Skip to content

CSCSoftware/AiDex

v1.8.0 Security

This release includes 3 security fixes for security teams reviewing exposed deployments.

Published 4mo MCP Developer Tools
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 3 known CVEs

Topics

ai-coding claude claude-code code-indexing code-search copilot
+10 more
cursor developer-tools gemini gemini-cli mcp mcp-server sqlite tree-sitter vscode windsurf

Affected surfaces

rce_ssrf auth

Summary

AI summary

Built-in project task management with CRUD, auto‑logging, and a viewer tab is introduced.

Full changelog

What's New

Task Backlog (v1.8.0)

Built-in project task management persisted in AiDex database:

  • aidex_task - Create, read, update, delete tasks with priority, tags, and descriptions
  • aidex_tasks - List and filter tasks by status, priority, or tag
  • Auto-logging: Status changes and task creation are automatically recorded
  • Manual log entries: Add notes to any task with the log action
  • Viewer Tasks Tab: Interactive task management in the browser viewer
  • Priorities: 🔴 high, 🟡 medium, ⚪ low
  • Statuses: backlog → active → done | cancelled

Code Review Phase 1

26 fixes across security, bugs, parser and refactoring:

  • Security: Path traversal protection, glob injection prevention, sanitized viewer HTML output
  • Parser fixes: Arrow function name extraction, Python docstring handling, TSX grammar, abstract class support, C duplicate method fix
  • Bug fixes: Proper error handling, fixed file exclusion in aidex_update
  • Refactoring: Extracted shared glob utility, improved signature formatting

npm & Registry

Install

npm install -g aidex-mcp
aidex setup

Full changelog: https://github.com/CSCSoftware/AiDex/blob/master/CHANGELOG.md

Security Fixes

  • Path traversal protection
  • Glob injection prevention
  • Sanitized viewer HTML output
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track CSCSoftware/AiDex

Get notified when new releases ship.

Sign up free

About CSCSoftware/AiDex

Persistent code index MCP server using Tree-sitter for fast, precise code search. Replaces grep with ~50 token responses instead of 2000+. Supports 11 languages including C#, TypeScript, Python, Rust, and Go.

All releases →

Related context

Beta — feedback welcome: [email protected]