IntelliJ Plugin

Navigate your stack.
Don't drift.

MarMoTools surfaces actionable code quality, security, and architecture insights for Java/Spring + Angular projects — directly in your IDE.

Install Plugin See It In Action
Java & Spring Boot Angular & TypeScript Custom Rules Architecture Studio Version Drift Detection Security Checks
Features

Everything in one tool window

Findings, architecture, custom rules, and team imports — all inside IntelliJ, no external tools required.

01 — Findings

Every issue, in context,
with a clear fix

Findings are grouped by category → rule → file. Click any entry to jump directly to the source line. The detail panel explains why the rule exists, which version range it affects, and exactly what to do about it.

  • Category → Rule → File hierarchy
  • Version impact (Java, Spring Boot, Angular…)
  • Suggested fix + curated external links
  • Suppress false positives with tracked comments
MarMoTools · Issues
Issues tab: findings tree with category grouping and a detail panel explaining the rule, version impact, and suggested fix
02 — Architecture Studio

Your module topology,
rendered automatically

An interactive graph inferred from your build manifests and import patterns — no annotations or config files needed. See how Platform, Frontend, Backend, Data, and Integration modules relate, and where the coupling is growing.

  • Platform, Frontend, Backend, Data, Integration nodes
  • Drag, zoom, click to inspect module details
  • Framework version table alongside the graph
  • Issue-independent view — purely architectural
MarMoTools · Architecture Studio
Architecture Studio showing an interactive module dependency graph with Platform, Backend, Frontend, and Database nodes
03 — Rule Editor

Browse, edit, and test
rules without leaving the IDE

The Rules tab lists every built-in rule with enable/disable toggles. Select any rule to open its JSON definition in the inline editor — format, validate, and test a pattern against your current project in one click.

  • 107+ built-in rules with source references
  • Inline JSON editor with Format and Validate
  • Test Pattern button — instant feedback
  • Custom rules override built-ins by ID
MarMoTools · Rules
Rules tab showing built-in rule list with checkboxes and an inline JSON editor for the selected rule
04 — Import

Share rule packs across
your whole organization

Point the Import tab at a raw GitHub URL or a local folder and your team's standards are live immediately — no plugin restart, no manual file copying. A single URL is all a developer needs to onboard to your conventions.

  • Import from any URL (GitHub raw, CDN, intranet)
  • Import from local JSON files or folders
  • Merged with built-in rules — no conflicts
  • LLM-friendly format: generate rules from requirements
MarMoTools · Import Rules
Import tab with a URL field and a local files button for loading external rule packs
What it does

Everything your team needs,
none of the context switching

MarMoTools integrates quality gates, version tracking, and architecture insights into a single IDE tool window.

🔭

Baseline Detection

Scans your project and infers build system, Java version, Spring Boot release, Angular workspace(s), RxJS, TypeScript, and Node engine range — no manual setup.

Maven / Gradle angular.json package.json
📡

Version Drift

Compares detected versions against the latest stable releases — Spring Boot, Angular, RxJS, TypeScript, and Node LTS — fetched with a 24 h cache so checks stay fast.

GitHub Releases npm registry nodejs.org
🔍

100+ Built-in Inspections

Deep static analysis for Spring, Hibernate, JPA, Angular, RxJS, Docker, SQL, and CI pipelines. Each finding links to a detailed explanation and suggested fix.

Security Performance Architecture
🗺️

Architecture Studio

An interactive graph of your module topology — Platform, Frontend, Backend, Data, Integration nodes. Drag, zoom, click to inspect references, and see framework version tables at a glance.

Dependency graph Module topology
⚙️

Custom Rule Packs

Write team rules in JSON. Drop them in .sentinel/rules/ and they're picked up instantly. Supports LITERAL & REGEX matching, severity levels, path filters, and suppression comments.

LITERAL / REGEX Per-language Path filters
🔌

Compatibility Layer

Import and normalize findings from Checkstyle, PMD, SpotBugs, and ESLint. Rule IDs are remapped to MarMoTools severity levels — one unified view across all your linters.

Checkstyle PMD ESLint SpotBugs
📊

Export Reports

One-click export to a structured .json file and a human-readable .md report — ready for code review, architecture reviews, or CI artifacts.

JSON Markdown Version impact
🎯

Finding Management

Tree grouped by category → issue type → file. Double-click to jump to source. Suppress false positives with tracked comments, and reactivate them at any time from the tool window.

Suppression Jump to source Detail panel
Inspections

Deep analysis across your full stack

MarMoTools catches the issues that matter — from Hibernate pitfalls to Angular lifecycle leaks.

Backend · Java / Spring / Hibernate
  • Spring field injection (@Autowired on fields)
  • Optional.get() without presence guard
  • String comparison with == instead of .equals()
  • Mutual class dependency cycles (A ↔ B)
  • Endpoint missing security annotation
  • Wildcard CORS, sensitive @RequestParam names
  • GET endpoint with @RequestBody
  • Deprecated Spring API usage
  • Data-access in loops, per-call HTTP client creation
  • Blocking Thread.sleep in request threads
  • DTO modernization: suggest Java records
  • Hibernate: EAGER collection fetch, CascadeType.ALL on @ManyToOne
  • Hibernate: association in equals/hashCode, missing no-arg constructor
  • JPA: enum ordinal mapping, risky association ownership
  • Spring Data: unbounded list finders, native query overuse
  • SELECT *, DELETE/UPDATE without WHERE clause
  • Unsafe ddl-auto, disabled JDBC SSL
  • Dockerfile: root user, secrets in ARG/ENV, curl | shell
  • Dockerfile: :latest tag, broad COPY, missing cache flags
  • GitHub Actions: shell injection in run: blocks
  • Kubernetes: privileged container config
Frontend · Angular / TypeScript / RxJS
  • subscribe() without teardown / unsubscribe
  • Nested subscribe chains (RxJS anti-pattern)
  • Deprecated RxJS APIs (.toPromise(), Observable.create)
  • Deprecated Angular API patterns
  • Unsafe [innerHTML] binding / sanitizer bypass
  • OnPush change detection missing hint
  • NgRx selector-to-signal replacement hints
  • *ngFor without trackBy
  • Template function calls in expressions
  • setInterval without cleanup
  • Angular style guide: selector naming, file naming
  • Angular style guide: prefer inject(), control-flow syntax
  • Untyped FormBuilder usage
  • any type annotations
  • console.log left in component code
  • LocalStorage with sensitive key names
Workflow

From open to insight in seconds

No configuration files, no external servers. Just open the tool window and scan.

01

Open the tool window

Find MarMoTools in the right sidebar after installation. No project configuration needed.

02

Click Refresh

MarMoTools scans your project, infers your stack, and runs all enabled inspections.

03

Browse findings

Findings appear in a tree grouped by category. Double-click any leaf to jump directly to source.

04

Fix or suppress

Read the detail panel, apply the suggested fix, or suppress with a tracked comment if it's a false positive.

Custom Rule Packs

Encode your team's standards as code

Write rules in JSON, commit them to your repo, and every developer gets the same guardrails automatically.

Simple JSON schema,
powerful reach

Each rule targets a language, a path pattern, and a code pattern. Mix LITERAL and REGEX matching to cover exactly what you need — nothing more.

  • 1Drop a .json file in .sentinel/rules/
  • 2Rules are picked up on next Refresh — no restart required
  • 3Project rules override built-in defaults by ID
  • 4Import team packs via URL from the Import Rules tab

LLM-friendly format — ask your AI assistant to generate rules from natural-language requirements using the included guide.

.sentinel/rules/java/no-system-out.json 
{
  "name": "Client Java Rules",
  "rules": [
    {
      "id":       "client.java.no-system-out",
      "title":    "Avoid System.out",
      "category": "BACKEND",
      "severity": "WARNING",
      "languages": ["java"],

      "pattern":     "System.out.println(",
      "patternMode": "LITERAL",

      "pathsInclude": ["src/main/java/"],
      "pathsExclude": ["src/test/"],

      "description": "Use structured logging.",
      "suggestedFix": "Replace with SLF4J logger.",
      "links": ["https://www.slf4j.org"]
    }
  ]
}

Rule schema at a glance

id
string · required

Stable unique identifier. Recommended format: client.area.rule-name

category
enum · required

BACKEND · FRONTEND · DRIFT · COMPATIBILITY

severity
enum · required

INFO · WARNING · ERROR

languages
string[] · optional

java, typescript, sql, dockerfile, yaml, xml, html… Omit to match all.

patternMode
enum · optional

LITERAL (default) or REGEX. Invalid regex skips the rule.

pathsInclude
string[] · optional

Case-insensitive substring filters. Rule runs only on matching paths.

suggestedFix
string · optional

Actionable remediation text shown in the detail panel and exports.

enabledByDefault
boolean · optional

Set false for opt-in recommendation-style rules.

Compatibility

Works with your existing toolchain

Import findings from the linters you already use — MarMoTools normalizes them into a single unified view.

☑️Checkstyle
🔬PMD
🐛SpotBugs
🔍FindBugs
📐ESLint
🏗️Maven
🐘Gradle
📦npm / pnpm
Installation

Get MarMoTools in your IDE

Works with IntelliJ IDEA, IntelliJ IDEA Ultimate, and any IntelliJ-based IDE with Java support.

JetBrains Marketplace

Search for MarMoTools in Settings → Plugins → Marketplace and install with one click.

Coming Soon

Manual Install from ZIP

Build locally and install directly into your IDE.

  1. Clone the repository and run ./gradlew buildPlugin
  2. Open Settings → Plugins in IntelliJ
  3. Click the gear icon ⚙ → Install Plugin from Disk…
  4. Select the ZIP from build/distributions/
  5. Restart the IDE

Requirements

  • IntelliJ IDEA (Ultimate recommended) or compatible IDE with Java support
  • JDK 21+ to build from source
  • JavaScript / TypeScript plugin for frontend inspections (optional)
  • Maven or Gradle project for backend analysis
  • Angular CLI workspace for frontend analysis
Open Source

Start shipping
higher-quality code

MarMoTools runs entirely in your IDE — no telemetry, no external servers, no subscription required.

Install Now View on GitHub