Open Source Mac Source Code Analysis Tools
Sort By:
Source Code Analysis Tools for Mac
View 1440 business solutionsBrowse free open source Source Code Analysis tools and projects for Mac below. Use the toggles on the left to filter open source Source Code Analysis tools by OS, license, language, programming language, and project status.
-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
Keep company data safe with Chrome EnterpriseMake AI work your way with Chrome Enterprise. Block unapproved sites and set custom data controls that align with your company's policies.
-
1
PMD
A source code analyzer
PMD is a source code analyzer. It finds common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and so forth. It supports Salesforce.com Apex, Java, JavaScript, XML, XSL. Additionally it includes CPD, the copy-paste-detector. CPD finds duplicated code in Java, C, C++, C#, PHP, Ruby, Fortran, JavaScript, Matlab, Swift. You can fork us on https://github.com/pmd -
2
Blockly
The web-based visual programming editor
The Blockly library adds an editor to your app that represents coding concepts as interlocking blocks. It outputs syntactically correct code in the programming language of your choice. Custom blocks may be created to connect to your own application. Blockly in a browser allows web pages to include a visual code editor for any of Blockly's five supported programming languages, or your own. Blockly plugins are self-contained pieces of code that add functionality to Blockly. Blockly codelabs provide step-by-step instructions on how to use and customize Blockly. From a user's perspective, Blockly is an intuitive, visual way to build code. From a developer's perspective, Blockly is a ready-made UI for creating a visual language that emits syntactically correct user-generated code. Blockly can export blocks to many programming languages. -
3
cppcheck
Static source code analysis tool for C and C++ code
Static analysis of C/C++ code. Checks for: memory leaks, mismatching allocation-deallocation, buffer overrun, and many more. The goal is 0% false positives. See http://cppcheck.sourceforge.net for more information. -
4
SonarQube
Continuous inspection
SonarQube empowers all developers to write cleaner and safer code. Thousands of automated Static Code Analysis rules, protecting your app on multiple fronts, and guiding your team. Catch tricky bugs to prevent undefined behavior from impacting end-users. Fix vulnerabilities that compromise your app, and learn AppSec along the way with Security Hotspots. Make sure your codebase is clean and maintainable, to increase developer velocity! We embrace progress - whether it's multi-language applications, teams composed of different backgrounds or a workflow that's a mix of modern and legacy, SonarQube has you covered. SonarQube fits with your existing tools and pro-actively raises a hand when the quality or security of your codebase is at risk. SonarQube can analyse branches of your repo, and notify you directly in your Pull Requests! -
DAT Freight and Analytics - DATDAT Freight & Analytics operates DAT One, North America’s largest truckload freight marketplace; DAT iQ, the industry’s leading freight data analytics service; and Trucker Tools, the leader in load visibility. Shippers, transportation brokers, carriers, news organizations, and industry analysts rely on DAT for market trends and data insights, informed by nearly 700,000 daily load posts and a database exceeding $1 trillion in freight market transactions. Founded in 1978, DAT is a business unit of Roper Technologies (Nasdaq: ROP), a constituent of the Nasdaq 100, S&P 500, and Fortune 1000. Headquartered in Beaverton, Ore., DAT continues to set the standard for innovation in the trucking and logistics industry.
-
5
tkdiff
Side-by-side diff viewer, editor and merge preparer
tkdiff is a graphical front end to the diff program. It provides a side-by-side view of the differences between two text files, along with several innovative features such as diff bookmarks, a graphical map of differences for quick navigation, and a facility for slicing diff regions to achieve exactly the merge output desired. -
6
BAT
A cat(1) clone with syntax highlighting and Git integration
A cat(1) clone with syntax highlighting and Git integration. By default, bat pipes its own output to a pager (e.g. less) if the output is too large for one screen. If you would rather bat work like cat all the time (never page output), you can set --paging=never as an option, either on the command line or in your configuration file. If you intend to alias cat to bat in your shell configuration, you can use alias cat='bat --paging=never' to preserve the default behavior. Even with a pager set, you can still use bat to concatenate files. Whenever bat detects a non-interactive terminal (i.e. when you pipe into another process or into a file), bat will act as a drop-in replacement for cat and fall back to printing the plain file contents, regardless of the --pager option's value. Use bat --list-themes to get a list of all available themes for syntax highlighting. -
7
Eclipse Checkstyle Plug-in
Integrates Checkstye into the Eclipse IDE
The Eclipse Checkstyle plug-in integrates the Checkstyle Java code auditor into the Eclipse IDE. The plug-in provides real-time feedback to the user about violations of rules that check for coding style and possible error prone code constructs. -
8
Iosevka
Versatile typeface for code, from code
Iosevka is an open-source, sans-serif + slab-serif, monospace + quasi‑proportional typeface family, designed for writing code, using in terminals, and preparing technical documents. The Iosevka’s monospace family is provided in a slender outfit by default: glyphs are exactly 1/2em wide. Compared to the competitors, you could fit more columns within the same screen width. Iosevka provides two widths, Normal and Extended. If you prefer more breeze between the character, choose Extended and enjoy. Terminal emulators have a stricter compatibility requirements for fonts. Therefore, Iosevka and Iosevka Slab all contain two specialized families, Term and Fixed, targeting terminal users. In these families, the symbols will be narrower to follow terminals’ ideology of column count. In the Fixed families, the ligation will be disabled to ensure better compatibility in certain environments. -
9
eslint-plugin-jest
ESLint plugin for Jest
ESLint plugin for Jest. If you installed ESLint globally then you must also install eslint-plugin-jest globally. Add jest to the plugins section of your .eslintrc configuration file. You can omit the eslint-plugin- prefix. The rules provided by this plugin assume that the files they are checking are test-related. This means it's generally not suitable to include them in your top-level configuration as that applies to all files being linted which can include source files. Since we cache the automatically determined version, if you're linting sub-folders that have different versions of Jest, you may find that the wrong version of Jest is considered when linting. You can work around this by providing the Jest version explicitly in nested ESLint configs. -
Build Powerful Custom Apps—Without CodeGW Apps empowers your team to create tailored business applications in days, not months. Streamline operations, automate workflows, and manage data more effectively—all without writing a single line of code.
-
10
Hack
A typeface designed for source code
Hack includes monospaced regular, bold, italic, and bold italic sets to cover all of your syntax highlighting needs. Over 1500 glyphs that include lovingly tuned extended Latin, modern Greek, and Cyrillic character sets. Powerline glyphs are included in the regular set. Patching is not necessary. Install and go. No frills. No gimmicks. Hack is hand groomed and optically balanced to be your go-to code face. Type design features to improve legibility in the harsh conditions of the screen. A libre typeface with generous licensing that permits modification & commercial use. Hack has deep roots in the libre, open source typeface community and includes the contributions of the Bitstream Vera & DejaVu projects. The face has been re-designed with an expanded glyph set, modifications of the original glyph shapes, and meticulous attention to metrics. -
11
Angular ESLint
Monorepo for all the tooling related to using ESLint with Angular
Monorepo for all the tooling which enables ESLint to lint Angular projects. Follow the latest Getting Started guide on angular.io in order to install the Angular CLI. Create a new Angular CLI workspace in the normal way, optionally using any of the supported command line arguments and following the interactive prompts. As well as installing all relevant dependencies, the ng add command will automatically detect that you have a workspace with a single project in it, which does not have a linter configured yet. It can therefore go ahead and wire everything up for you! -
12
Static Analysis Tools for PHP
Docker image that provides static analysis tools for PHP
Docker image providing static analysis tools for PHP. The list of available tools and the installer is actually managed in the jakzal/toolbox repository. Docker image with quality analysis tools for PHP. To run the selected tool inside the container, you'll need to mount the project directory on the container with -v "$(pwd):/project". Some tools like to write to the /tmp directory (like PHPStan, or Behat in some cases), therefore it's often useful to share it between docker runs, i.e. with -v "$(pwd)/tmp-phpqa:/tmp". If you want to be able to interrupt the selected tool if it takes too much time to complete, you can use the --init option. Some tools are not included in the docker image, to use them refer to their documentation. Provides utilities to report legacy tests and usage of deprecated code. -
13
vscode-pull-request-github
GitHub Pull Requests for Visual Studio Code
This extension allows you to review and manage GitHub pull requests and issues in Visual Studio Code. The support includes authenticating and connecting VS Code to GitHub. GitHub Enterprise is supported by the community, please see this PR for how to set it up. Listing and browsing PRs from within VS Code. Reviewing PRs from within VS Code with in-editor commenting. Validating PRs from within VS Code with easy checkouts. Terminal integration that enables UI and CLIs to co-exist. Listing and browsing issues from within VS Code. Hover cards for "@" mentioned users and for issues. Completion suggestions for users and issues. A "Start working on issue" action which can create a branch for you. Code actions to create issues from "todo" comments. -
14
PHP dotenv
Loads environment variables automatically
You should never store sensitive credentials in your code. Storing configuration in the environment is one of the tenets of a twelve-factor app. Anything that is likely to change between deployment environments, such as database credentials or credentials for 3rd party services, should be extracted from the code into environment variables. Basically, a .env file is an easy way to load custom configuration variables that your application needs without having to modify .htaccess files or Apache/nginx virtual hosts. This means you won't have to edit any files outside the project, and all the environment variables are always set no matter how you run your project, Apache, Nginx, CLI, and even PHP's built-in webserver. It's WAY easier than all the other ways you know of to set environment variables, and you're going to love it! -
15
Semgrep
Lightweight static analysis for many languages
Static analysis at ludicrous speed. Find bugs and enforce code standards. Find and prevent security issues in Terraform, Docker, Kubernetes, nginx, and AWS configs before they go into production. Go beyond application code and protect the entire stack with a breadth of scanning capabilities. Don't leak secrets, scan every commit and ensure secrets don't make it to production. Protect the privileged CI/CD environment from malicious activity that could result in access to source code, secrets, and more. Run with registry rules or your own. Code is analyzed locally (not uploaded). Get results at ludicrous speed with diff-aware scans, review findings in MR and PR comments, and deploy Semgrep across your organization’s projects. Go beyond the registry with rules specific to your organization. Write rules to enforce your own code guardrails. -
16
Sentry
Cross-platform application monitoring and error tracking software
Sentry is a cross-platform, self-hosted error monitoring solution that helps software teams discover, monitor and fix errors in real-time. The most users and logs will have to provide are the clues, and Sentry provides the answers. Sentry offers enhanced application performance monitoring through information-laden stack traces. It lets you build better software faster and more efficiently by showing you all issues in one place and providing the trail of events that lead to errors. It also provides real-time monitoring and data visualization through dashboards. Sentry’s server is in Python, but its API enables for sending events from any language, in any application. More than fifty-thousand companies already ship better software faster thanks to Sentry; let yours be one of them! -
17
PHP Parser
A PHP parser written in PHP
This is a PHP 5.2 to PHP 8.0 parser written in PHP. Its purpose is to simplify static code analysis and manipulation. A parser is useful for static analysis, manipulation of code and basically any other application dealing with code programmatically. A parser constructs an Abstract Syntax Tree (AST) of the code and thus allows dealing with it in an abstract and robust way. As the parser is based on the tokens returned by token_get_all (which is only able to lex the PHP version it runs on), additionally a wrapper for emulating tokens from newer versions is provided. This allows to parse PHP 7.4 source code running on PHP 7.0, for example. This emulation is somewhat hacky and not perfect, but it should work well on any sane code. Support for pretty printing, which is the act of converting an AST into PHP code. Please note that "pretty printing" does not imply that the output is especially pretty. -
18
codeium-chrome
Free, ultrafast code autocomplete for Chrome
Free, ultrafast code autocomplete for Chrome. Codeium autocompletes your code with AI in all major IDEs. This includes web editors as well. The content attribute accepts a comma-separated list of supported editors. These currently include: "monaco" and "codemirror5". -
19
CLOC (Count Lines of Code)
Count lines of code in multiple languages with detailed statistics
cloc (Count Lines of Code) is a command-line tool that analyzes source code and reports the number of lines by language, distinguishing between code, comments, and blank lines. It supports hundreds of programming languages and is highly useful for estimating project size, comparing codebases, or tracking development progress. cloc can analyze entire directories, version control repositories, and even compressed archives. -
20
node-rs
Node.js bindings Rust crates
When Node.js meets Rust. Make rust crates binding to Node.js use napi-rs. -
21
pmd
An extensible multilanguage static code analyzer
PMD is a source code analyzer. It finds common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and so forth. It supports Java, JavaScript, Salesforce.com Apex and Visualforce, PLSQL, Apache Velocity, XML, and XSL. Additionally, it includes CPD, the copy-paste-detector. CPD finds duplicated code in Java, C, C++, C#, Groovy, PHP, Ruby, Fortran, JavaScript, PLSQL, Apache Velocity, Scala, Objective C, Matlab, Python, Go, Swift and Salesforce.com Apex, and Visualforce. It supports Java, JavaScript, Salesforce.com Apex and Visualforce, Modelica, PLSQL, Apache Velocity, XML, XSL, and Scala. Additionally, it includes CPD, the copy-paste-detector. CPD finds duplicated code in C/C++, C#, Dart, Fortran, Go, Groovy, Java, JavaScript, JSP, Kotlin, Lua, Matlab, Modelica, Objective-C, Perl, PHP, PLSQL, Python, Ruby, Salesforce.com Apex, Scala, Swift, Visualforce and XML. -
22
jscodeshift
A JavaScript codemod toolkit
jscodeshift is a toolkit for running codemods over multiple JavaScript or TypeScript files. It provides A runner, which executes the provided transform for each file passed to it. It also outputs a summary of how many files have (not) been transformed. A wrapper around recast, providing a different API. Recast is an AST-to-AST transform tool and also tries to preserve the style of original code as much as possible. As already mentioned, jscodeshift also provides a wrapper around recast. In order to properly use the jscodeshift API, one has to understand the basic building blocks of recast (and ASTs) as well. An AST node is a plain JavaScript object with a specific set of fields, in accordance with the Mozilla Parser API. The primary way to identify nodes is via their type. It's OK to not know the structure of every AST node type. The (esprima) AST explorer is an online tool to inspect the AST for a given piece of JS code. -
23
A general purpose source code indexer and cross-referencer that provides web-based browsing of source code with links to the definition and usage of any identifier. Supports multiple languages. Up-to-date information in http://lxr.sourceforge.net
-
24
AdaControl
Ada source code controller
A tool that detects the use of many constructs in Ada programs. Use it to control style or programming rules, but also as a powerful tool to search for use (or non-use) of various forms of programming styles or design patterns. -
25
Autograd
Efficiently computes derivatives of numpy code
Autograd can automatically differentiate native Python and Numpy code. It can handle a large subset of Python's features, including loops, ifs, recursion and closures, and it can even take derivatives of derivatives of derivatives. It supports reverse-mode differentiation (a.k.a. backpropagation), which means it can efficiently take gradients of scalar-valued functions with respect to array-valued arguments, as well as forward-mode differentiation, and the two can be composed arbitrarily. The main intended application of Autograd is gradient-based optimization. For more information, check out the tutorial and the examples directory. We can continue to differentiate as many times as we like, and use numpy's vectorization of scalar-valued functions across many different input values.
