Search Results for "code analysis"
Sort By:
Showing 22 open source projects for "code analysis"
View related business solutions-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
Build AI Apps with Gemini 3 on Vertex AIVertex AI gives developers access to Gemini 3—Google’s most advanced reasoning and coding model—plus 200+ foundation models including Claude, Llama, and Gemma. Build generative AI apps with Vertex AI Studio, customize with fine-tuning, and deploy to production with enterprise-grade MLOps. New customers get $300 in free credits.
-
1
revive Static Code
6x faster, stricter, configurable, and extensible
...Drop-in replacement of golint. Revive provides a framework for the development of custom rules, and lets you define a strict preset for enhancing your development & code review processes. Fast & extensible static code analysis framework for Go. Allows us to enable or disable rules using a configuration file. Allows us to configure the linting rules with a TOML file. 2x faster running the same rules as golint. Provides functionality for disabling a specific rule or the entire linter for a file or a range of lines. golint allows this only for generated files. ... -
2
Sloc Cloc and Code (scc)
Sloc, Cloc and Code: scc is a very fast accurate code counter
Sloc, Cloc and Code: scc is a very fast accurate code counter with complexity calculations and COCOMO estimates written in pure Go. The tool is similar to cloc, sloccount and tokei. For counting the lines of code, blank lines, comment lines, and physical lines of source code in many programming languages. The goal is to be the fastest code counter possible, but also perform COCOMO calculations like sloccount, estimate code complexity similar to cyclomatic complexity calculators, and produce... -
3
reviewdog
Automated code review tool integrated with any code analysis tools
...We can use various linters and static code analysis tools to detect such problems in local machines, editors, CI services. However, here is the problem. Static analysis tools may report false-positive results. Reporting false-positive results itself is ok, but due to the false-positive results we cannot make build fail and it becomes difficult for us to find true positive results from messed up analysis results. -
4
gosec
Golang security checker
A project devoted to secure programming in the Go language. Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with the License. You can integrate third-party code analysis tools with GitHub code scanning by uploading data as SARIF files. The workflow shows an example of running the gosec as a step in a GitHub action workflow that outputs the results.sarif file. The workflow then uploads the results.sarif file to GitHub using the upload-serif action. Gosec can be configured to only run a subset of rules, to exclude certain file paths, and produce reports in different formats. ... -
$300 in Free Credit for Your Google Cloud ProjectsLaunch your next project with $300 in free Google Cloud credit—no hidden charges. Test, build, and deploy without risk. Use your credit across the Google Cloud platform to find what works best for your needs. After your credits are used, continue building with free monthly usage products. Only pay when you're ready to scale. Sign up in minutes and start exploring.
-
5
tfsec
Security scanner for your Terraform code
tfsec is a static analysis security scanner for your Terraform code. Designed to run locally and in your CI pipelines, developer-friendly output and fully documented checks mean detection and remediation can take place as quickly and efficiently as possible. tfsec takes a developer-first approach to scanning your Terraform templates; using static analysis and deep integration with the official HCL parser it ensures that security issues can be detected before your infrastructure changes take effect. ... -
6
kube-score
Kubernetes object analysis with recommendations
Kubernetes object analysis with recommendations for improved reliability and security. kube-score is a tool that does static code analysis of your Kubernetes object definitions. The output is a list of recommendations of what you can improve to make your application more secure and resilient. kube-score is open-source and available under the MIT-license. -
7
BemiDB
Postgres read replica optimized for analytics
BemiDB is a high-performance, key-value database designed for efficient data retrieval and storage, optimized for applications requiring fast read and write operations. -
8
Pulumi
Developer-first infrastructure as code. Your cloud, your language
Pulumi's Infrastructure as Code SDK is the easiest way to create and deploy cloud software that use containers, serverless functions, hosted services, and infrastructure, on any cloud. Simply write code in your favorite language and Pulumi automatically provisions and manages your AWS, Azure, Google Cloud Platform, and/or Kubernetes resources, using an infrastructure-as-code approach. Skip the YAML, and use standard language features like loops, functions, classes, and package management... -
9
golangci-lint
Fast linters Runner for Go
...It runs linters in parallel, uses caching, supports yaml config, has integrations with all major IDE and has dozens of linters included. ⚡ Very fast: runs linters in parallel, reuses Go build cache and caches analysis results. Yaml-based configuration. Integrations with VS Code, Sublime Text, GoLand, GNU Emacs, Vim, Atom, GitHub Actions. A lot of linters included, no need to install them. Minimum number of false positives because of tuned default settings. Nice output with colors, source code lines and marked identifiers. -
Easily Host LLMs and Web Apps on Cloud RunRun frontend and backend services, batch jobs, host LLMs, and queue processing workloads without the need to manage infrastructure. Cloud Run gives you on-demand GPU access for hosting LLMs and running real-time AI—with 5-second cold starts and automatic scale-to-zero so you only pay for actual usage. New customers get $300 in free credit to start.
-
10
BuildKit
Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. BuildKit is a new project under the Moby umbrella for building and packaging software using containers. It’s a new codebase meant to replace the internals of the current build features in the Moby Engine. BuildKit emerged from the discussions about improving the build features in Moby Engine. We received a lot of positive feedback for the multi-stage build feature introduced... -
11
StackRox Kubernetes
Performs a risk analysis of the container environment
...You may find references to these previous names in code or documentation. -
12
Gonum
Set of numeric libraries for the Go programming language
...Gonum contains libraries for matrices and linear algebra; statistics, probability distributions, and sampling; tools for function differentiation, integration, and optimization; network creation and analysis; and more. We encourage you to get started with Go and Gonum if you are tired of sluggish performance, and fighting C and vectorization, and also if you are struggling with managing programs as they grow larger. Get Gonum if you want code to be fully transparent, and want the ability to read the source code you use. It is useful if you’d like a compiler to catch mistakes early, but hate fighting linker and unintelligible compile errors. -
13
Capslock
Tool to remap Caps Lock key behavior on Windows systems
...This helps apply the Principle of Least Privilege to Go software, guiding audits, supply chain reviews, and trust assessments. Capslock aims to make security posture analysis more proactive by surfacing capability-based risk signals before malicious or overly powerful code is introduced into production. -
14
Grafana Pyroscope
Continuous Profiling Platform. Debug performance issues
Find and debug your most painful performance issues across code, infrastructure and CI/CD pipelines. Let you tag your data on the dimensions important for your organization. Allows you to store large volumes of high cardinality profiling data cheaply and efficiently. FlameQL enables custom queries to select and aggregate profiles quickly and efficiently for easy analysis. Analyze application performance profiles using our suite of profiling tools. -
15
KubeLinter
KubeLinter is a static analysis tool that checks Kubernetes YAML files
KubeLinter analyzes Kubernetes YAML files and Helm charts, and checks them against a variety of best practices, with a focus on production readiness and security. KubeLinter runs sensible default checks, designed to give you useful information about your Kubernetes YAML files and Helm charts. This is to help teams check early and often for security misconfigurations and DevOps best practices. Some common examples of these include running containers as a non-root user, enforcing least... -
16
Infracost
Cloud cost estimates for Terraform in pull requests
Infracost scans for Terraform code changes and checks over 3 million prices to create a simple, understandable cost estimate before any resources are launched. Infracost integrates into CI/CD so everyone knows the cost impact of changes without leaving the workflow. Infracost integrates with Open Policy Agent, Sentinel, and Conftest, enabling DevOps teams to set best practices as policies. Infracost automatically creates detailed, shareable cost estimates which can be sent to clients and... -
17
Coca
Coca is a toolbox which is design for legacy system refactoring
Coca is a toolbox that is design for legacy system refactoring and analysis, including call graph, concept analysis, api tree, and design patterns suggestions. Requirements: graphviz for dot file to image (such as svg, png). The easiest way to get coca is to use one of the pre-built release binaries which are available for OSX, Linux, and Windows on the release page. -
18
GoKart
A static analysis tool for securing Go code
GoKart is a static analysis tool for Go that finds vulnerabilities using the SSA (single static assignment) form of Go source code. It is capable of tracing the source of variables and function arguments to determine whether input sources are safe, which reduces the number of false positives compared to other Go security scanners. For instance, a SQL query that is concatenated with a variable might traditionally be flagged as SQL injection; however, GoKart can figure out if the variable is actually a constant or constant equivalent, in which case there is no vulnerability. ... -
19
GoReplay
The Swiss Army knife for testing and monitoring
...With GoReplay you can analyze and record your application traffic without affecting it whatsoever. Use it for shadowing, load testing, monitoring and detailed analysis. You can trust GoReplay to accurately emulate production environments so you can make changes and deploy with confidence. -
20
Insider
Static Application Security Testing (SAST) engine
Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on agile and easy-to-implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET. Insider is focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. ... -
21
gitbase
SQL interface to git repositories, written in Go.
...Stay tuned! gitbase was born to ease the analysis of git repositories and their source code. Also, making it MySQL compatible, we provide the maximum compatibility between languages and existing tools. -
22
AUXPI
A new generation of image beds that integrates multiple APIs
...This project is a program written while learning Go in the process of learning Go. There may be many bugs, unacceptable logic, completely different side effects, and the code cannot be seen directly.
- Previous
- You're on page 1
- Next
