regex ReDoS guards, frontmatter edit fidelity, mcp-ts-core ^0.10.10
Security:
- ReDoS guard rejects over-length or nested-quantifier regex on obsidian_list_notes (nameRegex, <=256) and obsidian_replace_in_note (useRegex, <=1024) before compiling — throws regex_unsafe ValidationError (#88)
- bun.lock refreshed; bun audit clean
Fixed:
- obsidian_manage_frontmatter / obsidian_manage_tags surgical edits preserve comments, quoting, and plain dates — yaml parseDocument edits in place, no js-yaml load/dump round-trip (#89)
Changed:
- Description polish on obsidian_patch_note, obsidian_search_notes, and obsidian_get_note format() (#86)
Dependency bumps:
- @cyanheads/mcp-ts-core ^0.10.9 -> ^0.10.10
- js-yaml ^4.2.0 -> ^5.2.0 (@types/js-yaml dropped; v5 self-types)
- yaml -> ^2.9.0 (new)
407 tests pass; bun run devcheck clean.