v2.0.0: Tool consolidation and agent-ready hardening (breaking)
Highlights
v2.0.0 is a major release that reshapes the tool surface. 35 CRUD tools are consolidated into 9 manage_X(action=...) tools, cutting the count from 69 to 43, and the monolithic handler is refactored into a tools/ package. Three new tools then bring the surface to 46: delete_redmine_issue (double-confirmation gated, with a cascade-impact preview), get_mcp_server_info, and manage_document for the DMSF plugin.
Agent ergonomics get a broad hardening pass: action values and limit/offset bounds are now JSON-schema enums, a new boundary middleware returns a clean INVALID_ARGUMENTS envelope instead of raw Pydantic errors, list/search failures return a flat {"error": ...} shape, and search_redmine_issues hydrates full issue fields. create_redmine_issue also accepts custom fields by name.
This release is breaking: the redmine_handler module is gone (internal imports must migrate), get_redmine_attachment_download_url is replaced by get_redmine_attachment, and several parameters reject previously-accepted shapes. Security: all GitHub Actions are SHA-pinned and fastmcp, pytest, and python-multipart are bumped for CVEs.
Changes
Breaking
- The
redmine_handlermodule is removed; the implementation now lives in atools/package with_*helper modules. External code must migrate internal imports (e.g.from redmine_mcp_server.tools.projects import manage_project_member). get_redmine_attachment_download_urlis removed; useget_redmine_attachment, which works in both HTTP and stdio deployments.- List/search tools return a flat
{"error": ...}envelope on failure instead of a single-element[{"error": ...}]list. (#117) cleanup_attachment_filesis no longer on the default surface; opt in withREDMINE_MCP_EXPOSE_ADMIN_TOOLS=true. (#115)import_time_entries.entriesno longer accepts a JSON string, only a list. (#114)list_redmine_issues.assigned_to_idandlist_time_entries.user_idreject strings other than"me". (#116)mark_checklist_doneis removed; useupdate_checklist_item(is_done=True).- Structured-metadata fields (filenames, display names, identifiers) are no longer wrapped in
<insecure-content>tags; free-text fields stay wrapped. (#109)
Added
delete_redmine_issue: gated issue deletion requiringconfirm_delete=True, with a cascade-impact preview and a second opt-in for subtasks. (#120)get_mcp_server_info: returns version, read-only mode, auth mode, and plugin flags; credentials are never included. (#124)manage_document: DMSF document operations (list/get/create/update) behindREDMINE_DMSF_ENABLED=true. (#104)get_redmine_attachment: unified download returning an HTTP URL or a localfile_pathdepending on deployment, with a byte cap (ATTACHMENT_MAX_DOWNLOAD_BYTES, default 200 MB).manage_Xactionvalues andlimit/offsetbounds are now JSON-schema enums/ranges, rejected at the boundary withINVALID_ARGUMENTS. (#112, #111)- Validation-boundary middleware returns the standard
INVALID_ARGUMENTSenvelope instead of leaking raw Pydantic errors. (#108) create_redmine_issueaccepts custom fields by name infields, matchingupdate_redmine_issue. (#123)REDMINE_PUBLIC_URLrewrites internal-host attachmentcontent_urls to a client-reachable origin. (#110)list_redmine_issues.status_idaccepts the sentinels"open","closed", and"*". (#107)
Changed
- 35 CRUD tools consolidated into 9
manage_X(action=...)tools (69 to 43 before later additions); read actions remain available in read-only mode. create_redmine_issue/update_redmine_issuevalidation errors now carrymissing_required_fieldsand a tailored recoveryhint. (#119)get_redmine_issueandcreate_redmine_issuedescriptions padded with synonyms to improve tool-search recall. (#113)
Fixed
search_redmine_issuesnow hydrates full issue fields (subject, status, project, assignee, dates) instead of returningnulls.get_redmine_attachmentreturns a structuredATTACHMENT_UNAVAILABLEenvelope on a 404 instead of a bare message. (#106)- Wiki attachments now expose
content_urlandauthor, matching the issue attachment shape. (#118)
Security
- Pin all GitHub Actions to immutable commit SHAs to prevent tag-hijacking supply-chain attacks.
- Bump
fastmcp3.2.0 to 3.2.4 (decoded-base64 size validation, header-forwarding fix, RFC 8707 audience binding),pytest9.0.2 to 9.0.3 (CVE-2025-71176), andpython-multipart0.0.26 to 0.0.27 (CVE-2026-42561).
Acknowledgements
Thanks to @mihajlovicjj for contributing:
- added
manage_documenttool for DMSF (Document Management System for Files) plugin support, with 31 new tests covering list/get/create/update across feature-flag gating, dispatch routing, two-step upload, byte-cap enforcement, and validation paths (#104)
Installation
pip install redmine-mcp-server==2.0.0