The following are the additional and changes in the MCP.

From @johnnyee
Added two new environment variables for timezone and date handling configuration:

MYSQL_TIMEZONE: Set the timezone for date/time values

Accepts formats like +08:00 (UTC+8), -05:00 (UTC-5), Z (UTC), or local (system timezone)
Useful for ensuring consistent date/time handling across different server locations
MYSQL_DATE_STRINGS: When set to "true", returns date/datetime values as strings instead of JavaScript Date objects

Preserves exact database values without any timezone conversion
Particularly useful for cross-timezone operations and avoiding JavaScript Date quirks

From @triepod-ai
Added MCP tool annotations (destructiveHint) to the mysql_query tool to help LLMs better understand tool behavior and make safer decisions about tool execution.

From @veglos
Added ToolAnnotations to the mysql_query tool as per the MCP specification. The annotations dynamically reflect whether write operations are enabled through environment variables.

Changes

• Added isReadOnly module-level constant to determine if the server is in read-only mode
• Added annotations object to the tool definition in both:
  • Server capabilities (createMcpServer)
  • ListToolsRequestSchema handler response

Annotation Values

| Mode | readOnlyHint | idempotentHint | destructiveHint | openWorldHint |
|------|----------------|------------------|-------------------|-----------------|
| Read-only | true | true | false | false |
| Write-enabled | false | false | true | false |

Rationale

• readOnlyHint: true when no write operations (INSERT, UPDATE, DELETE, DDL) are enabled
• idempotentHint: true in read-only mode since SELECT queries are idempotent; false when writes are allowed
• destructiveHint: true when write operations are enabled (can modify/delete data); false in read-only mode
• openWorldHint: Always false — a MySQL database is a closed, bounded system (unlike web search which interacts with an open world)

From @addamx:
Replaced path.resolve() with fs.realpathSync() to properly resolve symlinks to their actual file paths before comparison.

From @kelmatiq
Added Codex CLI documentation

From @aknakshay

Added ready-to-use SSH tunnel scripts for connecting to RDS/MySQL databases in private VPCs through a bastion host.

New Files

• scripts/start-tunnel-rds.sh - Creates SSH tunnel through bastion to RDS
• scripts/stop-tunnel-rds.sh - Cleanly stops the tunnel
• scripts/tunnel-config.example - Template configuration file

Features

• All values configurable via environment variables (no hardcoded secrets)
• Validates required variables before attempting connection
• Graceful handling of already-running tunnels
• Clear output with connection details

Usage

Configure

export BASTION_HOST=54.12.34.56
export RDS_ENDPOINT=mydb.region.rds.amazonaws.com
export SSH_KEY=~/.ssh/my-key.pem

Start tunnel

./scripts/start-tunnel-rds.sh

Stop tunnel

./scripts/stop-tunnel-rds.sh

Thank you for continued support and contributions!