Search Results for "clang static analyzer"
Sort By:
Showing 52 open source projects for "clang static analyzer"
View related business solutions-
AlertBot monitors your website's full functionality around the clock so you can focus your time on more important things.
-
It protects your internal resources such as behind-the-firewall applications, teams, and devices.
-
1
CodeChecker
CodeChecker is an analyzer tooling, defect database
CodeChecker is a static analysis infrastructure built on the LLVM/Clang Static Analyzer toolchain, replacing scan-build in a Linux or macOS (OS X) development environment. Executes Clang-Tidy and Clang Static Analyzer with Cross-Translation Unit analysis, Statistical Analysis (when checkers are available). Creates the JSON compilation database by wiretapping any build process (e.g., CodeChecker log -b "make"). Automatically analyzes GCC cross-compiled projects: detecting GCC or Clang compiler... -
2
The LLVM Compiler Infrastructure
Collection of modular and reusable compiler and toolchain technologies
The LLVM Project is a collection of modular and reusable compiler and toolchain technologies. Despite its name, LLVM has little to do with traditional virtual machines. LLVM began as a research project at the University of Illinois, with the goal of providing a modern, SSA-based compilation strategy capable of supporting both static and dynamic compilation of arbitrary programming languages. Since then, LLVM has grown to be an umbrella project consisting of a number of subprojects, many... -
3
PlatformIO Core
Professional collaborative platform for embedded development
PlatformIO is a professional collaborative platform for embedded development. A place where Developers and Teams have true Freedom! No more vendor lock-in! A user-friendly and extensible integrated development environment with a set of professional development instruments, providing modern and powerful features to speed up yet simplify the creation and delivery of embedded products. A lightweight but powerful cross-platform source code editor. Smart code completions are based on variable... -
4
Pylint
It's not just a linter that annoys you!
Pylint is a static code analyzer for Python 2 or 3. The latest version supports Python 3.7.2 and above. Pylint analyses your code without actually running it. It checks for errors, enforces a coding standard, looks for code smells, and can make suggestions about how the code could be refactored. Projects that you might want to use alongside pylint include flake8 (faster and simpler checks with very few false positives), mypy, pyright or pyre (typing checks), bandit (security-oriented checks... -
Chat with your business data with Looker. More than just a modern business intelligence platform, you can turn to Looker for self-service or governed BI, build your own custom applications with trusted metrics, or even bring Looker modeling to your existing BI environment.
-
5
Infer
A static analyzer for Java, C, C++, and Objective-C
Infer is a static analysis tool - if you give Infer some Java or C/C++/Objective-C code it produces a list of potential bugs. Anyone can use Infer to intercept critical bugs before they have shipped to users, and help prevent crashes or poor performance. Infer checks for null pointer exceptions, resource leaks, annotation reachability, missing lock guards, and concurrency race conditions in Android and Java code. Infer checks for null pointer dereferences, memory leaks, coding conventions... -
6
Phan
Phan is a static analyzer for PHP
Phan is a static analyzer for PHP. Phan prefers to avoid false positives and attempts to prove incorrectness rather than correctness. Phan looks for common issues and will verify type compatibility on various operations when type information is available or can be deduced. Phan has a good (but not comprehensive) understanding of flow control and can track values in a few use cases (e.g. arrays, integers, and strings). With Phan installed, you'll want to create a .phan/config.php file in your... -
7
pmd
An extensible multilanguage static code analyzer
PMD is a source code analyzer. It finds common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and so forth. It supports Java, JavaScript, Salesforce.com Apex and Visualforce, PLSQL, Apache Velocity, XML, and XSL. Additionally, it includes CPD, the copy-paste-detector. CPD finds duplicated code in Java, C, C++, C#, Groovy, PHP, Ruby, Fortran, JavaScript, PLSQL, Apache Velocity, Scala, Objective C, Matlab, Python, Go, Swift and Salesforce.com Apex... -
8
F·W·K
3D game engine/framework in C, with Luajit and Python bindings now
3D game framework in C, with Luajit and Python bindings now. -
9
libgit2
A cross-platform, portable, linkable Git implementation library
libgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API, allowing you to write native speed custom Git applications in any language which supports C bindings. Libgit2 is developed with CMake, and this is be the easiest way to build a binary from the source. The CMake build system provides lots of options to configure the libgit2 build for your particular needs. It’s highly recommended that you build libgit2 as a static... -
When it comes to cybersecurity, what your clients don’t know can really hurt them. And believe it or not, keep them safe starts with asking questions. With ConnectWise Identify Assessment, get access to risk assessment backed by the NIST Cybersecurity Framework to uncover risks across your client’s entire business, not just their networks. With a clearly defined, easy-to-read risk report in hand, you can start having meaningful security conversations that can get you on the path of keeping your clients protected from every angle. Choose from two assessment levels to cover every client’s need, from the Essentials to cover the basics to our Comprehensive Assessment to dive deeper to uncover additional risks. Our intuitive heat map shows you your client’s overall risk level and priority to address risks based on probability and financial impact. Each report includes remediation recommendations to help you create a revenue-generating action plan.
-
10
Application Inspector
A source code analyzer built for surfacing features of interest
... and more and has received industry attention as a new and valuable contribution to OSS on ZDNet, SecurityWeek, CSOOnline, Linux.com/news, HelpNetSecurity, Twitter and more and was first featured on Microsoft.com. Application Inspector is different from traditional static analysis tools in that it doesn't attempt to identify "good" or "bad" patterns; it simply reports what it finds against a set of over 400 rule patterns for feature detection including features that impact security. -
11
Cosmopolitan
Build-once run-anywhere c library
Cosmopolitan Libc makes C a build-once run-anywhere language, like Java, except it doesn't need an interpreter or virtual machine. Instead, it reconfigures stock GCC and Clang to output a POSIX-approved polyglot format that runs natively on Linux + Mac + Windows + FreeBSD + OpenBSD + NetBSD + BIOS with the best possible performance and the tiniest footprint imaginable. Cosmopolitan can be compiled from source on any Linux distro. GNU make needs to be installed beforehand. This is a freestanding... -
12
SonarJS
SonarSource Static Analyzer for JavaScript and TypeScript
This SonarSource project is a static code analyzer for JavaScript, TypeScript and CSS languages. In order to analyze JavaScript, TypeScript or CSS code, you need to have a supported version of Node.js installed on the machine running the scan. Recommended versions are the previous LTS version v14 and the latest version - v16. We recommend using the latest available LTS version (v16 as of today) for optimal stability and performance. v12 is still supported, but it already reached end-of-life... -
13
RuboCop
A Ruby static code analyzer and formatter, based on the community Ruby
RuboCop is a Ruby static code analyzer (a.k.a. linter) and code formatter. Out of the box it will enforce many of the guidelines outlined in the community Ruby Style Guide. RuboCop packs a lot of features on top of what you’d normally expect from a linter. Works with every major Ruby implementation. Autocorrection of many of the code offenses it detects. Robust code formatting capabilities. Multiple result for matters for both interactive use and for feeding data into other tools. Ability... -
14
Simd Library
C++ image processing and machine learning library with using of SIMD
... the following CPU extensions: SSE, AVX, AVX-512, and AMX for x86/x64, and NEON for ARM. The Simd Library has C API and also contains useful C++ classes and functions to facilitate access to C API. The library supports dynamic and static linking, 32-bit and 64-bit Windows and Linux, MSVS, G++ and Clang compilers, MSVS projects, and CMake build systems. -
15
Code Quality and Security for Java
SonarSource Static Analyzer for Java Code Quality and Security
Hundreds of unique rules to find Java bugs, code smells & vulnerabilities. Sonar static analysis helps you build and maintain high-quality Java code. Covering popular build systems, standards and versions, Sonar elevates your coding game while keeping vulnerabilities at bay. With each Java version, we create dedicated rules so you learn shiny, new features and avoid pitfalls. Consistently find tricky, hard-to-spot issues in your regular expressions. Allow you to effortlessly repair your Java... -
16
Slither
Static Analyzer for Solidity
Slither is a Solidity static analysis framework written in Python 3. It runs a suite of vulnerability detectors, prints visual information about contract details, and provides an API to easily write custom analyses. Slither enables developers to find vulnerabilities, enhance their code comprehension, and quickly prototype custom analyses. Slither is the first open-source static analysis framework for Solidity. Slither is fast and precise; it can find real vulnerabilities in a few seconds... -
17
Code Quality and Security for C#
Code analyzer for C# and VB.NET projects
Sonar offers a single cohesive solution with a consistent set of metrics and hundreds of static analysis rules to detect your coding issues early. Plus fast and high-precision analysis means high value, low noise, and reliable results always. A single solution for dozens of popular languages, development frameworks and IaC platforms. Our powerful language-specific analysis not only detects coding issues but also helps you understand what's wrong and how to fix it. Our publicly available ruleset... -
18
doctest
Fastest feature-rich C++11/14/17/20 single-header testing framework
... and maintenance to do. There are many C++ testing frameworks - Catch, Boost.Test, UnitTest++, cpputest, googletest and others. The key differences between it and other testing frameworks are that it is light and unintrusive. Ultra light on compile times both in terms of including the header and writing thousands of asserts. Doesn't produce any warnings even on the most aggressive warning levels for MSVC/GCC/Clang. -
19
TOTVS Developer Studio para VSCode
Totvs Developer Studio for vscode
The TOTVS Developer Studio for VS Code extension provides a development suite for the Protheus/Logix ecosystem. Using the LSP ( Language Server Protocol ) and DAP ( Debug Adapter Protocol ) communication protocols , both widely used and extensible to other IDEs on the market, such as Atom, Visual Studio, Eclipse, Eclipse Theia, Vim and Emacs. When starting VS Code with the TDS-VSCode extension installed, open (or create) the main folder that contains (or will contain) your source and... -
20
EMBA
The firmware security analyzer
EMBA is designed as the central firmware analysis tool for penetration testers and product security teams. It supports the complete security analysis process starting with firmware extraction, doing static analysis and dynamic analysis via emulation and finally generating a web report. EMBA automatically discovers possible weak spots and vulnerabilities in firmware. Examples are insecure binaries, old and outdated software components, potentially vulnerable scripts, or hard-coded passwords... -
21
GIXY
Nginx configuration static analyzer
Gixy is a tool to analyze Nginx configuration. The main goal of Gixy is to prevent security misconfiguration and automate flaw detection. Currently supported Python versions are 2.7, 3.5, 3.6 and 3.7. Gixy is well tested only on GNU/Linux, other OSs may have some issues. You can find things that Gixy is learning to detect at Issues labeled with "new plugin". By default Gixy will try to analyze Nginx configuration placed in /etc/nginx/nginx.conf. Or something else, you can find all other gixy... -
22
AWStats
AWStats Log Analyzer
AWStats is a free powerful and featureful server logfile analyzer that shows you all your Web/Mail/FTP statistics including visits, unique visitors, pages, hits, rush hours, os, browsers, search engines, keywords, robots visits, broken links and more -
23
Gnu Tools
Unix Tools For Windows
CodeBlocks With A full development environment. Took a while but CodeBlocks is now upto speed and in sync with the current release version. New version of CodeBlocks supports XML based configuration, so users can do specialized compiler support if needed. Changed away from the old Msys in favor of Msys2 which has better support for a lot of things like miktex. Old package is still there if you still need it but wont be developed on anymore. Loads of modifications compared to the... -
24
Bareflank Hypervisor
lightweight hypervisor SDK written in C++
The Bareflank Hypervisor is an open source hypervisor Software Development Toolkit (SDK) for Rust and C++, led by Assured Information Security, Inc. (AIS), that provides the tools needed to rapidly prototype and create your own hypervisor on 64bit versions of Intel and AMD (ARMv8 CPUs, RISC-V and PowerPC also planned). The Bareflank SDK is intended for instructional/research purposes as it only provides enough virtualization support to start/stop a hypervisor. Bareflank can also be used as... -
25
Modern C++ Template
A template for modern C++ projects using CMake, Clang-Format
... point, as coding style is a subjective matter, everyone is free to either delete it (for the LLVM default) or supply their own alternative. Static analyzers integration, with Clang-Tidy and Cppcheck, the former being the default option. Doxygen support, through the ENABLE_DOXYGEN option, which you can enable if you wish to use it. Unit testing support, through GoogleTest (with an option to enable GoogleMock) or Catch2. Code coverage, enabled by using the ENABLE_CODE_COVERAGE op.