Search Results for "static code analysis"
Sort By:
Showing 269 open source projects for "static code analysis"
View related business solutions-
AI-powered service management for IT and enterprise teamsGive your IT, operations, and business teams the ability to deliver exceptional services—without the complexity. Maximize operational efficiency with refreshingly simple, AI-powered Freshservice.
-
Host LLMs in Production With On-Demand GPUsDeploy your model, get an endpoint, pay only for compute time. No GPU provisioning or infrastructure management required.
-
1
Tencent Cloud Code Analysis
Static code analysis
...Obtain the Tencent Cloud code analysis platform by deploying TCA Server and Web, and complete the creation of related projects on the platform. After the project is created, you can deploy and configure the Tencent Cloud code analysis client to perform code analysis locally or as an online resident node. Before starting your first code analysis project, you need to deploy the Tencent Cloud Code Analysis client locally. ... -
2
mobsfscan
Static analysis tool that can find insecure code patterns in code
mobsfscan is a fast and powerful static analysis tool for identifying security vulnerabilities in mobile app source code. It supports Android, iOS, and Flutter codebases and helps developers secure apps before deployment. -
3
Pylint
It's not just a linter that annoys you!
Pylint is a static code analyzer for Python 2 or 3. The latest version supports Python 3.7.2 and above. Pylint analyses your code without actually running it. It checks for errors, enforces a coding standard, looks for code smells, and can make suggestions about how the code could be refactored. Projects that you might want to use alongside pylint include flake8 (faster and simpler checks with very few false positives), mypy, pyright or pyre (typing checks), bandit (security-oriented checks), black and isort (auto-formatting), autoflake (automated removal of unused import or variable), pyupgrade (automated upgrade to newer python syntax) and pydocstringformatter (automated pep257). ... -
4
Slither
Static Analyzer for Solidity
Slither is a Solidity static analysis framework written in Python 3. It runs a suite of vulnerability detectors, prints visual information about contract details, and provides an API to easily write custom analyses. Slither enables developers to find vulnerabilities, enhance their code comprehension, and quickly prototype custom analyses. Slither is the first open-source static analysis framework for Solidity. -
Cut Cloud Costs with Google Compute EngineSave on compute costs with Compute Engine. Reduce your batch jobs and workload bill 60-91% with Spot VMs. Compute Engine's committed use offers customers up to 70% savings through sustained use discounts. Plus, you get one free e2-micro VM monthly and $300 credit to start.
-
5
screenshot-to-code
Drop in a screenshot and convert it to clean code
screenshot-to-code converts UI screenshots or design images into working front-end code, accelerating the path from concept to prototype. It uses modern vision-capable or code-generating models to infer layout structure, typography, and components, then outputs clean HTML/CSS (often Tailwind) or framework code. A web interface lets you upload images, tune options, and preview generated results, while a backend service orchestrates the model calls and post-processing. ... -
6
Claude Code Security Reviewer
An AI-powered security review GitHub Action using Claude
The claude-code-security-review repository implements a GitHub Action that uses Claude (via the Anthropic API) to perform semantic security audits of code changes in pull requests. Rather than relying purely on pattern matching or static analysis, this action feeds diffs and surrounding context to Claude to reason about potential vulnerabilities (e.g. injection, misconfigurations, secrets exposure, etc). -
7
Screenshot to Code
A neural network that transforms a design mock-up into static websites
Screenshot-to-code is a tool or prototype that attempts to convert UI screenshots (e.g., of mobile or web UIs) into code representations, likely generating layouts, HTML, CSS, or markup from image inputs. It is part of a research/proof-of-concept domain in UI automation and image-to-UI code generation. Mapping visual design to code constructs. Code/UI layout (HTML, CSS, or markup). Examples/demo scripts showing “image UI code”. -
8
CodeChecker
CodeChecker is an analyzer tooling, defect database
CodeChecker is a static analysis infrastructure built on the LLVM/Clang Static Analyzer toolchain, replacing scan-build in a Linux or macOS (OS X) development environment. Executes Clang-Tidy and Clang Static Analyzer with Cross-Translation Unit analysis, Statistical Analysis (when checkers are available). Creates the JSON compilation database by wiretapping any build process (e.g., CodeChecker log -b "make"). -
9
pytype
A static type analyzer for Python code
pytype is a static type analyzer that checks and infers types for Python code without executing it, catching errors at “compile time” and generating actionable diagnostics. It grew alongside Python typing at Google and can understand both inline annotations and unannotated code via powerful inference. The tool consumes stub files (.pyi) for the standard library and third-party packages (from typeshed and its own built-ins), enabling accurate checks even in large, mixed-quality codebases. ... -
Gemini 3 and 200+ AI Models on One PlatformBuild generative AI apps with Vertex AI Studio. Switch between models without switching platforms.
-
10
Bandit
Bandit is a tool designed to find common security issues in Python
Bandit is a tool designed to find common security issues in Python code. To do this, Bandit processes each file, builds an AST from it, and runs appropriate plugins against the AST nodes. Once Bandit has finished scanning all the files, it generates a report. Bandit was originally developed within the OpenStack Security Project and later rehomed to PyCQA. -
11
GDScript Toolkit
Independent set of GDScript tools - parser, linter and formatter
...This project provides a set of tools for daily work with GDScript. At the moment it provides a parser that produces a parse tree for debugging and educational purposes. A linter that performs a static analysis according to some predefined configuration. A formatter that formats the code according to some predefined rules. A code metrics calculator which calculates the cyclomatic complexity of functions and classes. To install this project you need python3 and pip. Regardless of the target version, installation is done by pip3 command and for stable releases, it downloads the package from PyPI. -
12
Trail of Bits Skills Marketplace
Trail of Bits Claude Code skills for security research, vulnerability
Trail of Bits Skills Marketplace is a specialized Claude Code skills marketplace built by the security research firm Trail of Bits that focuses on enhancing AI-assisted workflows for vulnerability discovery, testing, and secure development. The repository groups a set of plug-in skills tailored toward static analysis, code auditing, secure defaults detection, and other practices that matter in software security. -
13
Ruff
An extremely fast Python linter, written in Rust
An extremely fast Python linter, written in Rust. Ruff aims to be orders of magnitude faster than alternative tools while integrating more functionality behind a single, common interface. Ruff can be used to replace Flake8 (plus dozens of plugins), isort, pydocstyle, yesqa, eradicate, pyupgrade, and autoflake, all while executing tens or hundreds of times faster than any individual tool. Ruff is extremely actively developed and used in major open-source projects. Ruff can be configured... -
14
Pyright
Static type checker for Python
Pyright is a fast type checker meant for large Python source bases. It can run in a “watch” mode and performs fast incremental updates when files are modified. Pyright supports configuration files that provide granular control over settings. Different “execution environments” can be associated with subdirectories within a source base. Each environment can specify different module search paths, python language versions, and platform targets. Type inference for function return values, instance... -
15
spyder
The scientific Python development environment
...The Editor’s key features include syntax highlighting (pygments); real-time code and style analysis (pyflakes and pycodestyle); on-demand completion, calltips and go-to-definition features (rope and jedi); a function/class browser, horizontal and vertical splitting, and much more. -
16
InsightFace
State-of-the-art 2D and 3D Face Analysis Project
State-of-the-art deep face analysis library. InsightFace is an open-source 2D&3D deep face analysis library. InsightFace is an integrated Python library for 2D&3D face analysis. InsightFace efficiently implements a wide variety of state-of-the-art algorithms for face recognition, face detection, and face alignment, which are optimized for both training and deployment. Research institutes and industrial organizations can get benefits from InsightFace library. -
17
AutoCoder
A long-running autonomous coding agent powered by the Claude Agent
...The core idea is to accelerate software production while preserving correctness and readability, minimizing the cognitive overhead that comes from switching between concept and implementation. Its architecture typically integrates language models with static analysis and template logic so that generated code is not only syntactically valid but also idiomatic and testable. -
18
JS Analyzer
Burp Suite extension for JavaScript static analysis
JS Analyzer is a powerful static analysis tool implemented as a Burp Suite extension that helps security researchers and web developers automatically uncover important artifacts in JavaScript files during web application testing. It parses JavaScript responses intercepted by Burp Suite and intelligently extracts API endpoints, full URLs (including cloud storage links), secrets like API keys or tokens, and email addresses while filtering out noise from irrelevant code patterns. ... -
19
Cython
The most widely used Python to C compiler
Cython is an optimizing static compiler for both the Python programming language and the extended Cython programming language (based on Pyrex). It makes writing C extensions for Python as easy as Python itself. Write Python code that calls back and forth from and to C or C++ code natively at any point. Easily tune readable Python code into plain C performance by adding static type declarations, also in Python syntax. -
20
NetworkX
Network analysis in Python
NetworkX is a Python package for the creation, manipulation, and study of the structure, dynamics, and functions of complex networks. Data structures for graphs, digraphs, and multigraphs. Many standard graph algorithms. Network structure and analysis measures. Generators for classic graphs, random graphs, and synthetic networks. Nodes can be "anything" (e.g., text, images, XML records). Edges can hold arbitrary data (e.g., weights, time-series). Open source 3-clause BSD license. Well tested with over 90% code coverage. Additional benefits from Python include fast prototyping, easy to teach, and multi-platform. ... -
21
MyPy
Optional static typing for Python
mypy is a static type checker for Python that analyzes source code without executing it, catching type errors early in development. It implements PEP 484-style type hints and supports gradual typing, allowing untyped or partially typed modules to coexist with statically typed code. The tool integrates with common editors and CI systems, and offers a daemon mode for fast, incremental checks across large codebases. -
22
IDA Pro MCP
MCP Server for IDA Pro
The IDA Pro MCP Server is a Model Context Protocol (MCP) server designed to integrate with IDA Pro, a popular disassembler and debugger. It enables AI assistants to interact with IDA Pro, facilitating tasks such as code analysis and reverse engineering. -
23
PlatformIO Core
Professional collaborative platform for embedded development
PlatformIO is a professional collaborative platform for embedded development. A place where Developers and Teams have true Freedom! No more vendor lock-in! A user-friendly and extensible integrated development environment with a set of professional development instruments, providing modern and powerful features to speed up yet simplify the creation and delivery of embedded products. A lightweight but powerful cross-platform source code editor. Smart code completions are based on variable... -
24
Super-Linter
Combination of multiple linters to install as a GitHub Action
This repository is for the GitHub Action to run a Super-Linter. It is a simple combination of various linters, written in bash, to help validate your source code. The super-linter finds issues and reports them to the console output. Fixes are suggested in the console output but not automatically fixed, and a status check will show up as failed on the pull request. The design of the Super-Linter is currently to allow linting to occur in GitHub Actions as a part of continuous integration... -
25
Pelican
Static site generator that supports Markdown and reST syntax
Pelican is a static site generator that requires no database or server-side logic. Chronological content (e.g., articles, blog posts) as well as static pages. Integration with external services. Site themes (created using Jinja2 templates). Publication of articles in multiple languages. Generation of Atom and RSS feeds. Code syntax highlighting via Pygments.
