Search Results for "CI/CD"

...Go beyond application code and protect the entire stack with a breadth of scanning capabilities. Don't leak secrets, scan every commit and ensure secrets don't make it to production. Protect the privileged CI/CD environment from malicious activity that could result in access to source code, secrets, and more. Run with registry rules or your own. Code is analyzed locally (not uploaded). Get results at ludicrous speed with diff-aware scans, review findings in MR and PR comments, and deploy Semgrep across your organization’s projects. Go beyond the registry with rules specific to your organization. ...

Deptrac is a static analysis tool for PHP that helps maintain architectural boundaries within codebases. It analyzes dependencies between classes and ensures that code follows predefined architectural rules. Deptrac is useful for preventing unwanted couplings, enforcing clean code architecture, and detecting violations early during development.

SonarQube empowers all developers to write cleaner and safer code. Thousands of automated Static Code Analysis rules, protecting your app on multiple fronts, and guiding your team. Catch tricky bugs to prevent undefined behavior from impacting end-users. Fix vulnerabilities that compromise your app, and learn AppSec along the way with Security Hotspots. Make sure your codebase is clean and maintainable, to increase developer velocity! We embrace progress - whether it's multi-language...

...The tool consumes stub files (.pyi) for the standard library and third-party packages (from typeshed and its own built-ins), enabling accurate checks even in large, mixed-quality codebases. Developers can run pytype locally or wire it into CI to prevent regressions and track tightening type discipline over time. Because pytype infers types, it’s useful during gradual typing, surfacing mismatches, missing attributes, or unsafe unions before runtime. Documentation and a user guide detail configuration, supported features, and how inference interacts with modern Python idioms.

ShellCheck is a GPLv3 tool that provides warnings and possible suggestions for bash/sh shell scripts. ShellCheck finds bugs in your shell scripts. You can cabal, apt, dnf, pkg or brew install it locally right now. ShellCheck highlights and clarifies typical beginner's syntax mistakes and issues that cause a shell to give a cryptic error message. It shows typical intermediate level semantic problems that cause a shell to behave in a abnormally and counter-intuitively. It can also discover...

...PHP_CodeSniffer requires PHP version 5.4.0 or greater, although individual sniffs may have additional requirements such as external applications and scripts. See the Configuration Options manual page for a list of these requirements. If you're using PHP_CodeSniffer as part of a team, or you're running it on a CI server, you may want to configure your project's settings using a configuration file. If you use PEAR, you can install PHP_CodeSniffer using the PEAR installer. This will make the phpcs and phpcbf commands immediately available for use.

esprint (pronounced E-S-sprint) speeds up eslint by running the linting engine across multiple threads. esprint sets up a server daemon to cache the lint status of each file in memory. It uses a watcher to determine when files change, to only lint files as necessary. It also has a CI mode where it does not set up a daemon and just lints in parallel. In order to use esprint, first place an .esprintrc file in the root directory your project. This is similar to a .flowconfig if you use flow types. The .esprintrc file describes which paths to lint and which paths to ignore. You can also override the port to start the background server on. esprint will find the root of your project automatically and lint the whole project. ...

...Tools to write business logics including: DI, IoC, runtime type validation. Linting with eslint + stylelint. jest for unit tests and testcafe for end-to-end testing. docker optional support for development, testing, and production. Gitlab CI with full test and deploy pipeline configured by default. Meaningful docs, covering almost every aspect of the project, including jsdoc annotations. Full vscode support and list of suggested settings and plugins. Easy update process, so your template will always be up-to-date.

TODOs is a small command-line utility to search TODO, FIXME and similar comments in project files. It is written in Python 3 and licensed under the terms of GNU GPL 3 license. Supported output formats are TXT, HTML and XML.