jar-wise
Verified Safeby advance-group
Overview
JarWise is a Java code analysis tool providing an MCP server to understand method call hierarchies, dependencies, and REST API endpoints in Java projects.
Installation
JAR_WISE_PROJECT_PATH=${pwd} java -jar app/build/libs/app.jarEnvironment Variables
- JAR_WISE_MODE
- JAR_WISE_PROJECT_PATH
- JAR_WISE_CACHE_SIZE
Security Notes
The server's primary function is to read and parse Java source code and JAR files. It does not execute arbitrary user-provided code strings. Inputs for tools like `signature` or `query` are used for lookups and pattern matching (with `Pattern.quote` for regex, mitigating injection). The `project-path` or `root-path` configuration can point to any directory, which means sensitive data could be indexed if misconfigured, but this is an intended function. Resource exhaustion (CPU/memory) is possible with extremely large codebases during indexing or complex traversals, though an LRU cache is used for multiple projects. Temporary files are created during Spring Boot JAR extraction but are configured to be deleted on exit.
Similar Servers
tda
Headless analysis of Java thread dumps for diagnosing performance issues, deadlocks, and virtual thread problems, primarily for integration with AI agents or automated pipelines.
easy-code-reader
Provides a Model Context Protocol (MCP) server for AI assistants to intelligently read Java source code from local projects and Maven dependencies, supporting decompilation and multi-module analysis.
narsil-mcp
AI-powered code analysis and understanding for developers and coding agents, providing semantic search, call graphs, security audits, and architectural insights.
codebadger-toolkit
A containerized Model Context Protocol (MCP) server providing static code analysis using Joern's Code Property Graph (CPG) technology.