204 Open source projects that are alternatives of or similar to Tip

Type Analyzer for JavaScript

[LLVM Static Slicer] Various program analyses, construction of dependence graphs and program slicing of LLVM bitcode.

A Static Code Analyzer for PHP (a PhpStorm/Idea Plugin)

Nette Framework class reflection extension for PHPStan & framework-specific rules

☕️ PMD Plugin for SonarQube

cwe_checker finds vulnerable patterns in binary executables

Code analyzer for C# and VB.NET projects https://redirect.sonarsource.com/plugins/vbnet.html

A regex based source code scanner.

T.J. Watson Libraries for Analysis

identypo is a Go static analysis tool to find typos in identifiers (functions, function calls, variables, constants, type declarations, packages, labels).

Lint all your JavaScript, CSS, HTML, Markdown and Dockerfiles with a single command

SonarLint integration for Apache Netbeans

Doctrine extensions for PHPStan

A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications

SonarSource Static Analyzer for JavaScript and TypeScript

EBA is a static bug finder for C.

PHP Static Analysis Tool - discover bugs in your code without running it!

cfmt is a tool to wrap Go comments over a certain length to a new line.

nakedret is a Go static analysis tool to find naked returns in functions greater than a specified function length.

☕️ SonarSource Static Analyzer for Java Code Quality and Security

unimport is a Go static analysis tool to find unnecessary import aliases.

prealloc is a Go static analysis tool to find slice declarations that could potentially be preallocated.

Next-gen phpDoc parser with support for intersection types and generics

🐞 Primitive Erlang Security Tool

Binary Analysis Platform

Functional, composable, asynchronous, type-safe Python.

F# analyzer that provides embedded SQL syntax analysis, type-checking for parameters and result sets and nullable column detection when writing queries using Npgsql.FSharp.

The Hy Transformer

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy

a FindBugs/SpotBugs plugin for doing static code analysis for java code bases

⚙️ A curated list of static analysis (SAST) tools for all programming languages, config files, build tools, and more.

CoRnucopia of ABstractions: a library for building abstract interpretation-based analyses

Owasp Orizon is a source code static analyzer tool designed to spot security issues in Java applications.

Kubernetes object analysis with recommendations for improved reliability and security

Feram finds & fixes bugs in your commits

Cross-platform static analyzer and linter for Swift.

The official GitHub mirror of https://gitlab.com/pycqa/flake8

A static code analyzer for C++, C#, Lua

Static analyzer for C/C++ based on the theory of Abstract Interpretation.

Incremental Program Analysis Framework

A linter that replay your developing style

The Sparrow Static Analyzer

Pyc-cfg is a pure python control flow graph builder for almost all Ansi C programming language.

A linter, formatter for finding and removing unused import statements.

A RuboCop extension focused on enforcing upstream best practices and coding conventions.

🐳 📡 Docker way of running SonarQube + any DB

njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.

A binary analysis framework

A Program Analysis Toolkit for Android

ESLint configurations and additional rules for me

SonarQube Java Properties Analyzer

Additional ESLint's rules for Node.js

NsDepCop is a static code analysis tool that helps to enforce namespace dependency rules in C# projects. No more unplanned or unnoticed dependencies in your system.

Java library for parsing report files from static code analysis.

Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.

A Dynamic Symbolic Execution (DSE) engine for JavaScript. ExpoSE is highly scalable, compatible with recent JavaScript standards, and supports symbolic modelling of strings and regular expressions.

StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.

🌟 JavaScript Style Guide, with linter & automatic code fixer

Security analysis tool for EVM bytecode. Supports smart contracts built for Ethereum, Hedera, Quorum, Vechain, Roostock, Tron and other EVM-compatible blockchains.