codedb v0.2.572 — 10× faster, 83% less memory

codedb v0.2.572 🚀

Performance. Memory. Correctness.

This release ships 18 performance and correctness improvements, 11 bug fixes, and massive memory reductions for large repos. Initial indexing is now 10× faster, cold RSS is down 83%, and warm reopen is 92% leaner.

---

🎯 Highlights

10× Faster Initial Indexing

Worker-local parallel scan with deterministic merge: each thread builds its own partial Explorer, then results are merged with no lock contention. Shuts down the primary bottleneck for large repo first opens. (#221, #218)

83% Cold RSS Reduction

• Staggered word index + trigram builds with c_allocator and page_allocator (#261)
• Worker-local arenas eagerly freed after indexing (#261)
• Content cache skip for files beyond 1000 (#208)
• Trigram HashMap pre-sized with reusable local maps (#261)

92% Warm RSS Reduction

WordHit compacted from 24 bytes to 8 bytes via packed struct + u31 line numbers (#261)

Unbounded Index Growth Fixed

TrigramIndex.id_to_path now reuses freed doc_id slots from a free-list. Grows only to peak live files, not total files ever indexed. (#247, #227 by @JF10R)

Git Subprocess Spam Eliminated

Watcher now stats .git/HEAD mtime before forking git rev-parse. Steady-state background processes drop from ~30/min to ~0 on idle repos. (#254)

MCP Zombie Process Fix

10-minute idle timeout + POLLHUP detection on stdin. Sessions that go quiet are reaped; dead clients trigger immediate clean shutdown. (#148)

---

📊 Performance Summary

Metric	0.2.56	0.2.57	Delta
Initial index time	3.6 s	346 ms	10× faster
Cold RSS	~3.5 GB	~580 MB	−83%
Warm RSS	~1.9 GB	~150 MB	−92%
Git subprocesses/30s	15	2	−87%
Trigram search latency	55 ms	53 ms	−4%
Word index latency	35 ms	32 ms	−9%
Recall: webhook	0 hits	50 hits	+50 (fix)

Benchmark: openclaw/openclaw, 6,315 files, Apple M4 Pro, ReleaseFast

---

🔧 All Performance Improvements

Indexing & Scanning

1. Worker-local initial indexing — Each scan worker maintains its own Explorer, eliminating cross-thread merge bottleneck (#221, #218)
2. Fast read-only search workers — Skip outline parsing for pure search ops (#250)
3. Single-pass scan+trigram — Eliminate file re-reads during search (#250)
4. Parallel trigram extraction — Lean cold insert path for 2× faster cold search (#255)
5. Pre-sized trigram HashMap — Reusable local map saves 60ms (#261)
6. Deterministic merge — Snapshot replay is reproducible across runs (#221)

Memory & Allocation

7. WordHit compaction — 24B → 8B, 92% warm RSS reduction (#261)
8. c_allocator for trigram build — 83% cold RSS reduction (#261)
9. page_allocator for worker arenas — Eager free after indexing (#261)
10. Staggered word/trigram builds — 70% cold RSS reduction (#261)
11. Skip content cache >1000 files — 7% RSS reduction (#208)
12. Index shrink after scan — Free list capacity back to OS (#261)
13. Lazy word index — Skip for commands that don't need it (#250)
14. mmap overlay fail-safe — Drop to full-scan on allocation pressure (#191)

Watcher & Git

15. Git HEAD mtime gating — 87% fewer subprocesses (#254)
16. drainNotifyFile dedup — No re-index of unchanged files (#228 by @JF10R)

MCP & Server

17. 8 MB release stack — Fix Rosetta 2 stack overflow (#223)
18. Atomic telemetry call_count — Race-free status reporting (#179)

---

🐛 Bug Fixes

Index Correctness

• TrigramIndex.removeFile — Fixed ghost-entry bug where stale path_to_id entries remained (#246)
• TrigramIndex.getOrCreateDocId — Reuses freed doc_id slots, keeping id_to_path bounded (#247)
• PostingList.removeDocId — O(log n) binary search replacing O(n) linear scan (#248)
• AnyTrigramIndex mmap_overlay — Fixed ArrayList leak on error path (#251)
• commitParsedFileOwnedOutline — errdefer keeps word/trigram indexes in sync on OOM (#252)
• searchContent fallback — Restricted to skip_trigram_files set, O(skip) not O(all) (#250)

Nuke & Config

• rewriteConfigFile — Atomic write via {path}.tmp + sync + rename (#249)
• nuke — Full uninstall: removes data, kills daemon, deregisters MCP from Claude/VS Code/Cursor (#239)

Snapshot

• readSectionBytes — Opens file once, shared helper (#253)
• readSectionString — Limit raised to maxInt(u16) for long symbol names (#253)
• loadSnapshotFast — Corrupt OUTLINE_STATE treated as empty, not fatal (#253)

Parser

• Python docstring detection — Fixed false positives (#179)
• Single-line /* */ comments — Parsing now resumes correctly after (#203)
• Block comment handling — Fixed skipping subsequent code (#202)

---

🙏 Contributors & Issue Reporters

User	Issue	Description
@JF10R	#227, #228, #210	Trigram unbounded growth, drainNotifyFile dedup, ProjectCache leak
@ocordeiro	#224	Symbol.line_end population for body=true
@destroyer22719	#242	MCP disconnections with Opencode
@wilsonsilva	#235	Unknown remote requests
@killop	#234	Windows support request
@sims1253	#215, #216	R language support, PHP/Ruby telemetry fix
@JustFly1984	#212, #213	Website DNS, version update issues
@mochadwi	#226	Serena comparison discussion
@Mavis2103	#197	Memory overhead reduction ideas
@justrach	#247–#261	Core performance & correctness work

---

📦 Binaries

Platform	File	SHA256
macOS (Apple Silicon)	codedb-darwin-arm64	13dd0a6047efee1cecfa684690352b9c9b9a24a10f253f8e259bc6272b15c1c4
Linux (x86_64)	codedb-linux-x86_64	037bff1ae3764d5c1229f3cf87b2e37e2f1a87710f0966d955b4c530d081c24a

macOS binary: Signed with Developer ID and notarized by Apple. Gatekeeper-ready.

---

🚀 Install / Upgrade

Fresh install:

curl -fsSL https://codedb.codegraff.com/install.sh | bash

Self-update:

codedb update

Or download directly from this release.

---

🧪 Validation

• zig build test — tests pass
• zig build -Doptimize=ReleaseFast — clean release build
• Notarization: Accepted (90bbd49d-4558-422f-9dfa-0cc41ef8e0f7)

---

🔩 Hotfixes in 0.2.572

Patches on top of 0.2.57:

Search Recall

• Union candidates + interleaved skip_trigram — improved recall across all query types
• Per-file result cap — prevents single noisy files from drowning results

SIMD Search Engine

• SIMD first-byte scanner — 16 bytes per iteration, bypasses slow memchr
• SIMD memmem-style scanner — full bitmask processing per 16-byte chunk
• SIMD newline detection — pre-allocated result list, no reallocs on hot path
• Direct buffer scan — searchInContent skips line splitting entirely

Tiered Lookup

• Tier 0 word index direct lookup — skip content scan for exact word matches
• Tiered search + fast indexOfCaseInsensitive — cheap tiers gate expensive ones
• Lazy sparse candidates — skip covering-set computation when trigrams already hit
• Sort candidates by content size — smallest files first, early exits on tight budgets
• Defer searched HashMap — only allocated when tiers 2–5 are reached

Structural Index

• Symbol name index — incremental line counting, binary search for scope lookup
• Bidirectional DependencyGraph — O(1) reverse lookups + transitive BFS

MCP Latency

• Buffered stdin reads via mcp-zig readLineBuf
• Reduced serialization overhead — zero-copy I/O, arena allocator, reusable buffers
• Scanner-based tools/call — skip std.json parse entirely on the hot path
• Fully zero std.json — all request types now bypass the standard JSON parser

---

📋 Full Changelog

See CHANGELOG.md for complete details.

codedb v0.2.57 — 10× faster, 83% less memory

codedb v0.2.57 🚀

Performance. Memory. Correctness.

This release ships 18 performance and correctness improvements, 11 bug fixes, and massive memory reductions for large repos. Initial indexing is now 10× faster, cold RSS is down 83%, and warm reopen is 92% leaner.

---

🎯 Highlights

10× Faster Initial Indexing

Worker-local parallel scan with deterministic merge: each thread builds its own partial Explorer, then results are merged with no lock contention. Shuts down the primary bottleneck for large repo first opens. (#221, #218)

83% Cold RSS Reduction

• Staggered word index + trigram builds with c_allocator and page_allocator (#261)
• Worker-local arenas eagerly freed after indexing (#261)
• Content cache skip for files beyond 1000 (#208)
• Trigram HashMap pre-sized with reusable local maps (#261)

92% Warm RSS Reduction

WordHit compacted from 24 bytes to 8 bytes via packed struct + u31 line numbers (#261)

Unbounded Index Growth Fixed

TrigramIndex.id_to_path now reuses freed doc_id slots from a free-list. Grows only to peak live files, not total files ever indexed. (#247, #227 by @JF10R)

Git Subprocess Spam Eliminated

Watcher now stats .git/HEAD mtime before forking git rev-parse. Steady-state background processes drop from ~30/min to ~0 on idle repos. (#254)

MCP Zombie Process Fix

10-minute idle timeout + POLLHUP detection on stdin. Sessions that go quiet are reaped; dead clients trigger immediate clean shutdown. (#148)

---

📊 Performance Summary

Metric	0.2.56	0.2.57	Delta
Initial index time	3.6 s	346 ms	10× faster
Cold RSS	~3.5 GB	~580 MB	−83%
Warm RSS	~1.9 GB	~150 MB	−92%
Git subprocesses/30s	15	2	−87%
Trigram search latency	55 ms	53 ms	−4%
Word index latency	35 ms	32 ms	−9%
Recall: webhook	0 hits	50 hits	+50 (fix)

Benchmark: openclaw/openclaw, 6,315 files, Apple M4 Pro, ReleaseFast

---

🔧 All Performance Improvements

Indexing & Scanning

1. Worker-local initial indexing — Each scan worker maintains its own Explorer, eliminating cross-thread merge bottleneck (#221, #218)
2. Fast read-only search workers — Skip outline parsing for pure search ops (#250)
3. Single-pass scan+trigram — Eliminate file re-reads during search (#250)
4. Parallel trigram extraction — Lean cold insert path for 2× faster cold search (#255)
5. Pre-sized trigram HashMap — Reusable local map saves 60ms (#261)
6. Deterministic merge — Snapshot replay is reproducible across runs (#221)

Memory & Allocation

7. WordHit compaction — 24B → 8B, 92% warm RSS reduction (#261)
8. c_allocator for trigram build — 83% cold RSS reduction (#261)
9. page_allocator for worker arenas — Eager free after indexing (#261)
10. Staggered word/trigram builds — 70% cold RSS reduction (#261)
11. Skip content cache >1000 files — 7% RSS reduction (#208)
12. Index shrink after scan — Free list capacity back to OS (#261)
13. Lazy word index — Skip for commands that don't need it (#250)
14. mmap overlay fail-safe — Drop to full-scan on allocation pressure (#191)

Watcher & Git

15. Git HEAD mtime gating — 87% fewer subprocesses (#254)
16. drainNotifyFile dedup — No re-index of unchanged files (#228 by @JF10R)

MCP & Server

17. 8 MB release stack — Fix Rosetta 2 stack overflow (#223)
18. Atomic telemetry call_count — Race-free status reporting (#179)

---

🐛 Bug Fixes

Index Correctness

• TrigramIndex.removeFile — Fixed ghost-entry bug where stale path_to_id entries remained (#246)
• TrigramIndex.getOrCreateDocId — Reuses freed doc_id slots, keeping id_to_path bounded (#247)
• PostingList.removeDocId — O(log n) binary search replacing O(n) linear scan (#248)
• AnyTrigramIndex mmap_overlay — Fixed ArrayList leak on error path (#251)
• commitParsedFileOwnedOutline — errdefer keeps word/trigram indexes in sync on OOM (#252)
• searchContent fallback — Restricted to skip_trigram_files set, O(skip) not O(all) (#250)

Nuke & Config

• rewriteConfigFile — Atomic write via {path}.tmp + sync + rename (#249)
• nuke — Full uninstall: removes data, kills daemon, deregisters MCP from Claude/VS Code/Cursor (#239)

Snapshot

• readSectionBytes — Opens file once, shared helper (#253)
• readSectionString — Limit raised to maxInt(u16) for long symbol names (#253)
• loadSnapshotFast — Corrupt OUTLINE_STATE treated as empty, not fatal (#253)

Parser

• Python docstring detection — Fixed false positives (#179)
• Single-line /* */ comments — Parsing now resumes correctly after (#203)
• Block comment handling — Fixed skipping subsequent code (#202)

---

🙏 Contributors & Issue Reporters

Thank you to everyone who filed issues, tested builds, and provided feedback:

User	Issue	Description
@JF10R	#227, #228, #210	Trigram unbounded growth, drainNotifyFile dedup, ProjectCache leak
@ocordeiro	#224	Symbol.line_end population for body=true
@destroyer22719	#242	MCP disconnections with Opencode
@wilsonsilva	#235	Unknown remote requests
@killop	#234	Windows support request
@sims1253	#215, #216	R language support, PHP/Ruby telemetry fix
@JustFly1984	#212, #213	Website DNS, version update issues
@mochadwi	#226	Serena comparison discussion
@Mavis2103	#197	Memory overhead reduction ideas
@justrach	#247, #248, #249, #250, #251, #252, #253, #254, #255, #261	Core performance & correctness work

---

📦 Binaries

Platform	File	SHA256
macOS (Apple Silicon)	codedb-darwin-arm64	d752f269ca099b5a63aa182015d98f099ea5efc5a25c4e2fdfdaa26a6ef5e21d
Linux (x86_64)	codedb-linux-x86_64	34915d825e8fc441cf119aab212ce7445304a5314ab991095924c1435f4c72fe

macOS binary: Signed with Developer ID and notarized by Apple. Gatekeeper-ready.

---

🚀 Install / Upgrade

# Fresh install
curl -fsSL https://codedb.codegraff.com/install.sh | bash

# Self-update
codedb update

# Or download directly from this release

---

🧪 Validation

• zig build test — 341/341 tests pass
• zig build -Doptimize=ReleaseFast — Clean release build
• Live benchmark: zig build benchmark -- --root /path/to/repo
• Notarization: Accepted (22f02ccd-260b-409d-ab87-cf340e7967ea)

---

📋 Full Changelog

See CHANGELOG.md for complete details.

v0.2.56

Hotfix

• install.sh now resolves the latest version from GitHub Releases first and only falls back to codedb.codegraff.com/latest.json if GitHub is unavailable.
• codedb update now uses the same GitHub-first lookup, which avoids stale latest-version metadata during post-release propagation windows.
• The install worker reduces /latest.json cache time from 5 minutes to 1 minute and bumps its fallback version to 0.2.56.

Validation

• codedb-darwin-arm64 was signed on this Mac and notarized successfully.
  Submission ID: bb1bd05b-641d-4b05-8133-fa7d5dd5e614
• codedb-linux-x86_64 passed sandbox smoke testing against sandbox-docs.md.
  Verified: --version, tree, search sandbox, and word memory

Included Assets

• codedb-darwin-arm64
• codedb-linux-x86_64
• checksums.sha256

Held Back

• codedb-darwin-x86_64 pending #223
• codedb-linux-aarch64 built locally but not runtime-validated yet

The 0.2.55 release notes still apply for the warm-reopen, MCP startup, and performance improvements.

v0.2.55

What's New

0.2.55 is a performance and reliability release focused on warm reopen, MCP startup behavior, search quality, parser correctness, and release/install safety.

Highlights

• Warm snapshot reopen now restores persisted outline/state directly, reuses trigram sidecars, and skips redundant word.index rewrites. This closes #220.
• codedb_query adds a composable MCP search pipeline for multi-step retrieval in one tool call. This closes #168.
• Search ranking now learns from query-to-open history with WAL-backed combo boosts. This closes #195.
• MCP sessions now record real client identity and expose memory diagnostics in codedb_status. This closes #37.
• Root policy now refuses to index the home directory itself, preventing the large MCP RAM spike reported in #174.
• Installer and update flows now download binaries directly from GitHub Releases instead of the old CDN path.
• Parser and correctness fixes landed for block comments, Python docstrings, ANSI stripping, and large-repo mmap cache validation.

Performance

All numbers below were measured locally on the same machine with ReleaseFast, comparing 0.2.55 against v0.2.54.

Large-repo CLI (openclaw)

Benchmark	0.2.55	0.2.54	Delta
cold tree	5.32s	5.29s	+0.6%
snapshot	6.53s	6.25s	+4.6%
warm tree	0.26s	6.16s	23.7x faster
warm search workspace	0.24s	6.14s	25.6x faster
warm word session	0.61s	5.99s	9.9x faster

MCP first secondary-project call (openclaw)

Tool	0.2.55	0.2.54	Delta
codedb_tree	0.076s	5.289s	69.6x faster
codedb_search	0.067s	5.278s	78.8x faster
codedb_word	0.285s	5.312s	18.6x faster

Peak RSS (openclaw)

Benchmark	0.2.55	0.2.54
cold tree	3478.8MB	3478.1MB
warm tree	192.6MB	3314.0MB
warm search	193.3MB	3312.9MB
warm word	677.1MB	3313.3MB

Cold paths stayed effectively flat, snapshot creation stayed within threshold, and warm CLI + MCP reopen became dramatically faster with much lower warm RSS.

Included Work

• #222 perf: speed up warm snapshot reopen
• #204 test: regression tests for #179 parser fixes
• #203 fix: parse code after single-line /* */ comments
• #202 fix: 5 bugs from issue #179
• #201 fix: install script downloads from GitHub releases
• #200 feat: combo-boost ranking from WAL
• #199 feat: cloud WAL sync — hashed profiling telemetry
• #198 feat: WAL profiling — latency + file access logging
• #194 feat: search UX — auto-retry, per-file truncation, query WAL, skip dirs
• #192 feat: MCP client identity + memory diagnostics
• #191 fix: mmap_overlay fail-safe on allocation pressure
• #190 perf: mmap overlay pattern for zero-heap incremental updates
• #189 fix: releaseContents reclaims HashMap bucket memory
• #180 feat: composable search pipeline — codedb_query
• #178 fix: block home directory indexing to prevent 17GB RAM spike
• #177 fix: correct install URL in nuke output
• #176 fix: codedb update downloads directly from GitHub releases

Credits

• Warm reopen, ranking, MCP, parser, and release-path work in this release was implemented by @justrach.
• Thanks to @nevindra for reporting #174 (MCP mode: 17GB RAM spike when Claude Code starts in home directory), fixed in #178 by @justrach.
• Thanks to @cktang88 for reporting #179 (Bugs + improvements), fixed by @justrach across #202, #203, and #204.
• #220, #195, #168, #37, and the follow-up Intel Mac holdback issue #223 were opened by @justrach.

There were other issues active around this same calendar window, but the credits above are scoped to the directly issue-linked fixes that shipped in the v0.2.54..v0.2.55 release diff.

Release Notes

• Included in this release:
  • codedb-darwin-arm64
  • codedb-linux-x86_64
• codedb-darwin-arm64 was signed on this Mac and notarized through Apple before release.
• codedb-linux-x86_64 passed sandbox smoke testing on sandbox-docs.md.
• Held back from this release:
  • codedb-darwin-x86_64 pending #223 (startup crash under Rosetta on Apple Silicon)
  • codedb-linux-aarch64 built locally but not yet runtime-validated

v0.2.54

What's New

mmap-backed trigram index (#164)

• Memory-maps trigram.postings and trigram.lookup instead of heap HashMaps
• O(log n) binary search on sorted lookup table, ~0 RSS (OS page cache)
• 121MB RSS reduction on 5k-file repos

Fuzzy file search — codedb_find (#163)

• Smith-Waterman scoring with affine gap penalties — handles transpositions, typos, missing chars
• 100% top-3 recall, 93.9% top-1 across 82 test queries
• Multi-part queries: "snapshot json" matches both parts
• Extension constraints: "auth *.py" filters by file type
• Special entry point bonus: main.zig, index.ts, lib.rs rank higher
• ~31μs average latency

codedb nuke command (#169)

• Kills all running codedb processes
• Removes ~/.codedb/ data directory and all project snapshots
• Works from any directory — no project root needed
• Usage: codedb nuke

Process lifecycle hardening

• Fix double-join undefined behavior on scan_thread
• Shutdown gates in scanBg between all phases
• Sub-second shutdown via 1s sleep granularity + POLLHUP detection
• Idle timeout increased from 2min to 10min (#148)

CI improvements

• Bench comparison now tolerates new tools (no false tool mismatch failures)
• Added --min-abs-ns threshold to prevent false positives on fast tools

Install

curl -fsSL https://codedb.codegraff.com/install.sh | bash

v0.2.53 — Trigram v2: 36% faster indexing, 538x faster than ripgrep

v0.2.53 — Trigram v2, /update page, README refresh

Trigram Index v2

• Integer doc IDs — u32 postings instead of string HashMaps per trigram
• Batch-accumulate — local HashMap per file, bulk-insert to global index
• Skip whitespace trigrams — 12% of occurrences are pure whitespace, terrible filters
• Sorted merge intersection — O(n+m) with zero allocations

Result: 36% faster indexing, 59% less CPU, 63% faster dense queries.

Benchmark: codedb vs rtk vs ripgrep vs grep on rtk-ai/rtk

Tool	Latency	Speedup
codedb	0.065ms	baseline
rtk	37ms	569x slower
ripgrep	45ms	692x slower
grep	80ms	1,231x slower

Also in this release

• /update page with Chart.js benchmark visualizations
• README updated with v0.2.52 features, rtk benchmark, trigram v2 numbers
• 10 trigram regression tests

Binaries

Binary	Platform	Notes
codedb-darwin-arm64	macOS Apple Silicon	Codesigned + notarized
codedb-linux-x86_64	Linux x86_64	ELF, statically linked
checksums.sha256	SHA256 verification

Install

curl -fsSL https://codedb.codegraff.com/install.sh | bash

Thanks to @burningportra, @unliftedq, @riccardodm97, @dezren39, @sanderdewijs, @whygee-dev, @kenrick-g for reporting issues.

Full changelog: v0.2.52...v0.2.53

v0.2.52 — Installer Fix + Correct Linux Binary

v0.2.52 — Installer Fix + Correct Linux Binary

Fixes

• Installer broken (#138) — version grep now handles whitespace in JSON, added user-agent to avoid Cloudflare blocking
• Correct Linux binary (#139) — v0.2.5 shipped macOS binary as Linux; this release has verified ELF x86_64
• Checksum verification (#120) — installer now verifies SHA256 after download
• isPathSafe hardened (#122) — blocks null bytes and backslash separators
• Memory optimizations restored — releaseContents/releaseSecondaryIndexes for large repos (lost in previous merges)

Binaries (verified)

Binary	Platform	Type
codedb-darwin-arm64	macOS Apple Silicon	Mach-O arm64, codesigned + notarized
codedb-linux-x86_64	Linux x86_64	ELF 64-bit LSB, statically linked

Install

curl -fsSL https://codedb.codegraff.com/install.sh | bash

Thanks to @riccardodm97 (#138, #139) for reporting the installer and binary issues.

v0.2.5 — Memory, Parser, Reliability (Linux hotfix)

v0.2.5 (hotfix)

Fixes #139 — v0.2.5 originally shipped a macOS ARM64 binary as codedb-linux-x86_64. This release contains the correct ELF x86_64 Linux binary.

All changes from v0.2.4 → v0.2.5

Memory: Release file contents after indexing for repos >1000 files (~300-500MB saved). Zero-copy ContentRef for search. (#128 @burningportra, #129 @unliftedq)

Parser: Python docstrings (#111), TS block comments (#113), import aliases (#112, #114) — @sanderdewijs

Reliability: Singleton MCP PID lock (#110 @dezren39 @riccardodm97), crash fix (duplicate thread join), Linux update /bin/bash (#132 @riccardodm97), idle timeout 2min (#131 @riccardodm97), git_head sentinel (#130 @riccardodm97)

Security: Integer cast clamping (#123)

Binaries

Binary	Platform	Verified
codedb-darwin-arm64	macOS Apple Silicon	Mach-O 64-bit arm64, codesigned + notarized
codedb-linux-x86_64	Linux x86_64	ELF 64-bit LSB executable, x86-64, statically linked
checksums.sha256	SHA256 verification

Install / Update

curl -fsSL https://codedb.codegraff.com/install.sh | bash

Full changelog: v0.2.4...v0.2.5

v0.2.4 — Security Hardening & Performance

What's New in v0.2.4

Security

• Sensitive file blocking — codedb_read and codedb_edit now block access to .env, credentials.json, id_rsa, .pem/.key files via MCP tools (#93, reported by @whygee-dev)
• SSRF fix in codedb_remote — repo/action params validated against whitelist, preventing path injection (#93)
• Telemetry hardening — replaced shell-interpolated curl with argv-based exec, added mutex for ring buffer race condition (#124)

Performance

• OOM fix for large repos — trigram indexing capped at 64KB per file and 15k files total, preventing memory exhaustion on 40k+ file repos (#105, reported by @unliftedq)
• 47% less memory at 40k files (447MB → 234MB), 37% faster indexing (3.38s → 2.14s)
• Search still works for all files — non-indexed files scanned via brute-force fallback

Bug Fixes

• Python codedb_deps fixed — from mypackage.utils.helpers import X now correctly resolves to mypackage/utils/helpers.py for dependency matching (#107, reported by @riccardodm97)
• Telemetry reliability — flush to disk every 3 tool calls, sync to cloud every 10 (was only on clean exit) (#121)
• PHP language support added (#87)
• Windows build fix — cross-platform file locking and stack overflow fix (#100, by @unliftedq)

Documentation

• All 16 MCP tools now documented (was 12) — added codedb_bundle, codedb_remote, codedb_projects, codedb_index (#103, #104 — reported by @dezren39)
• codedb_remote documented with usage examples
• CLI commands table added to README
• Telemetry docs updated for accuracy

Binaries

Binary	Platform	Size	Notes
codedb-darwin-arm64	macOS Apple Silicon	1.2 MB	Codesigned + Notarized (Developer ID: Rachit Pradhan, WWP9DLJ27P)
codedb-linux-x86_64	Linux x86_64	6.7 MB	Static binary
checksums.sha256	—	—	SHA256 checksums for verification

Install / Update

curl -fsSL https://codedb.codegraff.com/install.sh | sh
# or if already installed:
codedb update

Contributors

Thanks to @whygee-dev, @unliftedq, @riccardodm97, and @dezren39 for reporting issues that made this release possible.

Full changelog: v0.2.3...v0.2.4

v0.2.3

What's new

New commands

• codedb update — self-update by re-running the install script
• codedb --version / codedb -v — prints version without needing a project root
• codedb --help — early exit help

Security

• Sensitive files excluded from live indexing — .env*, credentials.json, secrets.*, .pem, .key, SSH keys, AWS configs are now excluded from both indexing AND snapshots. Previously only snapshots filtered these. (#97, closes #96)
• Telemetry docs updated to accurately describe auto-sync behavior (#97, closes #95)
• AGENTS.md added with Codex review guidelines

Build

• macOS binaries signed with Developer ID — Developer ID Application: Rachit Pradhan (WWP9DLJ27P). Binaries now pass Gatekeeper/spctl verification. No longer ad-hoc signed.

Fixes

• CLI deps command uses correct JSON field (imported_by) (#91, closes #90)
• CLI root mismatch — detects when daemon serves wrong repo and restarts (#91)
• CLI --help/--version flags added (#91)

Docs

• BSD 3-Clause LICENSE added
• Benchmark numbers updated — openclaw 75s→2.9s, vitess 50s→~2s (reflecting 12x indexing optimization)
• All codedb2 references renamed to codedb across README, website, scripts, and source

Downloads

Platform	Binary	Size	Signed
macOS ARM64 (Apple Silicon)	codedb-darwin-arm64	1.2MB	✅ Developer ID (WWP9DLJ27P)
Linux x86_64	codedb-linux-x86_64	6.5MB	N/A (static)

Both binaries are statically linked with zero runtime dependencies.

Install / Update

# Fresh install
curl -fsSL https://codedb.codegraff.com/install.sh | sh

# Update existing
codedb update

Full changelog

• #97 security: exclude secrets from indexing, add license, fix telemetry docs
• #91 fix(cli): deps field, root mismatch, add --help/--version
• #88 fix: stack overflow on Linux + conditional codesign