A Model Context Protocol (MCP) server for retrieving GitLab merge request comments.
🔒 READ-ONLY: This server only fetches data from GitLab. It never modifies MR state, comments, or any other GitLab data.
This MCP server enables AI coding agents (like Cursor, Claude Desktop, or any MCP-compatible client) to fetch comments from GitLab merge requests in a structured, agent-friendly format. It's designed to help agents:
- 📋 Compile unresolved comments into fix plans
- 🎯 Extract inline discussions with file paths and line numbers
- 🔍 Filter feedback by resolution status
- 📝 Generate human-readable summaries
- Unified Comment Structure: Combines inline discussions and overview notes into a single normalized format
- Smart Filtering: Include/exclude system notes, filter by resolution status
- File Path Extraction: Automatically extracts file paths from inline comments
- Thread Context: Groups related comments by discussion thread
- Dual Output Formats: JSON for programmatic use, Markdown for human reading
- Retry Logic: Handles transient errors with exponential backoff
- Pagination Support: Automatically fetches all pages
- Security First: Token-based auth, secret redaction in logs
npm installnpm run buildCreate a Personal Access Token in GitLab:
- Go to GitLab → Preferences → Access Tokens
- Create a token with
read_apiscope (recommended for read-only access) - Copy the token
Add to ~/.cursor/mcp.json:
{
"mcpServers": {
"gitlab-mr-comments": {
"command": "node",
"args": ["/absolute/path/to/gitlab-mcp/dist/server.js"],
"env": {
"GITLAB_BASE_URL": "https://gitlab.com",
"GITLAB_TOKEN": "glpat_your_token_here"
}
}
}
}Add to ~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or %APPDATA%/Claude/claude_desktop_config.json (Windows):
{
"mcpServers": {
"gitlab-mr-comments": {
"command": "node",
"args": ["/absolute/path/to/gitlab-mcp/dist/server.js"],
"env": {
"GITLAB_BASE_URL": "https://gitlab.com",
"GITLAB_TOKEN": "glpat_your_token_here"
}
}
}
}Restart Cursor or Claude Desktop for the configuration to take effect.
This MCP server provides the following tool(s):
Fetches comments from a GitLab merge request, including inline discussions and overview notes.
Tool Name: gitlab_get_mr_comments
Description: Fetch comments from a GitLab merge request. Returns inline discussions and overview notes in a structured format. Supports filtering by resolution status and excluding system notes. Useful for AI agents to review feedback and plan code fixes.
When to use:
- Review unresolved comments for a merge request
- Get feedback on specific files
- Generate fix plans from reviewer comments
- Check resolution status of discussions
Ask your AI agent:
"Fetch all unresolved comments from MR !123 in project my-org/my-repo"
The agent will automatically discover and use the gitlab_get_mr_comments tool with appropriate parameters.
{
"tool": "gitlab_get_mr_comments",
"arguments": {
"project": "my-org/my-repo",
"mr": 123,
"onlyUnresolved": true,
"includeSystem": false
}
}| Parameter | Type | Default | Description |
|---|---|---|---|
project |
string | - | Required. Project path (e.g., group/project) |
mr |
number | - | Required. MR IID (the !123 number) |
includeSystem |
boolean | false |
Include system-generated notes |
includeOverviewNotes |
boolean | true |
Include overview (non-inline) notes |
onlyResolved |
boolean | false |
Only show resolved comments |
onlyUnresolved |
boolean | false |
Only show unresolved comments |
perPage |
number | 100 |
Pagination size (1-100) |
format |
string | json |
Output format: json or markdown |
Note: onlyResolved and onlyUnresolved are mutually exclusive.
User: "Review all unresolved comments on MR !456 and create a fix plan"
Agent:
1. Calls gitlab_get_mr_comments with onlyUnresolved=true
2. Groups comments by file_path
3. Generates prioritized fix plan:
- src/api/users.ts (3 comments)
• Line 45: Add error handling
• Line 78: Extract to helper
• Line 92: Add validation
User: "What feedback did reviewers leave on src/api/users.ts?"
Agent:
1. Fetches all comments from MR
2. Filters client-side for file_path = "src/api/users.ts"
3. Summarizes feedback for that specific file
User: "Summarize blocking issues on MR !789"
Agent:
1. Fetches all unresolved comments
2. Searches for keywords: "blocker", "must fix", "breaking"
3. Presents summary of blocking issues
| Variable | Default | Description |
|---|---|---|
GITLAB_BASE_URL |
https://gitlab.com |
GitLab instance URL (for self-managed) |
GITLAB_TOKEN |
- | Required. Personal or Project Access Token |
LOG_LEVEL |
INFO |
Logging level: DEBUG, INFO, WARN, ERROR |
REQUEST_TIMEOUT |
20000 |
HTTP request timeout in milliseconds |
MAX_RETRIES |
3 |
Max retry attempts for transient errors |
LOG_PAYLOADS |
false |
Log request/response payloads (dev only) |
Quick Setup:
cp .env.example .env
# Edit .env with your GITLAB_TOKENSee .env.example for detailed configuration options.
To use with a self-managed GitLab instance:
{
"env": {
"GITLAB_BASE_URL": "https://gitlab.your-company.com",
"GITLAB_TOKEN": "glpat_your_token_here"
}
}Cause: The MCP server cannot find the GitLab token in the environment
Solution:
-
Verify MCP Configuration: Check your MCP config file and ensure
GITLAB_TOKENis in theenvsection:- Cursor:
~/.cursor/mcp.json - Claude Desktop:
~/Library/Application Support/Claude/claude_desktop_config.json(macOS)
Example:
{ "mcpServers": { "gitlab-mr-comments": { "command": "node", "args": ["/absolute/path/to/gitlab-mcp/dist/server.js"], "env": { "GITLAB_TOKEN": "glpat_your_token_here" } } } } - Cursor:
-
Restart Your Client: After adding/changing the token, you MUST completely restart Cursor or Claude Desktop
-
Check Token Format: Ensure the token starts with
glpat-and has no extra spaces or quotes -
Note: A
.envfile in the project directory is NOT used when running as an MCP server. The token must be in the MCP client's config file.
Cause: Invalid or missing token, insufficient permissions
Solution:
- Verify
GITLAB_TOKENis set correctly - Ensure token has
read_apiscope - Check token hasn't expired
- Verify token has access to the project
Cause: Incorrect project path or MR number
Solution:
- Use the project path (e.g.,
my-org/my-project), not the numeric ID - Use the MR IID (the
!123number visible in the URL), not the internal ID - Ensure your token has access to the project
Cause: Too many requests to GitLab API
Solution:
- Wait a moment before retrying
- Use
onlyUnresolvedfilter to reduce requests - Set
includeOverviewNotes: falseif not needed - For GitLab.com: free tier = 300 requests/minute
Cause: Large MR or slow network
Solution:
- Increase
REQUEST_TIMEOUTenvironment variable - Use filters to reduce data volume
- Check network connectivity to GitLab instance
Cause: Configuration or path issues
Solution:
- Verify absolute path to
dist/server.jsis correct - Check JSON syntax in config file
- Restart Cursor/Claude Desktop after config changes
- Check logs: Cursor logs in
~/.cursor/logs, Claude logs in~/Library/Logs/Claude
Cause: AI agent can't discover the gitlab_get_mr_comments tool
Solution:
-
Verify server is connected:
- Check MCP server status in your IDE (usually in settings/extensions)
- Look for "gitlab-mr-comments" in the connected servers list
- If not connected, see "Server not showing up" above
-
The tool name is:
gitlab_get_mr_comments- You can tell your agent: "Use the gitlab_get_mr_comments tool to fetch comments from MR !530 in project zapier/team-sprout/templates"
-
Check server logs:
- Look for "GitLab MR Comments tool registered successfully" message
- If missing, the server may not have started properly
-
Restart both IDE and try again:
- Sometimes tool discovery needs a fresh connection
npm run devnpm testnpm run build
node scripts/generate-schema.tsnpm run lint
npm run format- ✅ DO: Use tokens with
read_apiscope (least privilege) - ✅ DO: Store tokens in environment variables or secure config files
- ❌ DON'T: Commit tokens to version control
- ❌ DON'T: Share tokens publicly
This server is explicitly designed to be read-only:
- ✅ GitLab client only implements
GETrequests - ✅ No
POST,PUT,PATCH, orDELETEmethods exist - ✅ Recommended token scope is
read_api(read-only) - ✅ Integration tests verify no mutation endpoints are called
- All data is processed in-memory (no disk writes)
- No caching or persistent storage
- Secrets are automatically redacted from logs
- No external services contacted (direct GitLab API only)
AI Agent (Cursor/Claude)
↓ stdio (MCP Protocol)
MCP Server
↓ HTTPS (GET only)
GitLab REST API
See SYSTEM_DESIGN.md for detailed architecture documentation.
Typical Performance (GitLab.com, US region):
- ≤ 2s p50 latency for MRs with ≤ 500 comments
- ≤ 5s p95 latency
Optimization Tips:
- Use
onlyUnresolvedto reduce data volume - Set
includeOverviewNotes: falseif not needed - Use
perPage: 100(maximum) to minimize roundtrips
Contributions are welcome! Please read the system design document and follow the existing code patterns.
- Read-Only: Never add write operations
- Type Safety: Use TypeScript and Zod for validation
- Error Handling: Provide actionable error messages
- Testing: Add tests for new functionality
- Documentation: Update README and examples
MIT License - see LICENSE file for details.
- Issues: https://github.com/mpaarating/gitlab-mcp/issues
- Documentation: See
docs/directory - PRD: See
docs/GITLAB_MCP_PRD.md - System Design: See
docs/SYSTEM_DESIGN.md
Built with:
- Model Context Protocol SDK
- GitLab REST API
- TypeScript, Zod, undici
Made with ❤️ for AI-powered code review workflows