Skip to content

feat: add Gmail scopes and bump workspace-mcp to 1.17.1#1202

Merged
Gkrumbach07 merged 1 commit intomainfrom
feat/google-workspace-gmail-scopes
Apr 3, 2026
Merged

feat: add Gmail scopes and bump workspace-mcp to 1.17.1#1202
Gkrumbach07 merged 1 commit intomainfrom
feat/google-workspace-gmail-scopes

Conversation

@Gkrumbach07
Copy link
Copy Markdown
Contributor

@Gkrumbach07 Gkrumbach07 commented Apr 3, 2026
edited by coderabbitai bot
Loading

Summary

  • Add missing Gmail OAuth scopes (readonly, labels, modify, compose) required by workspace-mcp's cumulative gmail:send permission level
  • Bump workspace-mcp from 1.14.2 to 1.17.1

Root cause: The Google OAuth flow only requested gmail.send, but workspace-mcp with --permissions gmail:send requires the full cumulative scope chain. This caused Google MCP connections to fail silently in sessions.

Note: Existing users will need to disconnect and reconnect Google from the Integrations page to pick up the new scopes.

Test plan

  • Disconnect Google from Integrations page
  • Reconnect — verify OAuth consent screen shows Gmail permissions
  • Create session and confirm Google Workspace MCP connects (both Drive and Gmail tools available)

🤖 Generated with Claude Code

Summary by CodeRabbit

  • New Features

    • Expanded Gmail integration with additional authorization scopes for label management, read-only access, message composition, and modification capabilities.

  • Chores

    • Updated Google Workspace integration to the latest version for improved compatibility and performance.

@claude
feat: add Gmail scopes and bump workspace-mcp to 1.17.1
cbc7e9c 
The Google Workspace MCP integration configured with gmail:send
permission requires cumulative Gmail scopes (readonly, labels,
modify, compose, send) but we only requested gmail.send. This
caused sessions to fail connecting to the Google MCP server when
Gmail access was needed. Also bumps workspace-mcp from 1.14.2 to
1.17.1.

Users with existing tokens will need to disconnect and reconnect
Google to pick up the new scopes.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Apr 3, 2026

⚠️ SDD Preflight — Managed Paths Modified

This PR modifies files in SDD-managed component(s). These components are migrating to Spec-Driven Development.

File Component Mode
components/runners/ambient-runner/.mcp.json runner warn

No action required — these components are in warn mode. Consider using the component's agent workflow for future changes.

📖 Specs: Runner Spec · Runner Constitution

@coderabbitai
Copy link
Copy Markdown
Contributor

coderabbitai bot commented Apr 3, 2026
edited
Loading

Caution

Review failed

Pull request was closed or merged during review

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 4bfe7b10-38fb-493c-adf4-08a1a6c2dbdd

📥 Commits

Reviewing files that changed from the base of the PR and between 7270194 and cbc7e9c.

📒 Files selected for processing (2)
  • components/backend/handlers/oauth.go
  • components/runners/ambient-runner/.mcp.json
📝 Walkthrough

Walkthrough

Expanded Gmail OAuth scopes in the Google provider configuration by adding gmail.readonly, gmail.labels, gmail.modify, and gmail.compose permissions. Updated the workspace MCP server dependency version from 1.14.2 to 1.17.1.

Changes

Cohort / File(s) Summary
OAuth Configuration
components/backend/handlers/oauth.go		 Added four new Gmail-specific OAuth scopes (gmail.readonly, gmail.labels, gmail.modify, gmail.compose) to the Google provider's scope list, expanding the permissions requested during authorization.
MCP Dependency
components/runners/ambient-runner/.mcp.json		 Updated google-workspace MCP server version from workspace-mcp@1.14.2 to workspace-mcp@1.17.1.
🚥 Pre-merge checks | ✅ 6
✅ Passed checks (6 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed Title follows Conventional Commits format (feat type) and accurately describes both main changes: adding Gmail OAuth scopes and bumping workspace-mcp version.
Docstring Coverage ✅ Passed Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Performance And Algorithmic Complexity ✅ Passed Changes add 4 static Gmail scopes to OAuth config with O(n) join operations where n≈10, and bump a dependency version. No performance regressions, N+1 patterns, or algorithmic complexity issues.
Security And Secret Handling ✅ Passed PR adds four Gmail OAuth scope strings without hardcoded secrets, credentials, or sensitive data exposure. Environment variables properly scoped, API responses return only booleans, secrets never logged, authentication enforced, CSRF protection uses HMAC-signed state parameters.
Kubernetes Resource Safety ✅ Passed PR modifies OAuth Go handler and MCP configuration, not Kubernetes manifests. Kubernetes resource safety checks are inapplicable to non-manifest files.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch feat/google-workspace-gmail-scopes
✨ Simplify code
  • Create PR with simplified code
  • Commit simplified code in branch feat/google-workspace-gmail-scopes

Comment @coderabbitai help to get the list of available commands and usage tips.

@Gkrumbach07 Gkrumbach07 merged commit 005806f into main Apr 3, 2026
44 checks passed
@Gkrumbach07 Gkrumbach07 deleted the feat/google-workspace-gmail-scopes branch April 3, 2026 21:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Gkrumbach07