Maven Tools MCP Server
Maven Central dependency intelligence for JVM build tools: versions, upgrades, CVEs, licenses, and POM-aware analysis.
Add to your client
Copy the config for your MCP client and paste it into its config file.
docker run -i --rm arvindand/maven-tools-mcp:latestPaste into ~/Library/Application Support/Claude/claude_desktop_config.json
{
"mcpServers": {
"maven-tools-mcp-server": {
"command": "docker",
"args": [
"run",
"-i",
"--rm",
"arvindand/maven-tools-mcp:latest"
]
}
}
}Requires Docker to be installed and running.
Step-by-step guides: Add to Claude Desktop · Add to Cursor · Add to Windsurf
Before you start
- Docker
- An MCP-capable client (Claude Desktop, VS Code + GitHub Copilot, Cursor, etc.)
About Maven Tools MCP Server
Maven Tools MCP Server is a Java/Spring AI MCP server that gives AI assistants and agents live Maven Central dependency intelligence for any JVM build tool (Maven, Gradle, SBT, Mill). It exposes 11 MCP tools covering latest-version lookups with stability filtering, bulk coordinate checks, upgrade comparisons, dependency age/health/release-cadence analysis, CVE and license signals, and POM-aware effective-version resolution that walks the parent chain and resolves BOM imports without building the project. Two POM-aware tools (analyze_pom_dependencies, recommend_pom_upgrades) let a non-LLM agent get a deterministic, applyable upgrade plan in a single round-trip. Optional Context7 integration adds documentation lookup tools. It runs locally via Docker over stdio (with HTTP and noc7 image variants available).
Tools & capabilities (11)
get_latest_versionFind the latest version of a dependency with stability-aware selection.
check_version_existsVerify that a specific version exists and classify its stability.
check_multiple_dependenciesBulk lookup for multiple dependency coordinates.
compare_dependency_versionsCompare current versions against available upgrades.
analyze_dependency_ageClassify how old a dependency is.
analyze_release_patternsExamine release cadence and maintenance signals.
analyze_project_healthRun a broader dependency health audit.
analyze_pom_dependenciesPOM-aware: resolve effective versions from raw pom.xml, classify each dep as EXPLICIT / MANAGED / EXPLICIT_OVERRIDE, surface multi-BOM conflicts and the managing BOM coordinate.
recommend_pom_upgradesPOM-aware: returns deterministic <version> edits (explicit bumps + user-controllable BOM bumps) for an agent to apply, plus a needs_attention list of majors / conflicts / overrides for human or LLM review.
resolve-library-idContext7: find a documentation library identifier for a library.
query-docsContext7: fetch documentation by Context7 library ID.
What this server can do
Maven Tools MCP Server provides tools for these capabilities — tap one to see every MCP server that does the same:
When to use it
- Check the latest stable version of a JVM library directly from your editor or AI assistant.
- Compare a project's current dependencies against the newest available versions with major/minor/patch context.
- Audit a project for stale, risky, or weakly maintained dependencies, including CVE and license signals.
- Resolve a whole pom.xml into per-dependency effective versions (parent chain + dependencyManagement + BOM imports) without building.
- Drive agent-based dependency maintenance: one recommend_pom_upgrades call returns a deterministic, applyable upgrade plan for safe minor/patch bumps.
Security notes
Runs locally via Docker over stdio; no authentication required. Uncached queries need network access to Maven Central. Context7 documentation tools are optional and can be disabled via the :latest-noc7 image; CONTEXT7_API_KEY is optional and passed with -e CONTEXT7_API_KEY if needed. Custom CA certificate support is available for locked-down corporate networks.
Maven Tools MCP Server FAQ
Does this replace Renovate or Dependabot?
For Maven Central-based JVM projects it can. Maven Tools MCP is the dependency intelligence layer, and the replacement behavior comes from an agent workflow built on top of it (e.g., the repository's own weekly self-update flow that opens reviewable PRs for safe minor/patch upgrades).
Does it work offline?
Not fully. Uncached queries need network access to Maven Central.
Does it work for Gradle or other JVM build tools?
Yes, as long as the project depends on libraries resolved through Maven Central coordinates. The inputs are standard Maven coordinates, so the same data applies to Maven, Gradle, SBT, and Mill.
Is Context7 required?
No. Context7 documentation tools are optional. The :latest-noc7 image disables them entirely, and CONTEXT7_API_KEY is optional for the default image.
Alternatives to Maven Tools MCP Server
Compare all alternatives →
Microsoft's official browser-automation MCP using Playwright's accessibility tree (no vision model).
Up-to-date, version-specific library documentation injected into your coding agent.
Code intelligence engine that indexes repos into a persistent knowledge graph for AI coding agents.
Compare Maven Tools MCP Server with: