Open Source Windows Code Review Software
Sort By:
Code Review Software for Windows
View 18 business solutionsBrowse free open source Code Review software and projects for Windows below. Use the toggles on the left to filter open source Code Review software by OS, license, language, programming language, and project status.
-
Gemini 3 and 200+ AI Models on One PlatformBuild, govern, and optimize agents and models with Gemini Enterprise Agent Platform.
-
Streamline Azure Security with Palo Alto Networks VM-SeriesImprove your security posture and reduce incident response time. Use the VM-Series to natively analyze Azure traffic and dynamically drive policy updates based on workload changes.
-
1
tkdiff
Side-by-side diff viewer, editor and merge preparer
tkdiff is a graphical front end to the diff program. It provides a side-by-side view of the differences between two text files, along with several innovative features such as diff bookmarks, a graphical map of differences for quick navigation, and a facility for slicing diff regions to achieve exactly the merge output desired. -
2
SonarQube
Continuous inspection
SonarQube empowers all developers to write cleaner and safer code. Thousands of automated Static Code Analysis rules, protecting your app on multiple fronts, and guiding your team. Catch tricky bugs to prevent undefined behavior from impacting end-users. Fix vulnerabilities that compromise your app, and learn AppSec along the way with Security Hotspots. Make sure your codebase is clean and maintainable, to increase developer velocity! We embrace progress - whether it's multi-language applications, teams composed of different backgrounds or a workflow that's a mix of modern and legacy, SonarQube has you covered. SonarQube fits with your existing tools and pro-actively raises a hand when the quality or security of your codebase is at risk. SonarQube can analyse branches of your repo, and notify you directly in your Pull Requests! -
3
Eclipse Checkstyle Plug-in
Integrates Checkstye into the Eclipse IDE
The Eclipse Checkstyle plug-in integrates the Checkstyle Java code auditor into the Eclipse IDE. The plug-in provides real-time feedback to the user about violations of rules that check for coding style and possible error prone code constructs. -
4
Roslyn
The .NET Compiler Platform
Roslyn provides rich, code analysis APIs to open source C# and Visual Basic compilers. This enables you to access a wealth of information about your code from compilers, which you can then use for code-related tasks in your tools and applications. Roslyn dramatically lowers the barrier to entry for creating code-focused tools and applications, creating many opportunities for innovation. -
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
5
VisualCodeGrepper V2.3.2
Code security review tool for C/C++, C#, VB, PHP, Java, PL/SQL, COBOL.
VCG is an automated code security review tool for C++, C#, VB, PHP, Java, PL/SQL and COBOL, which is intended to speed up the code review process by identifying bad/insecure code. New beta functionality has been added for R. It has a few features that should make it useful. In addition to performing some more complex checks it also has a config file for each language that basically allows you to add any bad functions (or other text) that you want to search for. It attempts to find phrases within comments that can indicate broken code and it provides stats and a pie chart (for the entire codebase and for individual files) showing relative proportions of code, whitespace, comments, 'ToDo'-style comments and bad code. I've tried to produce something which searches intelligently for buffer overflows and signed/unsigned comparison in C, violations of OWASP recommendations in Java code, etc. Current version: 2.3.2 -
6
PHP_CodeSniffer
Tokenize PHP files and detects violations of coding standards
PHP_CodeSniffer is a set of two PHP scripts; the main phpcs script that tokenizes PHP, JavaScript and CSS files to detect violations of a defined coding standard, and a second phpcbf script to automatically correct coding standard violations. PHP_CodeSniffer is an essential development tool that ensures your code remains clean and consistent. PHP_CodeSniffer requires PHP version 5.4.0 or greater, although individual sniffs may have additional requirements such as external applications and scripts. See the Configuration Options manual page for a list of these requirements. If you're using PHP_CodeSniffer as part of a team, or you're running it on a CI server, you may want to configure your project's settings using a configuration file. If you use PEAR, you can install PHP_CodeSniffer using the PEAR installer. This will make the phpcs and phpcbf commands immediately available for use. -
7
Asm-Dude
Visual Studio extension for syntax highlighting assembly
Visual Studio extension for assembly syntax highlighting and code completion in assembly files and the disassembly window. Assembly syntax highlighting and code assistance for assembly source files and the disassembly window for Visual Studio 2015, 2017 and 2019. This extension can be found in the visual studio extensions gallery or download latest installer AsmDude.vsix (v1.9.6.14). If assembly is too much of a hassle but you still want access to specific machine instructions, consider Intrinsics-Dude. The instruction sets of the x86 and the x64, but also SSE, AVX, AVX2, Xeon-Phi (Knights Corner) instructions with their descriptions are provided. Most of the regularly used Masm directives are supported and some Nasm directives. If you are not happy with highlighting or the descriptions. Mnemonics and descriptions can be added and changed by updating the AsmDudeData.xml file that will be stored next to the binaries when installing the plugin (.vsix). -
8
Sentry
Cross-platform application monitoring and error tracking software
Sentry is a cross-platform, self-hosted error monitoring solution that helps software teams discover, monitor and fix errors in real-time. The most users and logs will have to provide are the clues, and Sentry provides the answers. Sentry offers enhanced application performance monitoring through information-laden stack traces. It lets you build better software faster and more efficiently by showing you all issues in one place and providing the trail of events that lead to errors. It also provides real-time monitoring and data visualization through dashboards. Sentry’s server is in Python, but its API enables for sending events from any language, in any application. More than fifty-thousand companies already ship better software faster thanks to Sentry; let yours be one of them! -
9
Enlightn
Your performance & security consultant, an artisan command away
Enlightn scans your Laravel app code to provide you actionable recommendations on improving its performance, security & more. We'll perform over 100 checks against your application for common issues, and provide actionable feedback for fixing them. Think of Enlightn as your performance and security consultant. Enlightn will "review" your code and server configurations, and give you actionable recommendations on improving performance, security, and reliability! The Enlightn OSS (open source software) version has 64 automated checks that scan your application code, web server configurations, and routes to identify performance bottlenecks, possible security vulnerabilities, and code reliability issues. Enlightn Pro (commercial) is available for purchase on the Enlightn website and has an additional 64 automated checks (a total of 128 checks). Serving Assets: Minification, cache headers, CDN, and compression headers. -
Try Google Cloud Risk-Free With $300 in CreditUse your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.
-
10
OpenCover
Code coverage tool for .NET 2 and above
OpenCover is a free and open source code coverage tool for .NET 2 and above (Windows OSs only - no MONO), with support for 32 and 64 processes and covers both branch and sequence points. It uses the profiler API that is currently only available to .NET Frameworks running on the Windows platform. OpenCover is an attempt at building a code coverage utility that addresses certain issues in maintaining PartCover support for 64-bit processes. -
11
Polacode
Polaroid for your code
Use polacode.target, polacode.shadow, polacode.transparentBackground and polacode.backgroundColor to control image appearance. You have spent countless hours finding the perfect JavaScript grammar, matching it with a sleek-looking VS Code theme, trying out all the best programming fonts. You take three days porting over your theme before starting to use VS Code. You shell out $200 for italic cursive html attributes. The code has to look right. -
12
DeepCode for Visual Studio Code
DeepCode extension for Visual Studio Code
DeepCode AI has always been the backbone of Snyk code, which is why it's the fastest, most accurate SAST on the market. DeepCode AI, powering the Snyk platform, utilizes multiple AI models, is trained on security-specific data, and is all curated by top security researchers to give you all the power of AI without any of the drawbacks. With 11 supported languages, and multiple AI models, Snyk's DeepCode AI was designed to find and fix vulnerabilities and manage tech debt. DeepCode AI powers Snyk's one-click security fixes and comprehensive app coverage, letting developers build fast while staying secure. Our specialized DeepCode AI is built and refined by top-tier researchers that use training data from millions of open source projects, never customer data. DeepCode AI's hybrid approach uses multiple models and security-specific training sets for one purpose, to secure applications. -
13
Flow
A static type checker for JavaScript
Flow is a static type checker for JavaScript. It was designed to help improve code quality and developer productivity. It does this through several smart capabilities. First, it identifies problems as you code, so you no longer have to waste time guessing and checking again and again. Second, it understands your code and makes its knowledge available, allowing you to build other smart tools on top of it. Third, it helps you refactor safely so you can focus on the changes you want to make and not on what you might break. Lastly, it can help prevent bad rebases and protect your carefully designed library, which is especially relevant when working with a large group of developers. Flow integrates with many tools, so you can easily and seamlessly insert it into your existing workflow and toolchain. -
14
Highlight.js
JavaScript syntax highlighter with language auto-detection
Highlight.js is a syntax highlighter written in JavaScript. It works in the browser as well as on the server. It can work with pretty much any markup, doesn’t depend on any other frameworks, and has automatic language detection. Highlight.js supports over 180 languages in the core library. There are also 3rd party language definitions available to support even more languages. We strongly recommend <pre><code> wrapping for code blocks. It's quite semantic and "just works" out of the box with zero fiddling. It is possible to use other HTML elements (or combos), but you may need to pay special attention to preserving linebreaks. You can run highlighting inside a web worker to avoid freezing the browser window while dealing with very big chunks of code. -
15
Kodus
AI code reviews, just like your senior dev would do
Kodus-AI is a framework for building, training, and deploying intelligent agents and models, especially focusing on practical AI workflows for businesses and automation. It provides a structured set of tools and abstractions that help teams design agent behaviors, orchestrate data pipelines, optimize inference, and integrate AI capabilities with applications or services. The platform often includes model management, scalable training workflows, and orchestration patterns that help teams move from research or prototypes to production-ready AI deployments. Through configurable pipelines and a focus on modularity, it supports experimentation while maintaining reproducibility and performance. Its tooling is typically designed to handle real-world imperatives like logging, monitoring, versioning, and hooking into operational infrastructure. -
16
Sourcery AI Code Review
Instant AI code reviews
Sourcery is an AI-powered code assistant designed to help developers write cleaner, more maintainable Python code by suggesting real-time refactorings, improvements, and best-practice rewrites directly in popular editors and IDEs. Instead of just offering autocomplete, Sourcery analyzes existing functions and code patterns to provide context-aware suggestions that can simplify logic, reduce duplication, improve naming, and correct anti-patterns, helping developers adhere to idiomatic style without manual review. It integrates directly into development workflows through plugins for editors like VS Code, JetBrains IDEs, and command-line tools, so suggestions appear where developers already write code. Because it continuously evaluates changes, it can catch inefficiencies and suggest enhancements both while typing and during dedicated refactor passes. Teams can standardize code quality across codebases by adopting Sourcery’s automated suggestions as part of review or CI pipelines. -
17
Static Analysis Tools for PHP
Docker image that provides static analysis tools for PHP
Docker image providing static analysis tools for PHP. The list of available tools and the installer is actually managed in the jakzal/toolbox repository. Docker image with quality analysis tools for PHP. To run the selected tool inside the container, you'll need to mount the project directory on the container with -v "$(pwd):/project". Some tools like to write to the /tmp directory (like PHPStan, or Behat in some cases), therefore it's often useful to share it between docker runs, i.e. with -v "$(pwd)/tmp-phpqa:/tmp". If you want to be able to interrupt the selected tool if it takes too much time to complete, you can use the --init option. Some tools are not included in the docker image, to use them refer to their documentation. Provides utilities to report legacy tests and usage of deprecated code. -
18
ThinkReview
AI-powered code reviews for GitLab & Azure DevOps. Zero setup. Powered
I Copilot for Gitlab and Azure DevOps Merge requests (MRs) and Pull Requests (PRs) in your browser. The extension Summarises merge requests , provided suggestions and find potential security issues , provide smart questions to dive deeper and chat with your pull requests The extension works out of the box without any complex setup - Supports custom Self hosted Gitlab as well as gitlab.com and gitlab enterprise Enhance your GitLab MRs and Azure Devops PRsworkflows with automatic patch diff access and AI-powered code reviews. Key Features: • Auto-detect MR and PR Pages: The extension automatically recognizes when you're viewing a GitLab merge request. • Works with any instance of gitlab and azure devops whether it's on a custom domain or on gitlab.com • Integrated AI Code Review: Get instant AI-powered code reviews displayed directly in the GitLab interface. • Seamless GitLab Integration: The extension adds functionality without disrupting the GitLab experience. -
19
AdaControl
Ada source code controller
A tool that detects the use of many constructs in Ada programs. Use it to control style or programming rules, but also as a powerful tool to search for use (or non-use) of various forms of programming styles or design patterns. -
20
Highlight Code Converter
Source code to formatted text converter
Highlight is a source code to formatted text converter. It generates HTML, XHTML, RTF, ODT, LaTeX, TeX, SVG, BBCode and terminal escape sequences with coloured syntax highlighting. Language definitions and colour themes are Lua scripts and support plugins -
21
Platformer 2D Godot Game
Test project with a 2D platform game developing in Godot 3.1
Test project with a 2D platform game developing in Godot 3.1, reusable mechanics for: State Machine, basics AI, Android Games. -
22
CvsChangelogBuilder is an utility to generate advanced, differential and/or graphical changelogs, for a project hosted on a CVS server (CVS change log). It provides a better output than the 'cvs log' command, and accept a lot of options.
-
23
FTP LiveSync
Remote code synchronization tool
Livesync allows edit server side scripts on the fly by modifying its local copy. basically it's a ftp client which can monitor changes in filesystem and upload modified file to remote server. -
24
AdLint
Open source and free source code static analyzer
AdLint is a source code static analyzer. It can point out insecure or nonportable code fragments, and can measure various quality metrics of the source code. It (currently) can analyze source code compliant with ANSI C89 / ISO C90 and partly ISO C99. AdLint is written in Ruby. So, it is available for Windows, Mac OS X, GNU/Linux, FreeBSD and any other platforms supported by Ruby. -
25
Simple use of javadbf (http://javadbf.sarovar.org) class. Allows import / export files from a Siemens Step7 project . Allow to put your logic files under SVN o similar (easy and fast!) NEW VERSION IS READY, NO CONFIGURATION NEED!
