@mrxkun/mcfast-mcp 3.5.11 → 3.5.12

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@mrxkun/mcfast-mcp",
-  "version": "3.5.11",
+  "version": "3.5.12",
   "description": "Ultra-fast code editing with WASM acceleration, fuzzy patching, multi-layer caching, and 8 unified tools. Optimized for AI code assistants with 80-98% latency reduction.",
   "type": "module",
   "bin": {

package/src/index.js

@@ -595,11 +595,31 @@ async function reportAudit(data) {
 /**
  * Handle regex-based filesystem search using grep
  * Uses native grep for high-performance regex searching
+ * Includes validation for unsupported regex patterns
  */
 async function handleRegexSearch({ query, path: searchPath, caseSensitive = false }) {
     const start = Date.now();
 
     try {
+        // Validate regex pattern before executing
+        const validation = validateRegex(query);
+        if (!validation.valid) {
+            const latency = Date.now() - start;
+            return {
+                content: [{ 
+                    type: "text", 
+                    text: `⚠️  Invalid regex pattern: ${validation.error}\n\nQuery: "${query}"\n\n💡 Tips:\n• Basic regex works: \\bword\\b, [a-z]+, (foo|bar)\n• Avoid lookbehind (?<=...) and lookahead (?=...) - not supported by grep\n• Use word boundaries \\b instead of lookarounds\n• Escape special chars: \\\\, \\+, \\*` 
+                }],
+                isError: true
+            };
+        }
+
+        // Warn about potentially unsupported patterns
+        if (validation.warnings.length > 0) {
+            console.error(`${colors.yellow}[Regex Warning]${colors.reset} Pattern may not work as expected:`);
+            validation.warnings.forEach(w => console.error(`  - ${w}`));
+        }
+
         const flags = [
             "-r",        // Recursive
             "-n",        // Line number
@@ -618,10 +638,18 @@ async function handleRegexSearch({ query, path: searchPath, caseSensitive = fals
             "--exclude-dir=.cache"
         ].join(" ");
 
-        const command = `grep ${flags} ${excludes} -E "${query.replace(/"/g, '\\"')}" "${searchPath}"`;
+        // Escape quotes in query to prevent command injection
+        const escapedQuery = query.replace(/"/g, '\\"');
+        const command = `grep ${flags} ${excludes} -E "${escapedQuery}" "${searchPath}" 2>&1`;
 
         try {
-            const { stdout } = await execAsync(command, { maxBuffer: 10 * 1024 * 1024 }); // 10MB buffer
+            const { stdout, stderr } = await execAsync(command, { maxBuffer: 10 * 1024 * 1024 }); // 10MB buffer
+            
+            // Check for grep regex errors in stderr
+            if (stderr && stderr.includes('Invalid regular expression')) {
+                throw new Error(`grep: ${stderr}`);
+            }
+            
             const results = stdout.trim().split('\n').filter(Boolean);
 
             const latency = Date.now() - start;
@@ -686,6 +714,12 @@ async function handleRegexSearch({ query, path: searchPath, caseSensitive = fals
                     content: [{ type: "text", text: `🔍 Regex Search: No matches found for "${query}" in ${searchPath} (${latency}ms)` }]
                 };
             }
+            
+            // Handle regex syntax errors
+            if (execErr.stderr && execErr.stderr.includes('Invalid')) {
+                throw new Error(`Invalid regex syntax: ${execErr.stderr}. Try simplifying your pattern.`);
+            }
+            
             throw execErr;
         }
     } catch (error) {
@@ -700,12 +734,52 @@ async function handleRegexSearch({ query, path: searchPath, caseSensitive = fals
         });
 
         return {
-            content: [{ type: "text", text: `❌ Regex search error: ${error.message}` }],
+            content: [{ type: "text", text: `❌ Regex search error: ${error.message}\n\n💡 Try using a simpler pattern without lookarounds (?<= or ?=)` }],
             isError: true
         };
     }
 }
 
+/**
+ * Validate regex pattern for compatibility with grep
+ * Returns { valid: boolean, error?: string, warnings: string[] }
+ */
+function validateRegex(pattern) {
+    const warnings = [];
+    
+    try {
+        // Test if it's valid JavaScript regex
+        new RegExp(pattern);
+    } catch (e) {
+        return { valid: false, error: e.message, warnings };
+    }
+    
+    // Check for patterns not supported by basic grep (PCRE-only features)
+    const unsupportedPatterns = [
+        { regex: /\(\?<[=!]/, name: 'Lookbehind (?<=...) or negative lookbehind (?<!...)' },
+        { regex: /\(\?=[^=]/, name: 'Lookahead (?=...)' },
+        { regex: /\(\?![^=]/, name: 'Negative lookahead (?!...)' },
+        { regex: /\(\?<\w+>/, name: 'Named capture groups (?<name>...)' },
+        { regex: /\\p\{/, name: 'Unicode properties (\\p{...})' },
+        { regex: /\(\?#/, name: 'Comments (?#...)' },
+        { regex: /\(\?\d*\)/, name: 'Subroutine calls (?1)' },
+        { regex: /\(\?&\w+\)/, name: 'Subroutine calls (?&name)' }
+    ];
+    
+    for (const { regex, name } of unsupportedPatterns) {
+        if (regex.test(pattern)) {
+            warnings.push(`Pattern uses ${name} which may not be supported by grep. Results may be incomplete.`);
+        }
+    }
+    
+    // Check for potentially dangerous patterns (catastrophic backtracking)
+    if (/\(\w+\+\+?\)|\(\w+\*\*?\)\*\*?/.test(pattern)) {
+        warnings.push('Pattern may cause performance issues (nested quantifiers)');
+    }
+    
+    return { valid: true, warnings };
+}
+
 // ============================================
 
 /**
@@ -2188,7 +2262,7 @@ async function handleReferencesInDirectory({ path: dirPath, symbol }) {
                 output += `  ${colors.dim}${m.line}:${colors.reset} ${m.content}\n`;
             });
             if (matches.length > 5) {
-                output += `  ${colors.dim}... and ${matches.length - 5} more${colors.reset}\n`;
+                output += `  ${colors.dim}... and ${matches.length - 5} more matches${colors.reset}\n`;
             }
             output += "\n";
         });