feat(deps): update dependency googleapis/mcp-toolbox to v1

[renovate-bot]

This PR contains the following updates:

Package	Update	Change
googleapis/mcp-toolbox	major	0.26.0 → 1.4.0

---

Release Notes

googleapis/mcp-toolbox (googleapis/mcp-toolbox)

v1.4.0

Compare Source

Features

• ci: Add support for windows/arm64 binary distribution (#​3231) (10abf3b)
• datalineage: Add Data Lineage integration (#​3285) (19353c3)
• server: Ignore unknown tools at startup with --ignore-unknown-tools flag (#​3353) (5f0304f)
• tools/cloudsqlpg: Add remaining vector assist tools for Cloud SQL Postgres (#​3203) (b514cbd)
• tools/spanner-search-catalog: Implement search_catalog tool (#​3140) (defc086)

Bug Fixes

• auth/generic: Enforce issuer presence in opaque token validation (#​3360) (1d8df0d)
• auth: Separate Google and Generic MCP OAuth verification (#​3341) (dfd66ee)
• mcp: Support annotations and metadata within Tools to earlier MCP schemas (#​3300) (9a88c72)
• oracle: Remove trailing semicolons from prebuilt tools (#​3215) (fcad02d)
• server/auth: Centralize tool scopes validation (#​3335) (adce4ab)
• server: Return null id for batch request rejection (#​3333) (0b18d58)
• source/dataplex: Limit search results to pageSize (#​3323) (905c1f6), closes #​3308
• telemetry: Allow GCP project override (#​2960) (3c83ba5)
• tool/bigquery: Prevent allowedDatasets bypass in forecast query (#​3324) (45df461)
• tool/clickhouse: Handle ignored ProcessParameters error (#​3340) (ddfd887)
• tools/clickhouse,tools/bigquery: Validate identifier parameters to prevent injection (#​3219) (2f45f75)
• tools/looker: Escape filter values for unquoted parameters (#​3289) (1711156)

v1.3.0

Compare Source

Features

• auth: Implement MCP auth tool-level scopes validation (#​3049) (c528985)
• looker: Propagate client IP from incoming MCP requests to downstream SDK calls (#​3253) (75da6c2)
• Setup SQLCommenter and allow client metadata (#​3064) (9f1f9b3)
• tool/cloudsqladmin: Add cloud-sql-admin-execute-sql-many and cloud-sql-admin-sql-many (#​3083) (ef300a8)

Bug Fixes

• auth/generic: Fix generic auth expiration field and integration with authRequired (#​3251) (f4d16c0)
• Enforce toolset/promptset boundary on tools/call and prompts/get (#​3036) (c739b80)
• tools/http: Prevent path traversal and base path scope escape (#​3218) (80a6602)
• tools/looker: Return a 401 error to MCP client when Looker returns a 401 (#​3233) (4f409a3)
• tools/looker: Strip wrapping quotes from filter values for unquoted parameters (#​3273) (1e3de96)
• tools: Initialize query result slices to empty array (#​3250) (60ddf48)

v1.2.0

Compare Source

Features

• Add support for HTTPS/TLS listener (#​3126) (8bc385d)
• source/bigquery: Add maximumBytesBilled source config (#​2724) (42f2d07)
• source/cloud-storage: Add bucket and object management tools (#​3129) (8de9bcf)
• source/cloud-storage: Add Cloud Storage source with list_objects and read_object tools (#​3081) (da27b37)
• source/cloud-storage: Add write/copy/move/delete object tools (#​3139) (b225fc4)
• tools/knowledge-catalog: Search Data Quality Scans (#​2444) (1c63551)

Bug Fixes

• Allow converting string literal block with list (#​3050) (36ab2a9), closes #​3023
• mcp: Implement router-level logger injection for MCP auth (#​3067) (ccc7cf5)
• Prevent test.db from being created during unit tests (#​3042) (d10d2ca)
• Remove hardcoded * allowed origin for sse (#​3054) (c4c7bd9)
• sources/postgres: Apply URL encoding to query string params (#​3020) (6b860f4)
• tool/looker-conversational-analytics: OAuth token in GDA payload fix (#​3058) (6632d96)
• tools/bigquery-execute-sql: Avoid surfacing invalid queries as MCP 500s (#​3056) (7ed92c8)
• tools/looker: Fix OAuth for Converational Analytics (#​3044) (f9e3e55)

v1.1.0

Compare Source

Features

• tools/cloudsqlpg: Add vector assist tools for Cloud SQL Postgres (#​2909) (7a6d849)

Bug Fixes

• looker: Convert configuration yaml to flat format (#​3022) (45c05e3)

Docs Update

• knowledge-catalog: Rename dataplex to knowledge-catalog across docs (#​3039) (45c05e3)

v1.0.0

Compare Source

[!IMPORTANT]
This is the first stable release. Please review the UPGRADING.md guide for instructions on migrating from previous beta versions.

⚠ BREAKING CHANGES

• tools/elasticsearch: add vector search support and remove query passing through param (#​2891)
• tools/looker: refactor looker-git-branch tool into 5 separate tools (#​2976)

Features

• auth: Support opaque token validation for generic authService (#​2944) (c924701)
• cloudsqlpg: Run SELECT 1 after successful connection attempt (#​2997) (6ed9700)
• tools/bigquerysql: Add semantic search support (#​2890) (862c396)
• tools/elasticsearch-execute-esql: Add Tool to execute arbitrary ES/QL queries (#​3013) (ae49fb7)
• tools/elasticsearch: Add vector search support and remove query passing through param (#​2891) (d44e879)
• tools/looker: Refactor looker-git-branch tool into 5 separate tools (#​2976) (b2472d4)
• tools/mysql: Add list-table-stats-tool to list table statistics in MySQL and Cloud SQL MySQL source. (#​2938) (dc2c2b4)

v0.32.0

Compare Source

⚠ BREAKING CHANGES

• update repo name (#​2968)

Features

• Add MCP tool annotations to all remaining tools (#​2221) (ea09db9)
• bigquery: Add conversational analytics tools for Data Agents (#​2517) (2490a4b)
• embeddingModel: Add Backend API selection fields (#​2592) (912aa9e)
• skills: Add Claude Code support to generated scripts (#​2966) (a1609e1)
• skills: Add codex user agent (#​2973) (070e939)
• skills: Tool invocation via npx (#​2916) (377dc5b)
• sources/singlestore: Add ConnectionParams to SingleStore Config (#​2555) (73e2a8c)
• tool/dataplex-lookup-context: Relax project constraint and enforce location (#​2952) (7ebfdf1)
• tools/looker: Looker agent management from MCP (#​2830) (649d4ad)
• ui: Update to use /mcp endpoint (#​2829) (c3059c2)

Bug Fixes

• bigquery: Add impersonateServiceAccount to prebuilt config (#​2770) (9c3a748)
• quickstart: Robust tool lookup and modernize dependencies in Python samples (#​2863) (4c0845d)
• skills: Fix skill generation template (#​2914) (a01a15e)
• skills: Prevent empty strings overriding optional env vars in node scripts (#​2963) (c52adeb)
• tests/bigquery: Implement uuid-based isolation and reliable resource cleanup (#​2547) (479d842)
• tests/Bigtable: Implement uuid-based isolation and reliable resource cleanup (#​2880) (a769f15)
• Update error for ConvertConfig function (#​2993) (62bdabb)

Code Refactoring

• Update repo name (#​2968) (3aae809)

v0.31.0

Compare Source

⚠ BREAKING CHANGES

• release upgraded docsite (#​2831)
• http: sanitize non-2xx error output (#​2654)
• add a new enable-api flag (#​2846)
• remove deprecations and update tools-file flag (#​2806)

Features

• Add a new enable-api flag (#​2846) (7a070da)
• auth: Add generic authService type for MCP (#​2619) (f6678f8)
• auth: Add Protected Resource Metadata endpoint (#​2698) (b53dcf2)
• auth: Support manual PRM override (#​2717) (283e4e3)
• dataplex: Add support for lookup context tool. (#​2744) (facb69d)
• Remove deprecations and update tools-file flag (#​2806) (ab64c95)

Bug Fixes

• ci: Remove search index generation from preview deployment workflow (#​2859) (f8891b8)
• docs: Skip empty folders in pagination & reduce PR comment noise (#​2853) (9ebd93a)
• http: Sanitize non-2xx error output (#​2654) (5bef954)
• skills: Fix integer parameter parsing through agent skills (#​2847) (4564efe)

Documentation

• Release upgraded docsite (#​2831) (5b25ce0)

v0.30.0

Compare Source

Features

• cli: Add migrate subcommand (#​2679) (12171f7)
• cli: Add serve subcommand (#​2550) (1e2c7c7)
• skill: One skill per toolset (#​2733) (5b85c65)
• source/oracledb: Add Oracle DB for MCP tools and configurations, updated tools and documentation (#​2625) (e350fc7)
• tools/looker: Support git_branch tools for looker. (#​2718) (70ed8a0)
• tools/dataplex-search-entries: Add scope support to search_entries tool (#​2740) (10af468)

Bug Fixes

• cloudloggingadmin: Increase log injesting time and add auth test (#​2772) (50b4457)
• oracle: Normalize encoded proxy usernames in go-ora DSN (#​2469) (b1333cd)
• postgres: Update execute-sql tool to avoid multi-statements parameter (#​2707) (58bc772)
• skills: Improve flag validation and silence unit test output (#​2759) (f3da6aa)
• test: Address flaky healthcare integration test run (#​2742) (9590821)

Reverts

• ci: Implement conditional sharding logic in integration tests (#​2763) (1528d7c)

v0.29.0

Compare Source

⚠ BREAKING CHANGES

• source/alloydb: restructure prebuilt toolsets (#​2639)
• source/spanner: restructure prebuilt toolsets (#​2641)
• source/dataplex: restructure prebuilt toolsets (#​2640)
• source/oss-db: restructure prebuilt toolsets (#​2638)
• source/cloudsql: restructure prebuilt toolsets (#​2635)
• source/bigquery: restructure prebuilt toolsets (#​2637)
• source/firestore: restructure prebuilt toolsets (#​2636)
• telemetry metrics updates as per semantic convention (#​2566)

Features

• Add user agent to embeddings generation (#​2572) (287251a)
• skill: Attach user agent metadata for generated skill (#​2697) (9598a6a)
• skills: Add additional-notes flag to generate skills command (#​2696) (73bf962)
• skill: Update skill generation logic (#​2646) (c233eee)
• source/alloydb: Restructure prebuilt toolsets (#​2639) (5f3f063)
• source/bigquery: Restructure prebuilt toolsets (#​2637) (dc984ba)
• sources/bigquery: Support custom oauth header name (#​2564) (d3baf77)
• source/cloudsql: Restructure prebuilt toolsets (#​2635) (99613dc)
• source/dataplex: Restructure prebuilt toolsets (#​2640) (acb9a80)
• source/firestore: Restructure prebuilt toolsets (#​2636) (22ab7b9)
• source/oss-db: Restructure prebuilt toolsets (#​2638) (5196c6a)
• source/spanner: Restructure prebuilt toolsets (#​2641) (ea2b698)
• Telemetry metrics updates as per semantic convention (#​2566) (131d764)
• tools/mongodb: Add tool annotations to MongoDB tools for improved LLM understanding (#​2219) (b7a5f80)
• tools/serverless-spark: Add get_session_template tool (#​2308) (a136e16)
• tools/serverless-spark: Add list/get sessions tools (#​2576) (a554298)

Bug Fixes

• Improve list locks integration test for postgres (#​2279) (d9ebe5d)
• mcp: Guard nil SSE session lookup and return 400 for missing session (#​2681) (f66189f)
• oracle: Update oracle-execute-sql tool interface to match source signature (#​2627) (81699a3)
• Return AllParams for GetParameter() for tools with templateParameter(#​2734) (bfd7ba6)
• server/mcp: Scope defer span.End inside loop iteration (#​2558) (c88a62d), closes #​2549
• skill: Fix env variable propagation (#​2645) (5271368)
• sources/looker: Looker and looker-dev prebuilt tools should share one source definition. (#​2620) (df7f2fd)
• telemetry: Histogram buckets from OTel standard to MCP standards (#​2729) (87cd4a0)
• ui: Remove module from script (#​2703) (6943ab6)
• Update toolset attributes naming (#​2554) (3d6ae4e)

v0.28.0

Compare Source

Features

• Add polling system to dynamic reloading (#​2466) (fcaac9b)
• Added basic template for sdks doc migrate (#​1961) (87f2eaf)
• dataproc: Add dataproc source and list/get clusters/jobs tools (#​2407) (cc05e57)
• sources/postgres: Add configurable pgx query execution mode (#​2477) (57b77bc)
• sources/redis: Add TLS support for Redis connections (#​2432) (d6af290)
• tools/looker: Enable Get All Lookml Tests, Run LookML Tests, and Create View From Table tools for Looker (#​2522) (e01139a)
• tools/looker: Tools to list/create/delete directories (#​2488) (0036d8c)
• ui: Make tool list panel resizable (#​2253) (276cf60)

Bug Fixes

• ci: Add path for forked PR unit test runs (#​2540) (04dd2a7)
• Deflake alloydb omni (#​2431) (62b8309)
• docs/adk: Resolve dependency duplication (#​2418) (4d44abb)
• docs/langchain: Fix core at 0.3.0 and align compatible dependencies (#​2426) (36edfd3)
• Enforce required validation for explicit null parameter values (#​2519) (d5e9512)
• oracle: Enable DML operations and resolve incorrect array type error (#​2323) (72146a4)
• server/mcp: Guard nil dereference in sseManager.get (#​2557) (e534196), closes #​2548
• tests/postgres: Implement uuid-based isolation and reliable resource cleanup (#​2377) (8a96fb1)
• tests/postgres: Restore list_schemas test and implement dynamic owner (#​2521) (7041e79)
• tests: Resolve LlamaIndex dependency conflict in JS quickstart (#​2597) (ac11f5a)

v0.27.0

Compare Source

⚠ BREAKING CHANGES

• Update configuration file v2 (#​2369)(293c1d6)
• Update/add detailed telemetry for mcp endpoint compliant with OTEL semantic convention (#​1987) (478a0bd)

Features

• cli/invoke: Add support for direct tool invocation from CLI (#​2353) (6e49ba4)
• cli/skills: Add support for generating agent skills from toolset (#​2392) (80ef346)
• cloud-logging-admin: Add source, tools, integration test and docs (#​2137) (252fc30)
• cockroachdb: Add CockroachDB integration with cockroach-go (#​2006) (1fdd99a)
• prebuiltconfigs/alloydb-omni: Implement Alloydb omni dataplane tools (#​2340) (e995349)
• server: Add Tool call error categories (#​2387) (32cb4db)
• tools/looker: support looker-validate-project tool (#​2430) (a15a128)

Bug Fixes

• dataplex: Capture GCP HTTP errors in MCP Toolbox (#​2347) (1d7c498)
• sources/cockroachdb: Update kind to type (#​2465) (2d341ac)
• Surface Dataplex API errors in MCP results (#​2347)(1d7c498)

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.