Top 403 static-analysis open source projects

GitHub Action for the codacy-analysis-cli

Github mirror of "mediawiki/tools/phan/SecurityCheckPlugin" - our actual code is hosted with Gerrit (please see https://www.mediawiki.org/wiki/Developer_access for contributing)

A library to read static analysis reports into a Java object model

A open source Python script to perform static analysis on a Malware Binary File (portable executable).

Visual Studio Code extension integrating Tenkawa PHP language server.

Static analysis for CloudFormation templates to identify common misconfiguration

EBA is a static bug finder for C.

nakedret is a Go static analysis tool to find naked returns in functions greater than a specified function length.

Java bytecode analyzer customizable via JSON rules

A project that uses Binary Ninja and GRAKN.AI to perform static analysis on binary files with the goal of identifying bugs in software.

Haxe Checkstyle extension for Visual Studio Code

identypo is a Go static analysis tool to find typos in identifiers (functions, function calls, variables, constants, type declarations, packages, labels).

Шаблон кросплатформенного CMake-проекта для языка C++ 🇬🇧 Modern CMake crossplatform project template for C++

WooCommerce function and class declaration stubs for static analysis.

Style-preserving Lua parser in Rust

Configurable XML Doc warnings for ReSharper

H(igh) A(ssurance) ROS - Static analysis of ROS application code.

Work-in-progress tool to reverse unity's IL2CPP toolchain.

Interchange format for results for static analysis tools

CSS complexity linter

The radare2 + frida book for Mobile Application assessment

TIRO - A hybrid iterative deobfuscation framework for Android applications

A set of curated exercises to help you prepare for the CKS exam

A Github Action for ShellCheck

Python source code auditing and static analysis on a large scale

Go Taint CHeck Analyser

Wanna get DRY? Static analysis tool for detecting repeat code.

Universal test framework for cli tools [mainly for code analyzers and compilers]

INTERCEPT / Policy as Code Static Analysis Auditing / SAST

PhpCodeAnalyzer scans codebase and analyzes which non-built-in php extensions used

ESLint plugin for Scoped CSS in Vue.js

PHPStan based SQL static analysis and type inference for the database access layer

Interface to PHPStan (PHP static analyzer)

unimport is a Go static analysis tool to find unnecessary import aliases.

Magic number detector for Go.

Infer mvn deps from sources

An R package for static analysis of R code.

PHPStan extension for webmozart/assert

SonarLint integration for Apache Netbeans

OCCAM: Object Culling and Concretization for Assurance Maximization

A free and open-source SonarQube plugin for static code analysis of Scala projects.

A graph-based static-dynamic hybrid DEX code analysis tool

`mllint` is a command-line utility to evaluate the technical quality of Python Machine Learning (ML) projects by means of static analysis of the project's repository.

Defund the Police.

Nette Framework class reflection extension for PHPStan & framework-specific rules

Automatic test case generation for python and static analysis library

PHP Static Analysis in Github Actions.

A Golang tool that does static analysis, unit testing, code review and generate code quality report.

Fixing static analysis violations in Java source code using Datalog

Cluster-based cloud mechanism for running SAVE framework

A Vim plugin for PHPStan - https://github.com/phpstan/phpstan. It calls `phpstan` to do static analysis of your PHP code and displays the errors in Vim's quickfix list.

Detect deeply nested if statements in Go source code

gqlanalysis makes easy to develop static analysis tools for GraphQL in Go.

SonarQube CSS / SCSS / Less Analyzer

Scalpel: The Python Static Analysis Framework

C++ compile-time programming (serialization, reflection, code modification, enum to string, better enum, enum to json, extend or parse language, etc.)

Fortran compilers, preprocessors, static analyzers, transpilers, IDEs, build systems, etc.

The SECBIT Static Analysis Extension to Solidity Compiler

A Small C Compiler

Custom sniffs for PHP_CodeSniffer