codemcp
Author: ezyang
Description: Coding assistant MCP server for Claude (Claude Desktop / claude-mcp web extension) that can edit files, run pre-declared project commands, and Git-version LLM edits (commit-per-chat, auto-accept oriented). NOTE: README states the project is considered obsolete due to Claude Code availability, though it contains useful design ideas.
Stars: 1.6k
Forks: 141
License: Apache License 2.0
Category: Open Source
Overview
Installation
If you prefer Claude Desktop or have unusual needs, see `INSTALL.md` in the repository for additional installation instructions.InitProject
Initialize codemcp for a specific local Git repository/project directory so Claude can begin making versioned edits and running allowed commands.
format
Project-defined command tool (from `codemcp.toml`) that runs the configured formatter; this command is special and is always run after every file edit.
test
Project-defined command tool (from `codemcp.toml`) that runs the configured test command; can be documented to accept arguments such as a pytest-style test selector.
FAQs
How can I implement codemcp's commit-per-change Git safety pattern in a modern tool like Claude Code or Aider?
Neither Claude Code nor Aider replicates codemcp's automatic commit-per-change behavior out of the box. You can approximate it by wrapping agent sessions in Git pre-commit hooks that snapshot on every file write, or by running Aider with `--auto-commits` flag alongside a custom script that splits bulk commits into per-file commits during post-session cleanup using `git rebase --interactive`.
How does codemcp's codemcp.toml command allowlist work and can I replicate it in other MCP servers?
codemcp.toml declares permitted shell commands in a TOML mapping; Claude executes only pre-declared scripts, not arbitrary bash. Replicating this requires your MCP server to intercept command requests, parse an allowlist file, and reject unlisted executables. Most terminal MCPs lack this filtering layer, so fork the server or wrap calls in validation middleware checking commands against your allowlist before execution.
What is the arbitrary file read vulnerability in codemcp issue #315 and how can it be mitigated?
Issue #315 describes how the read_file tool lacks path validation or sandboxing, allowing Claude to read any file the server process can access, including SSH keys or environment files. Mitigation requires running codemcp under a restricted user account with minimal filesystem permissions, denying access to sensitive directories, or using a container with read-only mounts.
What are the best alternatives to codemcp for AI-assisted coding with Git version control in 2025-2026?
Beyond the content's comparison of Claude Code, Aider, and DesktopCommanderMCP, strong alternatives include Continue.dev for IDE-native workflows, Sweep for automated PR generation, and Cursor's native Git integration. For terminal-first users, Cody offers Git-aware context. Evaluate based on your IDE preference, whether you need commit automation versus manual review, and LLM provider flexibility beyond Claude.
Why did the author declare codemcp obsolete in favor of Claude Code, and what features does Claude Code offer that codemcp doesn't?
The author declared codemcp obsolete because Claude Code became bundled with Anthropic's twenty-dollar-per-month subscription, eliminating the need for a separate workaround. While the content doesn't enumerate Claude Code's exclusive features, the obsolescence suggests Claude Code delivers comparable Git-aware workflows and file editing without requiring users to self-host infrastructure or maintain local Python MCP servers.
Can I use codemcp with claude.ai in the browser and how does the SSE server mode work?
Yes. Install the claude-mcp browser extension, launch codemcp with `uvx --from git+https://github.com/ezyang/codemcp@prod codemcp serve`, then point the extension to `http://127.0.0.1:8000/sse`. SSE server mode creates a persistent HTTP connection that streams MCP protocol messages as server-sent events, allowing browser-based Claude to communicate with your local codemcp instance without WebSocket support.