Showing 57 open source projects for "source code static anala"

View related business solutions
  • MongoDB Atlas runs apps anywhere Icon
    MongoDB Atlas runs apps anywhere

    Deploy in 115+ regions with the modern database for every enterprise.

    MongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
    Start Free
  • $300 Free Credits for Your Google Cloud Projects Icon
    $300 Free Credits for Your Google Cloud Projects

    Start building on Google Cloud with $300 in free credits. No commitment, no credit card required until you're ready to scale.

    Launch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.
    Start Free Trial
  • 1
    Static Analysis Tools for PHP

    Static Analysis Tools for PHP

    Docker image that provides static analysis tools for PHP

    Docker image providing static analysis tools for PHP. The list of available tools and the installer is actually managed in the jakzal/toolbox repository. Docker image with quality analysis tools for PHP. To run the selected tool inside the container, you'll need to mount the project directory on the container with -v "$(pwd):/project". Some tools like to write to the /tmp directory (like PHPStan, or Behat in some cases), therefore it's often useful to share it between docker runs, i.e. with...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 2
    Tencent Cloud Code Analysis

    Tencent Cloud Code Analysis

    Static code analysis

    Tencent Cloud Code Analysis (TCA for short, used internally by the R&D code CodeDog ) is a cloud-native, distributed, high-performance comprehensive code analysis and tracking platform that integrates many analysis tools, including server, web and client The three components have integrated a number of self-developed tools, and also support the dynamic integration of analysis tools of various programming languages ​​in the industry. Obtain the Tencent Cloud code analysis platform by...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 3
    HTMLHint

    HTMLHint

    The static code analysis tool you need for your HTML

    Static code analysis tool you need for your HTML. By default, htmlhint looks for a .htmlhintrc file in the current directory and all parent directories and applies its rules when parsing a file.
    Downloads: 5 This Week
    Last Update:
    See Project
  • 4
    SonarQube

    SonarQube

    Continuous inspection

    SonarQube empowers all developers to write cleaner and safer code. Thousands of automated Static Code Analysis rules, protecting your app on multiple fronts, and guiding your team. Catch tricky bugs to prevent undefined behavior from impacting end-users. Fix vulnerabilities that compromise your app, and learn AppSec along the way with Security Hotspots. Make sure your codebase is clean and maintainable, to increase developer velocity! We embrace progress - whether it's multi-language...
    Downloads: 48 This Week
    Last Update:
    See Project
  • 99.99% Uptime for MySQL and PostgreSQL Databases Icon
    99.99% Uptime for MySQL and PostgreSQL Databases

    Sub-second maintenance. 2x read/write performance. Built-in vector search for AI apps.

    Cloud SQL Enterprise Plus delivers near-zero downtime with 35 days of point-in-time recovery. Supports MySQL, PostgreSQL, and SQL Server.
    Try Free
  • 5
    Pylint

    Pylint

    It's not just a linter that annoys you!

    Pylint is a static code analyzer for Python 2 or 3. The latest version supports Python 3.7.2 and above. Pylint analyses your code without actually running it. It checks for errors, enforces a coding standard, looks for code smells, and can make suggestions about how the code could be refactored. Projects that you might want to use alongside pylint include flake8 (faster and simpler checks with very few false positives), mypy, pyright or pyre (typing checks), bandit (security-oriented...
    Downloads: 11 This Week
    Last Update:
    See Project
  • 6
    PHP Parser

    PHP Parser

    A PHP parser written in PHP

    This is a PHP 5.2 to PHP 8.0 parser written in PHP. Its purpose is to simplify static code analysis and manipulation. A parser is useful for static analysis, manipulation of code and basically any other application dealing with code programmatically. A parser constructs an Abstract Syntax Tree (AST) of the code and thus allows dealing with it in an abstract and robust way. As the parser is based on the tokens returned by token_get_all (which is only able to lex the PHP version it runs on), additionally a wrapper for emulating tokens from newer versions is provided. ...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 7
    reviewdog

    reviewdog

    Automated code review tool integrated with any code analysis tools

    I’d like to introduce reviewdog! An automated code review tool working with any lint tools and supports local run as well. “reviewdog” provides a way to post review comments to code hosting services, such as GitHub, automatically by integrating with any linter tools with ease. It uses any output of lint tools, with translation if required, and posts them as a comment if the file and line are in diff of patches to review. reviewdog also supports running in a local environment to filter the...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 8
    eslint-plugin-jsx-a11y

    eslint-plugin-jsx-a11y

    Static AST checker for a11y rules on JSX elements

    Static AST checker for accessibility rules on JSX elements. This plugin does a static evaluation of the JSX to spot accessibility issues in React apps. Because it only catches errors in static code, use it in combination with axe-core/react to test the accessibility of the rendered DOM. Consider these tools just as one step of a larger a11y testing process and always test your apps with assistive technology. If you installed ESLint globally (using the -g flag in npm, or the global prefix in...
    Downloads: 9 This Week
    Last Update:
    See Project
  • 9
    Flow

    Flow

    A static type checker for JavaScript

    Flow is a static type checker for JavaScript. It was designed to help improve code quality and developer productivity. It does this through several smart capabilities. First, it identifies problems as you code, so you no longer have to waste time guessing and checking again and again. Second, it understands your code and makes its knowledge available, allowing you to build other smart tools on top of it. Third, it helps you refactor safely so you can focus on the changes you want to make and...
    Downloads: 11 This Week
    Last Update:
    See Project
  • Our Free Plans just got better! | Auth0 Icon
    Our Free Plans just got better! | Auth0

    With up to 25k MAUs and unlimited Okta connections, our Free Plan lets you focus on what you do best—building great apps.

    You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
    Try free now
  • 10
    Semgrep

    Semgrep

    Lightweight static analysis for many languages

    Static analysis at ludicrous speed. Find bugs and enforce code standards. Find and prevent security issues in Terraform, Docker, Kubernetes, nginx, and AWS configs before they go into production. Go beyond application code and protect the entire stack with a breadth of scanning capabilities. Don't leak secrets, scan every commit and ensure secrets don't make it to production.
    Downloads: 11 This Week
    Last Update:
    See Project
  • 11
    SonarJS

    SonarJS

    SonarSource Static Analyzer for JavaScript and TypeScript

    This SonarSource project is a static code analyzer for JavaScript, TypeScript and CSS languages. In order to analyze JavaScript, TypeScript or CSS code, you need to have a supported version of Node.js installed on the machine running the scan. Recommended versions are the previous LTS version v14 and the latest version - v16. We recommend using the latest available LTS version (v16 as of today) for optimal stability and performance. v12 is still supported, but it already reached end-of-life...
    Downloads: 7 This Week
    Last Update:
    See Project
  • 12
    pytype

    pytype

    A static type analyzer for Python code

    pytype is a static type analyzer that checks and infers types for Python code without executing it, catching errors at “compile time” and generating actionable diagnostics. It grew alongside Python typing at Google and can understand both inline annotations and unannotated code via powerful inference. The tool consumes stub files (.pyi) for the standard library and third-party packages (from typeshed and its own built-ins), enabling accurate checks even in large, mixed-quality codebases....
    Downloads: 0 This Week
    Last Update:
    See Project
  • 13
    Deptrac

    Deptrac

    Keep your architecture clean.

    Deptrac is a static analysis tool for PHP that helps maintain architectural boundaries within codebases. It analyzes dependencies between classes and ensures that code follows predefined architectural rules. Deptrac is useful for preventing unwanted couplings, enforcing clean code architecture, and detecting violations early during development.
    Downloads: 6 This Week
    Last Update:
    See Project
  • 14
    Joern

    Joern

    Open-source code analysis platform for C/C++/Java/Binary/Javascript

    Joern is a platform for analyzing source code, bytecode, and binary executables. It generates code property graphs (CPGs), a graph representation of code for cross-language code analysis. Code property graphs are stored in a custom graph database. This allows code to be mined using search queries formulated in a Scala-based domain-specific query language. Joern is developed with the goal of providing a useful tool for vulnerability discovery and research in static program analysis.
    Downloads: 4 This Week
    Last Update:
    See Project
  • 15
    Infer

    Infer

    A static analyzer for Java, C, C++, and Objective-C

    Infer is a static analysis tool - if you give Infer some Java or C/C++/Objective-C code it produces a list of potential bugs. Anyone can use Infer to intercept critical bugs before they have shipped to users, and help prevent crashes or poor performance. Infer checks for null pointer exceptions, resource leaks, annotation reachability, missing lock guards, and concurrency race conditions in Android and Java code. Infer checks for null pointer dereferences, memory leaks, coding conventions...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 16
    Larastan

    Larastan

    Adds code analysis to Laravel improving developer productivity

    Larastan was created by Can Vural and Nuno Maduro, got artwork designed by @Caneco, is maintained by Can Vural, Nuno Maduro, and Viktor Szépe, and is a PHPStan wrapper for Laravel. Larastan focuses on finding errors in your code. It catches whole classes of bugs even before you write tests for the code.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 17
    OpenRewrite

    OpenRewrite

    Automated mass refactoring of source code

    The OpenRewrite project is a mass source code refactoring ecosystem. Reduce 1000s of hours of static code analysis fixes to minutes. Turn a four-month migration project into four hours of work. Patch security vulnerabilities across 100s of repositories at once. OpenRewrite automates code refactoring and remediation tasks for you, enabling developers to deliver more business value.
    Downloads: 2 This Week
    Last Update:
    See Project
  • 18
    pmd

    pmd

    An extensible multilanguage static code analyzer

    PMD is a source code analyzer. It finds common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and so forth. It supports Java, JavaScript, Salesforce.com Apex and Visualforce, PLSQL, Apache Velocity, XML, and XSL. Additionally, it includes CPD, the copy-paste-detector. CPD finds duplicated code in Java, C, C++, C#, Groovy, PHP, Ruby, Fortran, JavaScript, PLSQL, Apache Velocity, Scala, Objective C, Matlab, Python, Go, Swift and Salesforce.com Apex,...
    Downloads: 12 This Week
    Last Update:
    See Project
  • 19
    eslint-plugin-import

    eslint-plugin-import

    ESLint plugin with rules that help validate proper imports.

    This plugin intends to support linting of ES2015+ (ES6+) import/export syntax, and prevent issues with misspelling of file paths and import names. All the goodness that the ES2015+ static module syntax intends to provide, is marked up in your editor. The maintainers of eslint-plugin-import and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open-source dependencies you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact dependencies you use. ...
    Downloads: 10 This Week
    Last Update:
    See Project
  • 20
    Pyright

    Pyright

    Static type checker for Python

    Pyright is a fast type checker meant for large Python source bases. It can run in a “watch” mode and performs fast incremental updates when files are modified. Pyright supports configuration files that provide granular control over settings. Different “execution environments” can be associated with subdirectories within a source base. Each environment can specify different module search paths, python language versions, and platform targets. Type inference for function return values, instance...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 21
    Checked C

    Checked C

    Checked C is an extension to C that lets programmers write C code

    Checked C is an extension to C that lets programmers write C code that is guaranteed by the compiler to be type-safe. The goal is to let people easily make their existing C code type-safe and eliminate entire classes of errors. Checked C does not address use-after-free errors. Checked C adds static and dynamic checking to C to detect or prevent common programming errors such as buffer overruns and out-of-bounds memory accesses. The goal of the project is to improve systems programming by...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 22
    ShellCheck

    ShellCheck

    A static analysis tool for shell scripts

    ShellCheck is a GPLv3 tool that provides warnings and possible suggestions for bash/sh shell scripts. ShellCheck finds bugs in your shell scripts. You can cabal, apt, dnf, pkg or brew install it locally right now. ShellCheck highlights and clarifies typical beginner's syntax mistakes and issues that cause a shell to give a cryptic error message. It shows typical intermediate level semantic problems that cause a shell to behave in a abnormally and counter-intuitively. It can also discover...
    Downloads: 9 This Week
    Last Update:
    See Project
  • 23
    Application Inspector

    Application Inspector

    A source code analyzer built for surfacing features of interest

    Microsoft Application Inspector is a software source code characterization tool that helps identify coding features of first or third party software components based on well-known library/API calls and is helpful in security and non-security use cases. It uses hundreds of rules and regex patterns to surface interesting characteristics of source code to aid in determining what the software is or what it does from what file operations it uses, encryption, shell operations, cloud API's, frameworks and more and has received industry attention as a new and valuable contribution to OSS on ZDNet, SecurityWeek, CSOOnline, Linux.com/news, HelpNetSecurity, Twitter and more and was first featured on Microsoft.com. ...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 24

    cppcheck

    Static source code analysis tool for C and C++ code

    Static analysis of C/C++ code. Checks for: memory leaks, mismatching allocation-deallocation, buffer overrun, and many more. The goal is 0% false positives. See http://cppcheck.sourceforge.net for more information.
    Leader badge
    Downloads: 306 This Week
    Last Update:
    See Project
  • 25
    GIXY

    GIXY

    Nginx configuration static analyzer

    Gixy is a tool to analyze Nginx configuration. The main goal of Gixy is to prevent security misconfiguration and automate flaw detection. Currently supported Python versions are 2.7, 3.5, 3.6 and 3.7. Gixy is well tested only on GNU/Linux, other OSs may have some issues. You can find things that Gixy is learning to detect at Issues labeled with "new plugin". By default Gixy will try to analyze Nginx configuration placed in /etc/nginx/nginx.conf. Or something else, you can find all other gixy...
    Downloads: 2 This Week
    Last Update:
    See Project
  • Previous
  • You're on page 1
  • 2
  • 3
  • Next