CI Security crates.io Release License
Tests Coverage OpenSSF Best Practices OpenSSF Scorecard FOSSA Status Docs
One binary. Every platform. Structured file edits for AI agents.
Patchloom is a single-binary CLI that gives AI coding agents safe, structured file editing on any operating system. It edits JSON, YAML, and TOML by selector (not regex), preserves comments, batches multiple file edits into one tool call, and works identically on Linux, macOS, and Windows.
Patchloom demo: 6 edits across 4 files in JSON, YAML, and TOML — one command, comments preserved
# Edit a YAML value by selector without breaking comments or formatting patchloom doc set config.yaml database.port 5432 --apply # Batch 6 file edits into a single tool call patchloom batch --apply <<'EOF' doc.set package.json version "2.0.0" doc.set config.yaml app.version "2.0.0" doc.set config.toml project.version "2.0.0" replace README.md "1.0.0" "2.0.0" replace CHANGELOG.md "1.0.0" "2.0.0" file.create VERSION "2.0.0" EOF
Why Patchloom? | Install | Quick start | Commands | Comparison | Architecture | Status
AI agents edit files through tool calls. Each call is a round-trip back to the LLM. When a task touches config files, that process has three failure modes:
- Syntax corruption. The agent uses text replacement on JSON, YAML, or TOML and produces invalid output (mismatched braces, broken indentation, lost comments).
- Round-trip tax. Editing 6 files means 6 separate tool calls. Each one waits for the LLM to generate, execute, read the result, and plan the next call.
- Platform fragmentation. On Linux the agent uses
sed,jq,grep. On Windows, none of those exist. The agent falls back to verbose PowerShell or makes errors with unfamiliar syntax.
| Problem | How patchloom solves it |
|---|---|
| Syntax corruption | doc commands parse the file, change the value by selector path, and write valid output. Comments and formatting are preserved. No regex needed. |
| Round-trip tax | batch and tx combine N operations into 1 tool call. Six file edits become one command with atomic rollback on failure. |
| Platform fragmentation | Single static binary with zero dependencies. Same commands, same flags, same behavior on Linux, macOS, and Windows. |
Without patchloom (6 tool calls)
Agent: edit file 1 ─── tool call ───▶ 15s
Agent: edit file 2 ─── tool call ───▶ 15s
Agent: edit file 3 ─── tool call ───▶ 15s
Agent: edit file 4 ─── tool call ───▶ 15s
Agent: edit file 5 ─── tool call ───▶ 15s
Agent: edit file 6 ─── tool call ───▶ 15s
Total: ~90s
With patchloom batch (1 tool call)
Agent: batch with
all 6 edits ─── tool call ───▶ 25s
5 round-trips saved
Total: ~25s
| Capability | What it does | Example |
|---|---|---|
| Parser-backed edits | Edit JSON/YAML/TOML by selector, preserving comments and formatting | doc set config.yaml db.port 5432 --apply |
| Batch N files in 1 call | batch and tx combine operations into one tool call with rollback |
batch --apply < ops.txt |
| Comment preservation | YAML/TOML comments survive all edits, including array resizing | doc append config.yaml tags '"v2"' --apply |
| Heading-aware markdown | Edit sections, tables, and bullets by heading, not line number | md table-append README.md --heading "API" --row "| new | row |" --apply |
| Atomic rollback | strict: true reverts every file if format or validate steps fail |
tx plan.json --apply |
| MCP server | Expose all operations as structured MCP tool calls | patchloom mcp-server |
| Cross-platform | Identical behavior on Linux, macOS, Windows. No sed, jq, grep required. |
Same binary everywhere |
Patchloom is not a replacement for all file operations. Its instructions tell agents exactly when to use it and when native tools are faster:
| Task | Use patchloom? | Why |
|---|---|---|
| Edit a JSON/YAML/TOML value by selector | Yes | Parser guarantees valid output, preserves comments |
| Edit 3+ files in one task | Yes | batch/tx eliminates round-trips |
| Append a row to a markdown table | Yes | Heading-aware, no line number guessing |
| Read a single file | No | Native read_file is faster |
| Simple text search | No | Native grep is faster |
| Single-file text replacement | No | Native search_replace is faster |
Patchloom is not faster than native tools for simple, single-file edits. Use native tools for those. But native text replacement cannot safely edit structured files: a sed on YAML can corrupt indentation, strip comments, or produce invalid syntax. doc set parses the file, changes the value by selector, and writes valid output. That guarantee is the point.
Where patchloom is faster is multi-file batching. Six file edits via native tools means six round-trips to the LLM. One batch call does the same work in a single round-trip.
Benchmark details (Claude Opus 4 via Grok Build, 11 tasks)
Task PL-CLI MCP Native
────────────────────── ────── ────── ──────
search 18.5s 12.7s 13.9s ◀ ~same
replace 36.1s 26.6s 26.1s ◀ ~same
doc_set 30.9s 16.9s 13.7s ◀ native fastest
md_table 15.5s 13.5s 15.3s ◀ MCP fastest
tx_multi_file 41.4s 28.5s 22.9s ◀ native fastest
batch_6_files 50.6s 46.6s 30.3s ◀ native fastest
batch_mixed_ops 24.7s 13.6s 20.9s ◀ MCP fastest
yaml_comment_preserve 18.1s 11.6s 16.1s ◀ MCP fastest
md_insert 15.0s 11.7s 15.7s ◀ MCP fastest
file_ops 26.0s 16.6s 17.2s ◀ ~same
tidy 45.0s 30.3s 41.7s ◀ MCP fastest
────────────────────── ────── ────── ──────
TOTAL 321.9s 228.5s 233.8s
MCP mode wins overall (228.5s vs 233.8s native) because structured tool calls skip shell syntax construction entirely. MCP wins 5/11 tasks; native wins 3/11; 3 are ties. CLI mode is always slowest due to shell construction overhead.
# Homebrew (macOS/Linux) brew install patchloom/tap/patchloom # crates.io (requires Rust 1.95+, includes MCP server) cargo install patchloom
Pre-built binaries for Linux, macOS, and Windows are on the Releases page. See Installation for shell installer scripts, source builds, and shell completion setup.
patchloom init
This creates AGENTS.md in a new project or appends the rules to an existing agent instructions file, offers shell completions, and detects MCP configuration opportunities. Pass -y to skip confirmation prompts.
If you only want the rules text:
patchloom agent-rules >> AGENTS.md # Or tailor the output: patchloom agent-rules --mode mcp >> AGENTS.md # MCP-only (no CLI examples) patchloom agent-rules --platform windows >> AGENTS.md # Windows-only syntax
If .vscode/ or .cursor/ exists, init also prints ready-to-copy .vscode/mcp.json or .cursor/mcp.json snippets.
Your AI agent reads AGENTS.md and learns when to use patchloom vs native tools.
# Parser-backed: changes the value, preserves comments and formatting patchloom doc set config.yaml database.port 5432 --apply
patchloom batch --apply <<'EOF' doc.set config.json version "2.0" md.upsert_bullet AGENTS.md "Rules" "- Always test" replace src/main.rs "v1" "v2" EOF
Or use a JSON plan with format and validate lifecycle:
{
"version": "1",
"operations": [
{ "op": "doc.set", "path": "config.json", "selector": "version", "value": "2.0" },
{ "op": "md.upsert_bullet", "path": "AGENTS.md", "heading": "Rules", "bullet": "- Always test" },
{ "op": "replace", "path": "src/main.rs", "from": "v1", "to": "v2" }
],
"format": [{ "cmd": "cargo fmt --all" }],
"validate": [{ "cmd": "cargo test", "required": true }]
}patchloom tx plan.json --apply
tx plans are trusted input. format and validate run their cmd fields through the host shell (sh -c on Unix, cmd /C on Windows), so only run plans you trust.
After installing with MCP support, start the server:
patchloom mcp-server
MCP-capable agents call patchloom tools directly as structured JSON, with no shell quoting or command construction. The agent sends {"path": "config.json", "selector": "version", "value": "2.0"} instead of building patchloom doc set config.json version '"2.0"' --apply.
To allow tx plans with format/validate lifecycle steps (shell command execution), add --allow-shell:
patchloom mcp-server --allow-shell
See the MCP setup guide for per-agent configuration and the full security model.
Add patchloom as a dependency (omit the MCP server with default-features = false):
[dependencies] patchloom = { version = "0.1", default-features = false }
use patchloom::api::{self, ApplyMode}; use std::path::Path; // Replace text (preview only, no disk write) let result = api::replace_text( Path::new("src/config.rs"), "old_value", "new_value", &api::ReplaceOptions::default(), ApplyMode::Preview, )?; println!("{}", result.diff); // Set a value in a JSON file api::doc_set( Path::new("config.json"), "version", serde_json::json!("2.0"), ApplyMode::Apply, )?;
All API types are Send + Sync. See the patchloom::api module docs for the full surface.
| Resource | What you'll learn |
|---|---|
| Installation | Install options and shell completions |
| Core concepts | Write modes, transaction plans, exit codes |
| MCP setup | Configure patchloom as an MCP server for your agent |
| Quickstart | 5-minute walkthrough |
| Reference | Every command, operation, and mode |
| Examples | Transaction plan templates |
| Command | What it does | When to use |
|---|---|---|
batch |
Line-oriented multi-file edits in 1 call | Editing 3+ files with simple syntax |
tx |
JSON plan with format/validate lifecycle | Complex multi-file edits with rollback |
doc |
Parser-backed JSON/YAML/TOML edits | Changing config values without breaking syntax |
md |
Heading-aware markdown edits | Updating tables, sections, bullets in docs |
patch |
Apply unified diffs with stale detection | Replaying patches safely |
tidy |
Text-file whitespace and newline normalization | CI checks for text tidiness |
mcp-server |
MCP protocol server | MCP-capable agents (no shell syntax) |
| Command | Description |
|---|---|
search |
Fast literal or regex search across text files |
replace |
Mechanical string replacement across text files with diff preview |
create |
Create a new file with content |
delete |
Delete a file |
rename |
Move (rename) a file |
read |
Read file contents with optional line range |
status |
Show which files have uncommitted changes |
explain |
Summarize a tx plan in plain English |
undo |
Restore files from a backup created by --apply |
completions |
Generate shell completions (bash, zsh, fish, elvish) |
init |
Set up patchloom in a project (agent rules, completions, MCP) |
schema |
Export operation schemas with tier filtering and system prompts |
agent-rules |
Generate agent instructions for your project |
| Tool | Strength | Where patchloom differs |
|---|---|---|
| jq | JSON query/transform | patchloom also handles YAML, TOML, markdown; batches across files; preserves comments |
| yq | YAML/JSON query/transform | patchloom preserves YAML comments via CST editing; adds markdown, batching, atomic transactions |
| dasel | Multi-format get/set | patchloom adds batching (N edits in 1 call), atomic rollback, format/validate lifecycle |
| sd | Regex find/replace | patchloom adds parser-backed structured edits; batching; never produces invalid JSON/YAML |
| comby | Structural code patterns | patchloom targets config files and agent workflows, not source code pattern matching |
The key difference: patchloom is designed for AI agent workflows. One batch or tx call replaces N sequential tool calls, cutting round-trips and eliminating partial-failure states.
The table above compares patchloom to human CLI tools. But agents already have built-in editing: Claude Code's edit_file, Cursor's apply, Grok Build's search_replace, Aider's /code blocks. Why add patchloom on top?
Agent-native tools use text matching. They find a block of text and replace it. This works for source code but fails on structured config files:
Agent uses search_replace on YAML
database: # Production settings host: db.prod.internal port: 5432 # PostgreSQL default pool_size: 10
The agent replaces port: 5432 with port: 5433. Result depends on implementation. Many agents lose the inline comment, break indentation, or fail to match because of surrounding context changes.
Agent uses patchloom doc set
patchloom doc set config.yaml \
database.port 5433 --applyThe YAML parser changes the value at the selector path. Comments, indentation, key ordering, and all other formatting are preserved. The output is always valid YAML.
| Limitation of agent-native tools | How patchloom addresses it |
|---|---|
| Comment destruction | CST-level YAML/TOML editing preserves all comments |
| One file per tool call | batch/tx edit N files in 1 call (6.7x faster in benchmarks) |
| No rollback | tx with strict: true reverts all files if validation fails |
| Platform-dependent | Same binary and syntax on Linux, macOS, Windows |
| Stale context risk | patch apply uses fuzz matching to handle context drift |
When to keep using native tools: Single-file reads, simple text search, single-file text replacement where comments don't matter. Patchloom's agent-rules tell agents exactly when to use each approach.
Two integration modes, same capabilities:
flowchart LR
subgraph CLI["CLI mode (any agent)"]
direction TB
A["patchloom agent-rules >> AGENTS.md"] --> B["Agent reads AGENTS.md"]
B --> C{"What kind of edit?"}
C -->|Simple edit| D["Native tool (faster)"]
C -->|Config edit| E["patchloom doc (safer)"]
C -->|Markdown edit| F["patchloom md (smarter)"]
C -->|Multi-file edit| G["patchloom batch (batched)"]
end
subgraph MCP["MCP mode (MCP-capable agents)"]
direction TB
H["patchloom mcp-server"] --> I["Agent discovers tools via MCP"]
I --> J["Structured JSON tool calls"]
J --> K["No shell syntax needed"]
end
1400+ tests across 20 commands. Tested with Grok 4.3, GPT-5.4, and Claude Opus 4.6.
Every command, flag, transaction operation, and exit code is documented in the Command Reference (also available at docs/reference/README.md).
Licensed under either of:
- MIT license (LICENSE)
- Apache License, Version 2.0 (LICENSE-APACHE)
at your option.
See CONTRIBUTING.md.
For local verification before opening a pull request, run make check. It matches the main Linux CI gate: formatting, clippy, unit tests, integration tests, and generated-doc freshness checks. While iterating locally, make check-fast runs the Rust formatting, lint, and test path without the generated-doc freshness checks.
All commits must be signed off with git commit -s.
make agent-test runs 19 pytest scenarios that verify AI agents correctly use patchloom when given instructions. make bench-agent runs 3-way benchmarks (CLI vs MCP vs native) across 11 tasks. Use MODEL=X to switch models and RUNS=N for variance reduction. Requires an LLM API key. Not part of make check. See tests/agent/README.md for details.
For current security reporting guidance, see SECURITY.md.