v0.8.0

What's new

Features

• Workspace parallel onboarding — onboarding() on a multi-project workspace now dispatches per-project discovery in parallel and synthesises a unified summary. Faster first-run on large workspaces.
• Unified embedding configuration — new url and api_key fields in [embeddings] connect codescout to any OpenAI-compatible embedding server (Ollama, llama.cpp, vLLM, TEI, OpenAI). URL-first resolution replaces the old ollama:/openai: prefix scheme (prefixes still work for backwards compatibility).
• scripts/install-ollama.sh — new helper script for setting up the recommended embedding backend. --check reports current state; --install installs Ollama and pulls nomic-embed-text if missing.

Bug fixes

• BUG-034 — replace_symbol / remove_symbol no longer eat the #[cfg(test)] mod tests { module header when replacing the first child function. A parent-boundary guard clamps the edit start line to parent.start_line + 1.

Documentation

• Embeddings guide graduated from experimental — docs/manual/src/configuration/embeddings.md covers quick start, all server backends (Ollama, llama.cpp, vLLM, TEI, OpenAI), configuration reference, model recommendations, and troubleshooting.
• Beginner install docs — docs/QUICK-START.md and getting-started pages updated: consistent nomic-embed-text model name, correct codescout-companion@sdd-misc-plugins plugin name, new companion-plugin.md page, routing-plugin.md corrected.
• README now references the codescout-companion plugin in the Quick Start section.

Upgrade notes

• The ollama:<model> and openai:<model> model prefixes are deprecated but still work. Migrate to the url field:

  [embeddings]
  model = "nomic-embed-text"
  url   = "http://127.0.0.1:11434/v1"

• If you change model or url after indexing, rebuild with index_project(force: true) — stored vectors are incompatible across model changes.

v0.7.1

Bug fix

ONBOARDING_VERSION not bumped after tool API redesign — projects onboarded before v0.7.0 had onboarding_version = 1 in their project.toml and a stale system prompt missing read_markdown/edit_markdown guidance and using old parameter names (project: instead of project_id:).

Bumping to version 2 causes all such projects to auto-refresh their system prompt on the next onboarding() call — no re-exploration needed, just a prompt regeneration from existing memories.

If you have projects onboarded before v0.7.0, restart your MCP server after upgrading and call onboarding() — the refresh will trigger automatically.

v0.7.0

Features

• Kotlin LSP Multiplexer — share a single kotlin-lsp JVM across multiple codescout instances via a detached mux process. Eliminates 120s+ timeouts and duplicate 2GB JVM overhead. Automatic — no configuration needed.
• Kotlin concurrent instance safety — per-instance system path isolation, circuit-breaker on startup failures, and Gradle daemon lock isolation.
• Onboarding: subagent delegation — project exploration now runs in a dedicated subagent to prevent context window exhaustion on large codebases.
• Onboarding: version-aware prompt refresh — auto-detects stale system prompts after tool API changes and regenerates from existing memories. refresh_prompt=true for explicit refresh.
• Tool API redesign — consistent parameter naming (name_path → symbol, pattern → query, project → project_id); tool renames (search_pattern → grep, find_file → glob); query-shape detection in find_symbol catches accidental regex patterns with a corrective hint.
• Markdown tools — read_markdown (heading-based navigation) and edit_markdown (heading-scoped edits, fuzzy heading matching, atomic batch mode).
• Document section editing — structured section operations via edit_section, headings=[] multi-read, and section coverage tracking.
• Tool workflows — named multi-tool chains for markdown editing, impact analysis, dependency tracing, and safe rename.
• grep: literal fallback — when a pattern fails regex compilation and doesn't look like intentional regex, grep escapes and searches literally instead of erroring.

Docs

• Kotlin section in README with multiplexer overview and metrics table
• Onboarding callout in Quick Start
• All features fully documented in the manual

Dependencies

• Cargo.lock updated

v0.6.0

What's New

Features

• Elicitation-driven interactive sessions — run_command(interactive: true) spawns processes with piped stdin/stdout, driven via MCP elicitation loops
• Multi-ecosystem library auto-registration — activate_project auto-detects dependencies from Rust, Node, Python, Go, Java/Kotlin
• activate_project output optimization — slim orientation card with RO/RW-conditional fields
• Memory sections filter — memory(action="read", sections=["Rust"]) returns only matching heading blocks
• Security profiles — profile = "root" disables all safety gates for system-admin projects
• Diagnostic logging — --diagnostic flag writes structured lifecycle events to log files
• Platform abstraction — Unix/Windows process termination, binary naming, shell commands
• CORS for dashboard — localhost-scoped CORS layer on HTTP/SSE server
• Background commands — run_command(run_in_background: true) with @bg_* handles

Server Instructions Refactor

• 39% token reduction (4300 → 2638 tokens) with zero information loss
• Removed redundant Iron Law / Anti-Pattern / Rules duplication
• Added missing @bg_* buffer documentation, scope params, run_in_background/interactive params
• GitHub tools disabled (use gh via run_command instead)

Security & Bug Fixes

• Resilient stdin wrapper prevents EAGAIN from killing MCP server
• LRU eviction inside lock prevents TOCTOU race (H-10)
• Content-Length cap at 100 MiB prevents OOM (C-3)
• Worktree path validation rejects relative and null bytes (H-1)
• HTTP embedding endpoint blocked when API key is set (H-16)
• Owner/repo param injection validation (H-3, H-4)
• UTF-8 boundary panic fix (M-3), empty string line count fix (M-2)
• Canonicalize project paths, lenient param coercion
• 30+ additional hardening fixes (see commit log)

Dependencies

• Upgraded to rmcp with elicitation support
• Added tempfile for background job logs

v0.5.0

What's New

Features

• edit_file structural gate — edit_file now hard-blocks multi-line edits containing definition keywords on LSP-supported languages, directing to symbol tools instead. No bypass.
• Compact tool schemas — ~24% token reduction in tool parameter descriptions across all 29 tools.
• activate_project read-only default — non-home projects activate in read-only mode by default, preventing accidental writes when browsing code for reference. Pass read_only: false to enable writes.
• activate_project safety — new Iron Laws for restoring the active project after cross-project navigation and activating with write access at session start.
• LSP cold-start timing — records handshake + first response duration to usage.db and surfaces it in the dashboard.
• read_file auto-chunking — large file reads and buffer queries now auto-chunk with complete/next fields for seamless pagination, instead of truncating.

Dependency Upgrades

• rmcp 0.1 → 1.2, schemars 0.8 → 1.x
• rusqlite 0.31 → 0.39, tree-sitter 0.25 → 0.26
• fastembed 4 → 5, reqwest 0.12 → 0.13
• git2 0.19 → 0.20, toml 0.8 → 1.0, thiserror 1 → 2

Documentation

• 4 experimental features graduated to stable with full manual pages
• Clarified that local-embed requires building from source; recommended Ollama for local embeddings
• Added session-start activate_project rule to server instructions

Full Changelog: v0.4.1...v0.5.0

v0.4.1 — run_command timeout leniency

What's New

run_command timeout leniency

• Tolerates common LLM mistakes: passing timeout instead of timeout_secs, or providing a value in milliseconds
• Surfaces a corrective hint so the LLM learns the right key/unit for future calls

Packaging

• Research docs and embedding files excluded from the crates.io package

v0.4.0 — Workspaces, Library Navigation & LSP TTL

What's New

Multi-project workspace support

• config for multi-root repos — group related projects under one codescout session
• Per-project system prompt sections with tailored Navigation Strategy
• Cross-project semantic search via project: "<id>" scoping on all symbol/search tools
• depends_on inference between projects surfaced in tool responses
• Workspace-aware onboarding — scans all projects in the workspace

Library navigation enhancements

• Per-library embedding DBs with version tracking and staleness hints
• Auto-discovery: when goto_definition resolves outside the project root, the library is registered automatically
• New register_library tool for manual registration
• scope="lib:<name>" accepted by semantic_search, find_symbol, and index_project

LSP idle TTL eviction

• LSP clients are evicted after 30 minutes idle (Kotlin: 2 hours) — prevents stale processes accumulating in long sessions

Bug fixes

• BUG-023/024 fix(symbol): cap LSP over-extended end_line in insert_code, replace_symbol, remove_symbol
• BUG-026 fix(read_file): prevent @tool_* double-wrapping of large buffer-ref range reads

v0.3.0

What's new

Documentation restructure

• New agent setup guides — standalone per-agent docs for Claude Code, GitHub Copilot, and Cursor (docs/agents/)
• Multi-agent research doc — sanitized analysis of compound error in multi-agent LLM systems, informing codescout's single-session design (docs/research/multi-agent-context-loss.md)
• Rewritten README — beginner-friendly billboard with comparison table, quick start, and agent integrations table
• New mdBook chapters — "Why codescout?" and "Agent Integrations" chapters added to the manual
• {{#include}} pattern — agent guides are single-sourced; manual pages pull from docs/agents/ via mdBook includes

v0.2.1 — VS Code schema fix

What's fixed

github_file tool validation in VS Code — The files array parameter (used by push_files) was missing a required items schema. VS Code's MCP client validates tool schemas strictly per JSON Schema spec and rejected the tool with:

Failed to validate tool mcp_codescout_github_file: Error: tool parameters array type must have items.

The fix adds a proper items schema ({ path, content } with both fields required) so the tool passes validation in VS Code and all other spec-compliant MCP clients. Claude Code was already lenient about this — only stricter clients were affected.

Install / upgrade

cargo install codescout

Then restart your MCP server (/mcp in Claude Code) or reload your VS Code window.

Full changelog

See CHANGELOG.md for complete release history.