feat(file-edit): add input validation for edit parameters to prevent errors

Author: AndyLiner13

src/tools/file/file-edit.ts

@@ -73,7 +73,47 @@ export const edit = defineTool({
     const code = params.code;
     const relativePath = path.relative(getHostWorkspace(), filePath).replace(/\\/g, '/');
 
-    // Determine edit range based on targeting priority
+    // ── Input validation ──────────────────────────────────────────
+
+    // Bug #5: startLine > endLine
+    if (params.startLine !== undefined && params.endLine !== undefined && params.startLine > params.endLine) {
+      response.appendResponseLine(
+        `❌ Invalid line range: startLine (${params.startLine}) is greater than endLine (${params.endLine}).`,
+      );
+      return;
+    }
+
+    // Bug #2: Empty code targeting a symbol = accidental deletion
+    if (params.target && code.trim().length === 0) {
+      response.appendResponseLine(
+        `❌ Refusing to apply empty code to symbol "${params.target}" — this would delete it. ` +
+        `If deletion is intended, remove the symbol explicitly or use startLine/endLine.`,
+      );
+      return;
+    }
+
+    // Bug #6: Validate line ranges are within file bounds
+    if (params.startLine !== undefined || params.endLine !== undefined) {
+      try {
+        const contentResult = await fileReadContent(filePath);
+        const totalLines = contentResult.totalLines;
+
+        if (params.startLine !== undefined && (params.startLine < 1 || params.startLine > totalLines)) {
+          response.appendResponseLine(
+            `❌ startLine ${params.startLine} is out of bounds (file has ${totalLines} lines).`,
+          );
+          return;
+        }
+        if (params.endLine !== undefined && (params.endLine < 1 || params.endLine > totalLines)) {
+          response.appendResponseLine(
+            `❌ endLine ${params.endLine} is out of bounds (file has ${totalLines} lines).`,
+          );
+          return;
+        }
+      } catch {
+        // File might not exist yet; proceed and let the edit fail naturally
+      }
+    }
     let editStartLine: number;
     let editEndLine: number;
     let targetLabel: string | undefined;

src/tools/file/safety-layer.ts

@@ -56,7 +56,7 @@ export async function executeEditWithSafetyLayer(
   let preExistingErrors = 0;
   try {
     const preDiags = await fileGetDiagnostics(filePath);
-    preExistingErrors = preDiags.diagnostics.filter(d => d.severity === 'Error').length;
+    preExistingErrors = preDiags.diagnostics.filter(d => d.severity.toLowerCase() === 'error').length;
   } catch {
     // Best-effort
   }
@@ -128,7 +128,7 @@ export async function executeEditWithSafetyLayer(
 
   try {
     const postDiags = await fileGetDiagnostics(filePath);
-    const newErrors = postDiags.diagnostics.filter(d => d.severity === 'Error');
+    const newErrors = postDiags.diagnostics.filter(d => d.severity.toLowerCase() === 'error');
 
     let fixAttempts = 0;
     for (const error of newErrors) {
@@ -167,7 +167,7 @@ export async function executeEditWithSafetyLayer(
         file: filePath,
         line: d.line,
         message: d.message,
-        severity: d.severity === 'Error' ? 'error' : 'warning',
+        severity: d.severity.toLowerCase() === 'error' ? 'error' : 'warning',
       });
     }
   } catch {

src/tools/file/symbol-diff.ts

@@ -22,6 +22,14 @@ export function diffSymbols(
 ): DetectedIntent[] {
   const intents: DetectedIntent[] = [];
 
+  // Guard: all old symbols gone with no replacements → bulk deletion
+  if (oldSymbols.length > 0 && newSymbols.length === 0) {
+    for (const s of oldSymbols) {
+      intents.push({type: 'delete', symbol: s.name});
+    }
+    return intents;
+  }
+
   const oldByName = new Map<string, FileSymbol>();
   for (const s of oldSymbols) oldByName.set(s.name, s);