UNPKG

juro-mcp-server

Version:

Juro - providing compliance as a service: Enterprise-grade MCP server for automated compliance scanning with AI-powered analysis

github.com/arshdeepmakker/juro.mcp.server

arshdeepmakker/juro.mcp.server

272 lines (212 loc) โ€ข 11 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
# Juro MCP Server > **Juro - providing compliance as a service** Juro is a comprehensive compliance scanning platform that integrates seamlessly with your development workflow. It provides automated compliance checking, intelligent analysis, natural language interaction, and enterprise-grade performance optimization for GDPR, SOC 2, OWASP, and other regulatory frameworks. [![Version](https://img.shields.io/badge/version-2.0.0-blue.svg)](https://github.com/yourusername/juro.mcp.server) [![Tests](https://img.shields.io/badge/tests-10%2F10%20passing-green.svg)](https://github.com/yourusername/juro.mcp.server) [![Performance](https://img.shields.io/badge/performance-optimized-orange.svg)](https://github.com/yourusername/juro.mcp.server) [![License](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE) ## ๐ŸŽ‰ **Current Status - Version 2.0.0** ### **โœ… Recently Completed** - **Performance Optimization**: Complete implementation with caching, parallel processing, and memory management - **Comprehensive Testing**: 10/10 BDD tests passing for all performance features - **Type Safety**: Full TypeScript type alignment and error handling - **VS Code Extension**: Local compliance engine with real-time scanning - **Documentation**: Complete documentation framework with quality standards - **Mock Dependencies**: Resolved all external dependency issues ### **๐Ÿš€ What's New in v2.0.0** - **Enterprise-Grade Performance**: Optimized for large codebases with intelligent caching - **Worker Pool Architecture**: Parallel file processing with configurable worker counts - **Memory Management**: Efficient handling of large files with chunked processing - **Real-time Metrics**: Performance monitoring and resource usage tracking - **Local-First Architecture**: VS Code extension works without server dependencies - **Comprehensive Error Handling**: Robust error management with proper type safety ## ๐Ÿš€ **Quick Start** ### **1. Installation** ```bash npm install -g juro-mcp-server ``` ### **2. Start the Server** ```bash juro-mcp-server ``` ### **3. Connect Your IDE** - **VS Code**: Install the Juro extension - **CLI**: Use `juro scan` command - **GitHub Actions**: Add compliance workflows ## โœจ **Key Features** ### **๐Ÿค– AI-Powered Analysis** - **Natural Language Queries**: Ask questions like "Check my code for GDPR violations" - **Intelligent Code Analysis**: Context-aware compliance checking - **Auto-Discovery**: Automatically detect compliance issues - **Smart Suggestions**: Get intelligent fix recommendations ### **๐Ÿ” Comprehensive Compliance Scanning** - **20+ Programming Languages**: TypeScript, JavaScript, Python, Java, Go, and more - **Multiple Regulations**: GDPR, SOC 2, ISO 27001, OWASP Top 10, WCAG - **Real-time Analysis**: Instant feedback as you code - **Pattern Detection**: Advanced pattern matching beyond simple regex ### **๐Ÿ› ๏ธ Developer Integration** - **GitHub Actions**: Automated compliance checks in CI/CD - **CLI Tools**: Command-line interface with git hooks - **IDE Integration**: Real-time compliance checking - **MCP Protocol**: AI agent integration ### **๐Ÿ“Š Advanced Features** - **Risk Prediction**: Predict compliance risks before they become issues - **Trend Analysis**: Track compliance improvements over time - **Learning System**: Improves accuracy based on your feedback - **Conversational Interface**: Multi-turn conversations about compliance ### **โšก Performance Optimization** - **Intelligent Caching**: Rule packs and scan results cached for instant access - **Parallel Processing**: Multi-threaded file scanning with configurable worker pools - **Memory Management**: Efficient handling of large files with chunked processing - **Performance Metrics**: Real-time monitoring of scan performance and resource usage - **Incremental Scanning**: Only scan changed files for faster subsequent runs - **Resource Cleanup**: Automatic cleanup of temporary files and memory ## ๐ŸŽฏ **Use Cases** ### **For Developers** - **Real-time Compliance**: Get instant feedback while coding - **Pre-commit Checks**: Automatically scan code before commits - **Code Reviews**: Ensure compliance in pull requests - **Learning**: Understand compliance requirements through AI explanations ### **For Teams** - **CI/CD Integration**: Automated compliance checks in pipelines - **Policy Enforcement**: Ensure team-wide compliance standards - **Reporting**: Generate compliance reports and trends - **Training**: Use AI explanations to train team members ### **For Organizations** - **Audit Preparation**: Maintain compliance documentation - **Risk Management**: Identify and mitigate compliance risks - **Process Automation**: Streamline compliance workflows - **Scalable Analysis**: Handle large codebases efficiently ## ๐Ÿ“– **Documentation** - **[User Guide](docs/user-guide.md)** - Complete user documentation - **[API Reference](docs/api-reference.md)** - MCP tools and API endpoints - **[Integration Guides](docs/integrations/)** - GitHub Actions, CLI, IDE setup - **[Examples](examples/)** - Practical examples and tutorials - **[Project Summaries](docs/summaries/)** - Development progress and status summaries - **[FAQ](docs/faq.md)** - Frequently asked questions ## ๐Ÿš€ **Getting Started** ### **1. Basic Scanning** ```bash # Scan current directory juro scan # Scan specific file juro scan src/auth.js # Scan with specific regulations juro scan --regulations GDPR,SOC2 ``` ### **2. Natural Language Queries** ```bash # Ask questions about your code juro ask "Check my authentication system for GDPR compliance" juro ask "What are the security risks in my API?" juro ask "Explain the data storage violations" ``` ### **3. GitHub Actions Integration** ```yaml name: Compliance Check on: [push, pull_request] jobs: compliance: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - uses: juro/compliance-check@v1 with: regulations: 'GDPR,SOC2' ``` ## ๐Ÿ—๏ธ **Architecture** Juro is built on the Model Context Protocol (MCP) with enterprise-grade performance optimization: ### **Core Components** - **MCP Server**: Core compliance engine with HTTP API (port 8080) and MCP TCP server (port 3000) - **AI Agent APIs**: Natural language processing and intelligent code analysis - **Integration Tools**: GitHub Actions, CLI, IDE extensions - **Compliance Engine**: Multi-layered rule checking with performance optimization - **Learning System**: Continuous improvement based on feedback ### **Performance Architecture** - **CacheManager**: Intelligent caching of rule packs and scan results - **WorkerPool**: Parallel file processing with configurable worker threads - **MemoryManager**: Efficient handling of large files with chunked processing - **PerformanceTracker**: Real-time metrics collection and monitoring - **ScanWorker**: Dedicated worker threads for file scanning operations ### **VS Code Extension** - **Local Compliance Engine**: Works without server dependencies - **Real-time Scanning**: Instant feedback on file changes - **Rule Sync Manager**: Daily synchronization of compliance rules - **Compliance Scoring**: Algorithm-based compliance scoring system ## ๐Ÿ“Š **Supported Regulations** | Regulation | Description | Coverage | |------------|-------------|----------| | **GDPR** | General Data Protection Regulation | Data privacy, consent, retention | | **SOC 2** | Service Organization Control 2 | Security, availability, processing | | **ISO 27001** | Information Security Management | Security controls, risk management | | **OWASP Top 10** | Web Application Security | Injection, authentication, XSS | | **WCAG** | Web Content Accessibility | Accessibility guidelines | ## ๐Ÿ› ๏ธ **Supported Languages** - **Backend**: TypeScript, JavaScript, Python, Java, Go, Rust, C/C++, PHP, Ruby - **Frontend**: HTML, CSS, SCSS, TypeScript React, JavaScript React - **Config**: JSON, YAML, XML, TOML, INI - **Docs**: Markdown, AsciiDoc, reStructuredText - **Deployment**: Docker, Kubernetes, Terraform, Ansible ## ๐Ÿงช **Testing & Quality Assurance** ### **Comprehensive Test Suite** - **BDD Tests**: Behavior-driven development with Gherkin scenarios - **Performance Tests**: 10/10 tests passing for all optimization features - **Unit Tests**: Individual component testing with Jest - **Integration Tests**: End-to-end workflow testing - **Mock Dependencies**: Complete mock implementations for external dependencies ### **Quality Framework** - **Documentation Quality**: Automated quality checks and metrics - **Code Standards**: TypeScript strict mode with comprehensive type safety - **Performance Monitoring**: Real-time metrics and resource usage tracking - **Error Handling**: Robust error management with proper logging ### **Test Coverage** - **Caching System**: Rule pack caching and scan result caching - **Parallel Processing**: Worker pool scaling and task distribution - **Memory Management**: Large file handling and chunked processing - **Performance Metrics**: Comprehensive performance tracking - **Incremental Scanning**: Efficient change detection and scanning ## ๐Ÿ“ˆ **Performance Benchmarks** ### **Scanning Performance** - **Small Projects** (< 100 files): < 1 second - **Medium Projects** (100-1000 files): < 10 seconds - **Large Projects** (1000+ files): < 60 seconds - **Memory Usage**: Optimized for large files with chunked processing - **Cache Hit Rate**: 90%+ for repeated scans ### **Resource Optimization** - **Worker Pool**: Configurable 1-8 workers for optimal performance - **Memory Management**: 10MB chunk size for large file processing - **Cache Storage**: Intelligent caching with automatic cleanup - **Parallel Processing**: Up to 4x faster than sequential scanning ### **Supported File Sizes** - **Small Files** (< 1MB): Instant processing - **Medium Files** (1-10MB): Chunked processing - **Large Files** (10MB+): Memory-optimized streaming - **Maximum File Size**: 50MB (configurable) ## ๐Ÿค **Contributing** We welcome contributions! Please see our [Contributing Guide](CONTRIBUTING.md) for details. ### **Development Setup** ```bash # Clone the repository git clone https://github.com/yourusername/juro.mcp.server.git cd juro.mcp.server # Install dependencies npm install # Run tests npm test # Run performance tests npm run test:performance # Build the project npm run build # Start development server npm run start:dev # Run development scripts ./scripts/development/start-mcp-server.js ``` ## ๐Ÿ“„ **License** This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details. ## ๐Ÿ†˜ **Support** - **Documentation**: [docs/](docs/) - **Issues**: [GitHub Issues](https://github.com/yourusername/juro.mcp.server/issues) - **Discussions**: [GitHub Discussions](https://github.com/yourusername/juro.mcp.server/discussions) --- **Ready to get started?** Check out our [Quick Start Guide](docs/quick-start.md) or explore the [User Guide](docs/user-guide.md) for detailed instructions.