Conversation
- Add develop branch as default for new feature work - master remains release branch (no rename to main) - Document release process: develop → master + tag - Add development workflow section to README - Remove AGENTS.md (plan doc fulfilled)
- Focus on value proposition: multi-repo semantic search for AI agents - Architecture diagram (mermaid) showing search + serve flow - MCP Configuration section with per-agent configs - Local/stdio vs Serve/multi-repo modes documented - 5 MCP tools reference (search, find, explore, get_chunk, status) - Serve mode with groups, lazy FSW, idle eviction, TUI - CLI reference with index add/rm/list, groups management
- Add changes_count (AtomicU64) to SharedStores for tracking indexed/removed files - Increment changes_count in perform_incremental_refresh_with_stores and process_batch_with_stores - TUI reads changes_count directly from stores instead of unused repo_changes DashMap - Add debug-level reaper logging showing idle ages for all tracked repos - Session keepalive issue is client-side (rmcp returns 404 for stale sessions, clients must re-initialize)
When the server restarts or laptop suspends, all in-memory MCP sessions are lost. Clients that still hold a stale session ID get a 404 from rmcp which most MCP client libraries don't handle gracefully. Add middleware that inspects POST /mcp requests with a session ID. If the JSON-RPC method is "initialize", strip the stale session header so rmcp creates a fresh session automatically. This enables seamless reconnection after server restarts without manual client restart.
When the server restarts or laptop suspends, in-memory MCP sessions are lost. Previously only initialize requests were handled; tools/call with a stale session still got a 404 that clients couldn't recover from. New approach: after rmcp returns 404 for a stale session, the middleware automatically performs a full reconnect cycle: 1. Sends an internal initialize request to get a fresh session ID 2. Retries the original request with the new session ID 3. Returns the response with the new session ID header so the client updates its stored session ID transparently Uses ReconnectState (reqwest::Client + mcp_url) via from_fn_with_state. The client never sees the 404 — it gets the actual tool response.
get_or_open_stores now takes touch:bool. Fan-out paths (unscoped get_chunk, group routing) pass false so they don't reset the idle timer on every repo. Only direct single-repo queries pass true. After get_chunk candidate detection resolves to a single repo, touch_access is called explicitly for just that repo. Warmup no longer resets idle timers (touch: false).
- Increase retrieval pool: limit*3 -> limit*5 in semantic pipeline - Stronger exact identifier boost: EXACT_MATCH_RRF_K 5.0 -> 2.0 - Increase search_exact pool: limit*2 -> limit*3 - Auto-fallback to literal FTS when semantic returns <3 results and query contains identifiers (has_identifiers check) - Same limit*5 change in CLI search path (src/search/mod.rs)
- fix(serve): idle eviction — touch only on direct query, not fan-out - fix(search): improve search quality to reduce agent grep fallback - feat(serve): transparent MCP session reconnect on stale 404 - fix(tui): normalize CPU% by core count - fix(serve): track file changes + improve reaper visibility
Replace server-side reconnect middleware (which couldn't fix broken TCP) with client-side reconnect in McpProxyService (--mode client). When list_tools or call_tool hits a transport error (broken TCP, stale session 404, keep-alive failure), the proxy: 1. Detects the transport error via is_transport_error_msg() 2. Calls force_reconnect() — clears peer + signals main loop 3. Retries up to PROXY_MAX_RETRY_ATTEMPTS (3) with backoff 4. The main loop receives the disconnect signal and reconnects to serve This handles both server restarts and laptop suspend correctly since the proxy controls the rmcp client connection directly. Removed: ReconnectState + auto_reconnect_stale_sessions middleware from serve/mod.rs (server-side middleware cannot fix dead TCP connections).
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
CODESEARCH_REPOS_CONFIG env var was used directly as a filesystem path without validation or canonicalization. CodeQL flagged this as 'Uncontrolled data used in path expression'. - repos.rs: validate env-var override has .json extension (fail-fast) - serve/mod.rs: canonicalize config_path before fs::metadata/load_from to resolve symlinks and normalize .. components Fixes: CodeQL alert on src/serve/mod.rs reload_if_changed()
fix(serve): validate config_path from env var (CodeQL path traversal)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
First stable release
This PR promotes
develop→masteras the first stable 1.0 release of codesearch.What's included
Fixed
MDB_MAP_FULL→"already opened with different options"). Fix closes and reopens the environment around the resize.Added
codesearch serve) with per-project, group, and cross-repo routingsearch,find,explore,get_chunk,status--force)Changed
Removed
Smoke tests passed
Known limitations