Search Results for "static code analysis" - Page 3
Sort By:
Showing 1284 open source projects for "static code analysis"
View related business solutions-
Deploy Apps in Seconds with Cloud RunCloud Run is the fastest way to deploy containerized apps. Push your code in Go, Python, Node.js, Java, or any language and Cloud Run builds and deploys it automatically. Get fast autoscaling, pay only when your code runs, and skip the infrastructure headaches. Two million requests free per month. And new customers get $300 in free credit.
-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
1
Code Climate CLI
Code Climate CLI
...Align on business priorities with improved transparency across every level of your organization, and ensure optimal resource allocation for your engineering teams. Deliver high-quality code quickly and consistently to achieve true Continuous Delivery and out-innovate your competition. Improve your team’s processes and engineering skills to create a high-performance culture, boost pipeline efficiency, and increase employee engagement. code climate is a command-line interface for the Code Climate analysis platform. -
2
Pyre
Performant type-checking for python
...Pyre is a performant type checker for Python compliant with PEP 484. Pyre can analyze codebases with millions of lines of code incrementally, providing instantaneous feedback to developers as they write code. Pyre ships with Pysa, a security focused static analysis tool we've built on top of Pyre that reasons about data flows in Python applications. Please refer to our documentation to get started with our security analysis. -
3
CLOC (Count Lines of Code)
Count lines of code in multiple languages with detailed statistics
cloc (Count Lines of Code) is a command-line tool that analyzes source code and reports the number of lines by language, distinguishing between code, comments, and blank lines. It supports hundreds of programming languages and is highly useful for estimating project size, comparing codebases, or tracking development progress. cloc can analyze entire directories, version control repositories, and even compressed archives. -
4
PHPStan
Dscover bugs in your code without running it!
PHPStan finds bugs in your code without writing tests. It's open-source and free. PHPStan scans your whole codebase and looks for both obvious & tricky bugs. Even in those rarely executed if statements that certainly aren't covered by tests. You can run it on your machine and in CI to prevent those bugs ever reaching your customers in production. Thanks to rule levels you don't get overwhelmed with thousands of errors on the first run. You can increase PHPStan's capabilities on your code at... -
Cut Cloud Costs with Google Compute EngineSave on compute costs with Compute Engine. Reduce your batch jobs and workload bill 60-91% with Spot VMs. Compute Engine's committed use offers customers up to 70% savings through sustained use discounts. Plus, you get one free e2-micro VM monthly and $300 credit to start.
-
5
eslint-plugin-jsx-a11y
Static AST checker for a11y rules on JSX elements
Static AST checker for accessibility rules on JSX elements. This plugin does a static evaluation of the JSX to spot accessibility issues in React apps. Because it only catches errors in static code, use it in combination with axe-core/react to test the accessibility of the rendered DOM. Consider these tools just as one step of a larger a11y testing process and always test your apps with assistive technology. -
6
OpenRewrite
Automated mass refactoring of source code
The OpenRewrite project is a mass source code refactoring ecosystem. Reduce 1000s of hours of static code analysis fixes to minutes. Turn a four-month migration project into four hours of work. Patch security vulnerabilities across 100s of repositories at once. OpenRewrite automates code refactoring and remediation tasks for you, enabling developers to deliver more business value. -
7
Next.js
The React Framework
Next.js is the React framework for lightweight apps, static websites, pre-rendered apps and more. It solves the most common problems associated with building a complete web application with React, such as those involving code bundling and transforming, production automizations, page rendering and having to write server-side code. Next.js offers a best in class “Developer Experience” through such capabilities as pre-rendering, single command static exporting, automatic code-splitting, hot code reloading and many other great features. ... -
8
RuboCop Rails
A RuboCop extension focused on enforcing Rails best practices
A RuboCop extension focused on enforcing Rails best practices and coding conventions. It’s based on the community-driven Rails style guide. You need to tell RuboCop to load the Rails extension. Now you can run rubocop and it will automatically load the RuboCop Rails cops together with the standard cops. If you are using Rails 6.1 or newer, add the following config.generators.after_generate setting to your config/application.rb to apply RuboCop autocorrection to code generated by bin/rails g.... -
9
AWS IoT Jobs library
Client library for using AWS IoT Jobs service on embedded devices
...This library provides a convenience API to compose and recognize the MQTT topic strings used by the Jobs service. The library is written in C compliant with ISO C90 and MISRA C:2012, and is distributed under the MIT Open Source License. This library has gone through code quality checks including verification that no function has a GNU Complexity score over 8, and checks against deviations from mandatory rules in the MISRA coding standard. Deviations from the MISRA C:2012 guidelines are documented under MISRA Deviations. This library has also undergone both static code analysis from Coverity. -
Managed MySQL, PostgreSQL, and SQL Databases on Google CloudCloud SQL is a fully managed relational database for MySQL, PostgreSQL, and SQL Server. We handle patching, backups, replication, encryption, and failover—so you can focus on your app. Migrate from on-prem or other clouds with free Database Migration Service. IDC found customers achieved 246% ROI. New customers get $300 in credits plus a 30-day free trial.
-
10
Trail of Bits Skills Marketplace
Trail of Bits Claude Code skills for security research, vulnerability
Trail of Bits Skills Marketplace is a specialized Claude Code skills marketplace built by the security research firm Trail of Bits that focuses on enhancing AI-assisted workflows for vulnerability discovery, testing, and secure development. The repository groups a set of plug-in skills tailored toward static analysis, code auditing, secure defaults detection, and other practices that matter in software security. -
11
PHPStan Symfony Framework extensions
Symfony extension for PHPStan
Symfony extension for PHPStan. Sometimes, when you are dealing with optional dependencies, the ::has() methods can cause problems. For example, the following construct would complain that the condition is always either on or off, depending on whether you have the dependency for service installed. You can opt in for more advanced analysis of Symfony Console Commands by providing the console application from your own application. This will allow the correct argument and option types to be... -
12
Infer
A static analyzer for Java, C, C++, and Objective-C
Infer is a static analysis tool - if you give Infer some Java or C/C++/Objective-C code it produces a list of potential bugs. Anyone can use Infer to intercept critical bugs before they have shipped to users, and help prevent crashes or poor performance. Infer checks for null pointer exceptions, resource leaks, annotation reachability, missing lock guards, and concurrency race conditions in Android and Java code. -
13
Sloc Cloc and Code (scc)
Sloc, Cloc and Code: scc is a very fast accurate code counter
Sloc, Cloc and Code: scc is a very fast accurate code counter with complexity calculations and COCOMO estimates written in pure Go. The tool is similar to cloc, sloccount and tokei. For counting the lines of code, blank lines, comment lines, and physical lines of source code in many programming languages. The goal is to be the fastest code counter possible, but also perform COCOMO calculations like sloccount, estimate code complexity similar to cyclomatic complexity calculators, and produce... -
14
Psalm
A static analysis tool for finding errors in PHP applications
It’s easy to make great things in PHP, but bugs can creep in just as easily. Psalm is a free & open-source static analysis tool that helps you identify problems in your code, so you can sleep a little better. Psalm helps people maintain a wide variety of codebases, large and small, ancient and modern. On its strictest setting it can help you prevent almost all type-related runtime errors, and enables you to take advantage of safe coding patterns popular in other languages. ... -
15
cljfmt
A tool for formatting Clojure code
cljfmt is a static analysis and formatting tool for Clojure code, enforcing styling rules derived from the official Clojure Style Guide. It detects and fixes formatting errors while preserving code structure. It integrates with Clojure CLI, Leiningen, Brew, and can run as a standalone, CLI tool, or build plugin. -
16
pkgdown
Generate static html documentation for an R package
pkgdown is an R package (by the r-lib group) whose purpose is to generate static websites (HTML) for R packages, automatically converting a package’s help files, vignettes, README, NEWS, etc., into a documentation website. It helps package authors share their documentation online with minimal friction. It supports custom templates, themes, and configuration. pkgdown 2.0.0 includes an upgrade from Bootstrap 3 to Bootstrap 5, which is accompanied by a whole bunch of minor UI improvements. If... -
17
Ruff
An extremely fast Python linter, written in Rust
An extremely fast Python linter, written in Rust. Ruff aims to be orders of magnitude faster than alternative tools while integrating more functionality behind a single, common interface. Ruff can be used to replace Flake8 (plus dozens of plugins), isort, pydocstyle, yesqa, eradicate, pyupgrade, and autoflake, all while executing tens or hundreds of times faster than any individual tool. Ruff is extremely actively developed and used in major open-source projects. Ruff can be configured... -
18
Claude Code Action
Claude Code action for GitHub PRs
Claude Code Action is a general-purpose GitHub Action that brings Anthropic’s Claude Code into pull requests and issues to answer questions, review changes, and even implement code edits. It can wake up automatically when someone mentions @claude, when a PR or issue meets certain conditions, or when a workflow step provides an explicit prompt. The action is designed to understand diffs and surrounding context, so its comments and suggestions are grounded in what actually changed rather than... -
19
Rector
Instant Upgrades and Automated Refactoring of any PHP 5.3+ code
Rector is a PHP tool designed for instant code upgrades and automated refactoring. It assists developers in migrating codebases across different PHP versions and frameworks by providing a set of predefined rules and the flexibility to create custom ones. Rector ensures that code adheres to modern standards, enhancing maintainability and compatibility. -
20
Pyright
Static type checker for Python
Pyright is a fast type checker meant for large Python source bases. It can run in a “watch” mode and performs fast incremental updates when files are modified. Pyright supports configuration files that provide granular control over settings. Different “execution environments” can be associated with subdirectories within a source base. Each environment can specify different module search paths, python language versions, and platform targets. Type inference for function return values, instance... -
21
QR Code generator library
High-quality QR Code generator library in Java, TypeScript/JavaScript
This project aims to be the best, clearest library for generating QR Codes. My primary goals are flexible options and absolute correctness. The secondary goals are compact implementation size and good documentation comments. This work is an independent implementation based on reading the official ISO specification documents. I believe that my library has a more intuitive API and shorter code length than competing libraries out there. The library is designed first in Java and then ported to... -
22
pmd
An extensible multilanguage static code analyzer
PMD is a source code analyzer. It finds common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and so forth. It supports Java, JavaScript, Salesforce.com Apex and Visualforce, PLSQL, Apache Velocity, XML, and XSL. Additionally, it includes CPD, the copy-paste-detector. CPD finds duplicated code in Java, C, C++, C#, Groovy, PHP, Ruby, Fortran, JavaScript, PLSQL, Apache Velocity, Scala, Objective C, Matlab, Python, Go, Swift and Salesforce.com Apex,... -
23
Plots
Powerful convenience for Julia visualizations and data analysis
...No need to change your code. No need to learn a new syntax. Plots might be the last plotting package you ever learn. -
24
Clair
Vulnerability Static Analysis for Containers
...Clair is an open source project for the static analysis of vulnerabilities in application containers (currently including OCI and docker). Clients use the Clair API to index their container images and can then match it against known vulnerabilities. Our goal is to enable a more transparent view of the security of container-based infrastructure. Thus, the project was named Clair after the French term which translates to clear, bright, transparent. -
25
DocFX
Static site generator for .NET API documentation
DocFX can produce documentation from source code (including C#, F#, Visual Basic, REST, JavaScript, Java, Python and TypeScript) as well as raw Markdown files. DocFX can run on Linux, macOS, and Windows. The generated static website can be deployed to any host such as GitHub Pages or Azure Websites with no additional configuration. DocFX provides a flexible way to customize templates and themes.
