{"id":46527652,"url":"https://github.com/x-name15/moodle-local_mrca","last_synced_at":"2026-03-06T21:13:26.100Z","repository":{"id":339663095,"uuid":"1162559455","full_name":"x-name15/moodle-local_mrca","owner":"x-name15","description":"MRCA is a comprehensive risk analysis engine for Moodle installations with a multi-layered security and compliance analyzer","archived":false,"fork":false,"pushed_at":"2026-02-26T13:45:58.000Z","size":321,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-02-26T20:03:52.133Z","etag":null,"topics":["europe","european-union","gdpr-compliant","lms-website","moodle","moodle-integration-hub","moodle-local","moodle-plugin","moodle-plugin-local","moodle-plugins","pii-detection","risk-analysis"],"latest_commit_sha":null,"homepage":"","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/x-name15.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-02-20T12:14:10.000Z","updated_at":"2026-02-26T13:46:01.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/x-name15/moodle-local_mrca","commit_stats":null,"previous_names":["x-name15/moodle-risk-and-compliance-analyzer","x-name15/moodle-local_mrca"],"tags_count":4,"template":false,"template_full_name":null,"purl":"pkg:github/x-name15/moodle-local_mrca","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/x-name15%2Fmoodle-local_mrca","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/x-name15%2Fmoodle-local_mrca/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/x-name15%2Fmoodle-local_mrca/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/x-name15%2Fmoodle-local_mrca/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/x-name15","download_url":"https://codeload.github.com/x-name15/moodle-local_mrca/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/x-name15%2Fmoodle-local_mrca/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30198520,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-06T19:07:06.838Z","status":"ssl_error","status_checked_at":"2026-03-06T18:57:34.882Z","response_time":250,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["europe","european-union","gdpr-compliant","lms-website","moodle","moodle-integration-hub","moodle-local","moodle-plugin","moodle-plugin-local","moodle-plugins","pii-detection","risk-analysis"],"created_at":"2026-03-06T21:13:25.429Z","updated_at":"2026-03-06T21:13:26.092Z","avatar_url":"https://github.com/x-name15.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003ch1\u003e\u003cimg src=\"pix/icon.svg\" width=\"40\" height=\"40\"\u003e Risk \u0026 Compliance Analyzer for Moodle™\u003c/h1\u003e\n\n[![Moodle](https://img.shields.io/badge/Moodle-4.1%2B-orange)](https://moodle.org)\n[![PHP](https://img.shields.io/badge/PHP-8.0%2B-blue)](https://php.net)\n[![License](https://img.shields.io/badge/License-GPL%20v3-green)](LICENSE)\n\n## Overview\n\nMRCA is a multi-layered risk analysis engine for Moodle™. It scans installed plugins for security risks, privacy compliance gaps, outdated dependencies, and permission misconfigurations — providing administrators with a unified **Site Risk Index** and actionable alerts.\n\nBy default, MRCA only scans **third-party plugins**. Core Moodle modules and the MRCA plugin itself are excluded to avoid false positives and self-flagging.\n\n## Why MRCA?\n\nMoodle™ is the most widely adopted LMS in the world, with strong presence in **European universities and institutions** where **GDPR (General Data Protection Regulation)** compliance is mandatory. Yet there is no built-in mechanism to audit installed plugins for privacy risks, deprecated code, or permission misconfigurations.\n\nMRCA was built to fill this gap — giving administrators a **proactive compliance tool** instead of relying on reactive audits.\n\n## Who Is It For?\n\n- **European universities and schools** subject to GDPR\n- **Corporate Moodle administrators** managing large plugin ecosystems\n- **IT compliance teams** needing automated risk assessments\n- **Moodle hosting providers** offering security guarantees\n- **Any institution** in the EU/EEA, UK, or jurisdictions with similar data protection laws (LOPDGDD in Spain, CNIL in France, etc.)\n\n## Features\n\n| Feature | Description |\n|---------|-------------|\n| **Privacy Scanner** | PII detection, Privacy API compliance, encryption checks |\n| **Dependency Scanner** | Version compatibility, deprecated APIs, outdated plugins |\n| **Structural Scanner** | Code quality, unsafe PHP functions, plugin structure |\n| **Capability Scanner** | Role permissions, privilege escalation risks |\n| **Correlation Engine** | Cross-layer systemic risk detection |\n| **Site Risk Index** | Normalized 0–100 score with 5-level classification |\n| **Dashboard** | Interactive charts, trends, heatmaps, alerts |\n| **Reports** | PDF, CSV, and JSON export |\n| **Integrations** | Webhook and MIH support for SIEM/SOC |\n| **Privacy API** | GDPR-compliant data handling |\n\n## Installation\n\n1. Copy `mrca/` to `local/mrca/` in your Moodle directory.\n2. Run `php admin/cli/upgrade.php` or visit **Site Administration → Notifications**.\n3. Go to **Site Administration → Server → MRCA → Dashboard**.\n\n## Quick Start\n\n```bash\n# CLI scan\nphp local/mrca/cli/run_scan_cli.php\n\n# Or use the dashboard: click \"Scan Now\"\n```\n\nScheduled scans run daily at 2 AM via Moodle cron.\n\n## Configuration\n\n**Site Administration → Server → MRCA → Settings:**\n\n| Setting | Description | Default |\n|---------|-------------|---------|\n| Auto-scan new plugins | Scan on plugin install/enable | Off |\n| Scan core plugins | Include Moodle HQ modules | Off |\n| High risk threshold | Score for \"high risk\" | 60 |\n| Medium risk threshold | Score for \"medium risk\" | 30 |\n| Integration method | Webhook / MIH / Disabled | Disabled |\n\n## Documentation\n\nFull documentation in English and Spanish is available in the [`docs/`](docs/) directory:\n\n- 📖 [English Documentation](docs/en/README.md)\n- 📖 [Documentación en Español](docs/es/README.md)\n\n## License\n\nMIT License. See [LICENSE](LICENSE).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fx-name15%2Fmoodle-local_mrca","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fx-name15%2Fmoodle-local_mrca","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fx-name15%2Fmoodle-local_mrca/lists"}