Open Source Windows Code Review Software
Sort By:
Code Review Software for Windows
View 19 business solutionsBrowse free open source Code Review software and projects for Windows below. Use the toggles on the left to filter open source Code Review software by OS, license, language, programming language, and project status.
-
Compliant and Reliable File Transfers Backed by Top Security CertificationsStop relying on non-certified, legacy file transfer tools that creak under the weight of modern security demands. Get full audit trails, advanced access controls and more supported by an award-winning team of experts. Start your free 25-day trial today.
-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
1
SonarQube
Continuous inspection
SonarQube empowers all developers to write cleaner and safer code. Thousands of automated Static Code Analysis rules, protecting your app on multiple fronts, and guiding your team. Catch tricky bugs to prevent undefined behavior from impacting end-users. Fix vulnerabilities that compromise your app, and learn AppSec along the way with Security Hotspots. Make sure your codebase is clean and maintainable, to increase developer velocity! We embrace progress - whether it's multi-language applications, teams composed of different backgrounds or a workflow that's a mix of modern and legacy, SonarQube has you covered. SonarQube fits with your existing tools and pro-actively raises a hand when the quality or security of your codebase is at risk. SonarQube can analyse branches of your repo, and notify you directly in your Pull Requests! -
2
tkdiff
Side-by-side diff viewer, editor and merge preparer
tkdiff is a graphical front end to the diff program. It provides a side-by-side view of the differences between two text files, along with several innovative features such as diff bookmarks, a graphical map of differences for quick navigation, and a facility for slicing diff regions to achieve exactly the merge output desired. -
3
Chroma
A general purpose syntax highlighter in pure Go
As Chroma has just been released, its API is still in flux. That said, the high-level interface should not change significantly. Chroma takes source code and other structured text and converts it into syntax-highlighted HTML, ANSI-coloured text, etc. Chroma is based heavily on Pygments and includes translators for Pygments lexers and styles. ABAP, ABNF, ActionScript, ActionScript 3, Ada, Angular2, ANTLR, ApacheConf, APL, AppleScript, Arduino, Awk. PacmanConf, Perl, PHP, PHTML, Pig, PkgConfig, PL/pgSQL, plaintext, Pony, PostgreSQL SQL dialect, PostScript, POVRay, PowerShell, Prolog, PromQL, Properties, Protocol Buffer, PSL, Puppet, Python 2, Python. Lexers convert source text into a stream of tokens, styles specify how token types are mapped to colours, and formatters convert tokens and styles into formatted output. A package exists for each of these, containing a global Registry variable with all of the registered implementations. -
4
Eclipse Checkstyle Plug-in
Integrates Checkstye into the Eclipse IDE
The Eclipse Checkstyle plug-in integrates the Checkstyle Java code auditor into the Eclipse IDE. The plug-in provides real-time feedback to the user about violations of rules that check for coding style and possible error prone code constructs. -
Auth0 B2B Essentials: SSO, MFA, and RBAC Built InAuth0's B2B Essentials plan gives you everything you need to ship secure multi-tenant apps. Unlimited orgs, enterprise SSO, RBAC, audit log streaming, and higher auth and API limits included. Add on M2M tokens, enterprise MFA, or additional SSO connections as you scale.
-
5
Kotlin Explorer
Desktop tool to quickly explore disassembled Kotlin code
Kotlin Explorer is a desktop tool to quickly and easily disassemble Kotlin code. After launching Kotlin Explorer, type valid Kotlin code in the left pane, then click File > Decompile or use Cmd-Shift-D on macOS, Ctrl-Shift-D on Linux and Windows. The middle pane will show the Android DEX bytecode, and the right panel the native assembly resulting from ahead of time compilation (AOT). -
6
Codeball AI
AI Code Review that finds bugs and fast-tracks your code
Codeball is a code review AI that scores pull requests on a grade from 0 (needs careful review) to 1. Use Codeball to add labels to help you focus, auto-approve PRs, and more. The Codeball action is easy to use (sane defaults) and is highly customizable to fit your workflow when needed. Label PRs when you should review them with caution. Stay sharp, don't let the bugs pass through. Identifies and approves or labels safe PRs. Save time by fast-tracking PRs that are easy to review. Fully customizable and programmable with GitHub Actions. Codeball Actions are built on multiple smaller building blocks, that are heavily configurable through GitHub Actions. Codeball uses a deep learning model that has been trained on over 1 million Pull Requests. For each contribution, it considers hundreds of inputs. Codeball is optimized for precision, which means it only approves contributions that it's really confident in. -
7
VisualCodeGrepper V2.3.2
Code security review tool for C/C++, C#, VB, PHP, Java, PL/SQL, COBOL.
VCG is an automated code security review tool for C++, C#, VB, PHP, Java, PL/SQL and COBOL, which is intended to speed up the code review process by identifying bad/insecure code. New beta functionality has been added for R. It has a few features that should make it useful. In addition to performing some more complex checks it also has a config file for each language that basically allows you to add any bad functions (or other text) that you want to search for. It attempts to find phrases within comments that can indicate broken code and it provides stats and a pie chart (for the entire codebase and for individual files) showing relative proportions of code, whitespace, comments, 'ToDo'-style comments and bad code. I've tried to produce something which searches intelligently for buffer overflows and signed/unsigned comparison in C, violations of OWASP recommendations in Java code, etc. Current version: 2.3.2 -
8
Matter AI
Matter AI is open-source AI Code Reviewer Agent
Matter AI is an AI-powered platform designed to enhance productivity through automated content generation, data analysis, and decision support. It leverages machine learning models to process text, analyze patterns, and generate insights, making it suitable for businesses looking to optimize data-driven decision-making. Matter AI integrates with various data sources and provides customizable AI workflows tailored to different industries. -
9
Patchwork
Automate code reviews, patching and documentation
Patchwork automates development gruntwork like PR reviews, bug fixing, security patching, and more using a self-hosted CLI agent and your preferred LLMs. -
$300 Free Credits for Your Google Cloud ProjectsLaunch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.
-
10
PyTorch Lightning
The lightweight PyTorch wrapper for high-performance AI research
Scale your models, not your boilerplate with PyTorch Lightning! PyTorch Lightning is the ultimate PyTorch research framework that allows you to focus on the research while it takes care of everything else. It's designed to decouple the science from the engineering in your PyTorch code, simplifying complex network coding and giving you maximum flexibility. PyTorch Lightning can be used for just about any type of research, and was built for the fast inference needed in AI research and production. When you need to scale up things like BERT and self-supervised learning, Lightning responds accordingly by automatically exporting to ONNX or TorchScript. PyTorch Lightning can easily be applied for any use case. With just a quick refactor you can run your code on any hardware, run distributed training, perform logging, metrics, visualization and so much more! -
11
RefactorFirst
Identifies and prioritizes God Classes Highly Coupled classes
A tool designed to automate code refactoring for developers, reducing technical debt and improving code quality. -
12
Sentry
Cross-platform application monitoring and error tracking software
Sentry is a cross-platform, self-hosted error monitoring solution that helps software teams discover, monitor and fix errors in real-time. The most users and logs will have to provide are the clues, and Sentry provides the answers. Sentry offers enhanced application performance monitoring through information-laden stack traces. It lets you build better software faster and more efficiently by showing you all issues in one place and providing the trail of events that lead to errors. It also provides real-time monitoring and data visualization through dashboards. Sentry’s server is in Python, but its API enables for sending events from any language, in any application. More than fifty-thousand companies already ship better software faster thanks to Sentry; let yours be one of them! -
13
Trouble.nvim
Pretty diagnostics, references, telescope results, quickfix, location
A pretty list for showing diagnostics, references, telescope results, quickfix and location lists to help you solve all the trouble your code is causing. -
14
cargo-crev
A cryptographically verifiable code review system for the cargo
A cryptographically verifiable code review system for the cargo (Rust) package manager. cargo-crev is an implementation of Crev as a command-line tool integrated with cargo. This tool helps Rust users evaluate the quality and trustworthiness of their package dependencies. Crev is a language and ecosystem agnostic, distributed code review system. Use reviews produced by other users. Increase the trustworthiness of your own code. Build a web of trust of other reputable users to help verify the code you use. Static binaries are available from the releases page. Crev is a system for verifying the security and reliability of dependencies based on collaborative code reviews. Crev users review the source code of packages/libraries/crates and share their findings with others. Crev then uses Web of Trust to select trusted reviews and judge the reputation of projects' dependencies. -
15
Flow
A static type checker for JavaScript
Flow is a static type checker for JavaScript. It was designed to help improve code quality and developer productivity. It does this through several smart capabilities. First, it identifies problems as you code, so you no longer have to waste time guessing and checking again and again. Second, it understands your code and makes its knowledge available, allowing you to build other smart tools on top of it. Third, it helps you refactor safely so you can focus on the changes you want to make and not on what you might break. Lastly, it can help prevent bad rebases and protect your carefully designed library, which is especially relevant when working with a large group of developers. Flow integrates with many tools, so you can easily and seamlessly insert it into your existing workflow and toolchain. -
16
Gnomock
Test your code without writing mocks with ephemeral Docker containers
Gnomock is an integration and end-to-end testing toolkit. It uses Docker to create temporary containers for application dependencies, set up their initial state and clean them up in the end. Gnomock allows to testing the code with no mocks wherever possible. The power of Gnomock is in a variety of Presets, each implementing a specific database, service, or other tools. Each preset provides ways of setting up its initial state as easily as possible: SQL schema creation, test data upload into S3, sending test events to Splunk, etc. -
17
PHP_CodeSniffer
Tokenize PHP files and detects violations of coding standards
PHP_CodeSniffer is a set of two PHP scripts; the main phpcs script that tokenizes PHP, JavaScript and CSS files to detect violations of a defined coding standard, and a second phpcbf script to automatically correct coding standard violations. PHP_CodeSniffer is an essential development tool that ensures your code remains clean and consistent. PHP_CodeSniffer requires PHP version 5.4.0 or greater, although individual sniffs may have additional requirements such as external applications and scripts. See the Configuration Options manual page for a list of these requirements. If you're using PHP_CodeSniffer as part of a team, or you're running it on a CI server, you may want to configure your project's settings using a configuration file. If you use PEAR, you can install PHP_CodeSniffer using the PEAR installer. This will make the phpcs and phpcbf commands immediately available for use. -
18
diff-so-fancy
Make your diffs human readable instead of machine readable
diff-so-fancy strives to make your diffs human readable instead of machine readable. This helps improve code quality and helps you spot defects faster. diff-so-fancy is also available from NPM, Nix, brew, and as a package on Arch and Debian Linux. Windows users may need to install MinGW or the Windows subsystem for Linux. By default, the separator for the file header uses Unicode line-drawing characters. If this is causing output errors on your terminal, set this to false to use ASCII characters instead. By default, the separator for the file header spans the full width of the terminal. Use this setting to set the width of the file header manually. Pull requests are quite welcome, and should target the next branch. You can simplify git header chunks to a more human readable format. We are also looking for any feedback or ideas on how to make diff-so-fancy even fancier. -
19
eslint-plugin-compat
Check the browser compatibility of your code
Lint the browser compatibility of your code. Browser targets are configured using a browser list. You can configure browser targets in your package.json. If no configuration is found, browser list defaults to "> 0.5%, last 2 versions, Firefox ESR, not dead". Add polyfills to the settings section of your eslint config. Append the name of the object and the property if one exists. Toolchains for native platforms, like iOS and Android, have had API linting from the start. It's about time that the web had similar tooling. -
20
nvim-regexplainer
Describe the regexp under the cursor
Describe the regular expression under the cursor. You need to install regex with nvim-treesitter, as well as the grammar for whichever host language you're using. -
21
Enlightn
Your performance & security consultant, an artisan command away
Enlightn scans your Laravel app code to provide you actionable recommendations on improving its performance, security & more. We'll perform over 100 checks against your application for common issues, and provide actionable feedback for fixing them. Think of Enlightn as your performance and security consultant. Enlightn will "review" your code and server configurations, and give you actionable recommendations on improving performance, security, and reliability! The Enlightn OSS (open source software) version has 64 automated checks that scan your application code, web server configurations, and routes to identify performance bottlenecks, possible security vulnerabilities, and code reliability issues. Enlightn Pro (commercial) is available for purchase on the Enlightn website and has an additional 64 automated checks (a total of 128 checks). Serving Assets: Minification, cache headers, CDN, and compression headers. -
22
JavaScript Standard Style
JavaScript style guide, linter, and formatter
JavaScript Standard Style is a JavaScript style guide with linter and automatic formatter. It’s the simple, easy, fuss-free way to get a consistent style in your project. No more hundred-line style configuration files for every module/project; no more messy or inconsistent code; and no more wasting time sending code back and forth between reviewer and contributor. With Standard, your code is automatically formatted, no configuration necessary. With Standard, code clarity and community conventions is paramount. This may not make sense to all projects or development cultures, but does make a lot of sense for open source projects where setting up clear, automated contributor expectations makes a project healthier. -
23
SonarJS
SonarSource Static Analyzer for JavaScript and TypeScript
This SonarSource project is a static code analyzer for JavaScript, TypeScript and CSS languages. In order to analyze JavaScript, TypeScript or CSS code, you need to have a supported version of Node.js installed on the machine running the scan. Recommended versions are the previous LTS version v14 and the latest version - v16. We recommend using the latest available LTS version (v16 as of today) for optimal stability and performance. v12 is still supported, but it already reached end-of-life and is deprecated. If node is not available in the PATH, you can use property sonar.nodejs.executable to set an absolute path to Node.js executable. If you have a community plugin for CSS analysis installed on your SonarQube instance it will conflict with the analysis of CSS, so it should be removed. -
24
eslint-plugin-import
ESLint plugin with rules that help validate proper imports.
This plugin intends to support linting of ES2015+ (ES6+) import/export syntax, and prevent issues with misspelling of file paths and import names. All the goodness that the ES2015+ static module syntax intends to provide, is marked up in your editor. The maintainers of eslint-plugin-import and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open-source dependencies you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact dependencies you use. With the advent of module bundlers and the current state of modules and module syntax specs, it's not always obvious where import x from 'module' should look to find the file behind module. Up through v0.10ish, this plugin has directly used substack's resolve plugin, which implements Node's import behavior. This works pretty well in most cases. -
25
DeepCode for Visual Studio Code
DeepCode extension for Visual Studio Code
DeepCode AI has always been the backbone of Snyk code, which is why it's the fastest, most accurate SAST on the market. DeepCode AI, powering the Snyk platform, utilizes multiple AI models, is trained on security-specific data, and is all curated by top security researchers to give you all the power of AI without any of the drawbacks. With 11 supported languages, and multiple AI models, Snyk's DeepCode AI was designed to find and fix vulnerabilities and manage tech debt. DeepCode AI powers Snyk's one-click security fixes and comprehensive app coverage, letting developers build fast while staying secure. Our specialized DeepCode AI is built and refined by top-tier researchers that use training data from millions of open source projects, never customer data. DeepCode AI's hybrid approach uses multiple models and security-specific training sets for one purpose, to secure applications.
