Skip to content

SimplyLiz/CodeMCP

v8.1.0 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 4mo MCP Developer Tools
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 1 known CVE

Topics

ai architecture claude cli code-analysis code-intelligence
+9 more
cursor developer-tools go llm lsp mcp mcp-server refactoring scip

Affected surfaces

deps

Summary

AI summary

Added findCycles, suggestRefactorings, and unified planRefactor refactoring planner.

Full changelog

What's New

New Tools

  • findCycles — Detect circular dependencies using Tarjan's SCC algorithm (module/directory/file granularity), with break-edge recommendations
  • suggestRefactorings — Proactive refactoring suggestions covering complexity, coupling, dead code, and extract candidates
  • prepareChange (move) — Move/relocate analysis with import tracking and conflict detection
  • prepareChange (extract) — Tree-sitter flow analysis for extract variable/function with parameter/return detection and signature generation
  • planRefactor — Unified refactoring planner combining risk assessment, impact analysis, test gaps, and ordered steps

Improvements

  • Coverage configuration via .ckb/config.json (custom paths, auto-detect, max age)
  • Orphaned index detection in ckb doctor
  • Test mapping via ckb affected-tests
  • --include-tests flag wiring for ckb impact diff
  • Lazy engine loading and enriched error messages
  • switchProject tool for multi-repo workflows

Bug Fixes

  • Go 1.24.12 security update
  • Improved doctor command error messages
  • Disabled patch coverage check on main/develop branches

Stats

  • 46 files changed, +6,425 lines
  • 102 new tests
  • All CI checks passing

Full Changelog: https://github.com/SimplyLiz/CodeMCP/compare/v8.0.6...v8.1.0

Security Fixes

  • Go 1.24.12 security update
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track SimplyLiz/CodeMCP

Get notified when new releases ship.

Sign up free

About SimplyLiz/CodeMCP

Code intelligence MCP server with 80+ tools for semantic code search, impact analysis, call graphs, ownership detection, and architectural understanding. Supports Go, TypeScript, Python, Rust, Java via SCIP indexing.

All releases →

Related context

Beta — feedback welcome: [email protected]