# Maven MCP Server
[](https://github.com/danielscholl/mvn-mcp-server/actions/workflows/ci.yml)
[](https://github.com/danielscholl/mvn-mcp-server/releases)
[](https://www.python.org/downloads/)
[](https://opensource.org/licenses/MIT)
[](https://modelcontextprotocol.io)
**AI-powered Maven dependency management through natural language.**
Maven MCP Server enables AI assistants to interact with Maven Central repository, providing comprehensive tools for version checking, security scanning, and dependency analysis—all through conversational interfaces.
## Why Maven MCP Server?
**Traditional Maven workflow:**
```bash
mvn versions:display-dependency-updates # Check all dependencies
# Read through XML output, manually check each update
# Manually verify security advisories
# Repeat for each project...
```
**With Maven MCP Server:**
```
You: "Scan this project for vulnerabilities and create an update plan"
AI: ✅ Found 3 critical CVEs, 12 outdated dependencies
📋 Created prioritized update plan with file locations
🎯 Ready to implement
```
> **Key Benefits:**
> - Natural language instead of complex Maven commands
> - Single workflow combining version checks + security + planning
> - AI-assisted decision making with full context
> - Intelligent caching for faster repeated queries
> - Enterprise-ready with audit trails and traceability
## Features
| Category | Capabilities |
|----------|-------------|
| **Version Management** | Check single or batch dependency versions • Discover available updates (major/minor/patch) • List version history grouped by tracks |
| **Security Scanning** | Integrate Trivy vulnerability scanning • CVE detection with severity filtering • Multi-module project support • Profile-based scanning for multi-cloud deployments |
| **Enterprise Workflows** | Guided dependency triage analysis • Actionable remediation planning • Complete audit trail with CVE traceability |
| **AI-Optimized** | Single-call comprehensive responses • Batch operations for efficiency • Intelligent caching |
## Quick Start
**Prerequisites:**
- [Python 3.12+](https://www.python.org/downloads/)
- [uv](https://docs.astral.sh/uv/getting-started/installation/)
- [trivy](https://trivy.dev) (optional, for security scanning)
- [maven](https://maven.apache.org/install.html) (optional, for profile-based scanning)
### Setup
[](https://vscode.dev/redirect?url=vscode:mcp/install?%7B%22name%22%3A%22mvn-mcp-server%22%2C%22command%22%3A%22uvx%22%2C%22args%22%3A%5B%22mvn-mcp-server%22%5D%2C%22env%22%3A%7B%7D%7D)
```bash
mcp add mvn-mcp-server -- uvx mvn-mcp-server
```
Or add manually to your MCP configuration:
```json
{
"mcpServers": {
"mvn-mcp-server": {
"command": "uvx",
"args": ["mvn-mcp-server"]
}
}
}
```
### Try It
> "Check if Spring Core 5.3.0 has any updates available"
> "Scan my Java project for security vulnerabilities"
### Optional: Security Scanning
Install **Trivy** for vulnerability detection:
```bash
# macOS
brew install trivy
# Linux
# See: https://aquasecurity.github.io/trivy/latest/getting-started/installation/
```
Without Trivy, version checking and dependency analysis work normally. Security scanning tools will gracefully report Trivy unavailable.
**Security Note:** All processing happens locally. No source code or project data is sent to external services (except public Maven Central API queries for version information).
## Available Tools
| Tool | Description | Example Query |
|------|-------------|---------------|
| **check_version_tool** | Check single dependency version | `Check org.springframework:spring-core version 5.3.0` |
| **check_version_batch_tool** | Check multiple dependencies | `Check these for updates: spring-core 5.3.0, junit 4.13.2` |
| **list_available_versions_tool** | List version history by tracks | `Show all versions of commons-lang3` |
| **scan_java_project_tool** | Security scan with Trivy | `Scan this project for vulnerabilities` |
| **analyze_pom_file_tool** | Analyze POM file | `Analyze this pom.xml for issues` |
## Available Prompts
| Prompt | Description | Example Query |
|--------|-------------|---------------|
| **list_mcp_assets_prompt** | Show all capabilities with examples | `What can this server do?` |
| **triage** | Complete dependency and vulnerability analysis | `Run triage for my-service` |
| **plan** | Generate actionable remediation plan | `Create update plan for my-service` |
## License
This project is licensed under the MIT License - see [LICENSE](LICENSE) for details.
---
<div align="center">
**[Usage](https://github.com/danielscholl/mvn-mcp-server/blob/main/docs/project-usage.md)** • **[Architecture](https://github.com/danielscholl/mvn-mcp-server/blob/main/docs/project-architect.md)** • **[Contributing](https://github.com/danielscholl/mvn-mcp-server/blob/main/CONTRIBUTING.md)**
</div>
Raw data
{
"_id": null,
"home_page": null,
"name": "mvn-mcp-server",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.12",
"maintainer_email": "Daniel Scholl <daniel.scholl@microsoft.com>",
"keywords": "mcp, maven, model-context-protocol, dependency-management",
"author": "Daniel Scholl",
"author_email": null,
"download_url": "https://files.pythonhosted.org/packages/81/de/adc9c918d9f94bd6ca075edd35c1d870fca4017ba6877647359306f3b362/mvn_mcp_server-2.2.2.tar.gz",
"platform": null,
"description": "# Maven MCP Server\n\n[](https://github.com/danielscholl/mvn-mcp-server/actions/workflows/ci.yml)\n[](https://github.com/danielscholl/mvn-mcp-server/releases)\n[](https://www.python.org/downloads/)\n[](https://opensource.org/licenses/MIT)\n[](https://modelcontextprotocol.io)\n\n**AI-powered Maven dependency management through natural language.**\n\nMaven MCP Server enables AI assistants to interact with Maven Central repository, providing comprehensive tools for version checking, security scanning, and dependency analysis\u2014all through conversational interfaces.\n\n## Why Maven MCP Server?\n\n**Traditional Maven workflow:**\n```bash\nmvn versions:display-dependency-updates # Check all dependencies\n# Read through XML output, manually check each update\n# Manually verify security advisories\n# Repeat for each project...\n```\n\n**With Maven MCP Server:**\n```\nYou: \"Scan this project for vulnerabilities and create an update plan\"\nAI: \u2705 Found 3 critical CVEs, 12 outdated dependencies\n \ud83d\udccb Created prioritized update plan with file locations\n \ud83c\udfaf Ready to implement\n```\n\n> **Key Benefits:**\n> - Natural language instead of complex Maven commands\n> - Single workflow combining version checks + security + planning\n> - AI-assisted decision making with full context\n> - Intelligent caching for faster repeated queries\n> - Enterprise-ready with audit trails and traceability\n\n## Features\n\n| Category | Capabilities |\n|----------|-------------|\n| **Version Management** | Check single or batch dependency versions \u2022 Discover available updates (major/minor/patch) \u2022 List version history grouped by tracks |\n| **Security Scanning** | Integrate Trivy vulnerability scanning \u2022 CVE detection with severity filtering \u2022 Multi-module project support \u2022 Profile-based scanning for multi-cloud deployments |\n| **Enterprise Workflows** | Guided dependency triage analysis \u2022 Actionable remediation planning \u2022 Complete audit trail with CVE traceability |\n| **AI-Optimized** | Single-call comprehensive responses \u2022 Batch operations for efficiency \u2022 Intelligent caching |\n\n## Quick Start\n\n**Prerequisites:**\n\n- [Python 3.12+](https://www.python.org/downloads/)\n- [uv](https://docs.astral.sh/uv/getting-started/installation/)\n- [trivy](https://trivy.dev) (optional, for security scanning)\n- [maven](https://maven.apache.org/install.html) (optional, for profile-based scanning)\n\n\n### Setup\n\n[](https://vscode.dev/redirect?url=vscode:mcp/install?%7B%22name%22%3A%22mvn-mcp-server%22%2C%22command%22%3A%22uvx%22%2C%22args%22%3A%5B%22mvn-mcp-server%22%5D%2C%22env%22%3A%7B%7D%7D)\n\n\n```bash\nmcp add mvn-mcp-server -- uvx mvn-mcp-server\n```\n\nOr add manually to your MCP configuration:\n\n```json\n{\n \"mcpServers\": {\n \"mvn-mcp-server\": {\n \"command\": \"uvx\",\n \"args\": [\"mvn-mcp-server\"]\n }\n }\n}\n```\n\n\n### Try It\n\n> \"Check if Spring Core 5.3.0 has any updates available\"\n\n> \"Scan my Java project for security vulnerabilities\"\n\n\n### Optional: Security Scanning\n\nInstall **Trivy** for vulnerability detection:\n\n```bash\n# macOS\nbrew install trivy\n\n# Linux\n# See: https://aquasecurity.github.io/trivy/latest/getting-started/installation/\n```\n\nWithout Trivy, version checking and dependency analysis work normally. Security scanning tools will gracefully report Trivy unavailable.\n\n**Security Note:** All processing happens locally. No source code or project data is sent to external services (except public Maven Central API queries for version information).\n\n## Available Tools\n\n| Tool | Description | Example Query |\n|------|-------------|---------------|\n| **check_version_tool** | Check single dependency version | `Check org.springframework:spring-core version 5.3.0` |\n| **check_version_batch_tool** | Check multiple dependencies | `Check these for updates: spring-core 5.3.0, junit 4.13.2` |\n| **list_available_versions_tool** | List version history by tracks | `Show all versions of commons-lang3` |\n| **scan_java_project_tool** | Security scan with Trivy | `Scan this project for vulnerabilities` |\n| **analyze_pom_file_tool** | Analyze POM file | `Analyze this pom.xml for issues` |\n\n## Available Prompts\n\n| Prompt | Description | Example Query |\n|--------|-------------|---------------|\n| **list_mcp_assets_prompt** | Show all capabilities with examples | `What can this server do?` |\n| **triage** | Complete dependency and vulnerability analysis | `Run triage for my-service` |\n| **plan** | Generate actionable remediation plan | `Create update plan for my-service` |\n\n## License\n\nThis project is licensed under the MIT License - see [LICENSE](LICENSE) for details.\n\n---\n\n<div align=\"center\">\n\n**[Usage](https://github.com/danielscholl/mvn-mcp-server/blob/main/docs/project-usage.md)** \u2022 **[Architecture](https://github.com/danielscholl/mvn-mcp-server/blob/main/docs/project-architect.md)** \u2022 **[Contributing](https://github.com/danielscholl/mvn-mcp-server/blob/main/CONTRIBUTING.md)**\n\n</div>\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "A MCP server for Maven dependency version checking",
"version": "2.2.2",
"project_urls": {
"Changelog": "https://github.com/danielscholl/mvn-mcp-server/blob/main/CHANGELOG.md",
"Documentation": "https://github.com/danielscholl/mvn-mcp-server#readme",
"Homepage": "https://github.com/danielscholl/mvn-mcp-server",
"Issues": "https://github.com/danielscholl/mvn-mcp-server/issues",
"Repository": "https://github.com/danielscholl/mvn-mcp-server"
},
"split_keywords": [
"mcp",
" maven",
" model-context-protocol",
" dependency-management"
],
"urls": [
{
"comment_text": null,
"digests": {
"blake2b_256": "887cd8a8f0e6ddca4e3790acf42b52c2d4153d5f5e1679f073ddc750f950789e",
"md5": "27c9d3efeeb6481bf30f0f958eadb00b",
"sha256": "d05ca39beb13bd278976bc57fee2dd22caaff25c853078a3106b5f338dd5c653"
},
"downloads": -1,
"filename": "mvn_mcp_server-2.2.2-py3-none-any.whl",
"has_sig": false,
"md5_digest": "27c9d3efeeb6481bf30f0f958eadb00b",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.12",
"size": 97360,
"upload_time": "2025-10-15T18:25:06",
"upload_time_iso_8601": "2025-10-15T18:25:06.157891Z",
"url": "https://files.pythonhosted.org/packages/88/7c/d8a8f0e6ddca4e3790acf42b52c2d4153d5f5e1679f073ddc750f950789e/mvn_mcp_server-2.2.2-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": null,
"digests": {
"blake2b_256": "81deadc9c918d9f94bd6ca075edd35c1d870fca4017ba6877647359306f3b362",
"md5": "e784967560df06f0cb7d11683122f031",
"sha256": "e2a8a8938fc0f7c8fc944270226c7623fcf724943914bb7699646fed5b6997b7"
},
"downloads": -1,
"filename": "mvn_mcp_server-2.2.2.tar.gz",
"has_sig": false,
"md5_digest": "e784967560df06f0cb7d11683122f031",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.12",
"size": 77867,
"upload_time": "2025-10-15T18:25:07",
"upload_time_iso_8601": "2025-10-15T18:25:07.681803Z",
"url": "https://files.pythonhosted.org/packages/81/de/adc9c918d9f94bd6ca075edd35c1d870fca4017ba6877647359306f3b362/mvn_mcp_server-2.2.2.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-10-15 18:25:07",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "danielscholl",
"github_project": "mvn-mcp-server",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"lcname": "mvn-mcp-server"
}
JSON
