Search Results for "code analysis"
Sort By:
Showing 29 open source projects for "code analysis"
View related business solutions-
Build on Google Cloud with $300 in Free CreditStart your next project with $300 in free Google Cloud credit. Spin up VMs, run containers, query exabytes in BigQuery, or build AI apps with Vertex AI and Gemini. Once your credits are used, keep building with 20+ products with free monthly usage, including Compute Engine, Cloud Storage, GKE, and Cloud Run functions. Sign up to start building right away.
-
Ship AI Apps Faster with Vertex AIShip AI apps and features faster with Vertex AI—your end-to-end AI platform. Access Gemini 3 and 200+ foundation models, fine-tune for your needs, and deploy with enterprise-grade MLOps. Build chatbots, agents, or custom models. New customers get $300 in free credit.
-
1
revive Static Code
6x faster, stricter, configurable, and extensible
...Drop-in replacement of golint. Revive provides a framework for the development of custom rules, and lets you define a strict preset for enhancing your development & code review processes. Fast & extensible static code analysis framework for Go. Allows us to enable or disable rules using a configuration file. Allows us to configure the linting rules with a TOML file. 2x faster running the same rules as golint. Provides functionality for disabling a specific rule or the entire linter for a file or a range of lines. golint allows this only for generated files. ... -
2
Sloc Cloc and Code (scc)
Sloc, Cloc and Code: scc is a very fast accurate code counter
Sloc, Cloc and Code: scc is a very fast accurate code counter with complexity calculations and COCOMO estimates written in pure Go. The tool is similar to cloc, sloccount and tokei. For counting the lines of code, blank lines, comment lines, and physical lines of source code in many programming languages. The goal is to be the fastest code counter possible, but also perform COCOMO calculations like sloccount, estimate code complexity similar to cyclomatic complexity calculators, and produce... -
3
reviewdog
Automated code review tool integrated with any code analysis tools
...We can use various linters and static code analysis tools to detect such problems in local machines, editors, CI services. However, here is the problem. Static analysis tools may report false-positive results. Reporting false-positive results itself is ok, but due to the false-positive results we cannot make build fail and it becomes difficult for us to find true positive results from messed up analysis results. -
4
gosec
Golang security checker
A project devoted to secure programming in the Go language. Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with the License. You can integrate third-party code analysis tools with GitHub code scanning by uploading data as SARIF files. The workflow shows an example of running the gosec as a step in a GitHub action workflow that outputs the results.sarif file. The workflow then uploads the results.sarif file to GitHub using the upload-serif action. Gosec can be configured to only run a subset of rules, to exclude certain file paths, and produce reports in different formats. ... -
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
5
tfsec
Security scanner for your Terraform code
tfsec is a static analysis security scanner for your Terraform code. Designed to run locally and in your CI pipelines, developer-friendly output and fully documented checks mean detection and remediation can take place as quickly and efficiently as possible. tfsec takes a developer-first approach to scanning your Terraform templates; using static analysis and deep integration with the official HCL parser it ensures that security issues can be detected before your infrastructure changes take effect. ... -
6
kube-score
Kubernetes object analysis with recommendations
Kubernetes object analysis with recommendations for improved reliability and security. kube-score is a tool that does static code analysis of your Kubernetes object definitions. The output is a list of recommendations of what you can improve to make your application more secure and resilient. kube-score is open-source and available under the MIT-license. -
7
BemiDB
Postgres read replica optimized for analytics
BemiDB is a high-performance, key-value database designed for efficient data retrieval and storage, optimized for applications requiring fast read and write operations. -
8
golangci-lint
Fast linters Runner for Go
...It runs linters in parallel, uses caching, supports yaml config, has integrations with all major IDE and has dozens of linters included. ⚡ Very fast: runs linters in parallel, reuses Go build cache and caches analysis results. Yaml-based configuration. Integrations with VS Code, Sublime Text, GoLand, GNU Emacs, Vim, Atom, GitHub Actions. A lot of linters included, no need to install them. Minimum number of false positives because of tuned default settings. Nice output with colors, source code lines and marked identifiers. -
9
Pulumi
Developer-first infrastructure as code. Your cloud, your language
Pulumi's Infrastructure as Code SDK is the easiest way to create and deploy cloud software that use containers, serverless functions, hosted services, and infrastructure, on any cloud. Simply write code in your favorite language and Pulumi automatically provisions and manages your AWS, Azure, Google Cloud Platform, and/or Kubernetes resources, using an infrastructure-as-code approach. Skip the YAML, and use standard language features like loops, functions, classes, and package management... -
Cut Data Warehouse Costs up to 54% with BigQueryBigQuery delivers up to 54% lower TCO than cloud alternatives. Migrate from legacy or competing warehouses using free BigQuery Migration Service with automated SQL translation. Get serverless scale with no infrastructure to manage, compressed storage, and flexible pricing—pay per query or commit for deeper discounts. New customers get $300 in free credit.
-
10
grepai
Semantic Search & Call Graphs for AI Agents
grepai is a privacy-first, semantic code search CLI designed to replace traditional keyword-based search with meaning-aware queries, letting developers and code tools find relevant code by what it does rather than just text matches. It builds a semantic index of a project using vector embeddings, enabling natural language queries like “authentication logic” to return contextually relevant functions and modules even when naming differs dramatically, making code exploration far more intuitive. ... -
11
BuildKit
Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. BuildKit is a new project under the Moby umbrella for building and packaging software using containers. It’s a new codebase meant to replace the internals of the current build features in the Moby Engine. BuildKit emerged from the discussions about improving the build features in Moby Engine. We received a lot of positive feedback for the multi-stage build feature introduced... -
12
StackRox Kubernetes
Performs a risk analysis of the container environment
...You may find references to these previous names in code or documentation. -
13
Gonum
Set of numeric libraries for the Go programming language
...Gonum contains libraries for matrices and linear algebra; statistics, probability distributions, and sampling; tools for function differentiation, integration, and optimization; network creation and analysis; and more. We encourage you to get started with Go and Gonum if you are tired of sluggish performance, and fighting C and vectorization, and also if you are struggling with managing programs as they grow larger. Get Gonum if you want code to be fully transparent, and want the ability to read the source code you use. It is useful if you’d like a compiler to catch mistakes early, but hate fighting linker and unintelligible compile errors. -
14
Capslock
Tool to remap Caps Lock key behavior on Windows systems
...This helps apply the Principle of Least Privilege to Go software, guiding audits, supply chain reviews, and trust assessments. Capslock aims to make security posture analysis more proactive by surfacing capability-based risk signals before malicious or overly powerful code is introduced into production. -
15
Grafana Pyroscope
Continuous Profiling Platform. Debug performance issues
Find and debug your most painful performance issues across code, infrastructure and CI/CD pipelines. Let you tag your data on the dimensions important for your organization. Allows you to store large volumes of high cardinality profiling data cheaply and efficiently. FlameQL enables custom queries to select and aggregate profiles quickly and efficiently for easy analysis. Analyze application performance profiles using our suite of profiling tools. -
16
KubeLinter
KubeLinter is a static analysis tool that checks Kubernetes YAML files
KubeLinter analyzes Kubernetes YAML files and Helm charts, and checks them against a variety of best practices, with a focus on production readiness and security. KubeLinter runs sensible default checks, designed to give you useful information about your Kubernetes YAML files and Helm charts. This is to help teams check early and often for security misconfigurations and DevOps best practices. Some common examples of these include running containers as a non-root user, enforcing least... -
17
Infracost
Cloud cost estimates for Terraform in pull requests
Infracost scans for Terraform code changes and checks over 3 million prices to create a simple, understandable cost estimate before any resources are launched. Infracost integrates into CI/CD so everyone knows the cost impact of changes without leaving the workflow. Infracost integrates with Open Policy Agent, Sentinel, and Conftest, enabling DevOps teams to set best practices as policies. Infracost automatically creates detailed, shareable cost estimates which can be sent to clients and... -
18
OSV.dev
Open source vulnerability DB and triage service
...The platform includes a web UI, API, and a Go-based dependency scanner that checks software dependencies, container images, SBOMs (SPDX, CycloneDX), and Git repositories for known vulnerabilities. This repository contains the full infrastructure code for deploying osv.dev on Google Cloud Platform, including Terraform configurations, APIs, data pipelines, indexers, and background workers for vulnerability ingestion and impact analysis. It also integrates with automated feeds from sources like NVD and OSS-Fuzz, enabling continuous updates and high data accuracy. -
19
Feishu ChatGPT
Voice dialogue, role-playing, multi-topic discussion, picture creation
...Easily control Docker containerization technology and deploy code as you like! With some experience in payment function development, it really makes money fly! Understand some Linux scripting and socket programming. -
20
Selefra
The open-source policy-as-code software that provides analysis
...It unifies data across provider APIs into a structured model, making it simple to detect misconfigurations, enforce governance policies, and build custom analytics workflows that align with organizational standards. Users can manage policies as code, version them alongside application code, and automate analysis and enforcement through scheduled tasks, CI/CD, or policy-as-code tooling. -
21
Sankofa
Analysis of Oware (Abapa) games
Sankofa is an application for the analysis of Oware (Abapa rule set) games. The goal is to enable players to recognize and to learn from their mistakes and to try alternative strategies. Run sankofa to show the interface on a local Web server at: http://localhost:10000* . Run retrograde to build a small end-game database. Sankofa is an analysis tool and not an automated opponent. -
22
Coca
Coca is a toolbox which is design for legacy system refactoring
Coca is a toolbox that is design for legacy system refactoring and analysis, including call graph, concept analysis, api tree, and design patterns suggestions. Requirements: graphviz for dot file to image (such as svg, png). The easiest way to get coca is to use one of the pre-built release binaries which are available for OSX, Linux, and Windows on the release page. -
23
GoKart
A static analysis tool for securing Go code
GoKart is a static analysis tool for Go that finds vulnerabilities using the SSA (single static assignment) form of Go source code. It is capable of tracing the source of variables and function arguments to determine whether input sources are safe, which reduces the number of false positives compared to other Go security scanners. For instance, a SQL query that is concatenated with a variable might traditionally be flagged as SQL injection; however, GoKart can figure out if the variable is actually a constant or constant equivalent, in which case there is no vulnerability. ... -
24
Horusec
Open source tool that improves identification of vulnerabilities
Horusec is an open source tool that performs a static code analysis to identify security flaws during the development process. Currently, the languages for analysis are C#, Java, Kotlin, Python, Ruby, Golang, Terraform, Javascript, Typescript, Kubernetes, PHP, C, HTML, JSON, Dart, Elixir, Shell, Nginx. The tool has options to search for key leaks and security flaws in all your project's files, as well as in Git history. -
25
Till
DataHen Till is a companion tool to your existing web scraper
DataHen Till is a companion tool to your existing web scraper that instantly makes it scalable, maintainable, and more unblockable, with minimal code changes on your scraper. Integrates with any scraper in 5 minutes. Web scraping is usually easy to get started, especially on a small scale. However, as you try to scale it up, it gets exponentially difficult. Scraping 10,000 records can easily be done with simple web scraper scripts in any programming language, but as you try to scrape...
