Scans PHP Composer dependencies from composer.json and composer.lock files to analyze licenses and generate license reports
Scans Java Gradle dependencies from build.gradle files to analyze licenses and generate license reports
Scans npm/Node.js dependencies from package.json files using the npm registry API to analyze licenses and generate license reports
Scans pnpm dependencies from pnpm-lock.yaml files to analyze licenses and generate license reports
Scans Python dependencies from requirements.txt, pyproject.toml, and Pipfile using the PyPI JSON API to analyze licenses and generate license reports
Scans Ruby dependencies from Gemfile and Gemfile.lock files to analyze licenses and generate license reports
Scans Rust dependencies from Cargo.toml and Cargo.lock files using the crates.io API to analyze licenses and generate license reports
Scans Yarn dependencies from yarn.lock files to analyze licenses and generate license reports
License Scanner MCP Server
A Model Context Protocol (MCP) server built with FastMCP that scans project dependencies and generates license reports in markdown format.
Features
Multi-package manager support: npm, pip, cargo, and more
Automatic license detection: Fetches license information from package registries
Markdown report generation: Creates comprehensive license reports
Caching: Avoids repeated API calls for better performance
Error handling: Robust error handling and informative error messages
Supported Package Managers
npm/yarn/pnpm:
package.json
,yarn.lock
,pnpm-lock.yaml
Python:
requirements.txt
,pyproject.toml
,Pipfile
Rust:
Cargo.toml
,Cargo.lock
PHP:
composer.json
,composer.lock
Ruby:
Gemfile
,Gemfile.lock
Go:
go.mod
,go.sum
Java:
pom.xml
,build.gradle
Installation
Install dependencies:
Run the MCP server:
Available Tools
1. scan_dependencies(project_path: str)
Scans a project for dependencies and returns detailed license information.
Parameters:
project_path
: Path to the project directory to scan
Returns: JSON string containing dependency and license information
2. generate_license_report(project_path: str, output_file: str = None)
Generates a markdown license report for a project.
Parameters:
project_path
: Path to the project directory to scanoutput_file
: Optional path to save the markdown report
Returns: Markdown content of the license report
3. list_package_managers(project_path: str)
Lists all package manager files found in a project.
Parameters:
project_path
: Path to the project directory to scan
Returns: JSON string containing list of package manager files
Example Usage
Using the MCP server with Claude Desktop
Add the server to your Claude Desktop configuration:
Use the tools in Claude Desktop:
"Scan the dependencies in my project"
"Generate a license report for this project"
"List the package managers used in this project"
Example Project
The example_project/
directory contains sample files for different package managers:
package.json
- npm dependenciesrequirements.txt
- Python dependenciesCargo.toml
- Rust dependencies
License Information Sources
npm packages: npm registry API
Python packages: PyPI JSON API
Rust crates: crates.io API
Output Format
The license report includes:
Project information: Path, total dependencies, package files found
Dependencies by manager: Organized by package manager with license details
License summary: Count of dependencies by license type
Sample Markdown Output
Error Handling
The server includes comprehensive error handling:
Invalid project paths
Missing package files
Network errors when fetching license information
Malformed package files
Performance
Caching: License information is cached to avoid repeated API calls
Parallel processing: Multiple package files are processed efficiently
Timeout handling: API requests have timeout protection
Contributing
Fork the repository
Create a feature branch
Add tests for new functionality
Submit a pull request
License
This project is licensed under the MIT License.
This server cannot be installed
hybrid server
The server is able to function both locally and remotely, depending on the configuration or use case.
Enables scanning of project dependencies across multiple package managers (npm, pip, cargo, etc.) and generates comprehensive markdown license reports. Supports automatic license detection from package registries with caching for improved performance.