Remove read_ruby_file tool as it can be abused

Author: st0012

lib/ruby_lsp/mcp_server.rb

@@ -167,24 +167,6 @@ def process_jsonrpc_request(json)
                     },
                   },
                 },
-                {
-                  # This may be redundant to some clients if they can access terminal to cat the files
-                  # but it's useful for some clients that don't have that capability
-                  name: "read_ruby_files",
-                  description: <<~DESCRIPTION,
-                    Read the contents of the given Ruby files, including files from dependencies.
-                  DESCRIPTION
-                  inputSchema: {
-                    type: "object",
-                    properties: {
-                      file_uris: {
-                        type: "array",
-                        items: { type: "string" },
-                      },
-                    },
-                    required: ["file_uris"],
-                  },
-                },
                 {
                   name: "get_methods_details",
                   description: <<~DESCRIPTION,
@@ -245,8 +227,6 @@ def process_jsonrpc_request(json)
             contents = case params[:name]
             when "get_classes_and_modules"
               handle_get_classes_and_modules(params.dig(:arguments, :query))
-            when "read_ruby_files"
-              handle_read_ruby_files(params.dig(:arguments, :file_uris))
             when "get_methods_details"
               handle_get_methods_details(params.dig(:arguments, :signatures))
             when "get_class_module_details"
@@ -316,42 +296,6 @@ def handle_get_classes_and_modules(query)
       end
     end
 
-    #: (Array[String]) -> Array[Hash[Symbol, untyped]]
-    def handle_read_ruby_files(file_uris)
-      file_uris.map do |file_uri|
-        file_uri_obj = URI(file_uri)
-        file_path = file_uri_obj.path
-        next unless file_path
-
-        begin
-          file_content = File.read(file_path)
-          {
-            type: "text",
-            text: {
-              file_path: file_path,
-              file_content: file_content,
-            }.to_yaml,
-          }
-        rescue Errno::ENOENT
-          {
-            type: "text",
-            text: {
-              file_path: file_path,
-              error: "File not found",
-            }.to_yaml,
-          }
-        rescue => e
-          {
-            type: "text",
-            text: {
-              file_path: file_path,
-              error: "Error reading file: #{e.message}",
-            }.to_yaml,
-          }
-        end
-      end.compact
-    end
-
     #: (Array[String]) -> Array[Hash[Symbol, untyped]]
     def handle_get_methods_details(signatures)
       signatures.map do |signature|

test/mcp_server_test.rb

@@ -73,58 +73,6 @@ class Class2; end
       MCPServer.const_set(:MAX_CLASSES_TO_RETURN, original_max_classes)
     end
 
-    def test_handle_read_ruby_files_single_file
-      file_path = File.join(Dir.pwd, "test_read.rb")
-      file_content = "# Test content"
-      File.write(file_path, file_content)
-
-      begin
-        result = @server.send(:handle_read_ruby_files, ["file://#{file_path}"])
-        expected_yaml = { file_path: file_path, file_content: file_content }.to_yaml
-        expected_result = [{ type: "text", text: expected_yaml }]
-
-        assert_equal(expected_result, result)
-      ensure
-        File.delete(file_path) if File.exist?(file_path)
-      end
-    end
-
-    def test_handle_read_ruby_files_multiple_files
-      file_path1 = File.join(Dir.pwd, "test_read1.rb")
-      file_content1 = "# Test content 1"
-      File.write(file_path1, file_content1)
-
-      file_path2 = File.join(Dir.pwd, "test_read2.rb")
-      file_content2 = "# Test content 2"
-      File.write(file_path2, file_content2)
-
-      begin
-        result = @server.send(:handle_read_ruby_files, ["file://#{file_path1}", "file://#{file_path2}"])
-
-        expected_yaml1 = { file_path: file_path1, file_content: file_content1 }.to_yaml
-        expected_yaml2 = { file_path: file_path2, file_content: file_content2 }.to_yaml
-        expected_result = [
-          { type: "text", text: expected_yaml1 },
-          { type: "text", text: expected_yaml2 },
-        ]
-
-        assert_equal(expected_result, result)
-      ensure
-        File.delete(file_path1) if File.exist?(file_path1)
-        File.delete(file_path2) if File.exist?(file_path2)
-      end
-    end
-
-    def test_handle_read_ruby_files_non_existent_file
-      non_existent_path = File.join(Dir.pwd, "non_existent.rb")
-      result = @server.send(:handle_read_ruby_files, ["file://#{non_existent_path}"])
-
-      expected_yaml = { file_path: non_existent_path, error: "File not found" }.to_yaml
-      expected_result = [{ type: "text", text: expected_yaml }]
-
-      assert_equal(expected_result, result)
-    end
-
     def test_handle_get_methods_details_instance_method
       uri = URI("file:///fake_instance.rb")
       @index.index_single(uri, <<~RUBY)