Open Source Windows Code Review Software
Sort By:
Code Review Software for Windows
View 18 business solutionsBrowse free open source Code Review software and projects for Windows below. Use the toggles on the left to filter open source Code Review software by OS, license, language, programming language, and project status.
-
AI-generated apps that pass security reviewRetool lets you generate dashboards, admin panels, and workflows directly on your data. Type something like “Build me a revenue dashboard on my Stripe data” and get a working app with security, permissions, and compliance built in from day one. Whether on our cloud or self-hosted, create the internal software your team needs without compromising enterprise standards or control.
-
Atera all-in-one platform IT management software with AI agentsAtera’s AI agents don’t just assist, they act. From detection to resolution, they handle incidents and requests instantly, taking your IT management from automated to autonomous.
-
1
tkdiff
Side-by-side diff viewer, editor and merge preparer
tkdiff is a graphical front end to the diff program. It provides a side-by-side view of the differences between two text files, along with several innovative features such as diff bookmarks, a graphical map of differences for quick navigation, and a facility for slicing diff regions to achieve exactly the merge output desired. -
2
SonarQube
Continuous inspection
SonarQube empowers all developers to write cleaner and safer code. Thousands of automated Static Code Analysis rules, protecting your app on multiple fronts, and guiding your team. Catch tricky bugs to prevent undefined behavior from impacting end-users. Fix vulnerabilities that compromise your app, and learn AppSec along the way with Security Hotspots. Make sure your codebase is clean and maintainable, to increase developer velocity! We embrace progress - whether it's multi-language applications, teams composed of different backgrounds or a workflow that's a mix of modern and legacy, SonarQube has you covered. SonarQube fits with your existing tools and pro-actively raises a hand when the quality or security of your codebase is at risk. SonarQube can analyse branches of your repo, and notify you directly in your Pull Requests! -
3
Roslyn
The .NET Compiler Platform
Roslyn provides rich, code analysis APIs to open source C# and Visual Basic compilers. This enables you to access a wealth of information about your code from compilers, which you can then use for code-related tasks in your tools and applications. Roslyn dramatically lowers the barrier to entry for creating code-focused tools and applications, creating many opportunities for innovation. -
4
Eclipse Checkstyle Plug-in
Integrates Checkstye into the Eclipse IDE
The Eclipse Checkstyle plug-in integrates the Checkstyle Java code auditor into the Eclipse IDE. The plug-in provides real-time feedback to the user about violations of rules that check for coding style and possible error prone code constructs. -
Find Hidden Risks in Windows Task SchedulerWindows Task Scheduler might be hiding critical failures. Download the free JAMS diagnostic tool to uncover problems before they impact production—get a color-coded risk report with clear remediation steps in minutes.
-
5
VisualCodeGrepper V2.3.2
Code security review tool for C/C++, C#, VB, PHP, Java, PL/SQL, COBOL.
VCG is an automated code security review tool for C++, C#, VB, PHP, Java, PL/SQL and COBOL, which is intended to speed up the code review process by identifying bad/insecure code. New beta functionality has been added for R. It has a few features that should make it useful. In addition to performing some more complex checks it also has a config file for each language that basically allows you to add any bad functions (or other text) that you want to search for. It attempts to find phrases within comments that can indicate broken code and it provides stats and a pie chart (for the entire codebase and for individual files) showing relative proportions of code, whitespace, comments, 'ToDo'-style comments and bad code. I've tried to produce something which searches intelligently for buffer overflows and signed/unsigned comparison in C, violations of OWASP recommendations in Java code, etc. Current version: 2.3.2 -
6
Asm-Dude
Visual Studio extension for syntax highlighting assembly
Visual Studio extension for assembly syntax highlighting and code completion in assembly files and the disassembly window. Assembly syntax highlighting and code assistance for assembly source files and the disassembly window for Visual Studio 2015, 2017 and 2019. This extension can be found in the visual studio extensions gallery or download latest installer AsmDude.vsix (v1.9.6.14). If assembly is too much of a hassle but you still want access to specific machine instructions, consider Intrinsics-Dude. The instruction sets of the x86 and the x64, but also SSE, AVX, AVX2, Xeon-Phi (Knights Corner) instructions with their descriptions are provided. Most of the regularly used Masm directives are supported and some Nasm directives. If you are not happy with highlighting or the descriptions. Mnemonics and descriptions can be added and changed by updating the AsmDudeData.xml file that will be stored next to the binaries when installing the plugin (.vsix). -
7
Flow
A static type checker for JavaScript
Flow is a static type checker for JavaScript. It was designed to help improve code quality and developer productivity. It does this through several smart capabilities. First, it identifies problems as you code, so you no longer have to waste time guessing and checking again and again. Second, it understands your code and makes its knowledge available, allowing you to build other smart tools on top of it. Third, it helps you refactor safely so you can focus on the changes you want to make and not on what you might break. Lastly, it can help prevent bad rebases and protect your carefully designed library, which is especially relevant when working with a large group of developers. Flow integrates with many tools, so you can easily and seamlessly insert it into your existing workflow and toolchain. -
8
Sentry
Cross-platform application monitoring and error tracking software
Sentry is a cross-platform, self-hosted error monitoring solution that helps software teams discover, monitor and fix errors in real-time. The most users and logs will have to provide are the clues, and Sentry provides the answers. Sentry offers enhanced application performance monitoring through information-laden stack traces. It lets you build better software faster and more efficiently by showing you all issues in one place and providing the trail of events that lead to errors. It also provides real-time monitoring and data visualization through dashboards. Sentry’s server is in Python, but its API enables for sending events from any language, in any application. More than fifty-thousand companies already ship better software faster thanks to Sentry; let yours be one of them! -
9
Kodus
AI code reviews, just like your senior dev would do
Kodus-AI is a framework for building, training, and deploying intelligent agents and models, especially focusing on practical AI workflows for businesses and automation. It provides a structured set of tools and abstractions that help teams design agent behaviors, orchestrate data pipelines, optimize inference, and integrate AI capabilities with applications or services. The platform often includes model management, scalable training workflows, and orchestration patterns that help teams move from research or prototypes to production-ready AI deployments. Through configurable pipelines and a focus on modularity, it supports experimentation while maintaining reproducibility and performance. Its tooling is typically designed to handle real-world imperatives like logging, monitoring, versioning, and hooking into operational infrastructure. -
Free and Open Source HR SoftwareGive your HR team the tools they need to streamline administrative tasks, support employees, and make informed decisions with the OrangeHRM free and open source HR software.
-
10
eslint-plugin-compat
Check the browser compatibility of your code
Lint the browser compatibility of your code. Browser targets are configured using a browser list. You can configure browser targets in your package.json. If no configuration is found, browser list defaults to "> 0.5%, last 2 versions, Firefox ESR, not dead". Add polyfills to the settings section of your eslint config. Append the name of the object and the property if one exists. Toolchains for native platforms, like iOS and Android, have had API linting from the start. It's about time that the web had similar tooling. -
11
Chroma
A general purpose syntax highlighter in pure Go
As Chroma has just been released, its API is still in flux. That said, the high-level interface should not change significantly. Chroma takes source code and other structured text and converts it into syntax-highlighted HTML, ANSI-coloured text, etc. Chroma is based heavily on Pygments and includes translators for Pygments lexers and styles. ABAP, ABNF, ActionScript, ActionScript 3, Ada, Angular2, ANTLR, ApacheConf, APL, AppleScript, Arduino, Awk. PacmanConf, Perl, PHP, PHTML, Pig, PkgConfig, PL/pgSQL, plaintext, Pony, PostgreSQL SQL dialect, PostScript, POVRay, PowerShell, Prolog, PromQL, Properties, Protocol Buffer, PSL, Puppet, Python 2, Python. Lexers convert source text into a stream of tokens, styles specify how token types are mapped to colours, and formatters convert tokens and styles into formatted output. A package exists for each of these, containing a global Registry variable with all of the registered implementations. -
12
OpenCover
Code coverage tool for .NET 2 and above
OpenCover is a free and open source code coverage tool for .NET 2 and above (Windows OSs only - no MONO), with support for 32 and 64 processes and covers both branch and sequence points. It uses the profiler API that is currently only available to .NET Frameworks running on the Windows platform. OpenCover is an attempt at building a code coverage utility that addresses certain issues in maintaining PartCover support for 64-bit processes. -
13
SonarJS
SonarSource Static Analyzer for JavaScript and TypeScript
This SonarSource project is a static code analyzer for JavaScript, TypeScript and CSS languages. In order to analyze JavaScript, TypeScript or CSS code, you need to have a supported version of Node.js installed on the machine running the scan. Recommended versions are the previous LTS version v14 and the latest version - v16. We recommend using the latest available LTS version (v16 as of today) for optimal stability and performance. v12 is still supported, but it already reached end-of-life and is deprecated. If node is not available in the PATH, you can use property sonar.nodejs.executable to set an absolute path to Node.js executable. If you have a community plugin for CSS analysis installed on your SonarQube instance it will conflict with the analysis of CSS, so it should be removed. -
14
AdaControl
Ada source code controller
A tool that detects the use of many constructs in Ada programs. Use it to control style or programming rules, but also as a powerful tool to search for use (or non-use) of various forms of programming styles or design patterns. -
15
DeepCode
DeepCode extension for Visual Studio Code
DeepCode AI has always been the backbone of Snyk code, which is why it's the fastest, most accurate SAST on the market. DeepCode AI, powering the Snyk platform, utilizes multiple AI models, is trained on security-specific data, and is all curated by top security researchers to give you all the power of AI without any of the drawbacks. With 11 supported languages, and multiple AI models, Snyk's DeepCode AI was designed to find and fix vulnerabilities and manage tech debt. DeepCode AI powers Snyk's one-click security fixes and comprehensive app coverage, letting developers build fast while staying secure. Our specialized DeepCode AI is built and refined by top-tier researchers that use training data from millions of open source projects, never customer data. DeepCode AI's hybrid approach uses multiple models and security-specific training sets for one purpose, to secure applications. -
16
Gnomock
Test your code without writing mocks with ephemeral Docker containers
Gnomock is an integration and end-to-end testing toolkit. It uses Docker to create temporary containers for application dependencies, set up their initial state and clean them up in the end. Gnomock allows to testing the code with no mocks wherever possible. The power of Gnomock is in a variety of Presets, each implementing a specific database, service, or other tools. Each preset provides ways of setting up its initial state as easily as possible: SQL schema creation, test data upload into S3, sending test events to Splunk, etc. -
17
Highlight.js
JavaScript syntax highlighter with language auto-detection
Highlight.js is a syntax highlighter written in JavaScript. It works in the browser as well as on the server. It can work with pretty much any markup, doesn’t depend on any other frameworks, and has automatic language detection. Highlight.js supports over 180 languages in the core library. There are also 3rd party language definitions available to support even more languages. We strongly recommend <pre><code> wrapping for code blocks. It's quite semantic and "just works" out of the box with zero fiddling. It is possible to use other HTML elements (or combos), but you may need to pay special attention to preserving linebreaks. You can run highlighting inside a web worker to avoid freezing the browser window while dealing with very big chunks of code. -
18
JSHint
A tool that helps to detect errors and in your JavaScript code
JSHint is a community-driven tool that detects errors and potential problems in JavaScript code. Since JSHint is so flexible, you can easily adjust it in the environment you expect your code to execute. JSHint is publicly available and will always stay this way. The project aims to help JavaScript developers write complex programs without worrying about typos and language gotchas. Any code base eventually becomes huge at some point, so simple mistakes, that would not show themselves when written, can become show stoppers and add extra hours of debugging. So, static code analysis tools come into play and help developers spot such problems. JSHint scans a program written in JavaScript and reports about commonly made mistakes and potential bugs. The potential problem could be a syntax error, a bug due to an implicit type conversion, a leaking variable, or something else entirely. -
19
Kotlin Explorer
Desktop tool to quickly explore disassembled Kotlin code
Kotlin Explorer is a desktop tool to quickly and easily disassemble Kotlin code. After launching Kotlin Explorer, type valid Kotlin code in the left pane, then click File > Decompile or use Cmd-Shift-D on macOS, Ctrl-Shift-D on Linux and Windows. The middle pane will show the Android DEX bytecode, and the right panel the native assembly resulting from ahead of time compilation (AOT). -
20
PHP_CodeSniffer
Tokenize PHP files and detects violations of coding standards
PHP_CodeSniffer is a set of two PHP scripts; the main phpcs script that tokenizes PHP, JavaScript and CSS files to detect violations of a defined coding standard, and a second phpcbf script to automatically correct coding standard violations. PHP_CodeSniffer is an essential development tool that ensures your code remains clean and consistent. PHP_CodeSniffer requires PHP version 5.4.0 or greater, although individual sniffs may have additional requirements such as external applications and scripts. See the Configuration Options manual page for a list of these requirements. If you're using PHP_CodeSniffer as part of a team, or you're running it on a CI server, you may want to configure your project's settings using a configuration file. If you use PEAR, you can install PHP_CodeSniffer using the PEAR installer. This will make the phpcs and phpcbf commands immediately available for use. -
21
ThinkReview
AI-powered code reviews for GitLab & Azure DevOps. Zero setup. Powered
I Copilot for Gitlab and Azure DevOps Merge requests (MRs) and Pull Requests (PRs) in your browser. The extension Summarises merge requests , provided suggestions and find potential security issues , provide smart questions to dive deeper and chat with your pull requests The extension works out of the box without any complex setup - Supports custom Self hosted Gitlab as well as gitlab.com and gitlab enterprise Enhance your GitLab MRs and Azure Devops PRsworkflows with automatic patch diff access and AI-powered code reviews. Key Features: • Auto-detect MR and PR Pages: The extension automatically recognizes when you're viewing a GitLab merge request. • Works with any instance of gitlab and azure devops whether it's on a custom domain or on gitlab.com • Integrated AI Code Review: Get instant AI-powered code reviews displayed directly in the GitLab interface. • Seamless GitLab Integration: The extension adds functionality without disrupting the GitLab experience. -
22
CodeCounter
Recursive source code line counter for C, BASIC, and web files.
Recursively count lines of source code and comments through files and sub-directories. Created to parse entire projects rather than individual files. C, BASIC, and web files (general) supported. -
23
Platformer 2D Godot Game
Test project with a 2D platform game developing in Godot 3.1
Test project with a 2D platform game developing in Godot 3.1, reusable mechanics for: State Machine, basics AI, Android Games. -
24
A code review tool for Subversion, GIT and ClearCase controlled files. Features: Complete Review Cycle/ Reviews between different file versions/ Syntax highlighting/ Email Notifications/ Checklist Support/ Readable XML-Output/ Easy Configuration/ Metrics
-
25
Free SQL Formatter
SQL code formatter / beautifier
FSQLF - Free SQL Formatter is open source SQL code formatter and beautifier, built to make life easier for people dealing with long SQL queries.
