5000 Open source projects that are alternatives of or similar to Spotbugs

A plugin to simplify Static Code Analysis on Gradle. Not restricted to, but specially useful, in Android projects, by making sure all analysis can access the SDK classes.

⚗️ Adds code analysis to Laravel improving developer productivity and code quality.

The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)

🔥 ~6x faster, stricter, configurable, extensible, and beautiful drop-in replacement for golint

Static code analysis for CFML (a linter)

An extensible multilanguage static code analyzer.

Standalone linter for ABAP

A static type analyzer for Python code

A GitHub app to automatically review Python code style over Pull Requests

The official GitHub mirror of https://gitlab.com/pycqa/flake8

⚙️ A curated list of static analysis (SAST) tools for all programming languages, config files, build tools, and more.

Lint all your JavaScript, CSS, HTML, Markdown and Dockerfiles with a single command

A linter, formatter for finding and removing unused import statements.

Every programmer needs a rubberduck. COM add-in for the VBA & VB6 IDE (VBE).

Jenkins Warnings Plugin - Next Generation

A linter to prevent exception handling antipatterns in Python (limited only for those who like dinosaurs).

A linter, formatter for finding and removing unused import statements.

A static code analysis tool for the Elixir language with a focus on code consistency and teaching.

Analyzer: checks whether HTTP response body is closed and a re-use of TCP connection is not blocked.

Policeman's Forbidden API Checker

Bears for coala

Code Climate Engine for ESLint

🐶 Automated code review tool integrated with any code analysis tools regardless of programming language

It's not just a linter that annoys you!

Pluggable TypeScript and JavaScript linter

SonarJS rules for ESLint

Code Climate CLI

Custom Python linting through AST expressions

cfmt is a tool to wrap Go comments over a certain length to a new line.

A RuboCop extension focused on enforcing upstream best practices and coding conventions.

A linter that replay your developing style

The most opinionated Go source code linter for code audit.

A simple program which checks Python source files for errors

PHP Implementation of the VS Code Language Server Protocol 🆚↔🖥

Strict coding standard for Kotlin and a custom set of rules for detecting code smells, code style issues and bugs

Spoon is a metaprogramming library to analyze and transform Java source code (up to Java 15). 🥄 is made with ❤️, 🍻 and ✨. It parses source files to build a well-designed AST with powerful analysis and transformation API.

A linter for Clojure code that sparks joy.

SonarQube Java Properties Analyzer

PySonar2: an advanced semantic indexer for Python

Run a security scan on your terraform with the very nice https://github.com/liamg/tfsec

Kubernetes object analysis with recommendations for improved reliability and security

A Static Code Analyzer for PHP (a PhpStorm/Idea Plugin)

Various code metrics for Python code

Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.

🐞 Primitive Erlang Security Tool

Gremlins tracker for Visual Studio Code: reveals invisible whitespace and other annoying characters

ESLint Shareable Config for JSX support in JavaScript Standard Style

Java library for parsing report files from static code analysis.

Extension for PHPStan to allow analysis of Drupal code.

A curated list of awesome Go linters. More than 60 linters and tools!

Download ScriptAnalyzer from PowerShellGallery

Style checker for sphinx (or other) rst documentation.

GopherCI was a project to help you maintain high-quality Go projects, by checking each GitHub Pull Request, for backward incompatible changes, and a suite of other third party static analysis tools.

The strictest and most opinionated python linter ever!

Feram finds & fixes bugs in your commits

A tool to verify that your files are in harmony with your .editorconfig

a FindBugs/SpotBugs plugin for doing static code analysis for java code bases

Command line tool to validate configuration files

njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.

Checks syntax of reStructuredText and code blocks nested within it