v2.0.17May 17, 2026Latest

UTF-8 panic, gone.

Hotfix for a daemon crash on markdown files larger than 8 KB containing em-dashes, smart quotes, emoji, or accented letters. The indexer now snaps every byte-bounded truncation to a UTF-8 character boundary — across every site, not just the reported one.

Daemon no longer crashes on non-ASCII markdown — truncate_markdown_body sliced markdown content at a fixed 8000-byte offset that could land mid-codepoint, killing the daemon before it bound its socket. Every downstream call (vexp mcp --proxy, the VS Code sidebar, MCP requests) then failed silently with no diagnostic. The slice now snaps to the nearest UTF-8 char boundary via str::floor_char_boundary, so multi-byte characters at any offset are handled correctly.

Audit-wide fix, not a one-spot patch — A sweep of the Rust codebase surfaced five total sites with the same raw-byte-slice pattern (markdown indexing, JSON value summarization, tool-result logging, JSON-shape sniffing, impact-graph truncation). All five now use the stable str::floor_char_boundary stdlib method. The obsolete in-crate floor_char_boundary_safe helper was removed so contributors stop reaching for the wrong idiom.

Regression tests for the exact reproducer — Four new tests cover the reported em-dash-at-byte-8000 case plus the pathological all-em-dashes input and the 2-byte (accented letter) and 4-byte (emoji) UTF-8 boundary cases. 375/375 cargo tests green; end-to-end validated by rebuilding 2.0.17 with the local LLM feature and indexing the trigger files plus the full vexp repo.

v2.0.14May 15, 2026

Windows autostart, fixed.

Repairs the login-time launcher on Windows so vexp serve actually starts. Auto-migrates broken 2.0.12 installs in place — no manual reinstall needed.

Windows login launcher — fixed — vexp 2.0.12 shipped an invalid VBScript template for the Startup-folder launcher, causing a Type mismatch error at login and silently preventing vexp serve from starting. The generator now emits valid VBScript (proper quote doubling) and routes through %ComSpec% /d /s /c so cmd.exe applies legacy single-strip quote semantics. Verified end-to-end: the MCP HTTP server starts on 127.0.0.1:7821 at login and writes to ~/.vexp/autostart.log.

Automatic migration from 2.0.12 — On Windows, the next vexp invocation after upgrading detects any existing broken vexp-serve.vbs by signature and rewrites it with the fixed template — before the autostart marker short-circuit kicks in. No manual vexp autostart uninstall/install required. VEXP_NO_AUTOSTART_INSTALL=1 still opts out cleanly: the migration runs after the env-var check, so opted-out users are never touched.

v2.0.13May 14, 2026

Markdown as code. Secrets stay out. More headroom on Starter.

Index Markdown docs alongside code, keep sensitive files out of the index by default, and explore vexp with 20 daily calls on Starter.

Markdown indexing (first-class) — .md and .mdx files are now indexed at section granularity. Each heading becomes a retrievable node; URLs inside sections become markdown_link nodes. Spec-Kit and planning artifacts (spec.md, plan.md, tasks.md, README.md, docs/adr/*) get a small ranking boost so agents surface them when relevant.

Secret filtering (default on) — Files matching .env, .env.production, id_rsa, *.pem, *.key, secrets.yaml, secret.md, password.json, credentials.toml — and similar filename-boundary matches — are skipped at index time. Legitimate code like src/secret-manager.ts is unaffected. Public templates (.env.example, .env.sample, .env.template) are allowlisted. Opt out with filter_secrets = false in .vexp/vexp.toml.

.vexpignore filename alias — .vexpignore (no underscore — matching the .gitignore / .dockerignore convention) now works alongside the historical .vexp_ignore. If both files exist, their patterns are concatenated.

.ignore (ripgrep) support documented — vexp also honors .ignore files (the ripgrep / fd / Sublime Text convention) via its underlying walker. If your project already has one for ripgrep, vexp picks it up automatically.

Starter: 20 pipeline calls per day — Daily call quota raised from 8 to 20 on the Starter plan. Enough to explore vexp on real projects across a full work day. Quota still resets at midnight UTC.

Cross-repo collection respects ignore rules — The multi-repo cross-link detector now routes file collection through the same walker as the primary indexer: .gitignore, .vexp_ignore, and .vexpignore patterns are honored consistently everywhere vexp reads source files.

v2.0.10April 16, 2026

Works everywhere. Zero maintenance.

Broad Linux compatibility, fully automatic daemon lifecycle, and an interactive CLI that shows you exactly what's running.

Runs on every Linux distro — Ubuntu 20.04+, Debian 11+, RHEL 8+, Fedora, WSL2, Amazon Linux — all supported out of the box. No extra libraries to install.

Daemon auto-start — After first setup, the background engine starts automatically whenever you or your AI agent needs it. Nothing to manage.

Interactive CLI — Type `vexp` for a guided menu with live status of the daemon and local LLM. Setup, explore, and configure agents without memorizing commands.

Reliable agent connections — AI agents (Claude Code, Codex, Cursor, …) now find the daemon automatically, even when launched from different directories. Connection errors eliminated.

v2.0.0–2.0.1April 10–14, 2026

Local AI layer + GPU acceleration.

Optional on-device LLM (vexp-devmind) for +30% token savings. Metal on Apple Silicon, CUDA on NVIDIA. Smart prompt preprocessor and agentic context loop.

vexp-devmind local LLM — A compact, code-specialised model that runs entirely on your machine for an extra +30% token savings. Zero cloud, zero account, zero code leaving your laptop. ~3.5 GB download.

GPU acceleration — Metal on Apple Silicon + Intel Macs, CUDA on NVIDIA (Linux & Windows). Auto-detected at runtime. CUDA plugin downloaded on-demand when an NVIDIA driver is detected.

Smart prompt preprocessor — Your question is analysed locally and pre-enriched with the right files, symbols, and call chains before reaching your AI agent. Fewer tool calls, sharper answers.

run_pipeline single-call — One MCP call replaces capsule + impact + memory + observation. Auto-detects intent (debug/modify/refactor/explore) from your task description.

v1.2.30March 21, 2026

30 languages. One engine.

vexp now parses 30 programming languages — from Kotlin and Swift to Terraform and Zig. Plus a daily free tier quota, pipeline streaming, and an upgraded LSP Bridge.

30 language support — From 12 to 30 languages in a single release. Kotlin, Scala, Swift, Dart, PHP, Elixir, Haskell, OCaml, Lua, R, Zig, HCL/Terraform, Objective-C, Dockerfile, Clojure, and F# join the existing lineup with full AST parsing and dependency graph support.

Daily free tier quota — Starter plan users now get 20 pipeline calls per day — enough to explore vexp on real projects. The quota resets daily at midnight UTC.

Pipeline streaming — run_pipeline now streams results as they arrive: pivots first, then impact analysis, then memories. Agents see initial context faster on large codebases.

LSP Bridge v2 — The VS Code language server integration now captures richer type information with better performance. More accurate call graphs, especially for TypeScript generics and Go interfaces.

189 automated tests — Test suite expanded from 133 to 189 tests covering all 30 languages, pipeline streaming, and the new quota system.

v1.2.26–1.2.28March 12–18, 2026

Infrastructure improvements

Internal release pipeline fixes and package alignment for more reliable installs across all platforms.

Smoother installs — Fixed edge cases in the npm publish pipeline and aligned package versions across the VS Code extension and standalone CLI.

v1.2.25March 9, 2026

Smarter license handling

License verification is now more resilient, and the hook guard handles edge cases better.

Resilient license verification — License checks now handle edge cases and malformed responses gracefully. Your workflow is never interrupted by a transient verification issue.

Smarter parameter handling — MCP tool parameters are now automatically coerced to the correct types. Agents that send numbers as strings or booleans as "true" no longer cause errors.

Improved hook guard — The Claude Code hook guard now uses process-level detection to avoid conflicts with other tools. More reliable interception on busy systems.

v1.2.24March 6, 2026

Self-healing database

vexp now detects and recovers from database corruption automatically — plus real-time health monitoring.

Automatic database recovery — If the index database is corrupted (e.g. after a system crash), vexp detects it and rebuilds automatically from the manifest. Zero data loss, zero manual intervention.

Health monitoring — The daemon now monitors its own health continuously: database integrity and indexing throughput. Issues are surfaced in the status bar and index_status output.

133 automated tests — Comprehensive test suite covering database recovery, health checks, and all supported languages.

v1.2.23March 5, 2026

Smoother publishing, same great engine

Behind-the-scenes improvements to how vexp ships updates — faster, more reliable releases for everyone.

Faster, more reliable updates — We overhauled our release pipeline so new versions reach you quicker and more reliably across all platforms — Linux, macOS, and Windows.

v1.2.19March 1, 2026

Rock-solid connections

vexp now gracefully handles daemon restarts, stale connections, and multi-window setups — so your agent never loses context.

Automatic cleanup on shutdown — vexp now cleans up all connection files when the daemon stops, preventing stale sockets even after unexpected crashes.

Smarter hook guard — The Claude Code integration now detects stale connections and gracefully falls back, so your agent always has access to code search tools.

Regex support in hooks — The hook guard now intercepts Regex tool calls in addition to Grep and Glob, ensuring your agent always uses vexp's smarter search.

v1.2.18February 28, 2026

Multi-window harmony

Open the same project in multiple VS Code windows — vexp shares a single daemon across all of them, no conflicts, no duplicates.

Shared daemon across windows — Multiple VS Code windows now share a single vexp daemon. Only the original window manages its lifecycle — other windows connect automatically.

Automatic port recovery — If the MCP port is busy, vexp finds an available one automatically. No more restart loops or manual port changes.

Smart reconnection — If the daemon restarts, non-owner windows detect it and reconnect with exponential backoff. If the daemon is gone, a new window takes over automatically.

v1.2.17February 28, 2026

Fewer interruptions

Fixed a rare issue where brief daemon restarts could cause your agent to fall back to slower, less accurate tools.

Resilient daemon connection — The MCP client now retries transient connection errors automatically, keeping your agent on vexp's smarter search even during brief daemon restarts.

v1.2.16February 28, 2026

One call. Full context.

run_pipeline combines context search, impact analysis, and memory recall into a single MCP tool call. Plus CLI license enforcement, safer git hooks, and bug fixes.

run_pipeline MCP tool — Single-call pipeline that auto-detects intent (debug/modify/refactor/explore), combines capsule + impact + memory, and includes full file content for pivots. ~60% fewer context tokens. Available on all plans (basic on Starter, full on Pro+).

CLI license enforcement — vexp activate, vexp deactivate, and vexp license commands. Shared license file at ~/.vexp/license.jwt — activate once, both VS Code and CLI use the same plan.

Marker-delimited git hooks — Git hooks now use # --- vexp start/end --- markers. Safely coexists with existing hooks (husky, lint-staged) without overwriting them.

Mobile & React Native defaults — Pods/, DerivedData/, and .expo/ are now excluded from indexing by default for faster mobile project setup.

Intent detection fix — Fixed false positives in intent detection caused by substring matching on non-English words. Now uses exact word boundary matching.

FTS5 query fix — Fixed crashes when search queries contained special characters like parentheses, asterisks, or quotes.

v1.2.14February 25, 2026

Install anywhere

vexp is now available as a standalone CLI via npm. Install once, use with any agent — no VS Code required.

Standalone CLI — npm install -g vexp-cli and start using vexp with Claude Code, Codex, Opencode, or any terminal agent. Zero dependencies, instant setup.

Direct binary mode — Run vexp-core mcp --workspace . for maximum performance. One native binary, no Node.js required.

Smarter file watcher — vexp now reads your .gitignore and skips ignored files entirely. Faster indexing, fewer false positives.

Cleaner multi-repo sidebar — Empty repositories are hidden by default. One toggle to show them when you need to.

5 platform packages — Native binaries for Linux (x64, arm64), macOS (Intel, Apple Silicon), and Windows. Downloaded automatically on first install.

v1.2.12February 24, 2026

Windows reliability

Rock-solid Windows support for named pipes and cross-platform MCP connections.

Windows named pipes fixed — Each workspace now gets a unique pipe name. No more connection failures when running multiple projects.

Smaller Windows extension — The VS Code package no longer bundles binaries for other platforms. 5 MB instead of 45 MB.

v1.2.11February 24, 2026

Intelligence without configuration

vexp now watches how you work, detects patterns, and generates project rules — all automatically.

Passive Observation — vexp watches every file change and correlates it with your agent's tool calls. It understands not just what changed, but why — without any setup.

Project Rules — Recurring patterns in your workflow are auto-promoted into rules. They persist across sessions and are injected into context capsules — your agent learns your project's conventions.

Memory Consolidation — Repetitive observations are automatically merged, keeping memory clean and relevant without losing information.

Standalone MCP server — Run vexp as a native Rust daemon with MCP over stdin/stdout. Works with Claude Code, Codex, and any MCP-compatible agent — no VS Code needed.

Manifest-only git — Only a lightweight manifest.json is committed to git. No binary blobs, no merge conflicts. Teammates rebuild the full index in seconds.

v1.2.0February 22, 2026

Session Memory — your agent remembers

Agent-agnostic session memory linked to the code graph. 3 new MCP tools. 10 tools total.

Session Memory system — Full session memory: auto-capture, cross-session search, manual observations, and staleness detection — all linked to the code dependency graph. Works identically across all 12+ supported agents.

3 new MCP tools (Free Tier) — get_session_context, search_memory, and save_observation. All 3 are available on the free Starter plan — memory is the product showcase.

Auto-capture every tool call — Every MCP tool call is automatically recorded as a compact observation (~100-200 bytes) with per-tool extraction: intent + pivots, symbol FQNs, start→end flows, file lists.

Capsule memory auto-surfacing — get_context_capsule automatically includes relevant memories from previous sessions — no extra tool calls needed. Budget: 10% of token budget, ranked by query + pivot proximity.

Code-graph linked staleness — Observations linked to code symbols are auto-flagged stale when the code changes. Stale memories are penalized in search ranking (-0.30) but never deleted.

Hybrid memory search — FTS5 BM25 (0.35) + TF-IDF cosine (0.25) + recency decay with 7-day half-life (0.20) + code-graph proximity (0.15) − staleness penalty. Every result includes a "why" field.

Session compression — Background task compresses inactive sessions (>2h): extracts key terms, file paths, node IDs into a structural summary. Ephemeral observations deleted; insights preserved permanently.

Progressive disclosure — 3 detail levels: L1 Headline (~20 tokens, capsule inject), L2 Standard (~50 tokens, default search), L3 Full (~100 tokens, deep queries).

Database schema v2 — New tables: sessions, observations, observations_fts (FTS5 with porter stemmer), observation_node_links. Incremental migration — no existing data touched.

v1.1.2February 21, 2026

UTF-8 safety fix

Prevents panics on multi-byte UTF-8 string slicing.

UTF-8 multi-byte fix — Prevent panics on multi-byte UTF-8 string slicing in skeleton generation and TF-IDF tokenization.

v1.1.1February 21, 2026

Cross-repo, meet your IDE

Cross-repo queries go live. A new VS Code sidebar brings the graph into your editor.

Cross-repo queries are live — Context capsules, impact graphs, and logic flow searches now resolve symbols across repository boundaries. One query spans your entire stack — frontend, backend, and infra.

VS Code sidebar panel — Real-time daemon status, index statistics, per-repo cards, and quick actions — Force Re-index, Generate Capsule, Add Repository, View Logs — all without leaving the editor.

CodeLens on exports — Every exported symbol shows its dependent count inline: "12 dependents across 4 files". Know the blast radius before you refactor.

Hover impact data — Hover over any exported declaration to see dependents, cross-repo references, and top callers — without running a single command.

All 12 agent configs updated — Multi-repo documentation added to every agent template, from Claude Code's full CLAUDE.md to Cursor's compact rules file.

Smarter capsule ranking — File-path detection, churn-based scoring, and path priority boosting deliver more relevant results with fewer tokens.

v1.1.0February 20, 2026

Six new languages, one smarter engine

From 6 to 12 languages. Plus intent detection, hybrid search, and the LSP bridge.

6 new languages — Java, C#, C, C++, Ruby, and Bash join TypeScript, JavaScript, Python, Go, and Rust. Full class, method, and interface extraction for each.

Intent detection — vexp reads your prompt and adapts. "fix bug" activates debug mode and follows error paths. "refactor" shows blast radius. "add feature" prioritizes modification targets.

Hybrid search — Combines full-text search, TF-IDF semantic similarity, and graph centrality scoring. Finds validateCredentials when you search "authentication".

LSP Bridge — VS Code captures type-resolved call edges from the Language Server and feeds them into the dependency graph. Higher confidence, zero configuration.

New MCP tool: submit_lsp_edges — Dedicated tool for IDE-level call edge submission. 7 MCP tools total.

Claude Code stdio transport — Switched from HTTP to stdio transport, eliminating "Session not found" errors. Rock-solid, zero-config connection.

Context feedback loop — Repeated queries with similar terms automatically expand the result budget, giving you deeper context on the second pass.

v1.0.10February 2026

The foundation

The initial stable release — graph-powered context for AI coding agents.

Core context engine — tree-sitter parsing, AST dependency graph, SQLite index, and token-efficient context capsules with 65-70% token reduction.

5 languages at launch — TypeScript, JavaScript, Python, Go, and Rust with full function, class, and type extraction.

6 MCP tools — get_context_capsule, get_impact_graph, search_logic_flow, get_skeleton, index_status, and workspace_setup.

Auto-configuration for 12 agents — One command detects your AI agent and writes the config file. Claude Code, Cursor, Windsurf, Copilot, and 8 more.

Git-native manifest — Only manifest.json (blake3 hashes) is committed to git. Clone a repo and the index rebuilds incrementally from the manifest in seconds.