GitPlanet
All Categories → Software Quality → static-code-analysis

Top 145 static-code-analysis open source projects

Stacoan
StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
✭ 707
javascriptsecuritysecurity-toolsbugbountystatic-code-analysismobile-security
Sonarjs
SonarSource Static Analyzer for JavaScript and TypeScript
✭ 696
javascriptjavatypescriptstatic-analysisstatic-code-analysiscode-qualitysonarqubestatic-analyzer
Standard
🌟 JavaScript Style Guide, with linter & automatic code fixer
✭ 26,433
javascriptshellnodejseslintlinterdevelopmentstatic-code-analysisstyle-guidestandard
Scalastyle
scalastyle
✭ 679
scalastatic-analysisstatic-code-analysiscode-style
Jackhammer
Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
✭ 633
javasecuritypenetration-testingstatic-code-analysisvulnerability-scannerssecurity-scannerdynamic-analysisnetwork-securityapplication-securityvulnerability-assessmentmobile-securityvulnerability-managementpenetration-testing-framework
Phan
Phan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.
✭ 5,194
PHPstatic-analysisanalysisstatic-code-analysisanalyzerphan
Phpdoc Parser
Next-gen phpDoc parser with support for intersection types and generics
✭ 569
testingstatic-analysisstatic-code-analysisstatic-analyzer
Security Code Scan
Vulnerability Patterns Detector for C# and VB.NET
✭ 550
securitydotnetstatic-analysisscanneranalysiscodestatic-code-analysisanalyzerowaspstaticroslynscan
Pep8speaks
A GitHub app to automatically review Python code style over Pull Requests
✭ 546
pythonbotstatic-analysislinterstyleguidestatic-code-analysiscode-qualityreviewgithub-appcode-style
Phpcs Security Audit
phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code
✭ 525
securitystatic-code-analysisphp-codesniffer
Sonar Dotnet
Code analyzer for C# and VB.NET projects https://redirect.sonarsource.com/plugins/vbnet.html
✭ 466
static-analysisstatic-code-analysiscode-qualityroslynsonarqubestatic-analyzer
Rubocop Rails
A RuboCop extension focused on enforcing Rails best practices and coding conventions.
✭ 433
rubyrailslinterstatic-code-analysisrubocop
Gosec
Golang security checker
✭ 5,694
goHTMLshellsecuritysecurity-toolsstatic-analysisstatic-code-analysissecurity-automation
Souffle
Soufflé is a variant of Datalog for tool designers crafting analyses in Horn clauses. Soufflé synthesizes a native parallel C++ program from a logic specification.
✭ 426
static-code-analysis
Prealloc
prealloc is a Go static analysis tool to find slice declarations that could potentially be preallocated.
✭ 419
gogolangstatic-analysisstatic-code-analysisstatic-analyzer
Eslint Config Standard React
ESLint Shareable Config for React/JSX support in JavaScript Standard Style
✭ 416
javascriptes6ecmascriptnodejseslintlinterdevelopmentstatic-code-analysisstyle-guidestandard
Php Parser
🌿 NodeJS PHP Parser - extract AST or tokens (PHP5 and PHP7)
✭ 400
javascriptparserdevelopmentaststatic-code-analysistokenizerlexer
Wala
T.J. Watson Libraries for Analysis
✭ 395
javascriptjavaandroidstatic-analysisstatic-code-analysisprogram-analysis
Engine
Droidefense: Advance Android Malware Analysis Framework
✭ 386
javaandroidsecuritystatic-analysismalwareenginemalware-analysisstatic-code-analysistrojandynamic-analysisreverseransomware
Eslint
Find and fix problems in your JavaScript code.
✭ 19,665
javascripteslintlinterstatic-code-analysis
Phpstan Symfony
Symfony extension for PHPStan
✭ 360
testingsymfonystatic-analysisstatic-code-analysis
Sharpen
Visual Studio extension that intelligently introduces new C# features into your existing codebase
✭ 351
hacktoberfeststatic-code-analysisrefactoringvisual-studio-extension
Rubocop Performance
An extension of RuboCop focused on code performance checks.
✭ 340
rubylinterstatic-code-analysisrubocop
Phpstan Doctrine
Doctrine extensions for PHPStan
✭ 338
testingstatic-analysisstatic-code-analysisdoctrinestatic-analyzer
Semgrep
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
✭ 5,668
javascriptpythonjavaocamlStandard MLshellstatic-analysisstatic-code-analysissastr2csemgrep
Pmd
An extensible multilanguage static code analyzer.
✭ 3,667
javaApexANTLRPLSQLkotlinXSLTstatic-analysislinterapexstatic-code-analysiscode-qualitycode-analysis
Pylint
It's not just a linter that annoys you!
✭ 3,733
pythonstatic-analysislinterstatic-code-analysiscode-qualitypep8closember
Pytype
A static type analyzer for Python code
✭ 3,545
pythonC++CMakeshellstatic-analysislinterstatic-code-analysistypingtypechecker
Reviewdog
🐶 Automated code review tool integrated with any code analysis tools regardless of programming language
✭ 4,541
goshellHTMLDockerfilecligithubstatic-analysiscilintergitlablintstatic-code-analysiscode-qualitybitbucketcode-reviewcodereview
Awesome Standard
Documenting the explosion of packages in the standard ecosystem!
✭ 300
javascriptes6ecmascriptnodejsawesomeawesome-listlisteslintlinterdevelopmentstatic-code-analysisstyle-guidestandard
Bandit
Bandit is a tool designed to find common security issues in Python code.
✭ 3,763
pythonsecuritysecurity-toolslinterstatic-code-analysissecurity-scannerbandit
Phpstan Strict Rules
Extra strict and opinionated rules for PHPStan
✭ 295
static-analysisstatic-code-analysis
Sonar Php
🐘 SonarPHP: PHP static analyzer for SonarQube & SonarLint
✭ 288
javastatic-analysisstatic-code-analysiscode-qualitysonarqube
Nullaway
A tool to help eliminate NullPointerExceptions (NPEs) in your Java code with low build-time overhead
✭ 3,035
javaandroidstatic-analysisstatic-code-analysisnullabilitynullability-analysis
Chronos
Chronos - A static race detector for the go language
✭ 272
gogolangstatic-analysisdetectionanalysisstatic-code-analysissynchronization
sonar-esql-plugin
Sonar plugin to analyze ESQL-sourcecode of IBM Integration Bus projects
✭ 26
javaHTMLstatic-code-analysissonarqubecode-qualityibm-integration-busesqlwebsphere-message-broker
codeclimate-duplication
Code Climate engine for code duplication analysis
✭ 96
rubyHTMLqualitystatic-code-analysisstatic-analysisduplicationcode-qualitycodeclimatecodeclimate-engine
unimport
A linter, formatter for finding and removing unused import statements.
✭ 119
pythonDockerfileformatterstatic-code-analysislinterstatic-analysisastimportremoveunusedunimport
Android-CICD
This repo demonstrates how to work on CI/CD for Mobile Apps 📱 using Github Actions 💊 + Firebase Distribution 🎉
✭ 37
kotlinandroidfirebaselintingstatic-code-analysiscontinuous-integrationcontinuous-deliverycilintercontinuous-deploymentactionssonarqubeci-cdcicdandroid-cisonarcloudgithub-actionsfirebase-distributionactionshackathon21
standard-packages
List of packages that use `standard`
✭ 32
javascriptnodejsecosystemdevelopmenteslintstatic-code-analysisstyle-guidelinterstylestandard
qodana-action
⚙️ Scan your Java, Kotlin, PHP, Python, JavaScript, TypeScript projects at GitHub with Qodana
✭ 112
typescriptjavascriptstatic-code-analysiscontinuous-integrationcistatic-analysisactionscode-reviewcode-qualitysarifdevsecopscode-scanninggithub-actionsgithub-actionqodanasarif-report
analysis-net
Static analysis framework for .NET programs.
✭ 19
C#apilibraryframeworkbackendanalysisstatic-code-analysisdotnetstatic-analysisssacontrol-flow-analysiscilnet-frameworkdata-flow-analysisstatic-single-assignmentthree-address-codepoints-to-analysiscall-graph-analysis
jt tools
Ruby on Rails Continuous Deployment Ecosystem to maintain Healthy Stable Development
✭ 13
rubyshelljavascriptherokurailstemplatesnippetscircleciautomationtoolsdependency-managerstatic-code-analysisciscriptsci-cdcicddeployment-automationheroku-reviews-appsjetthoughts
static-code-analysis-plugin
A plugin to simplify Static Code Analysis on Gradle. Not restricted to, but specially useful, in Android projects, by making sure all analysis can access the SDK classes.
✭ 36
groovyandroidgradlestatic-code-analysisandroid-lintlinterfindbugspmdcheckstylestatic-analysiscode-analysiscode-qualitycpdspotbugs
codeclimate-eslint
Code Climate Engine for ESLint
✭ 86
javascriptshellDockerfileMakefilequalityeslintlintingstatic-code-analysislinterstatic-analysiscode-qualitycodeclimatecodeclimate-engine
pyan
Static call graph generator. The official Python 3 version. Development repo.
✭ 186
pythonHTMLshellstatic-code-analysiscall-graphpython37
freshli-lib
A tool for collecting historical metrics about a project's dependencies
✭ 12
C#shellstatic-code-analysismetricsdependenciesdependency-metrics
detekt-hint
Detection of design principle violations in Kotlin as a plugin to detekt.
✭ 63
HTMLTeXkotlinrubystatic-code-analysisdangercode-qualityanti-patternsdetektcode-smellssoftware-architectureprogramming-principlesdesign-principlesdetekt-plugindetectionsdetekt-hint
codeclimate-phpcodesniffer
Code Climate Engine for PHP Code Sniffer
✭ 27
PHPDockerfileMakefileshellqualitystatic-code-analysismetricsstatic-analysisphp-codesniffercode-qualitycodeclimatehacktoberfestcodeclimate-engine
OpenStaticAnalyzer
OpenStaticAnalyzer is a source code analyzer tool, which can perform deep static analysis of the source code of complex systems.
✭ 19
C++C#javacjavascriptCMakestatic-code-analysismetricsstatic-analysiscoding-standardscoding-styleduplicate-detectionclone-detectioncoding-rulescoding-issues
analysis-model
A library to read static analysis reports into a Java object model
✭ 74
javaeslintstatic-code-analysispmdcheckstylestatic-analysishacktoberfestspotbugs
eba
EBA is a static bug finder for C.
✭ 14
ocamlcshellstatic-code-analysisstatic-analysisstatic-analyzer
nakedret
nakedret is a Go static analysis tool to find naked returns in functions greater than a specified function length.
✭ 82
gostatic-code-analysisstatic-analysisstatic-analyzer
php-reflection
🔎 Nodejs Reflection API for PHP files based on the php-parser
✭ 20
javascriptPHPstatic-code-analysistooling
datree
Prevent Kubernetes misconfigurations from reaching production (again 😤 )! From code to cloud, Datree provides an E2E policy enforcement solution to run automatic checks for rule violations. See our docs: https://hub.datree.io
✭ 5,744
goshellkubernetesclisecuritydevopsstatic-code-analysisbest-practicespolicypolicy-managementadmission-webhookguardraildatree
identypo
identypo is a Go static analysis tool to find typos in identifiers (functions, function calls, variables, constants, type declarations, packages, labels).
✭ 26
gospellcheckstatic-code-analysisstatic-analysisstatic-analyzerspellchecking
elm-review
Analyzes Elm projects, to help find mistakes before your users find them.
✭ 195
elmjavascriptqualitystatic-code-analysislintercode-qualityelm-review
violation-comments-to-stash-plugin
Comments Bitbucket Server (or Stash) pull requests with static code analyzer findings.
✭ 41
javaHTMLshellstatic-code-analysisbitbucket-server
gotcha
Go Taint CHeck Analyser
✭ 40
goshellstatic-code-analysisstatic-analysisdataflowtaint-analysisgotcha
vandal
Static program analysis framework for Ethereum smart contract bytecode.
✭ 121
pythonshelljavascriptstatic-code-analysisdecompilerethereumsmart-contractsblockchainevmethereum-contractsstatic-pro
61-120 of 145 static-code-analysis projects
‹ 
previous
next
 ›