Changelog
Format: Keep a Changelog. Versioning: SemVer.
[Unreleased]
Section titled “[Unreleased]”[1.1.0] - 2026-04-04
Section titled “[1.1.0] - 2026-04-04”treeduplicate content — removed spuriousEmbeddedResourceblock appended alongsideTextContent; clients were receiving the JSON tree twice.write_filebase64 encoding —encoding:"base64"parameter was ignored; file was written as literal base64 text instead of decoded binary bytes. Now correctly decodes and writes raw bytes.- WSL path conversion — paths like
/mnt/c/Users/foowere resolved toC:\mnt\c\Users\fooinstead ofC:\Users\foo. NewnormalizeWSLPath()function converts WSL-style paths to Windows paths before resolution. - Case-insensitive path validation on Windows —
isPathInAllowedDirsnow compares lowercased paths on Windows, fixing false “access denied” errors when WSL paths (lowercase drive letter) were checked against allowed dirs (mixed case).
Security
Section titled “Security”- Exhaustive security validation — manual tests confirmed all attack vectors are blocked: path traversal (
../), WSL path injection (/mnt/c/), Win32 namespace (\\?\), device paths (//./), forward slashes (C:/), and cross-allowed-dir exfiltration viacopy_file/move_file.
- Official MCP compatibility aliases — 3 tool name aliases for clients trained on the official MCP filesystem server:
read_text_file→read_file,search_files→search,directory_tree→tree. Full parameter schemas, same handlers. - Recommended workflow in instructions — 5-step workflow (navigate → locate → read range → edit → verify) sent during MCP initialize.
edit_filelarge-edit tip — success message includes a TIP to usecompare_fileswhen edits affect >10 lines./filesystem-light-toolsskill — Claude Code skill for tool discovery. Solves Claude Desktop’s lazy tool loading problem: without this, only ~5 of 18 tools are discovered per query.helptool — returns the full catalog of 18 tools with usage rules, parameters, and best practices. Description is keyword-rich so Claude Desktop’s semantic search picks it up for virtually any filesystem query.server.WithInstructions()— sends tool catalog during MCP initialize handshake (spec 2025-11-25 compliant).read_fileoutline mode — newoutlineboolean param. Returns a symbol index (functions, classes, types, interfaces with line numbers) using regex extraction for 14 languages.list_directorydepth — newdepthparam (1-10). Multi-level recursive listing without usingtree.- MCP logging capability — handler can send
notifications/messagelog events to clients. - Progress notifications —
batch_operationsandread_multiple_filessend progress updates vianotifications/progress. - Content annotations — read tools annotate output with
audience: ["assistant"], write tools withaudience: ["user", "assistant"]. - Tool title annotations — all tools have
WithTitleAnnotation()for better client UI display. - Roots change notifications — handler listens for
notifications/roots/list_changedand refreshes allowed directories mid-session. - Context cancellation — cooperative cancellation across all operations via
ctx.Done(). - Development audit logging —
--dev --log-dirmode withoperations.jsonlandmetrics.json. Records raw/normalized arguments and sub-operation traces. - Log inspection tools —
cmd/logview,cmd/logdashboard, and local dashboard for inspecting operations, errors, timings, and request parameters.
Testing
Section titled “Testing”- 40 security and edge-case tests — directory traversal, symlink attacks, Windows paths, roots lifecycle, concurrency, resource handler, copy/move destination validation, edit_file features.
TestWriteFile_Base64— verifies binary content is written correctly, not base64 literal text.TestWriteFile_Base64_InvalidInput— verifies invalid base64 returns a proper error.TestTree_NoDuplicateContent— verifies tree returns exactly 1 content item.TestNormalizeWSLPath— 9 subtests covering drive letters, root paths, uppercase, non-drive/mnt/paths, and passthrough cases.TestValidatePath_WSLStyle— end-to-end test: creates file via Windows path, accesses via WSL path, verifies resolution.
Changed
Section titled “Changed”- Tool descriptions rewritten for discoverability — action keywords, recommended workflows, reduced cross-reference noise. Optimized for Claude Desktop’s semantic tool search.
- Tool errors —
IsError: true(tool-level) instead of protocol-level errors, per MCP spec. - Output sanitization — 1MB truncation and UTF-8 validation in post-processing.
- Resource capabilities — changed to
(false, false)to avoid overcommitting capabilities not implemented.
[1.0.0] - 2026-03-23
Section titled “[1.0.0] - 2026-03-23”searchtool — unified search replacing three separate tools. Usemode: "files"(name/glob),mode: "content"(regex +context_lines), ormode: "duplicates"(MD5 hash scan).write_filecreate_backup— optional boolean. Creates a.backupcopy of the existing file before overwriting.write_filechunked streaming — optionalchunk_index/total_chunksparams replace the oldchunked_writetool.
Removed (breaking)
Section titled “Removed (breaking)”| Old tool | Migration |
|---|---|
search_files | search with mode: "files" |
smart_search | search with mode: "content" |
find_duplicates | search with mode: "duplicates" |
write_file_safe | write_file with create_backup: true |
chunked_write | write_file with chunk_index + total_chunks |
split_file | removed |
join_files | removed |
analyze_file | removed (was stub) |
performance_analysis | removed (was stub) |
generate_report | removed (was stub) |
smart_sync | removed (was stub) |
assist_refactor | removed (was stub) |
[0.6.4] - 2026-03-23
Section titled “[0.6.4] - 2026-03-23”read_fileline range memory — now streams withbufio.Scanner. Large files no longer fully loaded when only a line range is requested.- Dead code removed —
handleAdvancedTextSearchand helpers deleted.
[0.6.3] - 2026-03-23
Section titled “[0.6.3] - 2026-03-23”smart_searchcontext_lines— new optional number param. Wheninclude_contentis true, each match includes N surrounding lines (before + after), equivalent togrep -C N. Default: 0.
Changed
Section titled “Changed”list_directorytool description clarified: explicitly states it lists one level only, and when to prefer it overtreeorsearch_files.
[0.6.2] - 2026-03-23
Section titled “[0.6.2] - 2026-03-23”read_fileline range — new optionalstart_line/end_lineparams (1-based, inclusive). Reads a section of a large file without loading it entirely. The 5 MB inline limit is bypassed when a line range is requested.
[0.6.1] - 2026-03-23
Section titled “[0.6.1] - 2026-03-23”Changed
Section titled “Changed”- Go upgraded to 1.26.1 (patch release with stdlib security fixes: GO-2026-4599..4602).
golang.org/x/netupgradedv0.21.0→v0.38.0(fixes GO-2025-3595 XSS in HTML tokenizer).
go vetwarnings inhandler.go: replacedfmt.Errorf(err.Error())withreturn nil, err.
[0.6.0] - 2026-03-21
Section titled “[0.6.0] - 2026-03-21”- Tool Annotations — all 29 tools carry
readOnlyHint,destructiveHint, andidempotentHintannotations. MCP clients use these to improve UX and gate destructive operations. - MCP Roots support — server declares
rootscapability. On the first tool call the handler fetches allowed directories from the client viaroots/listand merges them with any CLI-supplied paths.FilesystemHandleris now thread-safe (sync.RWMutex). NewUpdateAllowedDirs()method for external updates. read_media_filetool — reads any binary file and returns it asImageContent(images) or base64 text blob (audio/other binary) with MIME type detection.edit_filedry_runmode — new optional boolean parameter. Whentrue, the diff is computed and returned as preview without writing the file.- Atomic
write_file— writes go through a temp file in the same directory, thenos.Rename()to the target. Prevents data loss from partial writes. - Server can start without CLI arguments — allowed directories may be provided entirely via MCP Roots.
search_filesnow supports glob patterns (*.go,test_*.txt) in addition to plain substring matching.file_edit_test.goupdated for mcp-go v0.45.0 (mcp.CallToolParamsstruct change).
[0.5.0] - 2026-03-19
Section titled “[0.5.0] - 2026-03-19”- Normalizer layer (
normalizer.go) ported from mcp-filesystem-go-ultra. 50+ rules, zero new tools.- Parameter aliasing:
old_str→old_text,src→source,action→type,filepath→path, etc. - Type coercion: string
"true"→ bool, string"3"→ float64. - JSON accept-both: array params accept native JSON or JSON string.
- Parameter aliasing:
edit_filealready-present detection — skips gracefully if new_text present and old_text absent.edit_fileliteral escape recovery — handles\nas two chars from Claude Desktop.edit_filenon-blocking no-match — returns 0 replacements instead of error.batch_operationsflexible field names:source/src/from,dest/dst/to,action/type.batch_operationsextra type aliases:cp,rm,remove.- Rate limiter (
ratelimit.go) — 60 calls/min sliding window. convertToStringhandles float64, bool, int, int64, json.Number.
FilesystemHandlerstruct missinglimiterfield.inprocess_test.gowrong import path.
[0.4.1] - 2026-03-17
Section titled “[0.4.1] - 2026-03-17”plan_tasktool for step-by-step execution plans.
[0.4.0] - 2026-03-16
Section titled “[0.4.0] - 2026-03-16”- Chunked operations:
chunked_write,split_file,join_files,write_file_safe.
[0.3.0] - 2026-03-15
Section titled “[0.3.0] - 2026-03-15”- Intelligent multi-phase text replacement in
edit_file.
[0.2.0] - 2026-03-14
Section titled “[0.2.0] - 2026-03-14”- Analysis tools:
analyze_file,analyze_project,smart_search,find_duplicates. batch_operations,compare_files,generate_report,performance_analysis.smart_sync,assist_refactor.
[0.1.0] - 2026-03-13
Section titled “[0.1.0] - 2026-03-13”- Initial release. Core filesystem operations with path validation and security.