145 Open source projects that are alternatives of or similar to Tombstone

A RuboCop extension focused on enforcing upstream best practices and coding conventions.

🌟 JavaScript Style Guide, with linter & automatic code fixer

A linter, formatter for finding and removing unused import statements.

Kubernetes object analysis with recommendations for improved reliability and security

Code analyzer for C# and VB.NET projects https://redirect.sonarsource.com/plugins/vbnet.html

Standalone linter for ABAP

Additional ESLint's rules for Node.js

Static program analysis for TIP

Next-gen phpDoc parser with support for intersection types and generics

CodeCharta visualizes multiple code metrics using 3D tree maps.

⚙️ A curated list of static analysis (SAST) tools for all programming languages, config files, build tools, and more.

prealloc is a Go static analysis tool to find slice declarations that could potentially be preallocated.

A regex based source code scanner.

A static code analyzer for C++, C#, Lua

[DEPRECATED] Find Python web-app bugs delightfully fast, without changing your workflow. 🍱

ESLint configurations and additional rules for me

A static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development anti-patterns and footguns.

StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.

walkmod: an open source tool to fix coding style issues

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

Every programmer needs a rubberduck. COM add-in for the VBA & VB6 IDE (VBE).

A GitHub app to automatically review Python code style over Pull Requests

Manage translation and localization with static analysis, for Ruby i18n

Golang security checker

ESLint Shareable Config for JSX support in JavaScript Standard Style

Functional, composable, asynchronous, type-safe Python.

ESLint Shareable Config for React/JSX support in JavaScript Standard Style

Feram finds & fixes bugs in your commits

The Hy Transformer

A static code analysis for WordPress (and PHP)

The official GitHub mirror of https://gitlab.com/pycqa/flake8

NsDepCop is a static code analysis tool that helps to enforce namespace dependency rules in C# projects. No more unplanned or unnoticed dependencies in your system.

A linter that replay your developing style

Static code analysis for CFML (a linter)

cfmt is a tool to wrap Go comments over a certain length to a new line.

PHP Static Analysis Tool - discover bugs in your code without running it!

☕️ SonarSource Static Analyzer for Java Code Quality and Security

A Ruby static code analyzer and formatter, based on the community Ruby style guide.

Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.

F# analyzer that provides embedded SQL syntax analysis, type-checking for parameters and result sets and nullable column detection when writing queries using Npgsql.FSharp.

SonarSource Static Analyzer for JavaScript and TypeScript

PHPStan rules for detecting usage of deprecated classes, methods, properties, constants and traits.

scalastyle

Java library for parsing report files from static code analysis.

Phan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.

☕️ PMD Plugin for SonarQube

Vulnerability Patterns Detector for C# and VB.NET

The Source Code Sniffer is a poor man’s static code analysis tool (SCA) that leverages regular expressions. Designed to highlight high risk functions (Injection, LFI/RFI, file uploads etc) across multiple languages (ASP, Java, CSharp, PHP, Perl, Python, JavaScript, HTML etc) in a highly configurable manner.

phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code

Type Analyzer for JavaScript

A RuboCop extension focused on enforcing Rails best practices and coding conventions.

List of Maven examples

Soufflé is a variant of Datalog for tool designers crafting analyses in Horn clauses. Soufflé synthesizes a native parallel C++ program from a logic specification.

Owasp Orizon is a source code static analyzer tool designed to spot security issues in Java applications.

🐞 Primitive Erlang Security Tool

A static analyzer for Java, C, C++, and Objective-C

Allows old code to use new standards

The leading static analyzer for Perl. Configurable, extensible, powerful.

a FindBugs/SpotBugs plugin for doing static code analysis for java code bases

A Static Code Analyzer for PHP (a PhpStorm/Idea Plugin)