Showing 34 open source projects for "static code analysis"

View related business solutions
  • Our Free Plans just got better! | Auth0 Icon
    Our Free Plans just got better! | Auth0

    With up to 25k MAUs and unlimited Okta connections, our Free Plan lets you focus on what you do best—building great apps.

    You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
    Try free now
  • Deploy Apps in Seconds with Cloud Run Icon
    Deploy Apps in Seconds with Cloud Run

    Host and run your applications without the need to manage infrastructure. Scales up from and down to zero automatically.

    Cloud Run is the fastest way to deploy containerized apps. Push your code in Go, Python, Node.js, Java, or any language and Cloud Run builds and deploys it automatically. Get fast autoscaling, pay only when your code runs, and skip the infrastructure headaches. Two million requests free per month. And new customers get $300 in free credit.
    Try Cloud Run Free
  • 1
    revive Static Code

    revive Static Code

    6x faster, stricter, configurable, and extensible

    ...Drop-in replacement of golint. Revive provides a framework for the development of custom rules, and lets you define a strict preset for enhancing your development & code review processes. Fast & extensible static code analysis framework for Go. Allows us to enable or disable rules using a configuration file. Allows us to configure the linting rules with a TOML file. 2x faster running the same rules as golint. Provides functionality for disabling a specific rule or the entire linter for a file or a range of lines. golint allows this only for generated files. ...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 2
    reviewdog

    reviewdog

    Automated code review tool integrated with any code analysis tools

    ...We can use various linters and static code analysis tools to detect such problems in local machines, editors, CI services. However, here is the problem. Static analysis tools may report false-positive results. Reporting false-positive results itself is ok, but due to the false-positive results we cannot make build fail and it becomes difficult for us to find true positive results from messed up analysis results.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 3
    tfsec

    tfsec

    Security scanner for your Terraform code

    tfsec is a static analysis security scanner for your Terraform code. Designed to run locally and in your CI pipelines, developer-friendly output and fully documented checks mean detection and remediation can take place as quickly and efficiently as possible. tfsec takes a developer-first approach to scanning your Terraform templates; using static analysis and deep integration with the official HCL parser it ensures that security issues can be detected before your infrastructure changes take effect. ...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 4
    gosec

    gosec

    Golang security checker

    A project devoted to secure programming in the Go language. Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with the License. You can integrate third-party code analysis tools with GitHub code scanning by uploading data as SARIF files. The workflow shows an example of running the gosec as a step in a GitHub action workflow that outputs the results.sarif file. The workflow then uploads the results.sarif file to GitHub using the upload-serif action. Gosec can be configured to only run a subset of rules, to exclude certain file paths, and produce reports in different formats. ...
    Downloads: 4 This Week
    Last Update:
    See Project
  • Cut Data Warehouse Costs up to 54% with BigQuery Icon
    Cut Data Warehouse Costs up to 54% with BigQuery

    Migrate from Snowflake, Databricks, or Redshift with free migration tools. Exabyte scale without the Exabyte price.

    BigQuery delivers up to 54% lower TCO than cloud alternatives. Migrate from legacy or competing warehouses using free BigQuery Migration Service with automated SQL translation. Get serverless scale with no infrastructure to manage, compressed storage, and flexible pricing—pay per query or commit for deeper discounts. New customers get $300 in free credit.
    Try BigQuery Free
  • 5
    BemiDB

    BemiDB

    Postgres read replica optimized for analytics

    BemiDB is a high-performance, key-value database designed for efficient data retrieval and storage, optimized for applications requiring fast read and write operations.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 6
    kube-score

    kube-score

    Kubernetes object analysis with recommendations

    Kubernetes object analysis with recommendations for improved reliability and security. kube-score is a tool that does static code analysis of your Kubernetes object definitions. The output is a list of recommendations of what you can improve to make your application more secure and resilient. kube-score is open-source and available under the MIT-license.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 7
    Sloc Cloc and Code (scc)

    Sloc Cloc and Code (scc)

    Sloc, Cloc and Code: scc is a very fast accurate code counter

    Sloc, Cloc and Code: scc is a very fast accurate code counter with complexity calculations and COCOMO estimates written in pure Go. The tool is similar to cloc, sloccount and tokei. For counting the lines of code, blank lines, comment lines, and physical lines of source code in many programming languages. The goal is to be the fastest code counter possible, but also perform COCOMO calculations like sloccount, estimate code complexity similar to cyclomatic complexity calculators, and produce...
    Downloads: 6 This Week
    Last Update:
    See Project
  • 8
    Clair

    Clair

    Vulnerability Static Analysis for Containers

    ...Clair is an open source project for the static analysis of vulnerabilities in application containers (currently including OCI and docker). Clients use the Clair API to index their container images and can then match it against known vulnerabilities. Our goal is to enable a more transparent view of the security of container-based infrastructure. Thus, the project was named Clair after the French term which translates to clear, bright, transparent.
    Downloads: 5 This Week
    Last Update:
    See Project
  • 9
    Gitmal

    Gitmal

    A static page generator for repos

    Gitmal is a static page generator that turns the contents of a Git repository into a clean, navigable HTML website, making it easier to share or showcase code outside of traditional Git hosting platforms. It reads repository metadata including files, commits, branches, and markdown, and produces a fully static set of pages with syntax-highlighted code, commit history, branch lists, and rendered documentation, so viewers can explore projects as if browsing a lightweight curated site. ...
    Downloads: 1 This Week
    Last Update:
    See Project
  • MongoDB Atlas runs apps anywhere Icon
    MongoDB Atlas runs apps anywhere

    Deploy in 115+ regions with the modern database for every enterprise.

    MongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
    Start Free
  • 10
    Go Tools

    Go Tools

    Various packages and tools that support the Go programming language

    ...Some of the tools, godoc and vet for example, are included in binary Go distributions. Others, including the Go guru and the test coverage tool, can be fetched with go get. Packages include a type-checker for Go and an implementation of the Static Single Assignment form (SSA) representation for Go programs. This repository uses prettier to format JS and CSS files. The version of prettier used is 1.18.2. It is encouraged that all JS and CSS code be run through this before submitting a change. However, it is not a strict requirement enforced by CI. This repository uses Gerrit for code changes.
    Downloads: 4 This Week
    Last Update:
    See Project
  • 11
    Pulumi

    Pulumi

    Developer-first infrastructure as code. Your cloud, your language

    Pulumi's Infrastructure as Code SDK is the easiest way to create and deploy cloud software that use containers, serverless functions, hosted services, and infrastructure, on any cloud. Simply write code in your favorite language and Pulumi automatically provisions and manages your AWS, Azure, Google Cloud Platform, and/or Kubernetes resources, using an infrastructure-as-code approach. Skip the YAML, and use standard language features like loops, functions, classes, and package management...
    Downloads: 4 This Week
    Last Update:
    See Project
  • 12
    Klotho

    Klotho

    Write AWS applications at lightning speed

    Klotho is an open source tool that transforms plain code into cloud native code. Klotho allows you to quickly and reliably add cloud functionality to your application with minimal modification to your code. In most cases, this is just a handful of klotho annotations. Klotho is designed to absorb the complexity of building cloud applications, enabling everyone in large-scale organizations and teams to hobbyist developers to write and operate cloud applications at a fraction of the effort. Its...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 13
    KubeLinter

    KubeLinter

    KubeLinter is a static analysis tool that checks Kubernetes YAML files

    KubeLinter analyzes Kubernetes YAML files and Helm charts, and checks them against a variety of best practices, with a focus on production readiness and security. KubeLinter runs sensible default checks, designed to give you useful information about your Kubernetes YAML files and Helm charts. This is to help teams check early and often for security misconfigurations and DevOps best practices. Some common examples of these include running containers as a non-root user, enforcing least...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 14
    BuildKit

    BuildKit

    Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit

    BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. BuildKit is a new project under the Moby umbrella for building and packaging software using containers. It’s a new codebase meant to replace the internals of the current build features in the Moby Engine. BuildKit emerged from the discussions about improving the build features in Moby Engine. We received a lot of positive feedback for the multi-stage build feature introduced...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 15
    StackRox Kubernetes

    StackRox Kubernetes

    Performs a risk analysis of the container environment

    ...You may find references to these previous names in code or documentation.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 16
    golangci-lint

    golangci-lint

    Fast linters Runner for Go

    ...It runs linters in parallel, uses caching, supports yaml config, has integrations with all major IDE and has dozens of linters included. ⚡ Very fast: runs linters in parallel, reuses Go build cache and caches analysis results. Yaml-based configuration. Integrations with VS Code, Sublime Text, GoLand, GNU Emacs, Vim, Atom, GitHub Actions. A lot of linters included, no need to install them. Minimum number of false positives because of tuned default settings. Nice output with colors, source code lines and marked identifiers.
    Downloads: 4 This Week
    Last Update:
    See Project
  • 17
    Goss

    Goss

    Quick and Easy server testing/validation

    ...A Json draft 7 schema available in docs/goss-json-schema.yaml makes it easier to edit simple goss.yaml files in IDEs, providing usual coding assistance such as inline documentation, completion and static analysis.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 18
    Gonum

    Gonum

    Set of numeric libraries for the Go programming language

    ...Gonum contains libraries for matrices and linear algebra; statistics, probability distributions, and sampling; tools for function differentiation, integration, and optimization; network creation and analysis; and more. We encourage you to get started with Go and Gonum if you are tired of sluggish performance, and fighting C and vectorization, and also if you are struggling with managing programs as they grow larger. Get Gonum if you want code to be fully transparent, and want the ability to read the source code you use. It is useful if you’d like a compiler to catch mistakes early, but hate fighting linker and unintelligible compile errors.
    Downloads: 2 This Week
    Last Update:
    See Project
  • 19
    Pluto

    Pluto

    A cli tool to help discover deprecated apiVersions in Kubernetes

    Kubernetes sometimes deprecates API versions. Most notably, a large number of deprecations happened in the 1.16 release. This is fine, and it's a fairly easy thing to deal with. However, it can be difficult to find all the places where you might have used a version that will be deprecated in your next upgrade. You might think, "I'll just ask the api-server to tell me!", but this is fraught with danger. If you ask the API-server to give you deployments.v1.apps, and the deployment was deployed...
    Downloads: 4 This Week
    Last Update:
    See Project
  • 20
    Capslock

    Capslock

    Tool to remap Caps Lock key behavior on Windows systems

    ...This helps apply the Principle of Least Privilege to Go software, guiding audits, supply chain reviews, and trust assessments. Capslock aims to make security posture analysis more proactive by surfacing capability-based risk signals before malicious or overly powerful code is introduced into production.
    Downloads: 2 This Week
    Last Update:
    See Project
  • 21
    Sensu Go

    Sensu Go

    Simple. Scalable. Multi-cloud monitoring

    ...It also has a number of well-defined APIs for configuration, external data input, and to provide access to Sensu's data. Sensu is extremely extensible and is commonly referred to as "the monitoring router". The shift from static to dynamic infrastructure requires a change in approach to monitoring, from host-based to functional role-based. Connectivity moves from remote polling to publish-subscribe, the control plane moves from point-and-click interfaces to infrastructure as code workflows and self-service developer APIs.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 22
    Grafana Pyroscope

    Grafana Pyroscope

    Continuous Profiling Platform. Debug performance issues

    Find and debug your most painful performance issues across code, infrastructure and CI/CD pipelines. Let you tag your data on the dimensions important for your organization. Allows you to store large volumes of high cardinality profiling data cheaply and efficiently. FlameQL enables custom queries to select and aggregate profiles quickly and efficiently for easy analysis. Analyze application performance profiles using our suite of profiling tools.
    Downloads: 5 This Week
    Last Update:
    See Project
  • 23
    Gogs

    Gogs

    A painless self-hosted Git service

    Gogs is a simple, stable, self-hosted Git service that is easy to install and setup. All you have to do is run the binary on any platform that Go supports: Linux, macOS and Windows. You may also install from source, from packages, or ship with Docker or Vagrant. Gogs is very lightweight with minimal hardware requirements, running on Raspberry Pi and even on NAS devices. Gogs offers plenty of great features, including various access repositories, repository and organization webhooks,...
    Downloads: 3 This Week
    Last Update:
    See Project
  • 24
    Infracost

    Infracost

    Cloud cost estimates for Terraform in pull requests

    Infracost scans for Terraform code changes and checks over 3 million prices to create a simple, understandable cost estimate before any resources are launched. Infracost integrates into CI/CD so everyone knows the cost impact of changes without leaving the workflow. Infracost integrates with Open Policy Agent, Sentinel, and Conftest, enabling DevOps teams to set best practices as policies. Infracost automatically creates detailed, shareable cost estimates which can be sent to clients and...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 25
    Coca

    Coca

    Coca is a toolbox which is design for legacy system refactoring

    Coca is a toolbox that is design for legacy system refactoring and analysis, including call graph, concept analysis, api tree, and design patterns suggestions. Requirements: graphviz for dot file to image (such as svg, png). The easiest way to get coca is to use one of the pre-built release binaries which are available for OSX, Linux, and Windows on the release page.
    Downloads: 2 This Week
    Last Update:
    See Project
  • Previous
  • You're on page 1
  • 2
  • Next
MongoDB Logo MongoDB