1112 Open source projects that are alternatives of or similar to sonarqube-action

⚙️ Scan your Java, Kotlin, PHP, Python, JavaScript, TypeScript projects at GitHub with Qodana

Analysing source code locally with SonarQube in a Docker environment.

SonarQube Cucumber Gherkin Analyzer

🐶 Automated code review tool integrated with any code analysis tools regardless of programming language

SonarQube Java Properties Analyzer

SonarSource Static Analyzer for JavaScript and TypeScript

Continuous Inspection

Static code analyzer for TypeScript

🐘 SonarPHP: PHP static analyzer for SonarQube & SonarLint

Code analyzer for C# and VB.NET projects https://redirect.sonarsource.com/plugins/vbnet.html

nodejsscan is a static security code scanner for Node.js applications.

SonarQube CSS / SCSS / Less Analyzer

Inline your lint messages

Code Climate Engine for PHP Code Sniffer

Code Climate Engine for ESLint

GitHub Action for the codacy-analysis-cli

Static code analysis for Kotlin

Sonar plugin to analyze ESQL-sourcecode of IBM Integration Bus projects

Pluggable TypeScript and JavaScript linter

A GitHub app to automatically review Python code style over Pull Requests

It's not just a linter that annoys you!

Performant type-checking for python.

☕️ SonarSource Static Analyzer for Java Code Quality and Security

Docker image that provides static analysis tools for PHP

Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.

🐳 📡 Docker way of running SonarQube + any DB

⚙️ A curated list of static analysis (SAST) tools for all programming languages, config files, build tools, and more.

Ansible Role: SonarQube

A plugin to simplify Static Code Analysis on Gradle. Not restricted to, but specially useful, in Android projects, by making sure all analysis can access the SDK classes.

SonarQube plugin for Kotlin

Code Climate engine for code duplication analysis

This Github Action runs Bridgecrew against an Infrastructure-as-Code repository. Bridgecrew performs static security analysis of Terraform & CloudFormation Infrastructure code.

njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.

Automated code reviews via mutation testing - semantic code coverage.

Static code analysis for CFML (a linter)

An extensible multilanguage static code analyzer.

Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.

A static analyzer for Java, C, C++, and Objective-C

Security scanner for your Terraform code

Presentation about my process for making code reviews as effective as possible

🐳 Sonar Scanner MsBuild Dockerfile for dotNet Projects

A parser and source code analyzer for PL/SQL and Oracle SQL.

La intención de la workshop es mostrar y orientar a los equipos de desarrollo, seguridad y devops (entre otros) que quieran comenzar en DevSecOps, a segurar sus aplicaciones o bien a conocer un poco más acerca del desarrollo seguro, para esto, estaremos otorgando algunos tips e información que fuimos aprendiendo para armar un Pipeline DevSecOps …

Gradle plugin for PIT Mutation Testing

GitHub action to set up PHP with extensions, php.ini configuration, coverage drivers, and various tools.

Code Climate CLI

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

Github Action which downloads and runs sonar-scanner cli with custom parameters to start Sonarqube scan.

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

A free and open-source SonarQube plugin for static code analysis of Scala projects.

INTERCEPT / Policy as Code Static Analysis Auditing / SAST

SonarLint integration for Apache Netbeans

Шаблон кросплатформенного CMake-проекта для языка C++ 🇬🇧 Modern CMake crossplatform project template for C++

This code review checklist helps you be a more effective and efficient code reviewer.

This repo demonstrates how to work on CI/CD for Mobile Apps 📱 using Github Actions 💊 + Firebase Distribution 🎉

sonar-swift.SonarQube iOS Plugin, Support Objective-C And Swift, Support Infer (SonarQube iOS 代码扫描插件，支持 Objective-C 和 Swift ，支持 Infer 结果导入 ) base on https://github.com/Idean/sonar-swift

Automated static analysis & linting bot for Mozilla repositories

A Github Action for ShellCheck

A starter-kit for your PHP project.