Static Analysis⚙️ A curated list of static analysis (SAST) tools for all programming languages, config files, build tools, and more.
Stars: ✭ 9,310 (+5984.97%)
Swift Style GuideSwift language style guide & coding conventions followed by Xmartlabs.
Stars: ✭ 36 (-76.47%)
Npgsql.fsharp.analyzerF# analyzer that provides embedded SQL syntax analysis, type-checking for parameters and result sets and nullable column detection when writing queries using Npgsql.FSharp.
Stars: ✭ 103 (-32.68%)
Pest🐞 Primitive Erlang Security Tool
Stars: ✭ 79 (-48.37%)
Sonar Java☕️ SonarSource Static Analyzer for Java Code Quality and Security
Stars: ✭ 745 (+386.93%)
Conventionsdocumentation package for Go conventions
Stars: ✭ 105 (-31.37%)
TscancodeA static code analyzer for C++, C#, Lua
Stars: ✭ 1,112 (+626.8%)
Fb Contriba FindBugs/SpotBugs plugin for doing static code analysis for java code bases
Stars: ✭ 124 (-18.95%)
Go CriticThe most opinionated Go source code linter for code audit.
Stars: ✭ 875 (+471.9%)
RubberduckEvery programmer needs a rubberduck. COM add-in for the VBA & VB6 IDE (VBE).
Stars: ✭ 1,287 (+741.18%)
SonarjsSonarSource Static Analyzer for JavaScript and TypeScript
Stars: ✭ 696 (+354.9%)
PhpstanPHP Static Analysis Tool - discover bugs in your code without running it!
Stars: ✭ 10,534 (+6784.97%)
PfunFunctional, composable, asynchronous, type-safe Python.
Stars: ✭ 75 (-50.98%)
Owasp OrizonOwasp Orizon is a source code static analyzer tool designed to spot security issues in Java applications.
Stars: ✭ 130 (-15.03%)
Kube ScoreKubernetes object analysis with recommendations for improved reliability and security
Stars: ✭ 1,128 (+637.25%)
MetaThe Standard to create Open Standards
Stars: ✭ 103 (-32.68%)
Commitlint📓 Lint commit messages
Stars: ✭ 9,847 (+6335.95%)
RubocopA Ruby static code analyzer and formatter, based on the community Ruby style guide.
Stars: ✭ 11,593 (+7477.12%)
Rubocop PackagingA RuboCop extension focused on enforcing upstream best practices and coding conventions.
Stars: ✭ 29 (-81.05%)
Violations LibJava library for parsing report files from static code analysis.
Stars: ✭ 94 (-38.56%)
Ros best practicesBest practices, conventions, and tricks for ROS. Do you want to become a robotics master? Then consider graduating or working at the Robotics Systems Lab at ETH in Zürich!
Stars: ✭ 799 (+422.22%)
GrepbugsA regex based source code scanner.
Stars: ✭ 118 (-22.88%)
CheckstyleCheckstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.
Stars: ✭ 6,481 (+4135.95%)
CodechartaCodeCharta visualizes multiple code metrics using 3D tree maps.
Stars: ✭ 85 (-44.44%)
Standard🌟 JavaScript Style Guide, with linter & automatic code fixer
Stars: ✭ 26,433 (+17176.47%)
AbaplintStandalone linter for ABAP
Stars: ✭ 111 (-27.45%)
I18n TasksManage translation and localization with static analysis, for Ruby i18n
Stars: ✭ 1,748 (+1042.48%)
PhpinspectionseaA Static Code Analyzer for PHP (a PhpStorm/Idea Plugin)
Stars: ✭ 1,211 (+691.5%)
UpdateUpdate is a new developer framework and CLI for automating updates of any kind in code projects. If you know how to use assemble, generate or verb, you'll know how to use update.
Stars: ✭ 106 (-30.72%)
Lithiumli₃ is the fast, flexible and most RAD development framework for PHP
Stars: ✭ 1,176 (+668.63%)
Bento[DEPRECATED] Find Python web-app bugs delightfully fast, without changing your workflow. 🍱
Stars: ✭ 147 (-3.92%)
HydiomaticThe Hy Transformer
Stars: ✭ 65 (-57.52%)
ZubrWrapper library to fix inconsistencies in PHP's core functions
Stars: ✭ 105 (-31.37%)
Flake8The official GitHub mirror of https://gitlab.com/pycqa/flake8
Stars: ✭ 1,112 (+626.8%)
ScrutorAssembly scanning and decoration extensions for Microsoft.Extensions.DependencyInjection
Stars: ✭ 1,915 (+1151.63%)
DrekA static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development anti-patterns and footguns.
Stars: ✭ 103 (-32.68%)
DevreplayA linter that replay your developing style
Stars: ✭ 39 (-74.51%)
Perl CriticThe leading static analyzer for Perl. Configurable, extensible, powerful.
Stars: ✭ 149 (-2.61%)
Naming ConventionTemplates for naming convention - TSQL, JavaScript, C#, R, Python, Powershell
Stars: ✭ 961 (+528.1%)
UnimportA linter, formatter for finding and removing unused import statements.
Stars: ✭ 96 (-37.25%)
Cfmtcfmt is a tool to wrap Go comments over a certain length to a new line.
Stars: ✭ 28 (-81.7%)
FeramFeram finds & fixes bugs in your commits
Stars: ✭ 122 (-20.26%)
Eslint PluginESLint configurations and additional rules for me
Stars: ✭ 19 (-87.58%)
JoustmaniaRaspberry Pi Jousting at its finest
Stars: ✭ 91 (-40.52%)
JavaliteJavaLite is a cohesive collection of frameworks designed from ground up to add pleasure back to your daily life
Stars: ✭ 753 (+392.16%)
TipStatic program analysis for TIP
Stars: ✭ 140 (-8.5%)
SourcecodesnifferThe Source Code Sniffer is a poor man’s static code analysis tool (SCA) that leverages regular expressions. Designed to highlight high risk functions (Injection, LFI/RFI, file uploads etc) across multiple languages (ASP, Java, CSharp, PHP, Perl, Python, JavaScript, HTML etc) in a highly configurable manner.
Stars: ✭ 87 (-43.14%)
StacoanStaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
Stars: ✭ 707 (+362.09%)
NsdepcopNsDepCop is a static code analysis tool that helps to enforce namespace dependency rules in C# projects. No more unplanned or unnoticed dependencies in your system.
Stars: ✭ 114 (-25.49%)
Commit Message LintGithub app to validate commit message on a pull request
Stars: ✭ 87 (-43.14%)
TajsType Analyzer for JavaScript
Stars: ✭ 150 (-1.96%)
WpbulletA static code analysis for WordPress (and PHP)
Stars: ✭ 148 (-3.27%)
Sonar Pmd☕️ PMD Plugin for SonarQube
Stars: ✭ 139 (-9.15%)
ConventionalA suite of convention specifications for enforcing type and style conventions in your codebase
Stars: ✭ 85 (-44.44%)