. (<!-- raw HTML omitted -->[6b6de48]<!-- raw HTML omitted -->)</p> </li> <li> <p>Code reorganization, thanks [<a href="https://github.com/fearphage"><code>@fearphage</code></a>]! (<!-- raw HTML omitted --><a href="https://github.com/brianloveswords/node-jws/commit/7880050">7880050</a><!-- raw HTML omitted -->)</p> </li> </ul> <h3>Added</h3> <ul> <li>Option in all relevant methods for <code>encoding</code>. For those few users that might be depending on a <code>binary</code> encoding of the messages, this is for them. (<!-- raw HTML omitted -->[6b6de48]<!-- raw HTML omitted -->)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Anubhav Dhawan
|
776a5ca438 |
docs: Update Antigravity MCP plugin documentation (#2157)
This updates the documentation for the MCP Toolbox Antigravity plugin according to the new configuration option for the plugin in the MCP server window of Antigravity. |
||
|
Mend Renovate
|
d08dd144ad |
chore(deps): update dependency llama-index to v0.14.10 (#2092)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [llama-index](https://redirect.github.com/run-llama/llama_index) | `==0.14.8` -> `==0.14.10` |  |  | --- ### Release Notes <details> <summary>run-llama/llama_index (llama-index)</summary> ### [`v0.14.10`](https://redirect.github.com/run-llama/llama_index/blob/HEAD/CHANGELOG.md#2025-12-04) [Compare Source](https://redirect.github.com/run-llama/llama_index/compare/v0.14.9...v0.14.10) ##### llama-index-core \[0.14.10] - feat: add mock function calling llm ([#​20331](https://redirect.github.com/run-llama/llama_index/pull/20331)) ##### llama-index-llms-qianfan \[0.4.1] - test: fix typo 'reponse' to 'response' in variable names ([#​20329](https://redirect.github.com/run-llama/llama_index/pull/20329)) ##### llama-index-tools-airweave \[0.1.0] - feat: add Airweave tool integration with advanced search features ([#​20111](https://redirect.github.com/run-llama/llama_index/pull/20111)) ##### llama-index-utils-qianfan \[0.4.1] - test: fix typo 'reponse' to 'response' in variable names ([#​20329](https://redirect.github.com/run-llama/llama_index/pull/20329)) ### [`v0.14.9`](https://redirect.github.com/run-llama/llama_index/blob/HEAD/CHANGELOG.md#2025-12-02) [Compare Source](https://redirect.github.com/run-llama/llama_index/compare/v0.14.8...v0.14.9) ##### llama-index-agent-azure \[0.2.1] - fix: Pin azure-ai-projects version to prevent breaking changes ([#​20255](https://redirect.github.com/run-llama/llama_index/pull/20255)) ##### llama-index-core \[0.14.9] - MultiModalVectorStoreIndex now returns a multi-modal ContextChatEngine. ([#​20265](https://redirect.github.com/run-llama/llama_index/pull/20265)) - Ingestion to vector store now ensures that \_node-content is readable ([#​20266](https://redirect.github.com/run-llama/llama_index/pull/20266)) - fix: ensure context is copied with async utils run\_async ([#​20286](https://redirect.github.com/run-llama/llama_index/pull/20286)) - fix(memory): ensure first message in queue is always a user message after flush ([#​20310](https://redirect.github.com/run-llama/llama_index/pull/20310)) ##### llama-index-embeddings-bedrock \[0.7.2] - feat(embeddings-bedrock): Add support for Amazon Bedrock Application Inference Profiles ([#​20267](https://redirect.github.com/run-llama/llama_index/pull/20267)) - fix:(embeddings-bedrock) correct extraction of provider from model\_name ([#​20295](https://redirect.github.com/run-llama/llama_index/pull/20295)) - Bump version of bedrock-embedding ([#​20304](https://redirect.github.com/run-llama/llama_index/pull/20304)) ##### llama-index-embeddings-voyageai \[0.5.1] - VoyageAI correction and documentation ([#​20251](https://redirect.github.com/run-llama/llama_index/pull/20251)) ##### llama-index-llms-anthropic \[0.10.3] - feat: add anthropic opus 4.5 ([#​20306](https://redirect.github.com/run-llama/llama_index/pull/20306)) ##### llama-index-llms-bedrock-converse \[0.12.2] - fix(bedrock-converse): Only use guardrail\_stream\_processing\_mode in streaming functions ([#​20289](https://redirect.github.com/run-llama/llama_index/pull/20289)) - feat: add anthropic opus 4.5 ([#​20306](https://redirect.github.com/run-llama/llama_index/pull/20306)) - feat(bedrock-converse): Additional support for Claude Opus 4.5 ([#​20317](https://redirect.github.com/run-llama/llama_index/pull/20317)) ##### llama-index-llms-google-genai \[0.7.4] - Fix gemini-3 support and gemini function call support ([#​20315](https://redirect.github.com/run-llama/llama_index/pull/20315)) ##### llama-index-llms-helicone \[0.1.1] - update helicone docs + examples ([#​20208](https://redirect.github.com/run-llama/llama_index/pull/20208)) ##### llama-index-llms-openai \[0.6.10] - Smallest Nit ([#​20252](https://redirect.github.com/run-llama/llama_index/pull/20252)) - Feat: Add gpt-5.1-chat model support ([#​20311](https://redirect.github.com/run-llama/llama_index/pull/20311)) ##### llama-index-llms-ovhcloud \[0.1.0] - Add OVHcloud AI Endpoints provider ([#​20288](https://redirect.github.com/run-llama/llama_index/pull/20288)) ##### llama-index-llms-siliconflow \[0.4.2] - \[Bugfix] None check on content in delta in siliconflow LLM ([#​20327](https://redirect.github.com/run-llama/llama_index/pull/20327)) ##### llama-index-node-parser-docling \[0.4.2] - Relax docling Python constraints ([#​20322](https://redirect.github.com/run-llama/llama_index/pull/20322)) ##### llama-index-packs-resume-screener \[0.9.3] - feat: Update pypdf to latest version ([#​20285](https://redirect.github.com/run-llama/llama_index/pull/20285)) ##### llama-index-postprocessor-voyageai-rerank \[0.4.1] - VoyageAI correction and documentation ([#​20251](https://redirect.github.com/run-llama/llama_index/pull/20251)) ##### llama-index-protocols-ag-ui \[0.2.3] - fix: correct order of ag-ui events to avoid event conflicts ([#​20296](https://redirect.github.com/run-llama/llama_index/pull/20296)) ##### llama-index-readers-confluence \[0.6.0] - Refactor Confluence integration: Update license to MIT, remove requirements.txt, and implement HtmlTextParser for HTML to Markdown conversion. Update dependencies and tests accordingly. ([#​20262](https://redirect.github.com/run-llama/llama_index/pull/20262)) ##### llama-index-readers-docling \[0.4.2] - Relax docling Python constraints ([#​20322](https://redirect.github.com/run-llama/llama_index/pull/20322)) ##### llama-index-readers-file \[0.5.5] - feat: Update pypdf to latest version ([#​20285](https://redirect.github.com/run-llama/llama_index/pull/20285)) ##### llama-index-readers-reddit \[0.4.1] - Fix typo in README.md for Reddit integration ([#​20283](https://redirect.github.com/run-llama/llama_index/pull/20283)) ##### llama-index-storage-chat-store-postgres \[0.3.2] - \[FIX] Postgres ChatStore automatically prefix table name with "data\_" ([#​20241](https://redirect.github.com/run-llama/llama_index/pull/20241)) ##### llama-index-vector-stores-azureaisearch \[0.4.4] - `vector-azureaisearch`: check if user agent already in policy before add it to azure client ([#​20243](https://redirect.github.com/run-llama/llama_index/pull/20243)) - fix(azureaisearch): Add close/aclose methods to fix unclosed client session warnings ([#​20309](https://redirect.github.com/run-llama/llama_index/pull/20309)) ##### llama-index-vector-stores-milvus \[0.9.4] - Fix/consistency level param for milvus ([#​20268](https://redirect.github.com/run-llama/llama_index/pull/20268)) ##### llama-index-vector-stores-postgres \[0.7.2] - Fix postgresql dispose ([#​20312](https://redirect.github.com/run-llama/llama_index/pull/20312)) ##### llama-index-vector-stores-qdrant \[0.9.0] - fix: Update qdrant-client version constraints ([#​20280](https://redirect.github.com/run-llama/llama_index/pull/20280)) - Feat: update Qdrant client to 1.16.0 ([#​20287](https://redirect.github.com/run-llama/llama_index/pull/20287)) ##### llama-index-vector-stores-vertexaivectorsearch \[0.3.2] - fix: update blob path in batch\_update\_index ([#​20281](https://redirect.github.com/run-llama/llama_index/pull/20281)) ##### llama-index-voice-agents-openai \[0.2.2] - Smallest Nit ([#​20252](https://redirect.github.com/run-llama/llama_index/pull/20252)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/googleapis/genai-toolbox). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi4xOS45IiwidXBkYXRlZEluVmVyIjoiNDIuMzIuMiIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==--> Co-authored-by: Wenxin Du <117315983+duwenxin99@users.noreply.github.com> |
||
|
dishaprakash
|
af3d3c5204 |
feat(source/cloudsqlmysql): add support for IAM authentication in Cloud SQL MySQL source (#2050)
## Description This PR adds the support for IAM authentication in the Cloud SQL MySQL source ## PR Checklist > Thank you for opening a Pull Request! Before submitting your PR, there are a > few things you can do to make sure it goes smoothly: - [x] Make sure you reviewed [CONTRIBUTING.md](https://github.com/googleapis/genai-toolbox/blob/main/CONTRIBUTING.md) - [x] Make sure to open an issue as a [bug/issue](https://github.com/googleapis/genai-toolbox/issues/new/choose) before writing your code! That way we can discuss the change, evaluate designs, and agree on the general idea - [x] Ensure the tests and linter pass - [x] Code coverage does not decrease (if any source code was changed) - [ ] Appropriate docs were updated (if necessary) - [x] Make sure to add `!` if this involve a breaking change 🛠️ Fixes #<issue_number_goes_here> |
||
|
release-please[bot]
|
466aef024f |
chore(main): release 0.23.0 (#2138)
🤖 I have created a release *beep* *boop* --- ## [0.23.0](https://github.com/googleapis/genai-toolbox/compare/v0.22.0...v0.23.0) (2025-12-11) ### ⚠ BREAKING CHANGES * **serverless-spark:** add URLs to create batch tool outputs * **serverless-spark:** add URLs to list_batches output * **serverless-spark:** add Cloud Console and Logging URLs to get_batch * **tools/postgres:** Add additional filter params for existing postgres tools ([#2033](https://github.com/googleapis/genai-toolbox/issues/2033)) ### Features * **tools/postgres:** Add list-table-stats-tool to list table statistics. ([#2055](https://github.com/googleapis/genai-toolbox/issues/2055)) ([ |
||
|
Twisha Bansal
|
26ead2ed78 |
docs: include npx method to run server (#2094)
## Description > Should include a concise description of the changes (bug or feature), it's > impact, along with a summary of the solution ## PR Checklist > Thank you for opening a Pull Request! Before submitting your PR, there are a > few things you can do to make sure it goes smoothly: - [ ] Make sure you reviewed [CONTRIBUTING.md](https://github.com/googleapis/genai-toolbox/blob/main/CONTRIBUTING.md) - [ ] Make sure to open an issue as a [bug/issue](https://github.com/googleapis/genai-toolbox/issues/new/choose) before writing your code! That way we can discuss the change, evaluate designs, and agree on the general idea - [ ] Ensure the tests and linter pass - [ ] Code coverage does not decrease (if any source code was changed) - [ ] Appropriate docs were updated (if necessary) - [ ] Make sure to add `!` if this involve a breaking change 🛠️ Fixes #<issue_number_goes_here> --------- Co-authored-by: Averi Kitsch <akitsch@google.com> Co-authored-by: Anubhav Dhawan <anubhavdhawan@google.com> Co-authored-by: Wenxin Du <117315983+duwenxin99@users.noreply.github.com> |
||
|
Twisha Bansal
|
1f31c2c9b2 |
docs: add prompts quickstart using gemini cli (#2158)
## Description > Should include a concise description of the changes (bug or feature), it's > impact, along with a summary of the solution ## PR Checklist > Thank you for opening a Pull Request! Before submitting your PR, there are a > few things you can do to make sure it goes smoothly: - [ ] Make sure you reviewed [CONTRIBUTING.md](https://github.com/googleapis/genai-toolbox/blob/main/CONTRIBUTING.md) - [ ] Make sure to open an issue as a [bug/issue](https://github.com/googleapis/genai-toolbox/issues/new/choose) before writing your code! That way we can discuss the change, evaluate designs, and agree on the general idea - [ ] Ensure the tests and linter pass - [ ] Code coverage does not decrease (if any source code was changed) - [ ] Appropriate docs were updated (if necessary) - [ ] Make sure to add `!` if this involve a breaking change 🛠️ Fixes #<issue_number_goes_here> --------- Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> |
||
|
Dave Borowitz
|
c6ccf4bd87 | feat(serverless-spark)!: add URLs to create batch tool outputs | ||
|
Dave Borowitz
|
5605eabd69 |
feat(serverless-spark)!: add URLs to list_batches output
Unlike get_batch, in this case we are not returning a JSON type directly from the server, so we can add the new fields in our top-level object rather than wrapping. |
||
|
Dave Borowitz
|
e29c0616d6 |
feat(serverless-spark)!: add Cloud Console and Logging URLs to get_batch
These are useful links for humans to follow for more information (output, metrics, logs) that's not readily availble via MCP. |
||
|
Dr. Strangelove
|
285aa46b88 |
feat(looker/tools): Enhance dashboard creation with dashboard filters (#2133)
## Description Enhance dashboard creation with dashboard level filters. Also improve tool descriptions. ## PR Checklist > Thank you for opening a Pull Request! Before submitting your PR, there are a > few things you can do to make sure it goes smoothly: - [X] Make sure you reviewed [CONTRIBUTING.md](https://github.com/googleapis/genai-toolbox/blob/main/CONTRIBUTING.md) - [x] Make sure to open an issue as a [bug/issue](https://github.com/googleapis/genai-toolbox/issues/new/choose) before writing your code! That way we can discuss the change, evaluate designs, and agree on the general idea - [x] Ensure the tests and linter pass - [x] Code coverage does not decrease (if any source code was changed) - [x] Appropriate docs were updated (if necessary) - [x] Make sure to add `!` if this involve a breaking change |
||
|
Ganga4060
|
c5a6daa768 |
fix: removed sortPayload and sortParams from the reference (#1238)
Removed sortPayload and sortParams from the reference --------- Co-authored-by: Averi Kitsch <akitsch@google.com> |
||
|
Siddharth Ravi
|
78b02f08c3 |
feat: add list-table-stats-tool to list table statistics. (#2055)
Adds the following tools for Postgres: (1) list_table_stats: Lists table statistics in the database. . <img width="3446" height="1304" alt="image" src="https://github.com/user-attachments/assets/68951edc-8d99-460e-a1ac-2d3da9388baf" /> <img width="2870" height="1338" alt="image" src="https://github.com/user-attachments/assets/100a3b7d-202d-4dfd-b046-5dab4390ba41" /> > Should include a concise description of the changes (bug or feature), it's > impact, along with a summary of the solution ## PR Checklist > Thank you for opening a Pull Request! Before submitting your PR, there are a > few things you can do to make sure it goes smoothly: - [x] Make sure you reviewed [CONTRIBUTING.md](https://github.com/googleapis/genai-toolbox/blob/main/CONTRIBUTING.md) - [x] Make sure to open an issue as a [bug/issue](https://github.com/googleapis/genai-toolbox/issues/new/choose) before writing your code! That way we can discuss the change, evaluate designs, and agree on the general idea - [x] Ensure the tests and linter pass - [x] Code coverage does not decrease (if any source code was changed) - [x] Appropriate docs were updated (if necessary) - [x] Make sure to add `!` if this involve a breaking change 🛠️ Fixes #1738 |
||
|
Anubhav Dhawan
|
18d0440f4e |
docs: separate Windows installation instructions for Command Prompt and PowerShell (#2097)
## Description Updates the Windows installation instructions in `README.md` and the Hugo documentation to provide separate, clear steps for Command Prompt and PowerShell. ## Before <img width="1836" height="1054" alt="image" src="https://github.com/user-attachments/assets/46856ba5-e99f-4ea1-b851-921c1f885c40" /> ## After <img width="1842" height="1046" alt="image" src="https://github.com/user-attachments/assets/80212630-1233-496e-98d2-9039de8e4cd0" /> <img width="1858" height="1070" alt="image" src="https://github.com/user-attachments/assets/348a879d-7337-41c1-8358-fbe341c80525" /> |
||
|
Mend Renovate
|
7a135ce078 |
chore(deps): update module google.golang.org/genai to v1.36.0 (#1971)
This PR contains the following updates: | Package | Change | Age | Confidence | |---|---|---|---| | [google.golang.org/genai](https://redirect.github.com/googleapis/go-genai) | `v1.35.0` -> `v1.36.0` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>googleapis/go-genai (google.golang.org/genai)</summary> ### [`v1.36.0`](https://redirect.github.com/googleapis/go-genai/releases/tag/v1.36.0) [Compare Source](https://redirect.github.com/googleapis/go-genai/compare/v1.35.0...v1.36.0) ##### Features - add display name to FunctionResponseBlob ([66bd0fb]( |
||
|
Srividya Reddy
|
bea9705450 |
feat(tools/postgres): Add new postgres-list-roles tool (#2038)
## Description Adds a postgresql custom list_roles tool, that lists all the user-created roles in the instance. It provides details about each role's attributes and memberships. > Should include a concise description of the changes (bug or feature), it's > impact, along with a summary of the solution ![Uploading Screenshot 2025-11-26 at 1.16.42 AM.png…]() <img width="1065" height="145" alt="Screenshot 2025-11-26 at 12 59 56 AM" src="https://github.com/user-attachments/assets/d90131b1-d369-4108-b4db-ee5dc9aafe38" /> ## PR Checklist > Thank you for opening a Pull Request! Before submitting your PR, there are a > few things you can do to make sure it goes smoothly: - [x] Make sure you reviewed [CONTRIBUTING.md](https://github.com/googleapis/genai-toolbox/blob/main/CONTRIBUTING.md) - [x] Make sure to open an issue as a [bug/issue](https://github.com/googleapis/genai-toolbox/issues/new/choose) before writing your code! That way we can discuss the change, evaluate designs, and agree on the general idea - [x] Ensure the tests and linter pass - [x] Code coverage does not decrease (if any source code was changed) - [x] Appropriate docs were updated (if necessary) - [ ] Make sure to add `!` if this involve a breaking change 🛠️ Fixes #<1738> Co-authored-by: Wenxin Du <117315983+duwenxin99@users.noreply.github.com> |
||
|
Srividya Reddy
|
489117d747 |
feat(tools/postgres)!: Add additional filter params for existing postgres tools (#2033)
## Description Add additional filter parameters for existing PostgreSQL tools: 1. `list_views`: - Add a new optional `"schema_name"` filter parameter to return results based on a specific schema name pattern. - Add an additional column `"definition"` to return the view definition. 2. `list_schemas`: - Add a new optional `"owner"` filter parameter to return results based on a specific owner name pattern. - Add a new optional `"limit"` parameter to return a specific number of rows. 3. `list_indexes`: - Add a new optional `"only_unused"` filter parameter to return only unused indexes. > Should include a concise description of the changes (bug or feature), it's > impact, along with a summary of the solution list_views <img width="1531" height="763" alt="Screenshot 2025-11-25 at 1 36 39 PM" src="https://github.com/user-attachments/assets/bd6805b3-43d2-46c7-adc8-62d3a4521d36" /> list_schemas <img width="1519" height="755" alt="Screenshot 2025-11-25 at 1 35 54 PM" src="https://github.com/user-attachments/assets/62d3e987-b64e-442b-ba1a-84def1df7a58" /> list_indexes <img width="1523" height="774" alt="Screenshot 2025-11-25 at 1 35 32 PM" src="https://github.com/user-attachments/assets/c6f73b3f-f8a2-4b76-9218-64d7011a2241" /> ## PR Checklist > Thank you for opening a Pull Request! Before submitting your PR, there are a > few things you can do to make sure it goes smoothly: - [x] Make sure you reviewed [CONTRIBUTING.md](https://github.com/googleapis/genai-toolbox/blob/main/CONTRIBUTING.md) - [x] Make sure to open an issue as a [bug/issue](https://github.com/googleapis/genai-toolbox/issues/new/choose) before writing your code! That way we can discuss the change, evaluate designs, and agree on the general idea - [x] Ensure the tests and linter pass - [x] Code coverage does not decrease (if any source code was changed) - [x] Appropriate docs were updated (if necessary) - [x] Make sure to add `!` if this involve a breaking change 🛠️ Fixes #<1738> Co-authored-by: Averi Kitsch <akitsch@google.com> |
||
|
Srividya Reddy
|
32367a472f |
feat(tools/postgres): add list_pg_settings, list_database_stats tools for postgres (#2030)
## Description Adds the following tools for Postgres: (1) list_pg_settings: List configuration parameters for the PostgreSQL server. (2) list_database_stats: Lists the key performance and activity statistics for each database in the postgreSQL server. > Should include a concise description of the changes (bug or feature), it's > impact, along with a summary of the solution list_pg_settings: <img width="1526" height="803" alt="Screenshot 2025-11-25 at 10 19 48 AM" src="https://github.com/user-attachments/assets/73634b9b-4936-4bf0-a94b-6b31fe3642a1" /> <img width="1064" height="715" alt="Screenshot 2025-11-25 at 10 27 19 AM" src="https://github.com/user-attachments/assets/36c13585-27e4-4294-b451-1c1a963c0d6c" /> list_database_stats: <img width="1511" height="779" alt="Screenshot 2025-11-25 at 10 21 12 AM" src="https://github.com/user-attachments/assets/d283e018-ea81-427d-b1b4-7aaf79b9696b" /> <img width="1017" height="506" alt="Screenshot 2025-11-25 at 10 27 47 AM" src="https://github.com/user-attachments/assets/47b72bd7-7114-4f2a-8a9d-cecc80bf47e9" /> ## PR Checklist > Thank you for opening a Pull Request! Before submitting your PR, there are a > few things you can do to make sure it goes smoothly: - [x] Make sure you reviewed [CONTRIBUTING.md](https://github.com/googleapis/genai-toolbox/blob/main/CONTRIBUTING.md) - [x] Make sure to open an issue as a [bug/issue](https://github.com/googleapis/genai-toolbox/issues/new/choose) before writing your code! That way we can discuss the change, evaluate designs, and agree on the general idea - [x] Ensure the tests and linter pass - [x] Code coverage does not decrease (if any source code was changed) - [x] Appropriate docs were updated (if necessary) - [x] Make sure to add `!` if this involve a breaking change 🛠️ Fixes #<1738> Co-authored-by: Averi Kitsch <akitsch@google.com> Co-authored-by: Wenxin Du <117315983+duwenxin99@users.noreply.github.com> |
||
|
Pranjul Kalsi
|
3b40fea25e |
feat(sources/mariadb): add MariaDB source and MySQL tools integration (#1908)
## Description This PR 1. Adds **MariaDB** as a Source - Implementation is similar to **MySQL** source 2. Utilises pre implemented **MySQL** Tools - `mysql-execute-sql` - `mysql-list-active-queries` - `mysql-list-table-fragmentation` - `mysql-list-tables` - `mysql-list-tables-missing-unique-indexes` - `mysql-sql` **Note:** After discussion with @duwenxin99 in issue #1768, I initially assumed MariaDB required new tools due to different metadata structures and system tables. That is true for older MariaDB versions, but current MySQL tooling already works with MariaDB (verified), so a separate tool set was not needed. 3. Adds a source doc for **MariaDB** in docs 4. Adds MariaDB integration tests using the existing MySQL test flow. Note: The test file is based on the MySQL integration test, but `GetMariaDBWants()` and `RunMariDBListTablesTest()` are implemented because MariaDB returns different metadata and list-tables output, so the assertions must be MariaDB-specific. 5. Updates CI Lastly I considered adding a MariaDB-exclusive Galera cluster monitoring tool, but skipped it because it requires a multi-node Galera setup for integration testing and would significantly increase CI complexity with unclear usage demand. ## PR Checklist - [x] Make sure you reviewed [CONTRIBUTING.md](https://github.com/googleapis/genai-toolbox/blob/main/CONTRIBUTING.md) - [x] Make sure to open an issue as a [bug/issue](https://github.com/googleapis/genai-toolbox/issues/new/choose) before writing your code! That way we can discuss the change, evaluate designs, and agree on the general idea - [x] Ensure the tests and linter pass - [x] Code coverage does not decrease (if any source code was changed) - [x] Appropriate docs were updated (if necessary) - [ ] Make sure to add `!` if this involve a breaking change 🛠️ Fixes #1712 #1768 --------- Co-authored-by: Wenxin Du <117315983+duwenxin99@users.noreply.github.com> |
||
|
dependabot[bot]
|
1dd971b8d5 |
chore(deps): bump golang.org/x/crypto from 0.43.0 to 0.45.0 in /docs/en/getting-started/quickstart/go/langchain (#2041)
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.43.0 to 0.45.0. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
release-please[bot]
|
cb4529cbaa |
chore(main): release 0.22.0 (#1997)
🤖 I have created a release *beep* *boop* --- ## [0.22.0](https://github.com/googleapis/genai-toolbox/compare/v0.21.0...v0.22.0) (2025-12-04) ### Features * Add allowed-origins flag ([#1984](https://github.com/googleapis/genai-toolbox/issues/1984)) ([ |
||
|
Srividya Reddy
|
5ad7c6127b |
feat(tools/postgres-list-tablespaces): add new postgres-list-tablespaces tool (#1934)
## Description Adds a postgresql custom list_tablespaces tool, that returns the details of tablespaces present in database. <img width="1719" height="698" alt="Screenshot 2025-11-12 at 9 11 13 AM" src="https://github.com/user-attachments/assets/03964a1b-27e0-4da8-85a2-57db905163ed" /> <img width="1077" height="141" alt="Screenshot 2025-11-12 at 9 12 42 AM" src="https://github.com/user-attachments/assets/f93f5692-eb62-4f30-8192-40c8873d4d00" /> > Should include a concise description of the changes (bug or feature), it's > impact, along with a summary of the solution Lists all tablespaces in the database. Returns the tablespace name, owner name, size in bytes, internal object ID, the access control list regarding permissions, and any specific tablespace options. ## PR Checklist > Thank you for opening a Pull Request! Before submitting your PR, there are a > few things you can do to make sure it goes smoothly: - [x] Make sure you reviewed [CONTRIBUTING.md](https://github.com/googleapis/genai-toolbox/blob/main/CONTRIBUTING.md) - [x] Make sure to open an issue as a [bug/issue](https://github.com/googleapis/genai-toolbox/issues/new/choose) before writing your code! That way we can discuss the change, evaluate designs, and agree on the general idea - [x] Ensure the tests and linter pass - [x] Code coverage does not decrease (if any source code was changed) - [x] Appropriate docs were updated (if necessary) - [x] Make sure to add `!` if this involve a breaking change 🛠️ Fixes #1738 |
||
|
Srividya Reddy
|
f4b1f0a680 |
feat(tools/postgres-list-publication-tables): add new postgres-list-publication-tables tool (#1919)
## Description Adds a postgresql custom list_publication_tables tool, that returns the details of publication tables present in database. Test Output: <img width="845" height="239" alt="Screenshot 2025-11-11 at 12 50 59 AM" src="https://github.com/user-attachments/assets/b7606e44-c5f6-4fc7-865e-7efadd112eff" /> <img width="1529" height="648" alt="Screenshot 2025-11-11 at 1 15 18 AM" src="https://github.com/user-attachments/assets/6192b772-f0bc-4fb4-8032-ca487434d77c" /> > Should include a concise description of the changes (bug or feature), it's > impact, along with a summary of the solution ## PR Checklist > Thank you for opening a Pull Request! Before submitting your PR, there are a > few things you can do to make sure it goes smoothly: - [x] Make sure you reviewed [CONTRIBUTING.md](https://github.com/googleapis/genai-toolbox/blob/main/CONTRIBUTING.md) - [x] Make sure to open an issue as a [bug/issue](https://github.com/googleapis/genai-toolbox/issues/new/choose) before writing your code! That way we can discuss the change, evaluate designs, and agree on the general idea - [x] Ensure the tests and linter pass - [x] Code coverage does not decrease (if any source code was changed) - [x] Appropriate docs were updated (if necessary) - [x] Make sure to add `!` if this involve a breaking change 🛠️ Fixes #1738 Co-authored-by: Averi Kitsch <akitsch@google.com> Co-authored-by: Wenxin Du <117315983+duwenxin99@users.noreply.github.com> |
||
|
Dave Borowitz
|
17a979207d |
feat(serverless-spark): add create_spark_batch tool
This tool is almost identical to create_pyspark_batch, but for Java Spark batches. There are some minor differences in how the main files and args are provided. |
||
|
Dave Borowitz
|
1bf0b51f03 |
feat(serverless-spark): add create_pyspark_batch tool
This tool creates a PySpark batch from a minimal set of parameters, to keep things simple for the LLM. Advanced runtime and environment config can be specified in tools.yaml. |
||
|
Wenxin Du
|
744214e04c |
fix(tools/mongodb): remove required tag from the canonical field (#2099)
The `required` tag raises validation failure error when a boolean field is defined as `false`: ``` ERROR "unable to parse tool file at "mongodb_tools.yaml": unable to parse tool "insert-one-device" as kind "mongodb-insert-one": [2:12] Key: 'Config.Canonical' Error:Field validation for 'Canonical' failed on the 'required' tag\n 1 | authRequired: []\n> 2 | canonical: false\n ^\n 3 | collection: Device\n 4 | database: xiar\n 5 | description: Inserts a single new document into the Device collection. The 'data' parameter must be a string containing the JSON object to insert.\n 6 | " ``` All the `required` tags are removed from the boolean `canonical` field of the MongoDB tools. Unit tests are added. |
||
|
Twisha Bansal
|
1e67810740 |
docs(toolbox-adk): Add quickstart for ADK JS SDK (#1862)
## Description ## PR Checklist > Thank you for opening a Pull Request! Before submitting your PR, there are a > few things you can do to make sure it goes smoothly: - [x] Make sure you reviewed [CONTRIBUTING.md](https://github.com/googleapis/genai-toolbox/blob/main/CONTRIBUTING.md) - [ ] Make sure to open an issue as a [bug/issue](https://github.com/googleapis/genai-toolbox/issues/new/choose) before writing your code! That way we can discuss the change, evaluate designs, and agree on the general idea - [x] Ensure the tests and linter pass - [ ] Code coverage does not decrease (if any source code was changed) - [x] Appropriate docs were updated (if necessary) - [ ] Make sure to add `!` if this involve a breaking change 🛠️ Fixes #<issue_number_goes_here> |
||
|
Anubhav Dhawan
|
05799475b4 |
docs: update antigravity docs installation instructions and prerequisites (#2088)
This PR updates the documentation across the repository to reflect the new installation workflow using `npx` and Node.js, replacing the previous binary download instructions. It also standardizes the prerequisites and adds helpful configuration notes for Windows users. These changes simplify the setup process for users by leveraging `npx` for executing the tools, ensuring they always use the latest version without manual binary management. It also addresses feedback from PR #2079 regarding installation clarity and Windows support. --------- Co-authored-by: Twisha Bansal <twishabansal07@gmail.com> |
||
|
gRedHeadphone
|
0e7fbf465c |
feat: add spanner list graphs to prebuiltconfigs (#2056)
## Description Adds spanner list graphs to prebuildconfigs ## PR Checklist - [x] Make sure you reviewed [CONTRIBUTING.md](https://github.com/googleapis/genai-toolbox/blob/main/CONTRIBUTING.md) - [x] Make sure to open an issue as a [bug/issue](https://github.com/googleapis/genai-toolbox/issues/new/choose) before writing your code! That way we can discuss the change, evaluate designs, and agree on the general idea - [x] Ensure the tests and linter pass - [x] Code coverage does not decrease (if any source code was changed) - [x] Appropriate docs were updated (if necessary) - [x] Make sure to add `!` if this involve a breaking change 🛠️ Fixes #2051 --------- Co-authored-by: Averi Kitsch <akitsch@google.com> |
||
|
nandinisaini-google
|
5e43630907 |
feat(prebuilt/cloud-sql): Add clone instance tool for cloud sql (#1845)
## Description --- This pull request adds a new tool, cloud-sql-clone-instance, which enables cloning a Cloud SQL instance from the toolbox using the Cloud SQL Admin API. The tool supports both standard cloning and point-in-time recovery (PITR). It also supports specifying preferred zones for cloned instances via the preferredZone and preferredSecondaryZone fields. Key Features: Instance Cloning: The tool allows you to clone a Cloud SQL instance by specifying the source and destination instance names. Point-in-Time Recovery (PITR): By providing a pointInTime timestamp, you can create a clone of an instance as it existed at a specific moment. High Availability Configuration: The preferredZone and preferredSecondaryZone parameters allow you to configure the cloned instance for high availability. Tested: <img width="1182" height="446" alt="Screenshot 2025-11-11 at 12 21 47 PM" src="https://github.com/user-attachments/assets/7f39a5a3-3967-43d0-8041-f1d47b4fbcd9" /> ## PR Checklist > Thank you for opening a Pull Request! Before submitting your PR, there are a > few things you can do to make sure it goes smoothly: - [x] Make sure you reviewed [CONTRIBUTING.md](https://github.com/googleapis/genai-toolbox/blob/main/CONTRIBUTING.md) - [x] Make sure to open an issue as a [bug/issue](https://github.com/googleapis/genai-toolbox/issues/new/choose) before writing your code! That way we can discuss the change, evaluate designs, and agree on the general idea - [x] Ensure the tests and linter pass - [x] Code coverage does not decrease (if any source code was changed) - [x] Appropriate docs were updated (if necessary) - [ ] Make sure to add `!` if this involve a breaking change 🛠️ Fixes #1915 Co-authored-by: prernakakkar-google <158031829+prernakakkar-google@users.noreply.github.com> Co-authored-by: Averi Kitsch <akitsch@google.com> |
||
|
ishatilwani1301
|
7a9cc63376 |
feat(tool/mssql): Set default host and port for MSSQL source (#1943)
## Description This pull request resolves issue [#36](https://github.com/gemini-cli-extensions/sql-server/issues/36) by introducing default connection parameters for the MSSQL prebuilt tool. If a user does not specify a host or port, the tool will now default to localhost:1433 **Changes Implemented** The modification is in internal/prebuiltconfigs/tools/mssql.yaml, where the host and port fields now include default values: host: ${MSSQL_HOST:localhost} port: ${MSSQL_PORT:1433} This configuration allows the tool to function using the defaults, but users can still set the MSSQL_HOST or MSSQL_PORT environment variables to override them. **Validation Process** Validated changes by running the toolbox against a Microsoft SQL Server instance hosted in a Docker container. - **Database Setup:** A testdb database containing a products table was initialized. - **CLI Configuration:** The ~/.gemini/settings.json file was updated to point to my local toolbox build. - **Tool Launch:** The UI was started using go run . --prebuilt mssql --ui - **Testing:** Confirmed the connection logic by testing two scenarios. One with the environment variables set and one without (to confirm the default logic). **1.** Default Value Connection: For this test, the MSSQL_HOST and MSSQL_PORT environment variables were not defined. The application correctly utilized the new default values (localhost:1433) to connect to the testdb. <img width="2175" height="1144" alt="Screenshot 2025-11-12 6 33 05 PM" src="https://github.com/user-attachments/assets/bacfc9bf-8b35-42e1-ad53-4af3aef27125" /> **2.** Explicit Variable Connection: For the second test, MSSQL_HOST and MSSQL_PORT were set to specific values. The application correctly prioritized these variables over the new defaults and connected successfully. <img width="2175" height="1144" alt="Screenshot 2025-11-12 6 37 02 PM" src="https://github.com/user-attachments/assets/61254849-211d-41f4-8c7d-ff92cf64a51c" /> Result: Both connection methods were verified by executing the list_tables prebuilt tool via the UI. In each scenario, the tool successfully retrieved the UserDetails table, confirming the changes. <img width="2250" height="1144" alt="Screenshot 2025-11-12 6 38 12 PM" src="https://github.com/user-attachments/assets/87085777-897e-4a74-9e3f-f36cc8a33305" /> ## PR Checklist > Thank you for opening a Pull Request! Before submitting your PR, there are a > few things you can do to make sure it goes smoothly: - [ ] Make sure you reviewed [CONTRIBUTING.md](https://github.com/googleapis/genai-toolbox/blob/main/CONTRIBUTING.md) - [ ] Make sure to open an issue as a [bug/issue](https://github.com/googleapis/genai-toolbox/issues/new/choose) before writing your code! That way we can discuss the change, evaluate designs, and agree on the general idea - [ ] Ensure the tests and linter pass - [ ] Code coverage does not decrease (if any source code was changed) - [ ] Appropriate docs were updated (if necessary) - [ ] Make sure to add `!` if this involve a breaking change 🛠️ Fixes [#36](https://github.com/gemini-cli-extensions/sql-server/issues/36) |
||
|
Yuan Teoh
|
862868f284 |
feat: add allowed-origins flag (#1984)
Support `allowed-origins` flag to allow secure deployment of Toolbox.
Current Toolbox is **insecure by default**, which allows all origin
(`*`). This PR also updated docs to notify user of the new
`allowed-origins` flag in the Cloud Run, kubernetes, and docker
deployment docs.
This PR was tested manually by mocking a browser access:
1. Created a HTML file with Javascript fetch named
`malicious-client.html`:
```
<!DOCTYPE html>
<html>
<head>
<title>Malicious CORS Test</title>
</head>
<body>
<h1>Attempting to access API at http://127.0.0.1:5000/mcp</h1>
<p>Check the **Chrome Developer Console** (F12 -> Console tab) for the result.</p>
<script>
fetch('http://127.0.0.1:5000/mcp', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
// The browser automatically adds the 'Origin' header based on where this HTML is served from (http://localhost:8000)
},
body: JSON.stringify({
"jsonrpc": "2.0",
"id": 1,
"method": "tools/list"
})
})
.then(response => {
console.log('Success (but check console for CORS enforcement details):', response);
return response.json();
})
.then(data => console.log('Data received (only if CORS passes):', data))
.catch(error => console.error('Fetch Error:', error));
</script>
</body>
</html>
```
2. Run `python3 -m http.server 8000`
3. Open `http://localhost:8000/malicious-client.html` in browser.
4. Tried without `--allowed-origins` flag -- success.
Tried with `--allowed-origins=http://localhost:8000` -- success.
Tried with `--allowed-origins=http://foo.com` -- unsuccessful.
---------
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: Averi Kitsch <akitsch@google.com>
|