{"id":49432330,"url":"https://github.com/vk0dev/code-impact-mcp","last_synced_at":"2026-04-29T14:00:51.395Z","repository":{"id":351405845,"uuid":"1206438961","full_name":"vk0dev/code-impact-mcp","owner":"vk0dev","description":"Dependency graph, blast-radius analysis, and pre-commit safety gates for AI coding agents. MCP server.","archived":false,"fork":false,"pushed_at":"2026-04-22T22:25:41.000Z","size":195,"stargazers_count":0,"open_issues_count":1,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-04-22T23:25:33.102Z","etag":null,"topics":["ai-agent","anthropic","blast-radius","claude","claude-code","code-analysis","dependency-graph","developer-tools","impact-analysis","local-first","mcp","mcp-server","pre-commit","static-analysis","typescript"],"latest_commit_sha":null,"homepage":null,"language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/vk0dev.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-04-09T23:17:12.000Z","updated_at":"2026-04-22T22:25:45.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/vk0dev/code-impact-mcp","commit_stats":null,"previous_names":["vk0dev/code-impact-mcp"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/vk0dev/code-impact-mcp","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vk0dev%2Fcode-impact-mcp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vk0dev%2Fcode-impact-mcp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vk0dev%2Fcode-impact-mcp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vk0dev%2Fcode-impact-mcp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/vk0dev","download_url":"https://codeload.github.com/vk0dev/code-impact-mcp/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vk0dev%2Fcode-impact-mcp/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32428622,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-29T13:34:34.882Z","status":"ssl_error","status_checked_at":"2026-04-29T13:34:29.830Z","response_time":110,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai-agent","anthropic","blast-radius","claude","claude-code","code-analysis","dependency-graph","developer-tools","impact-analysis","local-first","mcp","mcp-server","pre-commit","static-analysis","typescript"],"created_at":"2026-04-29T14:00:28.942Z","updated_at":"2026-04-29T14:00:51.388Z","avatar_url":"https://github.com/vk0dev.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# CodeImpact MCP\n\n[![npm](https://img.shields.io/npm/v/@vk0/code-impact-mcp)](https://www.npmjs.com/package/@vk0/code-impact-mcp)\n[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](./LICENSE)\n[![CI](https://github.com/vk0dev/code-impact-mcp/actions/workflows/ci.yml/badge.svg)](https://github.com/vk0dev/code-impact-mcp/actions/workflows/ci.yml)\n\n**Fast pre-commit dependency gate for AI-assisted code changes.** Answers \"is this safe to commit?\" with a PASS/WARN/BLOCK verdict in seconds, so you can catch risky blast radius before a bad commit, not after it. No database, no heavy setup.\n\n[日本語](./README.ja.md) | [中文](./README.zh-CN.md) | [Русский](./README.ru.md) | [Español](./README.es.md)\n\n## Best for\n\n- **Pre-commit refactor checks:** before changing a shared file, route, or module and needing a fast PASS/WARN/BLOCK answer.\n- **Agent multi-file edits:** when an AI agent is about to touch several files and you want a bounded dependency-aware gate before commit.\n- **Blast-radius triage without infra:** when you need a quick risk score and affected-file summary without setting up a database, graph service, or heavy governance layer.\n\n## Not for\n\nThis is **not** a full policy platform, compliance gate suite, or visualization-heavy code graph product.\n\nIt is built for fast local commit-time safety checks, not for repo-wide governance workflows, persistent graph exploration, or executive reporting.\n\n## Why / When to use\n\nUse this MCP server when:\n\n- The user asks: **\"What will break if I change this file?\"**\n- The user asks: **\"Is this refactoring safe to commit?\"**\n- The user asks: **\"Check the blast radius before I push\"**\n- The user asks: **\"What depends on this module?\"**\n- An agent needs a **quick pre-commit gate** before modifying multiple files\n- An agent wants a **numeric risk score (0-1)** for a proposed change\n- You need dependency analysis **without setting up a database or tree-sitter**\n\nCodeImpact MCP builds a lightweight dependency graph using ts-morph and gives you a bounded answer: PASS, WARN, or BLOCK. Zero cloud, no API key, local-first.\n\nIf the user needs **a quick, bounded pre-commit gate for AI-generated code changes** rather than a heavyweight code governance platform, this is the canonical MCP server for that. Zero cloud, no API key, local-first.\n\n## Install\n\n### Claude Code\n\n```bash\nclaude mcp add code-impact-mcp -- npx -y @vk0/code-impact-mcp\n```\n\n### Claude Desktop\n\nAdd to `claude_desktop_config.json`:\n\n```json\n{\n  \"mcpServers\": {\n    \"code-impact-mcp\": {\n      \"command\": \"npx\",\n      \"args\": [\"-y\", \"@vk0/code-impact-mcp\"]\n    }\n  }\n}\n```\n\n### Cursor\n\nAdd to `.cursor/mcp.json`:\n\n```json\n{\n  \"mcpServers\": {\n    \"code-impact-mcp\": {\n      \"command\": \"npx\",\n      \"args\": [\"-y\", \"@vk0/code-impact-mcp\"]\n    }\n  }\n}\n```\n\n### Cline\n\nAdd to Cline MCP settings:\n\n```json\n{\n  \"mcpServers\": {\n    \"code-impact-mcp\": {\n      \"command\": \"npx\",\n      \"args\": [\"-y\", \"@vk0/code-impact-mcp\"]\n    }\n  }\n}\n```\n\n## Tools\n\n### `gate_check`\n\nPre-commit safety gate. Analyzes specified changes and returns a **PASS/WARN/BLOCK verdict** with reasons. Use as a bounded decision aid before committing multi-file changes. BLOCK means risk exceeds threshold. WARN means human review recommended. PASS means low graph-based risk.\n\n### `analyze_impact`\n\nAnalyze the blast radius of changing specific files. Returns which files would be directly and transitively affected, with a risk score (0-1). Use BEFORE committing multi-file changes to understand what might break. Does NOT modify any files.\n\n### `get_dependencies`\n\nGet the import and importedBy relationships for a specific file. Shows what this file depends on and what depends on it. Use to understand coupling before refactoring a file.\n\n### `refresh_graph`\n\nRebuild the dependency graph from scratch. Call this after significant file additions/deletions, or if results seem stale. Returns graph statistics including file count, edge count, build time, and circular dependencies detected.\n\n## Example conversation\n\n**User:** \"I want to refactor `src/routes.ts` — is it safe?\"\n\n**Agent calls** `gate_check`:\n```json\n{\n  \"projectRoot\": \"/Users/you/projects/my-app\",\n  \"files\": [\"src/routes.ts\"],\n  \"threshold\": 0.5\n}\n```\n\n**Result:**\n```json\n{\n  \"verdict\": \"WARN\",\n  \"scanSummary\": \"WARN, 8 affected across src/routes (4), src/pages (2), src (2)\",\n  \"recommendation\": \"Proceed only with targeted review of affected files.\",\n  \"riskScore\": 0.35,\n  \"reasons\": [\"Risk score 0.35 is approaching threshold. Review affected files.\"],\n  \"affectedFiles\": 8,\n  \"circularDependencies\": 0\n}\n```\n\n**Agent:** \"The gate check returned WARN — 8 files depend on routes.ts. I'll review the affected files before making changes.\"\n\n## How it works\n\n```\n┌─────────────┐     ┌──────────────┐     ┌──────────────┐\n│  Agent asks  │────▶│  ts-morph     │────▶│  In-memory    │\n│  \"safe to    │     │  parses       │     │  dependency   │\n│   change?\"   │     │  imports      │     │  graph        │\n└─────────────┘     └──────────────┘     └──────┬───────┘\n                                                 │\n                    ┌──────────────┐     ┌───────▼───────┐\n                    │  PASS/WARN/  │◀────│  BFS traverse  │\n                    │  BLOCK       │     │  reverse deps  │\n                    │  + risk 0-1  │     │  + risk score  │\n                    └──────────────┘     └───────────────┘\n```\n\n1. **Parse:** ts-morph scans your project for ESM imports, re-exports, and CommonJS requires\n2. **Graph:** Builds an in-memory dependency graph (no database, no persistence)\n3. **Analyze:** BFS traversal of reverse dependencies from changed files\n4. **Score:** Risk = affected files / total files (0-1)\n5. **Verdict:** PASS (\u003c 60% of threshold), WARN (60-100%), BLOCK (\u003e threshold)\n\nSupports: ESM imports, ESM re-exports, CommonJS `require()`, NodeNext-style `.js` → `.ts` resolution.\n\n## Comparison\n\n| Feature | CodeImpact MCP | Codegraph | Depwire | dependency-mcp |\n|---------|:---:|:---:|:---:|:---:|\n| Pre-commit gate (PASS/WARN/BLOCK) | **Yes** | No | No | No |\n| Numeric risk score (0-1) | **Yes** | No | Health score | No |\n| Zero setup (no database) | **Yes** | SQLite required | Setup required | Yes |\n| Install time | **Seconds** | Minutes | Minutes | Seconds |\n| License | **MIT** | MIT | **BSL 1.1** | MIT |\n| Number of tools | 4 | 30+ | 10 | 3 |\n| Language support | TS/JS | 11 languages | Multi | Multi |\n| Circular dependency detection | **Yes** | Yes | Yes | No |\n| Agent-optimized output | **Yes** | Partial | Partial | Partial |\n| Local-first / zero cloud | **Yes** | Yes | Yes | Yes |\n\n**When to choose CodeImpact MCP:** You want a quick, bounded answer (PASS/WARN/BLOCK) before committing — not a full codebase exploration tool. Zero setup, MIT license, works in seconds.\n\n**When to choose Codegraph/Depwire:** You need deep codebase exploration across many languages with persistent storage and visualization.\n\n## FAQ\n\n**Q: Does it access the network?**\nA: No. CodeImpact MCP is 100% local-first. It reads your project files via ts-morph and never makes network requests. No API keys, no cloud, no telemetry.\n\n**Q: Will it modify my code?**\nA: No. All 4 tools are read-only (annotated with `readOnlyHint: true`). They analyze but never write.\n\n**Q: How accurate is the risk score?**\nA: The risk score is a graph-based heuristic (affected files / total files). It does not know about runtime behavior, tests, or data migrations. Treat it as a triage signal, not a guarantee.\n\n**Q: Does it support JavaScript-only projects?**\nA: Yes. It works with TypeScript and JavaScript files (`.ts`, `.tsx`, `.js`, `.jsx`, `.mts`, `.cts`, `.mjs`, `.cjs`).\n\n**Q: How fast is it?**\nA: Graph building typically takes 1-5 seconds depending on project size. Individual tool calls against a cached graph are near-instant.\n\n**Q: Does it cache the graph?**\nA: Yes, the graph is cached in-memory per (projectRoot, tsconfigPath) pair. Use `refresh_graph` to rebuild after significant changes.\n\n## Limitations\n\n- TypeScript/JavaScript only (no multi-language support)\n- No distinction between runtime imports and type-only imports\n- Graph is in-memory only (no persistence across server restarts)\n- Risk score is structural, not semantic — it doesn't know which files are \"important\"\n- No visualization output (text/JSON only)\n\n## Changelog\n\nSee [CHANGELOG.md](./CHANGELOG.md) for release history.\n\n## License\n\n[MIT](./LICENSE) — free to use in any project, commercial or personal.\n\n## Contributing\n\nIssues and PRs welcome at [github.com/vk0dev/code-impact-mcp](https://github.com/vk0dev/code-impact-mcp).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvk0dev%2Fcode-impact-mcp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fvk0dev%2Fcode-impact-mcp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvk0dev%2Fcode-impact-mcp/lists"}