Showing 894 open source projects for "static code analysis"

View related business solutions
  • Our Free Plans just got better! | Auth0 Icon
    Our Free Plans just got better! | Auth0

    With up to 25k MAUs and unlimited Okta connections, our Free Plan lets you focus on what you do best—building great apps.

    You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
    Try free now
  • Cut Data Warehouse Costs up to 54% with BigQuery Icon
    Cut Data Warehouse Costs up to 54% with BigQuery

    Migrate from Snowflake, Databricks, or Redshift with free migration tools. Exabyte scale without the Exabyte price.

    BigQuery delivers up to 54% lower TCO than cloud alternatives. Migrate from legacy or competing warehouses using free BigQuery Migration Service with automated SQL translation. Get serverless scale with no infrastructure to manage, compressed storage, and flexible pricing—pay per query or commit for deeper discounts. New customers get $300 in free credit.
    Try BigQuery Free
  • 1
    revive Static Code

    revive Static Code

    6x faster, stricter, configurable, and extensible

    ...Drop-in replacement of golint. Revive provides a framework for the development of custom rules, and lets you define a strict preset for enhancing your development & code review processes. Fast & extensible static code analysis framework for Go. Allows us to enable or disable rules using a configuration file. Allows us to configure the linting rules with a TOML file. 2x faster running the same rules as golint. Provides functionality for disabling a specific rule or the entire linter for a file or a range of lines. golint allows this only for generated files. ...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 2
    Static Analysis Tools for PHP

    Static Analysis Tools for PHP

    Docker image that provides static analysis tools for PHP

    Docker image providing static analysis tools for PHP. The list of available tools and the installer is actually managed in the jakzal/toolbox repository. Docker image with quality analysis tools for PHP. To run the selected tool inside the container, you'll need to mount the project directory on the container with -v "$(pwd):/project". Some tools like to write to the /tmp directory (like PHPStan, or Behat in some cases), therefore it's often useful to share it between docker runs, i.e. with -v "$(pwd)/tmp-phpqa:/tmp". ...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 3
    Tencent Cloud Code Analysis

    Tencent Cloud Code Analysis

    Static code analysis

    ...Obtain the Tencent Cloud code analysis platform by deploying TCA Server and Web, and complete the creation of related projects on the platform. After the project is created, you can deploy and configure the Tencent Cloud code analysis client to perform code analysis locally or as an online resident node. Before starting your first code analysis project, you need to deploy the Tencent Cloud Code Analysis client locally. ...
    Downloads: 5 This Week
    Last Update:
    See Project
  • 4
    Code Quality and Security for Java

    Code Quality and Security for Java

    SonarSource Static Analyzer for Java Code Quality and Security

    Hundreds of unique rules to find Java bugs, code smells & vulnerabilities. Sonar static analysis helps you build and maintain high-quality Java code. Covering popular build systems, standards and versions, Sonar elevates your coding game while keeping vulnerabilities at bay. With each Java version, we create dedicated rules so you learn shiny, new features and avoid pitfalls. Consistently find tricky, hard-to-spot issues in your regular expressions.
    Downloads: 2 This Week
    Last Update:
    See Project
  • 99.99% Uptime for MySQL and PostgreSQL on Google Cloud Icon
    99.99% Uptime for MySQL and PostgreSQL on Google Cloud

    Enterprise Plus edition delivers sub-second maintenance downtime and 2x read/write performance. Built for critical apps.

    Cloud SQL Enterprise Plus gives you a 99.99% availability SLA with near-zero downtime maintenance—typically under 10 seconds. Get 2x better read/write performance, intelligent data caching, and 35 days of point-in-time recovery. Supports MySQL, PostgreSQL, and SQL Server with built-in vector search for gen AI apps. New customers get $300 in free credit.
    Try Cloud SQL Free
  • 5
    Code Quality and Security for C#

    Code Quality and Security for C#

    Code analyzer for C# and VB.NET projects

    Sonar offers a single cohesive solution with a consistent set of metrics and hundreds of static analysis rules to detect your coding issues early. Plus fast and high-precision analysis means high value, low noise, and reliable results always. A single solution for dozens of popular languages, development frameworks and IaC platforms. Our powerful language-specific analysis not only detects coding issues but also helps you understand what's wrong and how to fix it. ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 6
    Credo

    Credo

    A static code analysis tool for the Elixir language

    Credo is a static code analysis and linting tool for the Elixir language, with an emphasis on promoting code consistency, teaching best practices, and helping developers identify refactoring opportunities, style inconsistencies, and potentially problematic code patterns. Elixir plugin for JetBrains IDEs (IntelliJ IDEA, Rubymine, PHPStorm, PyCharm, etc).
    Downloads: 0 This Week
    Last Update:
    See Project
  • 7
    Elixir Code Smells

    Elixir Code Smells

    Catalog of Elixir-specific code smells

    Elixir-Code-Smells is a research-driven catalog of code smells specific to the Elixir programming language. Unlike generic code smell lists, this project identifies issues emerging from Elixir’s functional, concurrent, and process-based nature. Initially compiled via grey literature (blogs, talks, forums), the catalog now includes 23 Elixir-specific smells plus 12 traditional smells adapted to Elixir. Each entry documents the name, category, problem, example, refactoring strategy, and...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 8
    lintr

    lintr

    Static Code Analysis for R

    lintr is a static code analysis tool for R that identifies syntax errors, style inconsistencies, and other potential issues in R scripts and packages. It supports customizable lint rules and integrates with many editors to provide realtime feedback and enforce coding standards (e.g., tidyverse style).
    Downloads: 2 This Week
    Last Update:
    See Project
  • 9
    HTMLHint

    HTMLHint

    The static code analysis tool you need for your HTML

    Static code analysis tool you need for your HTML. By default, htmlhint looks for a .htmlhintrc file in the current directory and all parent directories and applies its rules when parsing a file.
    Downloads: 0 This Week
    Last Update:
    See Project
  • Build AI Apps with Gemini 3 on Vertex AI Icon
    Build AI Apps with Gemini 3 on Vertex AI

    Access Google’s most capable multimodal models. Train, test, and deploy AI with 200+ foundation models on one platform.

    Vertex AI gives developers access to Gemini 3—Google’s most advanced reasoning and coding model—plus 200+ foundation models including Claude, Llama, and Gemma. Build generative AI apps with Vertex AI Studio, customize with fine-tuning, and deploy to production with enterprise-grade MLOps. New customers get $300 in free credits.
    Try Vertex AI Free
  • 10
    Kibit

    Kibit

    There's a function for that

    kibit is a static analysis tool for Clojure/ClojureScript that detects code patterns that can be rewritten more idiomatically. Based on core.logic, it suggests replacements—like using when instead of if for single-branch logic. It integrates via the command line or Leiningen plugin, enhancing code quality and readability.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 11
    SonarQube

    SonarQube

    Continuous inspection

    SonarQube empowers all developers to write cleaner and safer code. Thousands of automated Static Code Analysis rules, protecting your app on multiple fronts, and guiding your team. Catch tricky bugs to prevent undefined behavior from impacting end-users. Fix vulnerabilities that compromise your app, and learn AppSec along the way with Security Hotspots. Make sure your codebase is clean and maintainable, to increase developer velocity!
    Downloads: 37 This Week
    Last Update:
    See Project
  • 12
    Pylint

    Pylint

    It's not just a linter that annoys you!

    Pylint is a static code analyzer for Python 2 or 3. The latest version supports Python 3.7.2 and above. Pylint analyses your code without actually running it. It checks for errors, enforces a coding standard, looks for code smells, and can make suggestions about how the code could be refactored. Projects that you might want to use alongside pylint include flake8 (faster and simpler checks with very few false positives), mypy, pyright or pyre (typing checks), bandit (security-oriented checks), black and isort (auto-formatting), autoflake (automated removal of unused import or variable), pyupgrade (automated upgrade to newer python syntax) and pydocstringformatter (automated pep257). ...
    Downloads: 7 This Week
    Last Update:
    See Project
  • 13
    PHP Parser

    PHP Parser

    A PHP parser written in PHP

    This is a PHP 5.2 to PHP 8.0 parser written in PHP. Its purpose is to simplify static code analysis and manipulation. A parser is useful for static analysis, manipulation of code and basically any other application dealing with code programmatically. A parser constructs an Abstract Syntax Tree (AST) of the code and thus allows dealing with it in an abstract and robust way. As the parser is based on the tokens returned by token_get_all (which is only able to lex the PHP version it runs on), additionally a wrapper for emulating tokens from newer versions is provided. ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 14
    reviewdog

    reviewdog

    Automated code review tool integrated with any code analysis tools

    ...We can use various linters and static code analysis tools to detect such problems in local machines, editors, CI services. However, here is the problem. Static analysis tools may report false-positive results. Reporting false-positive results itself is ok, but due to the false-positive results we cannot make build fail and it becomes difficult for us to find true positive results from messed up analysis results.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 15
    SpotBugs

    SpotBugs

    A tool for static analysis to look for bugs in Java code

    SpotBugs is a program that uses static analysis to look for bugs in Java code. It is free software, distributed under the terms of the GNU Lesser General Public License. SpotBugs is a fork of FindBugs (which is now an abandoned project), carrying on from the point where it left off with the support of its community. Please check the official manual for details. SpotBugs requires JRE (or JDK) 1.8.0 or later to run.
    Downloads: 4 This Week
    Last Update:
    See Project
  • 16
    Error Prone

    Error Prone

    Catch common Java mistakes as compile-time errors

    Error Prone is a static analysis tool for Java that catches common programming mistakes at compile-time. It’s common for even the best programmers to make simple mistakes. And sometimes a refactoring that seems safe can leave behind code that will never do what’s intended. We’re used to getting help from the compiler, but it doesn’t do much beyond static type checking.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 17
    Ameba

    Ameba

    A static code analysis tool for Crystal

    Code-style linter for Crystal. A single-celled animal that catches food and moves about by extending fingerlike projections of protoplasm. Ameba is a static code analysis tool for the Crystal language. It enforces a consistent Crystal code style, and also catches code smells and wrong code constructions. Ameba allows you to dig deeper into an issue, by showing you details about the issue and the reasoning behind it being reported. ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 18
    AWS SigV4 Library

    AWS SigV4 Library

    AWS library to sign AWS HTTP requests with Signature Version 4

    ...This library has no dependencies on any additional libraries other than the standard C library. This library is distributed under the MIT Open Source License. This library has gone through code quality checks including verification that no function has a GNU Complexity score over 8, and checks against deviations from mandatory rules in the MISRA coding standard. Deviations from the MISRA C:2012 guidelines are documented under MISRA Deviations. This library has also undergone static code analysis using Coverity static analysis, and validation of memory safety through the CBMC automated reasoning tool.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 19
    tfsec

    tfsec

    Security scanner for your Terraform code

    tfsec is a static analysis security scanner for your Terraform code. Designed to run locally and in your CI pipelines, developer-friendly output and fully documented checks mean detection and remediation can take place as quickly and efficiently as possible. tfsec takes a developer-first approach to scanning your Terraform templates; using static analysis and deep integration with the official HCL parser it ensures that security issues can be detected before your infrastructure changes take effect. ...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 20
    Slither

    Slither

    Static Analyzer for Solidity

    Slither is a Solidity static analysis framework written in Python 3. It runs a suite of vulnerability detectors, prints visual information about contract details, and provides an API to easily write custom analyses. Slither enables developers to find vulnerabilities, enhance their code comprehension, and quickly prototype custom analyses. Slither is the first open-source static analysis framework for Solidity.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 21
    i18n-tasks

    i18n-tasks

    Manage translation and localization with static analysis, for Ruby i18

    Manage translation and localization with static analysis, for Ruby i18n. i18n-tasks helps you find and manage missing and unused translations. This gem analyses code statically for key usages, such as I18n.t('some.key'), in order to report keys that are missing or unused. Pre-fill missing keys, optionally from Google Translate or DeepL Pro. Remove unused keys. Thus addressing the two main problems of i18n gem design, missing keys only blow up at runtime. i18n-tasks can be used with any project using the ruby i18n gem (default in Rails). i18n-tasks health checks if any keys are missing or not used, that interpolations variables are consistent across locales, and that all the locale files are normalized (auto-formatted).
    Downloads: 0 This Week
    Last Update:
    See Project
  • 22
    WALA

    WALA

    Libraries for Analysis, with frontends for Java, Android, and JS

    The T. J. Watson Libraries for Analysis (WALA) provide static analysis capabilities for Java bytecode and related languages and for JavaScript. The system is licensed under the Eclipse Public License, which has been approved by the OSI (Open Source Initiative) as a fully certified open-source license. The initial WALA infrastructure was independently developed as part of the DOMO research project at the IBM T.J.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 23
    Semgrep

    Semgrep

    Lightweight static analysis for many languages

    Static analysis at ludicrous speed. Find bugs and enforce code standards. Find and prevent security issues in Terraform, Docker, Kubernetes, nginx, and AWS configs before they go into production. Go beyond application code and protect the entire stack with a breadth of scanning capabilities. Don't leak secrets, scan every commit and ensure secrets don't make it to production.
    Downloads: 12 This Week
    Last Update:
    See Project
  • 24
    HLint

    HLint

    Haskell source code suggestions

    HLint is a linter for Haskell that suggests stylistic improvements and potential simplifications in Haskell code. It parses Haskell source files and provides hints to refactor code for better readability, maintainability, or performance. HLint is highly configurable and supports custom rules, integrations with CI tools, and editor plugins. It is widely used in the Haskell ecosystem for maintaining consistent code standards.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 25
    RuboCop

    RuboCop

    A Ruby static code analyzer and formatter, based on the community Ruby

    RuboCop is a Ruby static code analyzer (a.k.a. linter) and code formatter. Out of the box it will enforce many of the guidelines outlined in the community Ruby Style Guide. RuboCop packs a lot of features on top of what you’d normally expect from a linter. Works with every major Ruby implementation. Autocorrection of many of the code offenses it detects.
    Downloads: 1 This Week
    Last Update:
    See Project
  • Previous
  • You're on page 1
  • 2
  • 3
  • 4
  • 5
  • Next
MongoDB Logo MongoDB