Release/v5.0.1

[code-crusher]

No description provided.

[matter-code-review]

Context

Summary By MatterAI

🔄 What Changed

This PR executes a comprehensive rebranding and architectural refactor, migrating the entire package namespace from ai.axoncode to so.matterai. It also introduces enhanced build logic for VSCode plugin resource management, updates the JetBrains protocol command for authentication, and implements a regex-based protocol path sanitizer for webview HTML content.

🔍 Impact of the Change

The change aligns the codebase with the new matterai.so domain and branding. Technically, it improves the reliability of asset loading within JetBrains webviews by normalizing vscode-file protocols and streamlines the distribution process for bundled resources. All internal service proxies and IPC actors are now correctly namespaced under the new domain.

Implementation

📁 Total Files Changed

Click to Expand

File	ChangeLog
Build Config build.gradle.kts	Added vscodePlugin property and updated resource directory resolution logic.
Plugin Metadata gradle.properties.template	Updated pluginGroup to so.matterai.jetbrains.
NPM Config package.json	Renamed package to @axon-code/jetbrains-plugin and added resource copy scripts.
Action Rename ActionConstants.kt	Migrated package to so.matterai.jetbrains.actions.
Auth Protocol AxonCodeAuthProtocolCommand.kt	Updated protocol ID to so.matterai.jetbrains.auth and added logging.
Webview Logic MainThreadWebviewsShape.kt	Implemented regex to sanitize vscode-file protocol paths in HTML content.
IPC Server ExtensionUnixDomainSocketServer.kt	Updated temporary socket file prefix for uniqueness.
Service Registry ServiceProxyRegistry.kt	Updated all proxy identifiers to use the new so.matterai namespace.

Screenshots

before	after
N/A	N/A

How to Test

🧪 Test Added/Recommended

Recommended

• Namespace Verification: Perform a global search for ai.axoncode to ensure no legacy imports remain.
• Protocol Integration Test: Verify that jetbrains://idea/so.matterai.jetbrains.auth?token=XYZ correctly triggers the AxonCodeAuthProtocolCommand.
• Webview Path Test: Unit test the regex in MainThreadWebviewsShape with various vscode-file:/ URI formats to ensure correct path normalization.

Get in Touch

🔒 Security Vulnerabilities

• N/A: No direct security vulnerabilities detected. The package rename is purely structural. Ensure that the temporary socket files in /tmp have restricted permissions (already handled by Files.createTempFile).

⏳ Estimated code review effort

HIGH (~45 minutes)

Tip

Quality Recommendations

1. Extract the hardcoded regex in MainThreadWebviewsShape.kt to a named constant in PluginConstants for better maintainability.

2. Add a unit test specifically for the URI transformation logic in MainThreadWebviewsShape to prevent regressions in asset loading.

3. Ensure that the 'axoncode' string in the regex is also updated if the VSCode plugin folder name changes in the future.

♫ Tanka Poem

Namespaces transform,
Matter AI takes the new lead,
Paths clean and refined,
Sockets hum in silent lines,
Branding shines in every file. 🚀

Sequence Diagram

sequenceDiagram
    participant EH as ExtensionHost
    participant RPC as RPCManager
    participant WS as MainThreadWebviewsShape
    participant EB as EventBus
    participant WV as WebViewInstance

    EH->>RPC: setHtml(handle, htmlContent)
    RPC->>WS: setHtml(handle, value)
    Note over WS: Regex: Replace vscode-file:/.../axoncode/ with /
    WS->>WS: sanitizeHtml(value)
    WS->>EB: post(WebviewHtmlUpdateData)
    EB->>WV: updateContent(modifiedHtml)
    WV-->>WS: success
    WS-->>RPC: void
    RPC-->>EH: response

Loading

[matter-code-review]

🧪 PR Review is completed: The PR implements a comprehensive package rename to so.matterai. The changes look mostly consistent, but there are critical security implications in the socket creation logic and potential path mismatches in the build script.

Skipped files

• .vscode/tasks.json: Skipped file pattern
• CHANGELOG.md: Skipped file pattern
• DEVELOPMENT.md: Skipped file pattern
• apps/kilocode-docs/docs/extending/development-environment.md: Skipped file pattern
• apps/kilocode-docs/i18n/zh-CN/docusaurus-plugin-content-docs/current/extending/development-environment.md: Skipped file pattern
• jetbrains/README.md: Skipped file pattern

⬇️ Low Priority Suggestions (2)

jetbrains/plugin/build.gradle.kts (1 suggestion)

Location: jetbrains/plugin/build.gradle.kts (Lines 145-145)

🟠 Configuration

Issue: The resource path points to ai/axoncode (src/main/resources/ai/axoncode/...), but the project packages are being renamed to so.matterai. If the directory structure was also updated to match the package name (which is standard), this path will be incorrect.

Fix: Update the path to match the new so/matterai directory structure.

Impact: Ensures the build process can correctly locate configuration resources.

-              val configDir = File("$projectDir/src/main/resources/ai/axoncode/jetbrains/plugin/config")
+              val configDir = File("$projectDir/src/main/resources/so/matterai/jetbrains/plugin/config")

jetbrains/plugin/src/main/kotlin/ai/axoncode/jetbrains/core/ExtensionProcessManager.kt (1 suggestion)

Location: jetbrains/plugin/src/main/kotlin/ai/axoncode/jetbrains/core/ExtensionProcessManager.kt (Lines 349-349)

🔵 Code Quality

Issue: Redundant fully qualified name so.matterai.jetbrains.util.PluginResourceUtil. The class is already imported or available in the classpath context.

Fix: Use the simple class name PluginResourceUtil.

Impact: Improves code readability.

-          val resourcesPath = so.matterai.jetbrains.util.PluginResourceUtil.getResourcePath(PLUGIN_ID, "$RUNTIME_DIR/$EXTENSION_ENTRY_FILE")
+          val resourcesPath = PluginResourceUtil.getResourcePath(PLUGIN_ID, "$RUNTIME_DIR/$EXTENSION_ENTRY_FILE")

[matter-code-review]

🔴 Security

Issue: Creating a temporary file in /tmp and then deleting it to reuse the path for a socket introduces a race condition (TOCTOU) and potential security risks (symlink attacks) since /tmp is world-writable.

Fix: Create a private temporary directory using Files.createTempDirectory (which has secure permissions 0700) and place the socket file inside it.

Impact: Prevents local privilege escalation or denial of service attacks via socket hijacking.

Suggested change

	// Create temporary socket file, ensure uniqueness
	private fun createSocketFile(): Path {
	val tmpDir = java.nio.file.Paths.get("/tmp")
	val sockPath = Files.createTempFile(tmpDir, "kilocode-idea-extension-ipc-", ".sock")
	val sockPath = Files.createTempFile(tmpDir, "axoncode-idea-extension-ipc-", ".sock")
	Files.deleteIfExists(sockPath) // Ensure it does not exist
	return sockPath
	}
	// Create temporary socket file, ensure uniqueness
	private fun createSocketFile(): Path {
	val socketDir = Files.createTempDirectory("axoncode-ipc")
	socketDir.toFile().deleteOnExit()
	val sockPath = socketDir.resolve("axoncode-idea-extension-ipc.sock")
	sockPath.toFile().deleteOnExit()
	return sockPath
	}