Labsco
codacy logo

Codacy

β˜… 60

from codacy

Access the Codacy API to analyze code quality, coverage, and security for your repositories.

πŸ”₯πŸ”₯πŸ”₯πŸ”₯βœ“ VerifiedAccount requiredNeeds API keys

Codacy MCP Server

Codacy Badge

MCP Server for the Codacy API, enabling access to repositories, files, quality, coverage, security and more.

Table of Contents

Features / Tools

The following tools are available through the Codacy MCP Server:

Repository Setup and Management

  • codacy_setup_repository: Add or follow a repository in Codacy if not already present. This tool ensures the repository is registered with Codacy, allowing further analysis and management.

Organization and Repository Management

  • codacy_list_organizations: List organizations with pagination support.
  • codacy_list_organization_repositories: List repositories in an organization with pagination support.
  • codacy_get_repository_with_analysis: Get repository with analysis information, including metrics for Grade, Issues, Duplication, Complexity, and Coverage.

Code Quality and Analysis

  • codacy_list_repository_issues: Lists and filters code quality issues in a repository. This is the primary tool for investigating general code quality concerns (e.g. best practices, performance, complexity, style) but NOT security issues. For security-related issues, use the SRM items tool instead. Features include:

    • Pagination support for handling large result sets
    • Filtering by multiple criteria including severity, category, and language
    • Author-based filtering for accountability
    • Branch-specific analysis
    • Pattern-based searching

    Common use cases:

    • Code quality audits
    • Technical debt assessment
    • Style guide compliance checks
    • Performance issue investigation
    • Complexity analysis

File Management and Analysis

  • codacy_list_files: List files in a repository with pagination support.
  • codacy_get_file_issues: Get the issue list for a file in a repository.
  • codacy_get_file_coverage: Get coverage information for a file in the head commit of a repository branch.
  • codacy_get_file_clones: Get the list of duplication clones (identical or very similar code segments) for a file in a repository.
  • codacy_get_file_with_analysis: Get detailed analysis information for a file, including metrics for Grade, Issues, Duplication, Complexity, and Coverage.

Security Analysis

  • codacy_search_organization_srm_items: Primary tool to list security items/issues/vulnerabilities/findings across an organization. Results are related to the organization's security and risk management (SRM) dashboard on Codacy.
  • codacy_search_repository_srm_items: List security items/issues/vulnerabilities/findings for a specific repository.

Both tools provide comprehensive security analysis including:

  • SAST (Code scanning)
  • Secrets (Secret scanning)
  • SCA (Dependency scanning)
  • IaC (Infrastructure-as-code scanning)
  • CICD (CI/CD scanning)
  • DAST (Dynamic Application Security Testing)
  • PenTesting (Penetration testing)

Pull Request Analysis

  • codacy_list_repository_pull_requests: List pull requests from a repository that the user has access to.
  • codacy_get_repository_pull_request: Get detailed information about a specific pull request.
  • codacy_list_pull_request_issues: Returns a list of issues found in a pull request (new or fixed issues).
  • codacy_get_pull_request_files_coverage: Get diff coverage information for all files in a pull request.
  • codacy_get_pull_request_git_diff: Returns the human-readable Git diff of a pull request.

Tool and Pattern Management

  • codacy_list_tools: List all code analysis tools available in Codacy.
  • codacy_list_repository_tools: Get analysis tools settings and available tools for a repository.
  • codacy_get_pattern: Get the definition of a specific pattern.
  • codacy_list_repository_tool_patterns: List the patterns of a tool available for a repository.
  • codacy_get_issue: Get detailed information about a specific issue.

CLI Analysis

  • codacy_cli_analyze: Run quality analysis locally using Codacy CLI. Features include:
    • Analyze specific files or entire directories
    • Use specific tools or all available tools
    • Get immediate results without waiting for scheduled analysis
    • Apply fixes based on Codacy configuration

Contribute

To work locally on the MCP Server code, run:

npm install
npm run update-api
npm run build

Testing with Inspector

You can test the MCP server using the inspector tool. You can either set a CODACY_ACCOUNT_TOKEN environment variable or pass it inline:

CODACY_ACCOUNT_TOKEN=your_token_here npm run inspect

This will build the project and launch the MCP inspector with your Codacy token.

Testing with an Agent

You can test your local instance configuring the MCP Server as follows:

"codacy": {
  "command": "/path/to/bin/node",
  "args": [
    "/path/to/codacy-mcp-server/dist/index.js"
  ],
  "env": {
    "CODACY_ACCOUNT_TOKEN": "<YOUR_TOKEN>"
  }
}

Codacy-CLI Support

In order to use the Codacy-CLI, it needs to be installed. Whenever the MCP Server will receive a request to analyze, it will try to install the CLI and initialize it.

In case you want to use a specific version of our CLI, send a CODACY_CLI_VERSION env variable in the MCP Server configuration.

License

This MCP server is licensed under the MIT License. This means you are free to use, modify, and distribute the software, subject to the terms and conditions of the MIT License. For more details, please see the LICENSE file in the project repository.