Open Source Source Code Analysis Tools - Page 2

Source Code Analysis Tools

View 6102 business solutions
  • Our Free Plans just got better! | Auth0 Icon
    Our Free Plans just got better! | Auth0

    With up to 25k MAUs and unlimited Okta connections, our Free Plan lets you focus on what you do best—building great apps.

    You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
    Try free now
  • 99.99% Uptime for MySQL and PostgreSQL Databases Icon
    99.99% Uptime for MySQL and PostgreSQL Databases

    Sub-second maintenance. 2x read/write performance. Built-in vector search for AI apps.

    Cloud SQL Enterprise Plus delivers near-zero downtime with 35 days of point-in-time recovery. Supports MySQL, PostgreSQL, and SQL Server.
    Try Free
  • 1
    PHP_CodeSniffer

    PHP_CodeSniffer

    Tokenize PHP files and detects violations of coding standards

    PHP_CodeSniffer is a set of two PHP scripts; the main phpcs script that tokenizes PHP, JavaScript and CSS files to detect violations of a defined coding standard, and a second phpcbf script to automatically correct coding standard violations. PHP_CodeSniffer is an essential development tool that ensures your code remains clean and consistent. PHP_CodeSniffer requires PHP version 5.4.0 or greater, although individual sniffs may have additional requirements such as external applications and scripts. See the Configuration Options manual page for a list of these requirements. If you're using PHP_CodeSniffer as part of a team, or you're running it on a CI server, you may want to configure your project's settings using a configuration file. If you use PEAR, you can install PHP_CodeSniffer using the PEAR installer. This will make the phpcs and phpcbf commands immediately available for use.
    Downloads: 3 This Week
    Last Update:
    See Project
  • 2
    plato

    plato

    JavaScript code visualization, static analysis, and complexity tool

    plato is a JavaScript source code visualization, static analysis, and complexity tool. Visualize JavaScript source complexity with plato.
    Downloads: 3 This Week
    Last Update:
    See Project
  • 3
    Source Navigator NG is a source code analysis tool. With it, you can edit your source code, display relationships between classes and functions and members, and display call trees. You can navigate your source code and easily get to declarations or implementations of functions, variables and macros (commonly called "symbols") which helps you discovering and mapping unknown source code for enhancement or maintenance tasks.
    Downloads: 12 This Week
    Last Update:
    See Project
  • 4
    Application Inspector

    Application Inspector

    A source code analyzer built for surfacing features of interest

    Microsoft Application Inspector is a software source code characterization tool that helps identify coding features of first or third party software components based on well-known library/API calls and is helpful in security and non-security use cases. It uses hundreds of rules and regex patterns to surface interesting characteristics of source code to aid in determining what the software is or what it does from what file operations it uses, encryption, shell operations, cloud API's, frameworks and more and has received industry attention as a new and valuable contribution to OSS on ZDNet, SecurityWeek, CSOOnline, Linux.com/news, HelpNetSecurity, Twitter and more and was first featured on Microsoft.com. Application Inspector is different from traditional static analysis tools in that it doesn't attempt to identify "good" or "bad" patterns; it simply reports what it finds against a set of over 400 rule patterns for feature detection including features that impact security.
    Downloads: 2 This Week
    Last Update:
    See Project
  • Stop vibe-debugging. Icon
    Stop vibe-debugging.

    Plug Claude into your app's actual errors.

    AppSignal's MCP server hands Claude, Cursor, or Zed your real errors, traces, and the deploy that shipped them. AI writes the fix; you review the diff.
    Free 30 days.
  • 5
    Feflow

    Feflow

    How to write cross-platform Node.js code

    How to write cross-platform Node.js code. Why you should care: according to the 2018 Node.js user survey, 24% of Node.js developers use Windows locally and 41% use Mac. In production, 85% use Linux and 1% use BSD. Installers for each major OS are available on the Node.js website. To install, switch and update Node.js versions nvm can be used on Linux/Mac. It does not support Windows but nvm-windows, nvs and ps-nvm (for PowerShell) are alternatives that do. nve can be used to run a single command with one or several different Node.js versions. nvexeca can be used to do the same programmatically. The character encoding can be specified using an encoding option with most relevant Node.js core methods. While ASCII characters display correctly on all terminals, this is not the case for all characters.
    Downloads: 2 This Week
    Last Update:
    See Project
  • 6
    MoarVM

    MoarVM

    A runtime built for the 6model object system

    Short for "Metamodel On A Runtime", MoarVM is a modern virtual machine built for the Rakudo Perl 6 compiler and the NQP Compiler Toolchain. MoarVM is used by the majority of Perl 6 programmers. Highlights include: Great Unicode support, with strings represented at grapheme level, dynamic analysis of running code to identify hot functions and loops, and perform a range of optimizations, including type specialization and inlining, support for threads, a range of concurrency control constructs, and asynchronous sockets, timers, processes, and more, generational, parallel, garbage collection, support for numerous language features, including first class functions, exceptions, continuations, runtime loading of code, big integers and interfacing with native libraries. MoarVM provides very little directly - and that's a good thing. It is not tied to a particular way of doing inheritance, roles, mixins, method resolution, type-checking, and so forth.
    Downloads: 2 This Week
    Last Update:
    See Project
  • 7
    OpenRewrite

    OpenRewrite

    Automated mass refactoring of source code

    The OpenRewrite project is a mass source code refactoring ecosystem. Reduce 1000s of hours of static code analysis fixes to minutes. Turn a four-month migration project into four hours of work. Patch security vulnerabilities across 100s of repositories at once. OpenRewrite automates code refactoring and remediation tasks for you, enabling developers to deliver more business value. OpenRewrite's refactoring engine and recipes will always be open-source. Build tool plugins like OpenRewrite Gradle Plugin and OpenRewrite Maven Plugin help you run these recipes on one repository at a time. Moderne is a complementary product that executes OpenRewrite recipes at scale on hundreds of millions of lines of code and enables mass-committing of results. Moderne freely runs a public service for the benefit of thousands of open-source projects.
    Downloads: 2 This Week
    Last Update:
    See Project
  • 8
    PHP Coding Standards Fixer

    PHP Coding Standards Fixer

    A tool to automatically fix PHP Coding Standards issues

    The PHP Coding Standards Fixer (PHP CS Fixer) tool fixes your code to follow standards, whether you want to follow PHP coding standards as defined in the PSR-1, PSR-2, etc., or other community driven ones like the Symfony one. You can also define your (team’s) style through configuration. It can modernize your code (like converting the pow function to the operator on PHP 5.6) and (micro) optimize it. If you are already using a linter to identify coding standards problems in your code, you know that fixing them by hand is tedious, especially on large projects. This tool does not only detect them, but also fixes them for you. If you need to apply code styles that are not supported by the tool, you can create custom rules. Dedicated plugins exist for Atom, NetBeans, PhpStorm, Sublime Text, Vim, and VS Code.
    Downloads: 2 This Week
    Last Update:
    See Project
  • 9
    Pulumi

    Pulumi

    Developer-first infrastructure as code. Your cloud, your language

    Pulumi's Infrastructure as Code SDK is the easiest way to create and deploy cloud software that use containers, serverless functions, hosted services, and infrastructure, on any cloud. Simply write code in your favorite language and Pulumi automatically provisions and manages your AWS, Azure, Google Cloud Platform, and/or Kubernetes resources, using an infrastructure-as-code approach. Skip the YAML, and use standard language features like loops, functions, classes, and package management that you already know and love. Pulumi is open source under the Apache 2.0 license, supports many languages and clouds, and is easy to extend. This repo contains the pulumi CLI, language SDKs, and core Pulumi engine, and individual libraries are in their own repos. Walk through end-to-end workflows for creating containers, serverless functions, and other cloud services and infrastructure.
    Downloads: 2 This Week
    Last Update:
    See Project
  • MongoDB Atlas runs apps anywhere Icon
    MongoDB Atlas runs apps anywhere

    Deploy in 115+ regions with the modern database for every enterprise.

    MongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
    Start Free
  • 10
    Pyright

    Pyright

    Static type checker for Python

    Pyright is a fast type checker meant for large Python source bases. It can run in a “watch” mode and performs fast incremental updates when files are modified. Pyright supports configuration files that provide granular control over settings. Different “execution environments” can be associated with subdirectories within a source base. Each environment can specify different module search paths, python language versions, and platform targets. Type inference for function return values, instance variables, class variables, and globals. Type guards that understand conditional code flow constructs like if/else statements. Type hinting generics in standard collections. Pyright ships as both a command-line tool and a VS Code extension that provides many powerful features that help improve programming efficiency. The VS Code extension supports many time-saving language features.
    Downloads: 2 This Week
    Last Update:
    See Project
  • 11
    Super-Linter

    Super-Linter

    Combination of multiple linters to install as a GitHub Action

    This repository is for the GitHub Action to run a Super-Linter. It is a simple combination of various linters, written in bash, to help validate your source code. The super-linter finds issues and reports them to the console output. Fixes are suggested in the console output but not automatically fixed, and a status check will show up as failed on the pull request. The design of the Super-Linter is currently to allow linting to occur in GitHub Actions as a part of continuous integration occurring on pull requests as the commits get pushed. It works best when commits are being pushed early and often to a branch with an open or draft pull request. There is some desire to move this closer to local development for faster feedback on linting errors but this is not yet supported. There is no need to set the GitHub Secret as it is automatically set by GitHub, it only needs to be passed to the action.
    Downloads: 2 This Week
    Last Update:
    See Project
  • 12
    Visualg 3.0

    Visualg 3.0

    Visualg versão 3.0.5.6 (última de revisão 20/08/2015)

    O VISUALG 3.0.5.6 (último) está com novos recursos, e nova aparência, e que pode ser trocada, entrando no MANUTENÇÃO/CONFIGURAÇÃO/PELES... Mas, atenção: Copie a sub-pasta SKIN's que está dentro da Pasta VISUALG3 para o drive C:\. Na raiz de seu HD [ drive C: (principal) ] , ficando assim: C:\Skins "caso vocês não consigam trocar as roupagens (peles) do programa. Usem com sabedoria ! Bons estudos ! Para contacto mandem um E-mail para: professor.antonio.nicolodi@gmail.com
    Downloads: 24 This Week
    Last Update:
    See Project
  • 13
    UCDetector

    UCDetector

    Eclipse Plugin to find unused Java code

    UCDetector (Unnecessary Code Detector) is a Open Source Eclipse Plugin Tool. UCDetector finds unnecessary (dead) public Java code. It suggests to make code final, protected or private.
    Downloads: 6 This Week
    Last Update:
    See Project
  • 14
    Autograd

    Autograd

    Efficiently computes derivatives of numpy code

    Autograd can automatically differentiate native Python and Numpy code. It can handle a large subset of Python's features, including loops, ifs, recursion and closures, and it can even take derivatives of derivatives of derivatives. It supports reverse-mode differentiation (a.k.a. backpropagation), which means it can efficiently take gradients of scalar-valued functions with respect to array-valued arguments, as well as forward-mode differentiation, and the two can be composed arbitrarily. The main intended application of Autograd is gradient-based optimization. For more information, check out the tutorial and the examples directory. We can continue to differentiate as many times as we like, and use numpy's vectorization of scalar-valued functions across many different input values.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 15
    Code Climate CLI

    Code Climate CLI

    Code Climate CLI

    Align initiatives with strategic priorities, accelerate software delivery, and drive continuous improvement with the leading Engineering Intelligence Solution. Software development teams used to operate in the dark, forced to make decisions based on gut feel and anecdotes, causing friction, creating silos, and leading to mediocre outcomes. Today, forward-thinking engineering leaders leverage data-driven insights to build a culture of trust and high performance. Align on business priorities with improved transparency across every level of your organization, and ensure optimal resource allocation for your engineering teams. Deliver high-quality code quickly and consistently to achieve true Continuous Delivery and out-innovate your competition. Improve your team’s processes and engineering skills to create a high-performance culture, boost pipeline efficiency, and increase employee engagement. code climate is a command-line interface for the Code Climate analysis platform.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 16
    Luacheck

    Luacheck

    A tool for linting and static analysis of Lua code

    Luacheck is a static analyzer and a linter for Lua. Luacheck detects various issues such as usage of undefined global variables, unused variables and values, accessing uninitialized variables, unreachable code and more. Most aspects of checking are configurable: there are options for defining custom project-related globals, for selecting set of standard globals (version of Lua standard library), for filtering warnings by type and name of related variable, etc. The options can be used on the command line, put into a config or directly into checked files as Lua comments. Luacheck supports checking Lua files using the syntax of Lua 5.1, Lua 5.2, Lua 5.3, and LuaJIT. Luacheck itself is written in Lua and runs on all of the mentioned Lua versions.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 17
    Pylint

    Pylint

    It's not just a linter that annoys you!

    Pylint is a static code analyzer for Python 2 or 3. The latest version supports Python 3.7.2 and above. Pylint analyses your code without actually running it. It checks for errors, enforces a coding standard, looks for code smells, and can make suggestions about how the code could be refactored. Projects that you might want to use alongside pylint include flake8 (faster and simpler checks with very few false positives), mypy, pyright or pyre (typing checks), bandit (security-oriented checks), black and isort (auto-formatting), autoflake (automated removal of unused import or variable), pyupgrade (automated upgrade to newer python syntax) and pydocstringformatter (automated pep257). Pylint isn't smarter than you: it may warn you about things that you have conscientiously done or checks for some things that you don't care about. During adoption, especially in a legacy project where pylint was never enforced.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 18
    SafeQL

    SafeQL

    Validate and auto-generate TypeScript types from raw SQL queries

    SafeQL is an ESLint plugin for writing SQL queries in a type-safe way. SafeQL automatically infers the type of the query result based on the query itself. SafeQL works with any PostgreSQL client, including Prisma, Sequelize, pg, Postgres.js, and more. SafeQL was built in mind to be easy to use and integrate with your existing codebase. SafeQL was built with monorepos and microservices in mind, and it's easy to use with multiple databases. SafeQL is an ESLint plugin that helps you write SQL (PostgreSQL) queries safely. SafeQL was never meant to replace your current SQL library. Instead, It's a plugin that you can use to add extra functionality to your existing SQL library. It means that you can use SafeQL with any SQL library that you want. You can even use SafeQL with multiple SQL libraries at the same time.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 19
    Sentry

    Sentry

    Cross-platform application monitoring and error tracking software

    Sentry is a cross-platform, self-hosted error monitoring solution that helps software teams discover, monitor and fix errors in real-time. The most users and logs will have to provide are the clues, and Sentry provides the answers. Sentry offers enhanced application performance monitoring through information-laden stack traces. It lets you build better software faster and more efficiently by showing you all issues in one place and providing the trail of events that lead to errors. It also provides real-time monitoring and data visualization through dashboards. Sentry’s server is in Python, but its API enables for sending events from any language, in any application. More than fifty-thousand companies already ship better software faster thanks to Sentry; let yours be one of them!
    Downloads: 1 This Week
    Last Update:
    See Project
  • 20
    SublimeLinter-eslint

    SublimeLinter-eslint

    This linter plugin for SublimeLinter provides an interface to ESLint

    This linter plugin for SublimeLinter provides an interface to ESLint. It will be used with "JavaScript" files, but since eslint is pluggable, it can actually lint a variety of other files as well. SublimeLinter will detect some installed local plugins, and thus it should work automatically for e.g. .vue or .ts files. If it works on the command line, there is a chance it works in Sublime without further ado. Make sure the plugins are installed locally colocated to eslint itself. T.i., technically, both eslint and its plugins are described in the very same package.json. Configuration of the plugins is out-of-scope of this README. Be sure to read their README's as well. (If you just installed a plugin, without proper configuration, eslint will probably show error messages or wrong lint results, and SublimeLinter will just pass them to you.)
    Downloads: 1 This Week
    Last Update:
    See Project
  • 21
    SyntaxHighlighter

    SyntaxHighlighter

    Self-contained code syntax highlighter developed in JavaScript

    SyntaxHighlighter is THE client side highlighter for the web and web-apps! It's been around since 2004 and it's used virtually everywhere to seamlessly highlight code for presentation purposes. The history of this project predates majority of the common web technologies and it has been a challenge to dedicate time and effort to keep it up to date. Everything used to be in one file and assign window variables. SyntaxHighlighter is currently used and has been used in the past by Microsoft, Apache, Mozilla, Yahoo, Wordpress, Bug Labs, Freshbooks and many other companies and blogs. As it always goes with open source, you are welcome to use SyntaxHighlighter free of charge.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 22
    Vetur

    Vetur

    Vue tooling for VS Code

    Vue tooling for VS Code, powered by vls. Try it out with Veturpack. Vetur supports syntax highlighting for vue directives (e.g. v-if or :attribute=) and vue interpolations. The supported attribute string literals are ' and ". Vetur does not support the ` backtick literal, as it makes things more complex and there is no observed benefit of using it. Vetur lets you use snippets for each embedded languages. Vetur provides scaffolding snippets for quickly defining regions. They are vue snippets and can be used outside language regions. You can use everything that's allowed in VS Code Snippet Syntax. The good thing is, you write them in .vue files instead of .json files, and you don't need to escape special characters. Completions of scaffold snippets are sorted by their categories. Workspace > User > Vetur.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 23
    elasticsearc-php

    elasticsearc-php

    PHP low-level client for Elasticsearch

    Introducing Elasticsearch DSL library to provide objective query builder for Elasticsearch bundle and elasticsearch-php client. You can easily build any Elasticsearch query and transform it to an array. This agnostic package is a lightweight wrapper on top of the Elasticsearch PHP client. Its main goal is to allow for easier structuring of queries and indices in your application. It does not want to hide or replace the functionality of the Elasticsearch PHP client. Feature complete, object oriented, composable, extendable Elasticsearch query DSL builder for PHP. Deliberately built to be as simple as possible, easily usable and with explicit naming. Elasticsearch Bundle was created in order to serve the need for professional Elasticsearch integration with enterprise level Symfony 2 systems. Automatically generate mappings using a serializer. Listeners for Doctrine events for automatic indexing.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 24
    eslint-plugin-jest

    eslint-plugin-jest

    ESLint plugin for Jest

    ESLint plugin for Jest. If you installed ESLint globally then you must also install eslint-plugin-jest globally. Add jest to the plugins section of your .eslintrc configuration file. You can omit the eslint-plugin- prefix. The rules provided by this plugin assume that the files they are checking are test-related. This means it's generally not suitable to include them in your top-level configuration as that applies to all files being linted which can include source files. Since we cache the automatically determined version, if you're linting sub-folders that have different versions of Jest, you may find that the wrong version of Jest is considered when linting. You can work around this by providing the Jest version explicitly in nested ESLint configs.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 25
    eslint-plugin-jsdoc

    eslint-plugin-jsdoc

    JSDoc specific linting rules for ESLint

    JSDoc specific linting rules for ESLint. Install ESLint either locally or globally. Rules may, as per the ESLint user guide, have their own individual options. In eslint-plugin-jsdoc, a few options, such as, exemptedBy and contexts, may be used across different rules. eslint-plugin-jsdoc options, if present, are generally in the form of an object supplied as the second argument in an array after the error level (any exceptions to this format are explained within that rule's docs). One can use minLines and maxLines to indicate how many line breaks (if any) will be checked to find a jsdoc comment block before the given code block. These settings default to 0 and 1 respectively. In conjunction with the require-jsdoc rule, these settings can be enforced so as to report problems if a jsdoc block is not found within the specified boundaries. The settings are also used in the fixer to determine how many line breaks to add when a block is missing.
    Downloads: 1 This Week
    Last Update:
    See Project
Auth0 Logo