Open Source Mac Source Code Analysis Tools
Sort By:
Source Code Analysis Tools for Mac
View 1430 business solutionsBrowse free open source Source Code Analysis tools and projects for Mac below. Use the toggles on the left to filter open source Source Code Analysis tools by OS, license, language, programming language, and project status.
-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
Get the most trusted enterprise browserDefend against security incidents with Chrome Enterprise. Create customizable controls, manage extensions and set proactive alerts to keep your data and employees protected without slowing down productivity.
-
1
PMD
A source code analyzer
PMD is a source code analyzer. It finds common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and so forth. It supports Salesforce.com Apex, Java, JavaScript, XML, XSL. Additionally it includes CPD, the copy-paste-detector. CPD finds duplicated code in Java, C, C++, C#, PHP, Ruby, Fortran, JavaScript, Matlab, Swift. You can fork us on https://github.com/pmd -
2
Blockly
The web-based visual programming editor
The Blockly library adds an editor to your app that represents coding concepts as interlocking blocks. It outputs syntactically correct code in the programming language of your choice. Custom blocks may be created to connect to your own application. Blockly in a browser allows web pages to include a visual code editor for any of Blockly's five supported programming languages, or your own. Blockly plugins are self-contained pieces of code that add functionality to Blockly. Blockly codelabs provide step-by-step instructions on how to use and customize Blockly. From a user's perspective, Blockly is an intuitive, visual way to build code. From a developer's perspective, Blockly is a ready-made UI for creating a visual language that emits syntactically correct user-generated code. Blockly can export blocks to many programming languages. -
3
cppcheck
Static source code analysis tool for C and C++ code
Static analysis of C/C++ code. Checks for: memory leaks, mismatching allocation-deallocation, buffer overrun, and many more. The goal is 0% false positives. See http://cppcheck.sourceforge.net for more information. -
4
SonarQube
Continuous inspection
SonarQube empowers all developers to write cleaner and safer code. Thousands of automated Static Code Analysis rules, protecting your app on multiple fronts, and guiding your team. Catch tricky bugs to prevent undefined behavior from impacting end-users. Fix vulnerabilities that compromise your app, and learn AppSec along the way with Security Hotspots. Make sure your codebase is clean and maintainable, to increase developer velocity! We embrace progress - whether it's multi-language applications, teams composed of different backgrounds or a workflow that's a mix of modern and legacy, SonarQube has you covered. SonarQube fits with your existing tools and pro-actively raises a hand when the quality or security of your codebase is at risk. SonarQube can analyse branches of your repo, and notify you directly in your Pull Requests! -
Secure remote access solution to your private network, in the cloud or on-prem.OpenVPN is here to bring simple, flexible, and cost-effective secure remote access to companies of all sizes, regardless of where their resources are located.
-
5
Hack
A typeface designed for source code
Hack includes monospaced regular, bold, italic, and bold italic sets to cover all of your syntax highlighting needs. Over 1500 glyphs that include lovingly tuned extended Latin, modern Greek, and Cyrillic character sets. Powerline glyphs are included in the regular set. Patching is not necessary. Install and go. No frills. No gimmicks. Hack is hand groomed and optically balanced to be your go-to code face. Type design features to improve legibility in the harsh conditions of the screen. A libre typeface with generous licensing that permits modification & commercial use. Hack has deep roots in the libre, open source typeface community and includes the contributions of the Bitstream Vera & DejaVu projects. The face has been re-designed with an expanded glyph set, modifications of the original glyph shapes, and meticulous attention to metrics. -
6
tkdiff
Side-by-side diff viewer, editor and merge preparer
tkdiff is a graphical front end to the diff program. It provides a side-by-side view of the differences between two text files, along with several innovative features such as diff bookmarks, a graphical map of differences for quick navigation, and a facility for slicing diff regions to achieve exactly the merge output desired. -
7
Iosevka
Versatile typeface for code, from code
Iosevka is an open-source, sans-serif + slab-serif, monospace + quasi‑proportional typeface family, designed for writing code, using in terminals, and preparing technical documents. The Iosevka’s monospace family is provided in a slender outfit by default: glyphs are exactly 1/2em wide. Compared to the competitors, you could fit more columns within the same screen width. Iosevka provides two widths, Normal and Extended. If you prefer more breeze between the character, choose Extended and enjoy. Terminal emulators have a stricter compatibility requirements for fonts. Therefore, Iosevka and Iosevka Slab all contain two specialized families, Term and Fixed, targeting terminal users. In these families, the symbols will be narrower to follow terminals’ ideology of column count. In the Fixed families, the ligation will be disabled to ensure better compatibility in certain environments. -
8
Eclipse Checkstyle Plug-in
Integrates Checkstye into the Eclipse IDE
The Eclipse Checkstyle plug-in integrates the Checkstyle Java code auditor into the Eclipse IDE. The plug-in provides real-time feedback to the user about violations of rules that check for coding style and possible error prone code constructs. -
9
Boilerplate and Starter for Next JS 12+
Boilerplate and Starter for Next.js 12+, Tailwind CSS 3 and TypeScript
Boilerplate and Starter for Next JS 12+, Tailwind CSS 3 and TypeScript. Boilerplate and Starter for Next.js, Tailwind CSS and TypeScript. Made with developer experience first: Next.js, TypeScript, ESLint, Prettier, Husky, Lint-Staged, Jest, Testing Library, Commitlint, VSCode, Netlify, PostCSS, Tailwind CSS. If you are VSCode users, you can have a better integration with VSCode by installing the suggested extension in .vscode/extension.json. The starter code comes up with Settings for a seamless integration with VSCode. The Debug configuration is also provided for frontend and backend debugging experience. With the plugins installed on your VSCode, ESLint and Prettier can automatically fix the code and show you the errors. Same goes for testing, you can install VSCode Jest extension to automatically run your tests and it also show the code coverage in context. -
No-Nonsense Code-to-Cloud Security for Devs | AikidoAikido provides a unified security platform for developers, combining 12 powerful scans like SAST, DAST, and CSPM. AI-driven AutoFix and AutoTriage streamline vulnerability management, while runtime protection blocks attacks.
-
10
PHP Parser
A PHP parser written in PHP
This is a PHP 5.2 to PHP 8.0 parser written in PHP. Its purpose is to simplify static code analysis and manipulation. A parser is useful for static analysis, manipulation of code and basically any other application dealing with code programmatically. A parser constructs an Abstract Syntax Tree (AST) of the code and thus allows dealing with it in an abstract and robust way. As the parser is based on the tokens returned by token_get_all (which is only able to lex the PHP version it runs on), additionally a wrapper for emulating tokens from newer versions is provided. This allows to parse PHP 7.4 source code running on PHP 7.0, for example. This emulation is somewhat hacky and not perfect, but it should work well on any sane code. Support for pretty printing, which is the act of converting an AST into PHP code. Please note that "pretty printing" does not imply that the output is especially pretty. -
11
Sloc Cloc and Code (scc)
Sloc, Cloc and Code: scc is a very fast accurate code counter
Sloc, Cloc and Code: scc is a very fast accurate code counter with complexity calculations and COCOMO estimates written in pure Go. The tool is similar to cloc, sloccount and tokei. For counting the lines of code, blank lines, comment lines, and physical lines of source code in many programming languages. The goal is to be the fastest code counter possible, but also perform COCOMO calculations like sloccount, estimate code complexity similar to cyclomatic complexity calculators, and produce unique lines of code or DRYness metrics. In short one tool to rule them all. -
12
google-java-format
Reformats Java source code to comply with Google Java Style
google-java-format is a program that reformats Java source code to comply with Google Java Style. The formatter can act on whole files, on limited lines, on specific offsets, passing through to standard-out (default) or altered in-place. There is no configurability as to the formatter's algorithm for formatting. This is a deliberate design decision to unify our code formatting on a single format. The formatter can be used in software that generates java to output more legible java code. Just include the library in your maven/gradle/etc. configuration. A google-java-format IntelliJ plugin is available from the plugin repository. To install it, go to your IDE's settings and select the Plugins category. Click the Marketplace tab, search for the google-java-format plugin, and click the Install button. -
13
Flow
A static type checker for JavaScript
Flow is a static type checker for JavaScript. It was designed to help improve code quality and developer productivity. It does this through several smart capabilities. First, it identifies problems as you code, so you no longer have to waste time guessing and checking again and again. Second, it understands your code and makes its knowledge available, allowing you to build other smart tools on top of it. Third, it helps you refactor safely so you can focus on the changes you want to make and not on what you might break. Lastly, it can help prevent bad rebases and protect your carefully designed library, which is especially relevant when working with a large group of developers. Flow integrates with many tools, so you can easily and seamlessly insert it into your existing workflow and toolchain. -
14
PHP dotenv
Loads environment variables automatically
You should never store sensitive credentials in your code. Storing configuration in the environment is one of the tenets of a twelve-factor app. Anything that is likely to change between deployment environments, such as database credentials or credentials for 3rd party services, should be extracted from the code into environment variables. Basically, a .env file is an easy way to load custom configuration variables that your application needs without having to modify .htaccess files or Apache/nginx virtual hosts. This means you won't have to edit any files outside the project, and all the environment variables are always set no matter how you run your project, Apache, Nginx, CLI, and even PHP's built-in webserver. It's WAY easier than all the other ways you know of to set environment variables, and you're going to love it! -
15
BuildKit
Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. BuildKit is a new project under the Moby umbrella for building and packaging software using containers. It’s a new codebase meant to replace the internals of the current build features in the Moby Engine. BuildKit emerged from the discussions about improving the build features in Moby Engine. We received a lot of positive feedback for the multi-stage build feature introduced in April and had proposals and user requests for many similar additions. But before that, we needed to make sure that we have capabilities to continue adding such features in the future and a solid foundation to extend on. Quite soon it was clear that we would need to redefine most of the fundamentals about how we even define a build operation and needed a clean break from the current codebase. A proposal was written, and development started in the open under the new repository. -
16
Joern
Open-source code analysis platform for C/C++/Java/Binary/Javascript
Joern is a platform for analyzing source code, bytecode, and binary executables. It generates code property graphs (CPGs), a graph representation of code for cross-language code analysis. Code property graphs are stored in a custom graph database. This allows code to be mined using search queries formulated in a Scala-based domain-specific query language. Joern is developed with the goal of providing a useful tool for vulnerability discovery and research in static program analysis. -
17
Pulumi
Developer-first infrastructure as code. Your cloud, your language
Pulumi's Infrastructure as Code SDK is the easiest way to create and deploy cloud software that use containers, serverless functions, hosted services, and infrastructure, on any cloud. Simply write code in your favorite language and Pulumi automatically provisions and manages your AWS, Azure, Google Cloud Platform, and/or Kubernetes resources, using an infrastructure-as-code approach. Skip the YAML, and use standard language features like loops, functions, classes, and package management that you already know and love. Pulumi is open source under the Apache 2.0 license, supports many languages and clouds, and is easy to extend. This repo contains the pulumi CLI, language SDKs, and core Pulumi engine, and individual libraries are in their own repos. Walk through end-to-end workflows for creating containers, serverless functions, and other cloud services and infrastructure. -
18
SafeQL
Validate and auto-generate TypeScript types from raw SQL queries
SafeQL is an ESLint plugin for writing SQL queries in a type-safe way. SafeQL automatically infers the type of the query result based on the query itself. SafeQL works with any PostgreSQL client, including Prisma, Sequelize, pg, Postgres.js, and more. SafeQL was built in mind to be easy to use and integrate with your existing codebase. SafeQL was built with monorepos and microservices in mind, and it's easy to use with multiple databases. SafeQL is an ESLint plugin that helps you write SQL (PostgreSQL) queries safely. SafeQL was never meant to replace your current SQL library. Instead, It's a plugin that you can use to add extra functionality to your existing SQL library. It means that you can use SafeQL with any SQL library that you want. You can even use SafeQL with multiple SQL libraries at the same time. -
19
Static Analysis Tools for PHP
Docker image that provides static analysis tools for PHP
Docker image providing static analysis tools for PHP. The list of available tools and the installer is actually managed in the jakzal/toolbox repository. Docker image with quality analysis tools for PHP. To run the selected tool inside the container, you'll need to mount the project directory on the container with -v "$(pwd):/project". Some tools like to write to the /tmp directory (like PHPStan, or Behat in some cases), therefore it's often useful to share it between docker runs, i.e. with -v "$(pwd)/tmp-phpqa:/tmp". If you want to be able to interrupt the selected tool if it takes too much time to complete, you can use the --init option. Some tools are not included in the docker image, to use them refer to their documentation. Provides utilities to report legacy tests and usage of deprecated code. -
20
stylelint
A linter that helps you avoid errors and enforce conventions
stylelint understands the latest CSS syntax including custom properties and level 4 selectors. Extracts embedded styles from HTML, markdown and CSS-in-JS object & template literals. Parses CSS-like syntaxes like SCSS, Sass, Less and SugarSS. Has over 170 built-in rules to catch errors, apply limits and enforce stylistic conventions. Supports plugins so you can create your own rules or make use of plugins written by the community. Automatically fixes the majority of stylistic violations. Itis well tested with over 15000 unit tests. Supports shareable configs that you can extend or create. It is unopinionated so that you can customize it to your exact needs. stylelint has a growing community and is used by Facebook, GitHub and WordPress. You can configure the built-in stylistic rules to allow both multi-line and single-line rules. The choice of when to use each belongs to the user. -
21
A general purpose source code indexer and cross-referencer that provides web-based browsing of source code with links to the definition and usage of any identifier. Supports multiple languages. Up-to-date information in http://lxr.sourceforge.net
-
22
BAT
A cat(1) clone with syntax highlighting and Git integration
A cat(1) clone with syntax highlighting and Git integration. By default, bat pipes its own output to a pager (e.g. less) if the output is too large for one screen. If you would rather bat work like cat all the time (never page output), you can set --paging=never as an option, either on the command line or in your configuration file. If you intend to alias cat to bat in your shell configuration, you can use alias cat='bat --paging=never' to preserve the default behavior. Even with a pager set, you can still use bat to concatenate files. Whenever bat detects a non-interactive terminal (i.e. when you pipe into another process or into a file), bat will act as a drop-in replacement for cat and fall back to printing the plain file contents, regardless of the --pager option's value. Use bat --list-themes to get a list of all available themes for syntax highlighting. -
23
Cinder
Community-developed library for professional-quality creative coding
Cinder is a free and open source library for professional-quality creative coding in C++. Cinder is available under the BSD License for macOS and Windows. The latest version is 0.9.2. To keep up-to-date with Cinder’s development, consider working from the github repository directly. Cinder is a C++ library for programming with aesthetic intent - the sort of development often called creative coding. This includes domains like graphics, audio, video, and computational geometry. Cinder is cross-platform, with official support for macOS, Windows, Linux, iOS, and Windows UWP. Cinder is production-proven, powerful enough to be the primary tool for professionals, but still suitable for learning and experimentation. Full keyboard, mouse (including scroll wheel), window, and file drag and drop. -
24
Code Maat
A command line tool to mine and analyze data from version-control
Code Maat is a command-line tool for analyzing version-control systems (Git, SVN, etc.) to uncover code health insights—development hotspots, author coupling, and temporal change metrics. Created by Adam Tornhill, it supports research in behavioral code analysis and is often paired with his books like Code as a Crime Scene and Software Design X‑Rays. -
25
Light Table
Code editor that connects you to your creation with instant feedback
Connects you to your creation with instant feedback and showing data values flow through your code. Embed anything you want, from graphs to games to running visualizations. Easily customizable from keybinds to extensions to be completely tailored to your specific project. Everything from eval and debugging to a fuzzy finder for files and commands to fit seamlessly into your workflow. Try new ideas quickly and easily. Ask questions about your software, to give you a more profound understanding of your code. An elegant, lightweight, beautifully designed layout so your IDE is no longer cluttered. Next-gen println to keep track of important values in your code. Just add a watch to an expression and the value will be streamed back to LT in real time. No more printing to the console in order to view your results. Simply evaluate your code and the results will be displayed inline.
