Showing 34 open source projects for "source code static anala"

View related business solutions
  • Our Free Plans just got better! | Auth0 Icon
    Our Free Plans just got better! | Auth0

    With up to 25k MAUs and unlimited Okta connections, our Free Plan lets you focus on what you do best—building great apps.

    You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
    Try free now
  • Secure File Transfer for Windows with Cerberus by Redwood Icon
    Secure File Transfer for Windows with Cerberus by Redwood

    Protect and share files over FTP/S, SFTP, HTTPS and SCP with the #1 rated Windows file transfer server.

    Cerberus supports unlimited users and connections on a single IP, with built-in encryption, 2FA, and a browser-based web client — all deployable in under 15 minutes with a 25-day free trial.
    Try for Free
  • 1
    Static Analysis Tools for PHP

    Static Analysis Tools for PHP

    Docker image that provides static analysis tools for PHP

    Docker image providing static analysis tools for PHP. The list of available tools and the installer is actually managed in the jakzal/toolbox repository. Docker image with quality analysis tools for PHP. To run the selected tool inside the container, you'll need to mount the project directory on the container with -v "$(pwd):/project". Some tools like to write to the /tmp directory (like PHPStan, or Behat in some cases), therefore it's often useful to share it between docker runs, i.e. with...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 2
    Tencent Cloud Code Analysis

    Tencent Cloud Code Analysis

    Static code analysis

    Tencent Cloud Code Analysis (TCA for short, used internally by the R&D code CodeDog ) is a cloud-native, distributed, high-performance comprehensive code analysis and tracking platform that integrates many analysis tools, including server, web and client The three components have integrated a number of self-developed tools, and also support the dynamic integration of analysis tools of various programming languages ​​in the industry. Obtain the Tencent Cloud code analysis platform by...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 3
    HTMLHint

    HTMLHint

    The static code analysis tool you need for your HTML

    Static code analysis tool you need for your HTML. By default, htmlhint looks for a .htmlhintrc file in the current directory and all parent directories and applies its rules when parsing a file.
    Downloads: 5 This Week
    Last Update:
    See Project
  • 4
    SonarQube

    SonarQube

    Continuous inspection

    SonarQube empowers all developers to write cleaner and safer code. Thousands of automated Static Code Analysis rules, protecting your app on multiple fronts, and guiding your team. Catch tricky bugs to prevent undefined behavior from impacting end-users. Fix vulnerabilities that compromise your app, and learn AppSec along the way with Security Hotspots. Make sure your codebase is clean and maintainable, to increase developer velocity! We embrace progress - whether it's multi-language...
    Downloads: 47 This Week
    Last Update:
    See Project
  • Go from Code to Production URL in Seconds Icon
    Go from Code to Production URL in Seconds

    Cloud Run deploys apps in any language instantly. Scales to zero. Pay only when code runs.

    Skip the Kubernetes configs. Cloud Run handles HTTPS, scaling, and infrastructure automatically. Two million requests free per month.
    Try it free
  • 5
    PHP Parser

    PHP Parser

    A PHP parser written in PHP

    This is a PHP 5.2 to PHP 8.0 parser written in PHP. Its purpose is to simplify static code analysis and manipulation. A parser is useful for static analysis, manipulation of code and basically any other application dealing with code programmatically. A parser constructs an Abstract Syntax Tree (AST) of the code and thus allows dealing with it in an abstract and robust way. As the parser is based on the tokens returned by token_get_all (which is only able to lex the PHP version it runs on), additionally a wrapper for emulating tokens from newer versions is provided. ...
    Downloads: 2 This Week
    Last Update:
    See Project
  • 6
    eslint-plugin-jsx-a11y

    eslint-plugin-jsx-a11y

    Static AST checker for a11y rules on JSX elements

    Static AST checker for accessibility rules on JSX elements. This plugin does a static evaluation of the JSX to spot accessibility issues in React apps. Because it only catches errors in static code, use it in combination with axe-core/react to test the accessibility of the rendered DOM. Consider these tools just as one step of a larger a11y testing process and always test your apps with assistive technology. If you installed ESLint globally (using the -g flag in npm, or the global prefix in...
    Downloads: 9 This Week
    Last Update:
    See Project
  • 7
    Flow

    Flow

    A static type checker for JavaScript

    Flow is a static type checker for JavaScript. It was designed to help improve code quality and developer productivity. It does this through several smart capabilities. First, it identifies problems as you code, so you no longer have to waste time guessing and checking again and again. Second, it understands your code and makes its knowledge available, allowing you to build other smart tools on top of it. Third, it helps you refactor safely so you can focus on the changes you want to make and...
    Downloads: 11 This Week
    Last Update:
    See Project
  • 8
    Semgrep

    Semgrep

    Lightweight static analysis for many languages

    Static analysis at ludicrous speed. Find bugs and enforce code standards. Find and prevent security issues in Terraform, Docker, Kubernetes, nginx, and AWS configs before they go into production. Go beyond application code and protect the entire stack with a breadth of scanning capabilities. Don't leak secrets, scan every commit and ensure secrets don't make it to production.
    Downloads: 8 This Week
    Last Update:
    See Project
  • 9
    pytype

    pytype

    A static type analyzer for Python code

    pytype is a static type analyzer that checks and infers types for Python code without executing it, catching errors at “compile time” and generating actionable diagnostics. It grew alongside Python typing at Google and can understand both inline annotations and unannotated code via powerful inference. The tool consumes stub files (.pyi) for the standard library and third-party packages (from typeshed and its own built-ins), enabling accurate checks even in large, mixed-quality codebases....
    Downloads: 0 This Week
    Last Update:
    See Project
  • $300 Free Credits for Your Google Cloud Projects Icon
    $300 Free Credits for Your Google Cloud Projects

    Start building on Google Cloud with $300 in free credits. No commitment, no credit card required until you're ready to scale.

    Launch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.
    Start Free Trial
  • 10
    Deptrac

    Deptrac

    Keep your architecture clean.

    Deptrac is a static analysis tool for PHP that helps maintain architectural boundaries within codebases. It analyzes dependencies between classes and ensures that code follows predefined architectural rules. Deptrac is useful for preventing unwanted couplings, enforcing clean code architecture, and detecting violations early during development.
    Downloads: 8 This Week
    Last Update:
    See Project
  • 11
    Joern

    Joern

    Open-source code analysis platform for C/C++/Java/Binary/Javascript

    Joern is a platform for analyzing source code, bytecode, and binary executables. It generates code property graphs (CPGs), a graph representation of code for cross-language code analysis. Code property graphs are stored in a custom graph database. This allows code to be mined using search queries formulated in a Scala-based domain-specific query language. Joern is developed with the goal of providing a useful tool for vulnerability discovery and research in static program analysis.
    Downloads: 4 This Week
    Last Update:
    See Project
  • 12
    Infer

    Infer

    A static analyzer for Java, C, C++, and Objective-C

    Infer is a static analysis tool - if you give Infer some Java or C/C++/Objective-C code it produces a list of potential bugs. Anyone can use Infer to intercept critical bugs before they have shipped to users, and help prevent crashes or poor performance. Infer checks for null pointer exceptions, resource leaks, annotation reachability, missing lock guards, and concurrency race conditions in Android and Java code. Infer checks for null pointer dereferences, memory leaks, coding conventions...
    Downloads: 2 This Week
    Last Update:
    See Project
  • 13
    Larastan

    Larastan

    Adds code analysis to Laravel improving developer productivity

    Larastan was created by Can Vural and Nuno Maduro, got artwork designed by @Caneco, is maintained by Can Vural, Nuno Maduro, and Viktor Szépe, and is a PHPStan wrapper for Laravel. Larastan focuses on finding errors in your code. It catches whole classes of bugs even before you write tests for the code.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 14
    OpenRewrite

    OpenRewrite

    Automated mass refactoring of source code

    The OpenRewrite project is a mass source code refactoring ecosystem. Reduce 1000s of hours of static code analysis fixes to minutes. Turn a four-month migration project into four hours of work. Patch security vulnerabilities across 100s of repositories at once. OpenRewrite automates code refactoring and remediation tasks for you, enabling developers to deliver more business value.
    Downloads: 2 This Week
    Last Update:
    See Project
  • 15
    pmd

    pmd

    An extensible multilanguage static code analyzer

    PMD is a source code analyzer. It finds common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and so forth. It supports Java, JavaScript, Salesforce.com Apex and Visualforce, PLSQL, Apache Velocity, XML, and XSL. Additionally, it includes CPD, the copy-paste-detector. CPD finds duplicated code in Java, C, C++, C#, Groovy, PHP, Ruby, Fortran, JavaScript, PLSQL, Apache Velocity, Scala, Objective C, Matlab, Python, Go, Swift and Salesforce.com Apex,...
    Downloads: 12 This Week
    Last Update:
    See Project
  • 16
    eslint-plugin-import

    eslint-plugin-import

    ESLint plugin with rules that help validate proper imports.

    This plugin intends to support linting of ES2015+ (ES6+) import/export syntax, and prevent issues with misspelling of file paths and import names. All the goodness that the ES2015+ static module syntax intends to provide, is marked up in your editor. The maintainers of eslint-plugin-import and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open-source dependencies you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact dependencies you use. ...
    Downloads: 10 This Week
    Last Update:
    See Project
  • 17
    Pyright

    Pyright

    Static type checker for Python

    Pyright is a fast type checker meant for large Python source bases. It can run in a “watch” mode and performs fast incremental updates when files are modified. Pyright supports configuration files that provide granular control over settings. Different “execution environments” can be associated with subdirectories within a source base. Each environment can specify different module search paths, python language versions, and platform targets. Type inference for function return values, instance...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 18
    Application Inspector

    Application Inspector

    A source code analyzer built for surfacing features of interest

    Microsoft Application Inspector is a software source code characterization tool that helps identify coding features of first or third party software components based on well-known library/API calls and is helpful in security and non-security use cases. It uses hundreds of rules and regex patterns to surface interesting characteristics of source code to aid in determining what the software is or what it does from what file operations it uses, encryption, shell operations, cloud API's, frameworks and more and has received industry attention as a new and valuable contribution to OSS on ZDNet, SecurityWeek, CSOOnline, Linux.com/news, HelpNetSecurity, Twitter and more and was first featured on Microsoft.com. ...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 19

    cppcheck

    Static source code analysis tool for C and C++ code

    Static analysis of C/C++ code. Checks for: memory leaks, mismatching allocation-deallocation, buffer overrun, and many more. The goal is 0% false positives. See http://cppcheck.sourceforge.net for more information.
    Leader badge
    Downloads: 304 This Week
    Last Update:
    See Project
  • 20
    nodejsscan

    nodejsscan

    nodejsscan is a static security code scanner for Node.js applications

    Static security code scanner (SAST) for Node.js applications powered by libsast and semgrep. nodejsscan is a static security code scanner for Node.js applications.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 21
    JSHint

    JSHint

    A tool that helps to detect errors and in your JavaScript code

    JSHint is a community-driven tool that detects errors and potential problems in JavaScript code. Since JSHint is so flexible, you can easily adjust it in the environment you expect your code to execute. JSHint is publicly available and will always stay this way. The project aims to help JavaScript developers write complex programs without worrying about typos and language gotchas. Any code base eventually becomes huge at some point, so simple mistakes, that would not show themselves when...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 22
    Code-warrior

    Code-warrior

    Just another manual code analysis tool and static analysis tool.

    Just another manual code analysis tool and static analysis tool. https://github.com/CoolerVoid/codewarrior
    Downloads: 6 This Week
    Last Update:
    See Project
  • 23
    Luacheck

    Luacheck

    A tool for linting and static analysis of Lua code

    Luacheck is a static analyzer and a linter for Lua. Luacheck detects various issues such as usage of undefined global variables, unused variables and values, accessing uninitialized variables, unreachable code and more. Most aspects of checking are configurable: there are options for defining custom project-related globals, for selecting set of standard globals (version of Lua standard library), for filtering warnings by type and name of related variable, etc. The options can be used on the...
    Downloads: 11 This Week
    Last Update:
    See Project
  • 24
    Qt Creator Cppcheck integration plugin

    Qt Creator Cppcheck integration plugin

    Qt Creator Cppcheck integration plugin

    Allows to use Cppcheck static analyzer tool in Qt Creator IDE. Sources can be obtained here: https://github.com/OneMoreGres/qtc-cppcheck IMPORTANT: plugin's version must match Qt Creator's version (difference in last digit is acceptable) Then plugin must be enabled in Help->Modules menu.
    Downloads: 2 This Week
    Last Update:
    See Project
  • 25
    PhpDependencyAnalysis

    PhpDependencyAnalysis

    Static code analysis to find violations in a dependency graph

    PhpDependencyAnalysis is an extendable static code analysis for object-oriented PHP-Projects to generate dependency graphs from abstract datatypes (Classes, Interfaces and Traits) based on namespaces. Dependencies can be aggregated to build graphs for several levels, like Package-Level or Layer-Level. Each dependency can be verified to a defined architecture.
    Downloads: 0 This Week
    Last Update:
    See Project
  • Previous
  • You're on page 1
  • 2
  • Next