5000 Open source projects that are alternatives of or similar to Spotbugs

PHP Static Analysis Tool - discover bugs in your code without running it!

[LLVM Static Slicer] Various program analyses, construction of dependence graphs and program slicing of LLVM bitcode.

Feram finds & fixes bugs in your commits

A tool to verify that your files are in harmony with your .editorconfig

a FindBugs/SpotBugs plugin for doing static code analysis for java code bases

🧘‍♀️ Healthier is an opinionated style agnostic code linter – a friendly companion to Prettier

FindBugs static analysis plugin for sbt.

Java library for parsing report files from static code analysis.

Command line tool to validate configuration files

njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.

Checks syntax of reStructuredText and code blocks nested within it

Detect deeply nested if statements in Go source code

SonarQube CSS / SCSS / Less Analyzer

Automatic test case generation for python and static analysis library

CPU-guided performance analyzer for Go

PHPStan extension for webmozart/assert

SonarLint integration for Apache Netbeans

unimport is a Go static analysis tool to find unnecessary import aliases.

Swiss-army knife for D source code

identypo is a Go static analysis tool to find typos in identifiers (functions, function calls, variables, constants, type declarations, packages, labels).

Analyzes Elm projects, to help find mistakes before your users find them.

A library to read static analysis reports into a Java object model

CSS complexity linter

Code Climate Engine for PHP Code Sniffer

OpenStaticAnalyzer is a source code analyzer tool, which can perform deep static analysis of the source code of complex systems.

Go Taint CHeck Analyser

Very WIP static analysis for Lua

A simple terminal UI for Go linters

Applies waves of mutations provided by other tools, such as linters or codemods.

A pair programming partner for writing better PHP. Pahout means PHP mahout 🐘

List of packages that use `standard`

[DEPRECATED] Find Python web-app bugs delightfully fast, without changing your workflow. 🍱

🐺 Malware analysis platform

A tool to help eliminate NullPointerExceptions (NPEs) in your Java code with low build-time overhead

Bandit is a tool designed to find common security issues in Python code.

A Ruby static code analyzer and formatter, based on the community Ruby style guide.

Java code analysis and linting with SQL

coala provides a unified command-line interface for linting and fixing all your code, regardless of the programming languages you use.

Manage translation and localization with static analysis, for Ruby i18n

The leading static analyzer for Perl. Configurable, extensible, powerful.

PHPMD is a spin-off project of PHP Depend and aims to be a PHP equivalent of the well known Java tool PMD. PHPMD can be seen as an user friendly frontend application for the raw metrics stream measured by PHP Depend.

An extension of RuboCop focused on code performance checks.

Doctrine extensions for PHPStan

Static code analysis for Kotlin

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

A Python utility / library to sort imports.

Staticcheck - The advanced Go linter

A static analyzer for Java, C, C++, and Objective-C

SonarQube plugin for Kotlin

Go fearless SQL. Sqlvet performs static analysis on raw SQL queries in your Go code base.

Golang security checker

A best practices checker for Kubernetes clusters. 🤠

Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex

PHPStan rules for detecting usage of deprecated classes, methods, properties, constants and traits.

A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications

Actionable code coverage - detects untested code blocks in recent changes

nodejsscan is a static security code scanner for Node.js applications.

Allows old code to use new standards

an advanced semantic indexer for Ruby

ESLint Config for JavaScript Standard Style