Showing 344 open source projects for "source code static anala"

View related business solutions
  • Ship Agents Faster Icon
    Ship Agents Faster

    Transform your applications and workflows into powerful agentic systems at global scale.

    Gemini Enterprise Agent Platform lets you rapidly build, scale, govern and optimize production-ready agents grounded in your organization's data. The platform enables developers to build custom or pre-built agents for virtually any use case. New customers get $300 in free credits.
    Get Started Free
  • Custom VMs From 1 to 96 vCPUs With 99.95% Uptime Icon
    Custom VMs From 1 to 96 vCPUs With 99.95% Uptime

    General-purpose, compute-optimized, or GPU/TPU-accelerated. Built to your exact specs.

    Live migration and automatic failover keep workloads online through maintenance. One free e2-micro VM every month.
    Try Free
  • 1
    Cython

    Cython

    The most widely used Python to C compiler

    Cython is an optimizing static compiler for both the Python programming language and the extended Cython programming language (based on Pyrex). It makes writing C extensions for Python as easy as Python itself. Write Python code that calls back and forth from and to C or C++ code natively at any point. Easily tune readable Python code into plain C performance by adding static type declarations, also in Python syntax.
    Downloads: 68 This Week
    Last Update:
    See Project
  • 2
    BemiDB

    BemiDB

    Postgres read replica optimized for analytics

    BemiDB is a high-performance, key-value database designed for efficient data retrieval and storage, optimized for applications requiring fast read and write operations.
    Downloads: 10 This Week
    Last Update:
    See Project
  • 3
    reviewdog

    reviewdog

    Automated code review tool integrated with any code analysis tools

    I’d like to introduce reviewdog! An automated code review tool working with any lint tools and supports local run as well. “reviewdog” provides a way to post review comments to code hosting services, such as GitHub, automatically by integrating with any linter tools with ease. It uses any output of lint tools, with translation if required, and posts them as a comment if the file and line are in diff of patches to review. reviewdog also supports running in a local environment to filter the...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 4
    Bandit

    Bandit

    Bandit is a tool designed to find common security issues in Python

    Bandit is a tool designed to find common security issues in Python code. To do this, Bandit processes each file, builds an AST from it, and runs appropriate plugins against the AST nodes. Once Bandit has finished scanning all the files, it generates a report. Bandit was originally developed within the OpenStack Security Project and later rehomed to PyCQA.
    Downloads: 9 This Week
    Last Update:
    See Project
  • Earn up to 16% annual interest with Nexo. Icon
    Earn up to 16% annual interest with Nexo.

    Access competitive interest rates on your digital assets.

    Generate interest, borrow against your crypto, and trade a range of cryptocurrencies — all in one platform. Geographic restrictions, eligibility, and terms apply.
    Get started with Nexo.
  • 5
    PHP CS Fixer

    PHP CS Fixer

    A tool to automatically fix PHP Coding Standards issues

    PHP-CS-Fixer is a tool that automatically fixes coding standards issues in PHP files. It helps developers maintain consistent coding style by applying rules defined by PHP-FIG (PSR standards) or custom configuration. It is widely used in CI/CD pipelines to enforce style conformity and reduce code review overhead.
    Downloads: 8 This Week
    Last Update:
    See Project
  • 6
    bearer

    bearer

    Code security scanning tool (SAST) to discover security risks

    Welcome to the Bearer documentation. Bearer is a static application security testing (SAST) tool that scans your source code and analyzes your data flows to discover, filter and prioritize security risks and vulnerabilities leading to sensitive data exposures (PII, PHI, PD). We provides built-in rules against a common set of security risks and vulnerabilities, known as OWASP Top 10. Leakage of sensitive data through cookies, internal loggers, third-party logging services, and into analytics environments. ...
    Downloads: 13 This Week
    Last Update:
    See Project
  • 7
    Flow

    Flow

    A static type checker for JavaScript

    Flow is a static type checker for JavaScript. It was designed to help improve code quality and developer productivity. It does this through several smart capabilities. First, it identifies problems as you code, so you no longer have to waste time guessing and checking again and again. Second, it understands your code and makes its knowledge available, allowing you to build other smart tools on top of it. Third, it helps you refactor safely so you can focus on the changes you want to make and...
    Downloads: 11 This Week
    Last Update:
    See Project
  • 8
    PHPDoc-Parser for PHPStan

    PHPDoc-Parser for PHPStan

    Next-gen phpDoc parser with support for intersection types

    Next-generation phpDoc parser with support for intersection types and generics. This project adheres to a Contributor Code of Conduct. By participating in this project and its community, you are expected to uphold this code. Initially you need to run composer install or composer update in case you aren't working in a folder that was built before. Afterward, you can either run the whole build including linting and coding standards.
    Downloads: 6 This Week
    Last Update:
    See Project
  • 9
    eslint-plugin-jsx-a11y

    eslint-plugin-jsx-a11y

    Static AST checker for a11y rules on JSX elements

    Static AST checker for accessibility rules on JSX elements. This plugin does a static evaluation of the JSX to spot accessibility issues in React apps. Because it only catches errors in static code, use it in combination with axe-core/react to test the accessibility of the rendered DOM. Consider these tools just as one step of a larger a11y testing process and always test your apps with assistive technology. If you installed ESLint globally (using the -g flag in npm, or the global prefix in...
    Downloads: 9 This Week
    Last Update:
    See Project
  • $300 Free Credits to Build on Google Cloud Icon
    $300 Free Credits to Build on Google Cloud

    New to Google Cloud? Get $300 in credits to explore Compute Engine, BigQuery, Cloud Run, Gemini Enterprise Agent Platform, and more.

    Start your next project with $300 in free Google Cloud credit. Spin up VMs, run containers, query petabytes in BigQuery, or build agents with Gemini Enterprise Agent Platform. Once your credits are used, keep building with 20+ always-free tier products including Compute Engine, Cloud Storage, GKE, and Cloud Run functions. No commitment required—just sign up and start building.
    Claim $300 Free
  • 10
    Crafting Interpreters

    Crafting Interpreters

    Repository for the book "Crafting Interpreters"

    Static site generator tooling to compose book + code into HTML. Markdown source of book chapters and text prose. Full interpreter implementation in C (clox).
    Downloads: 11 This Week
    Last Update:
    See Project
  • 11
    gosec

    gosec

    Golang security checker

    A project devoted to secure programming in the Go language. Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with the License. You can integrate third-party code analysis tools with GitHub code scanning by uploading data as SARIF files. The workflow shows an example of running the gosec as a step in a GitHub action workflow that outputs the results.sarif file. The workflow then uploads the results.sarif file to GitHub using the...
    Downloads: 12 This Week
    Last Update:
    See Project
  • 12
    GDScript Toolkit

    GDScript Toolkit

    Independent set of GDScript tools - parser, linter and formatter

    Independent set of GDScript tools, parser, linter and formatter. This project provides a set of tools for daily work with GDScript. At the moment it provides a parser that produces a parse tree for debugging and educational purposes. A linter that performs a static analysis according to some predefined configuration. A formatter that formats the code according to some predefined rules. A code metrics calculator which calculates the cyclomatic complexity of functions and classes. To install...
    Downloads: 9 This Week
    Last Update:
    See Project
  • 13
    AWS IoT Fleet Provisioning Library

    AWS IoT Fleet Provisioning Library

    Client library for using AWS IoT Fleet Provisioning service

    ...This library has no dependencies on any additional libraries other than the standard C library, and therefore, can be used with any MQTT library. This library is distributed under the MIT Open Source License. This library has gone through code quality checks including verification that no function has a GNU Complexity score over 8, and checks against deviations from mandatory rules in the MISRA coding standard. Deviations from the MISRA C:2012 guidelines are documented under MISRA Deviations. This library has also undergone static code analysis using Coverity static analysis, and validation of memory safety through the CBMC automated reasoning tool.
    Downloads: 6 This Week
    Last Update:
    See Project
  • 14
    Error Prone

    Error Prone

    Catch common Java mistakes as compile-time errors

    Error Prone is a static analysis tool for Java that catches common programming mistakes at compile-time. It’s common for even the best programmers to make simple mistakes. And sometimes a refactoring that seems safe can leave behind code that will never do what’s intended. We’re used to getting help from the compiler, but it doesn’t do much beyond static type checking. Using Error Prone to augment the compiler’s type analysis, you can catch more mistakes before they cost you time, or end up...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 15
    TypeScript

    TypeScript

    Application-scale JavaScript

    TypeScript is an open source programming language that is a typed superset of JavaScript. It adds optional static typing to JavaScript, which can support tools for large-scale JavaScript applications for any browser, host and OS. TypeScript compiles to clean, simple JavaScript, and uses existing JavaScript code and libraries. It also offers support for the latest and evolving JavaScript features, such as async functions and decorators.
    Downloads: 15 This Week
    Last Update:
    See Project
  • 16
    PHPStan

    PHPStan

    Dscover bugs in your code without running it!

    PHPStan finds bugs in your code without writing tests. It's open-source and free. PHPStan scans your whole codebase and looks for both obvious & tricky bugs. Even in those rarely executed if statements that certainly aren't covered by tests. You can run it on your machine and in CI to prevent those bugs ever reaching your customers in production. Thanks to rule levels you don't get overwhelmed with thousands of errors on the first run. You can increase PHPStan's capabilities on your code at...
    Downloads: 5 This Week
    Last Update:
    See Project
  • 17
    Semgrep

    Semgrep

    Lightweight static analysis for many languages

    Static analysis at ludicrous speed. Find bugs and enforce code standards. Find and prevent security issues in Terraform, Docker, Kubernetes, nginx, and AWS configs before they go into production. Go beyond application code and protect the entire stack with a breadth of scanning capabilities. Don't leak secrets, scan every commit and ensure secrets don't make it to production.
    Downloads: 8 This Week
    Last Update:
    See Project
  • 18
    pytype

    pytype

    A static type analyzer for Python code

    pytype is a static type analyzer that checks and infers types for Python code without executing it, catching errors at “compile time” and generating actionable diagnostics. It grew alongside Python typing at Google and can understand both inline annotations and unannotated code via powerful inference. The tool consumes stub files (.pyi) for the standard library and third-party packages (from typeshed and its own built-ins), enabling accurate checks even in large, mixed-quality codebases....
    Downloads: 0 This Week
    Last Update:
    See Project
  • 19
    kube-score

    kube-score

    Kubernetes object analysis with recommendations

    Kubernetes object analysis with recommendations for improved reliability and security. kube-score is a tool that does static code analysis of your Kubernetes object definitions. The output is a list of recommendations of what you can improve to make your application more secure and resilient. kube-score is open-source and available under the MIT-license. Container limits (should be set) Pod is targeted by a NetworkPolicy, both egress and ingress rules are recommended. ...
    Downloads: 10 This Week
    Last Update:
    See Project
  • 20
    ngx-markdown

    ngx-markdown

    Angular markdown component/directive/pipe/service to parse static

    Angular markdown component/directive/pipe/service to parse static, dynamic or remote content to HTML with syntax highlight and more. As the library is using Marked parser you will need to add node_modules/marked/marked.min.js to your application. To use the line numbers plugin that shows line numbers in code blocks, in addition to Prism.js configuration files, you will need to include the following files from prismjs/plugins/line-numbers directory to your application. Using markdown...
    Downloads: 5 This Week
    Last Update:
    See Project
  • 21
    Deptrac

    Deptrac

    Keep your architecture clean.

    Deptrac is a static analysis tool for PHP that helps maintain architectural boundaries within codebases. It analyzes dependencies between classes and ensures that code follows predefined architectural rules. Deptrac is useful for preventing unwanted couplings, enforcing clean code architecture, and detecting violations early during development.
    Downloads: 8 This Week
    Last Update:
    See Project
  • 22
    blogdown

    blogdown

    Create Blogs and Websites with R Markdown

    blogdown is an R package that enables the creation and maintenance of static websites and blogs using R Markdown and Hugo (or other static-site generators). Developed by Yihui Xie and team, it provides functions to initialize sites, write posts, manage themes, and deploy with minimal fuss. It seamlessly blends R code chunks and web content, ideal for data storytellers and technical bloggers.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 23
    AWS IoT Jobs library

    AWS IoT Jobs library

    Client library for using AWS IoT Jobs service on embedded devices

    ...This library provides a convenience API to compose and recognize the MQTT topic strings used by the Jobs service. The library is written in C compliant with ISO C90 and MISRA C:2012, and is distributed under the MIT Open Source License. This library has gone through code quality checks including verification that no function has a GNU Complexity score over 8, and checks against deviations from mandatory rules in the MISRA coding standard. Deviations from the MISRA C:2012 guidelines are documented under MISRA Deviations. This library has also undergone both static code analysis from Coverity.
    Downloads: 6 This Week
    Last Update:
    See Project
  • 24
    WALA

    WALA

    Libraries for Analysis, with frontends for Java, Android, and JS

    The T. J. Watson Libraries for Analysis (WALA) provide static analysis capabilities for Java bytecode and related languages and for JavaScript. The system is licensed under the Eclipse Public License, which has been approved by the OSI (Open Source Initiative) as a fully certified open-source license. The initial WALA infrastructure was independently developed as part of the DOMO research project at the IBM T.J. Watson Research Center. In 2006, IBM donated the software to the community. The...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 25
    jimmer

    jimmer

    A revolutionary ORM framework for both java and kotlin.

    A revolutionary ORM framework for both Java and kotlin and a complete integrated solution. You can view everything from the documentation. Brings dynamism into static language ORM frameworks, achieving flexible capabilities for operating on complex dynamic data structures without compromising the complete compile-time safety checks of static languages, eliminating DTO explosion and unafraid of engineering expansion and changing requirements. Its innovative SQL DSL supports dynamic table...
    Downloads: 7 This Week
    Last Update:
    See Project