Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 42004dc

Browse files
omoshola-oomoshola-o
committed
release: harden multi-project mcp graph isolation
1 parent 6541a87 commit 42004dc

7 files changed

Lines changed: 472 additions & 25 deletions

File tree

CHANGELOG.md

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,15 @@ All notable changes to this project will be documented in this file.
55
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
66
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
77

8+
## [0.1.5] - 2026-02-23
9+
10+
### Fixed
11+
- Enforced strict MCP parameter validation for `symbol_lookup.mode` and `impact_analysis.max_depth` to prevent silent fallbacks.
12+
- Switched per-project graph identity to canonical-path hashing to eliminate graph collisions for same-named folders.
13+
- Removed unsafe cached-graph fallback that could bind the wrong project graph in multi-project sessions.
14+
- Added runtime compile locking in `acb-mcp` and hardened launcher lock acquisition for concurrent startup reliability.
15+
- Added regression tests for deterministic/unique project identity keys.
16+
817
## [0.1.4] - 2026-02-23
918

1019
### Fixed

Cargo.lock

Lines changed: 67 additions & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

Cargo.toml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
[package]
22
default-run = "acb"
33
name = "agentic-codebase"
4-
version = "0.1.4"
4+
version = "0.1.5"
55
edition = "2021"
66
license = "MIT"
77
repository = "https://github.com/agentralabs/codebase"
@@ -69,6 +69,7 @@ ignore = "0.4"
6969

7070
# Hashing
7171
blake3 = "1"
72+
sha2 = "0.10"
7273

7374
# Git integration (for temporal analysis)
7475
gix = { version = "0.63", default-features = false, features = ["basic", "blob-diff"] }

scripts/install.sh

Lines changed: 35 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -364,14 +364,37 @@ resolve_repo_root() {
364364
365365
slugify() {
366366
local raw="\$1"
367+
local canonical
367368
local base
369+
local digest
370+
canonical="\$raw"
371+
if command -v python3 >/dev/null 2>&1; then
372+
canonical="\$(python3 - "\$raw" <<'PY'
373+
import os, sys
374+
print(os.path.realpath(sys.argv[1]))
375+
PY
376+
)"
377+
elif [ -d "\$raw" ]; then
378+
canonical="\$(cd "\$raw" 2>/dev/null && pwd -P || printf '%s' "\$raw")"
379+
fi
368380
base="\$(basename "\$raw")"
369381
base="\$(printf '%s' "\$base" | tr '[:upper:]' '[:lower:]')"
370382
base="\$(printf '%s' "\$base" | sed -E 's/[^a-z0-9._-]+/-/g; s/^-+//; s/-+\$//')"
371383
if [ -z "\$base" ]; then
372384
base="workspace"
373385
fi
374-
printf '%s' "\$base"
386+
if command -v shasum >/dev/null 2>&1; then
387+
digest="\$(printf '%s' "\$canonical" | shasum -a 256 | awk '{print substr(\$1,1,12)}')"
388+
elif command -v sha256sum >/dev/null 2>&1; then
389+
digest="\$(printf '%s' "\$canonical" | sha256sum | awk '{print substr(\$1,1,12)}')"
390+
else
391+
digest="\$(printf '%s' "\$canonical" | cksum | awk '{print \$1}')"
392+
fi
393+
if [ -n "\$digest" ]; then
394+
printf '%s-%s' "\$base" "\$digest"
395+
else
396+
printf '%s' "\$base"
397+
fi
375398
}
376399
377400
can_index_repo() {
@@ -417,9 +440,15 @@ lock_is_stale() {
417440
418441
if [ -f "\$pid_file" ]; then
419442
lock_pid="\$(cat "\$pid_file" 2>/dev/null || true)"
420-
if [ -n "\$lock_pid" ] && kill -0 "\$lock_pid" 2>/dev/null; then
421-
return 1
443+
if [ -n "\$lock_pid" ]; then
444+
if kill -0 "\$lock_pid" 2>/dev/null; then
445+
return 1
446+
fi
447+
# PID file exists but process is gone: stale immediately.
448+
return 0
422449
fi
450+
# Empty PID file is stale immediately.
451+
return 0
423452
fi
424453
425454
now="\$(date +%s)"
@@ -443,6 +472,8 @@ compile_graph_if_needed() {
443472
local wait_count=0
444473
local max_wait="\${AGENTRA_GRAPH_LOCK_WAIT_SECS:-90}"
445474
475+
mkdir -p "\$(dirname "\$graph_path")"
476+
446477
acquire_lock() {
447478
mkdir "\$lock_dir" 2>/dev/null || return 1
448479
printf '%s\n' "\$\$" > "\$pid_file" 2>/dev/null || true
@@ -513,7 +544,7 @@ resolve_graph() {
513544
return
514545
fi
515546
516-
local repo_root repo_slug graph_dir graph_path fallback
547+
local repo_root repo_slug graph_dir graph_path
517548
repo_root="\$(resolve_repo_root)"
518549
graph_dir="\${AGENTRA_GRAPH_CACHE_DIR:-\${CODEX_HOME:-\$HOME/.codex}/graphs}"
519550
if ! is_common_path "\$repo_root"; then
@@ -528,12 +559,6 @@ resolve_graph() {
528559
fi
529560
fi
530561
531-
fallback="\$(latest_cached_graph "\$graph_dir")"
532-
if [ -n "\$fallback" ] && [ -f "\$fallback" ]; then
533-
printf '%s' "\$fallback"
534-
return
535-
fi
536-
537562
for candidate in "\$HOME/.agentra/graphs/default.acb" "\$PWD/graph.acb"; do
538563
if [ -f "\$candidate" ]; then
539564
printf '%s' "\$candidate"

0 commit comments

Comments
 (0)