Search Results for "Open Source Discovery Open Source & DevTools"
Sort By:
Showing 63 open source projects for "Open Source Discovery Open Source & DevTools"
View related business solutions-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
Enterprise-grade ITSM, for every businessFreshservice is an intuitive, AI-powered platform that helps IT, operations, and business teams deliver exceptional service without the usual complexity. Automate repetitive tasks, resolve issues faster, and provide seamless support across the organization. From managing incidents and assets to driving smarter decisions, Freshservice makes it easy to stay efficient and scale with confidence.
-
1
SonarQube
Continuous inspection
SonarQube empowers all developers to write cleaner and safer code. Thousands of automated Static Code Analysis rules, protecting your app on multiple fronts, and guiding your team. Catch tricky bugs to prevent undefined behavior from impacting end-users. Fix vulnerabilities that compromise your app, and learn AppSec along the way with Security Hotspots. Make sure your codebase is clean and maintainable, to increase developer velocity! We embrace progress - whether it's multi-language... -
2
PHPStan
Dscover bugs in your code without running it!
PHPStan finds bugs in your code without writing tests. It's open-source and free. PHPStan scans your whole codebase and looks for both obvious & tricky bugs. Even in those rarely executed if statements that certainly aren't covered by tests. You can run it on your machine and in CI to prevent those bugs ever reaching your customers in production. Thanks to rule levels you don't get overwhelmed with thousands of errors on the first run. -
3
SpotBugs
A tool for static analysis to look for bugs in Java code
SpotBugs is a program that uses static analysis to look for bugs in Java code. It is free software, distributed under the terms of the GNU Lesser General Public License. SpotBugs is a fork of FindBugs (which is now an abandoned project), carrying on from the point where it left off with the support of its community. Please check the official manual for details. SpotBugs requires JRE (or JDK) 1.8.0 or later to run. However, it can analyze programs compiled for any version of Java, from 1.0 to... -
4
Ruff
An extremely fast Python linter, written in Rust
...Ruff can be used to replace Flake8 (plus dozens of plugins), isort, pydocstyle, yesqa, eradicate, pyupgrade, and autoflake, all while executing tens or hundreds of times faster than any individual tool. Ruff is extremely actively developed and used in major open-source projects. Ruff can be configured through a pyproject.toml, ruff.toml, or .ruff.toml file (see: Configuration, or Settings for a complete list of all configuration options). Ruff supports over 500 lint rules, many of which are inspired by popular tools like Flake8, isort, pyupgrade, and others. Regardless of the rule's origin, Ruff re-implements every rule in Rust as a first-party feature. -
Go From AI Idea to AI App FastAccess Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
-
5
Pylint
It's not just a linter that annoys you!
Pylint is a static code analyzer for Python 2 or 3. The latest version supports Python 3.7.2 and above. Pylint analyses your code without actually running it. It checks for errors, enforces a coding standard, looks for code smells, and can make suggestions about how the code could be refactored. Projects that you might want to use alongside pylint include flake8 (faster and simpler checks with very few false positives), mypy, pyright or pyre (typing checks), bandit (security-oriented... -
6
BemiDB
Postgres read replica optimized for analytics
BemiDB is a high-performance, key-value database designed for efficient data retrieval and storage, optimized for applications requiring fast read and write operations. -
7
WALA
Libraries for Analysis, with frontends for Java, Android, and JS
...Watson Libraries for Analysis (WALA) provide static analysis capabilities for Java bytecode and related languages and for JavaScript. The system is licensed under the Eclipse Public License, which has been approved by the OSI (Open Source Initiative) as a fully certified open-source license. The initial WALA infrastructure was independently developed as part of the DOMO research project at the IBM T.J. Watson Research Center. In 2006, IBM donated the software to the community. The WALA publications department is populating this wiki with technical documentation on a demand-driven basis, driven by questions posted to the wala-wala mailing list and also Gitter. -
8
Bandit
Bandit is a tool designed to find common security issues in Python
Bandit is a tool designed to find common security issues in Python code. To do this, Bandit processes each file, builds an AST from it, and runs appropriate plugins against the AST nodes. Once Bandit has finished scanning all the files, it generates a report. Bandit was originally developed within the OpenStack Security Project and later rehomed to PyCQA. -
9
kube-score
Kubernetes object analysis with recommendations
Kubernetes object analysis with recommendations for improved reliability and security. kube-score is a tool that does static code analysis of your Kubernetes object definitions. The output is a list of recommendations of what you can improve to make your application more secure and resilient. kube-score is open-source and available under the MIT-license. Container limits (should be set) Pod is targeted by a NetworkPolicy, both egress and ingress rules are recommended. Deployments and StatefulSets should have a PodDisruptionPolicy. Deployments and StatefulSets should have host PodAntiAffinity configured. For container probes, a readiness should be configured, and should not be identical to the liveness probe. ... -
Build Securely on AWS with Proven FrameworksMoving to the cloud brings new challenges. How can you manage a larger attack surface while ensuring great network performance? Turn to Fortinet’s Tested Reference Architectures, blueprints for designing and securing cloud environments built by cybersecurity experts. Learn more and explore use cases in this white paper.
-
10
PHP Parser
A PHP parser written in PHP
This is a PHP 5.2 to PHP 8.0 parser written in PHP. Its purpose is to simplify static code analysis and manipulation. A parser is useful for static analysis, manipulation of code and basically any other application dealing with code programmatically. A parser constructs an Abstract Syntax Tree (AST) of the code and thus allows dealing with it in an abstract and robust way. As the parser is based on the tokens returned by token_get_all (which is only able to lex the PHP version it runs on),... -
11
HLint
Haskell source code suggestions
HLint is a linter for Haskell that suggests stylistic improvements and potential simplifications in Haskell code. It parses Haskell source files and provides hints to refactor code for better readability, maintainability, or performance. HLint is highly configurable and supports custom rules, integrations with CI tools, and editor plugins. It is widely used in the Haskell ecosystem for maintaining consistent code standards. -
12
HTMLHint
The static code analysis tool you need for your HTML
Static code analysis tool you need for your HTML. By default, htmlhint looks for a .htmlhintrc file in the current directory and all parent directories and applies its rules when parsing a file. -
13
RuboCop Rails
A RuboCop extension focused on enforcing Rails best practices
A RuboCop extension focused on enforcing Rails best practices and coding conventions. It’s based on the community-driven Rails style guide. You need to tell RuboCop to load the Rails extension. Now you can run rubocop and it will automatically load the RuboCop Rails cops together with the standard cops. If you are using Rails 6.1 or newer, add the following config.generators.after_generate setting to your config/application.rb to apply RuboCop autocorrection to code generated by bin/rails g.... -
14
mobsfscan
Static analysis tool that can find insecure code patterns in code
mobsfscan is a fast and powerful static analysis tool for identifying security vulnerabilities in mobile app source code. It supports Android, iOS, and Flutter codebases and helps developers secure apps before deployment. -
15
bearer
Code security scanning tool (SAST) to discover security risks
Welcome to the Bearer documentation. Bearer is a static application security testing (SAST) tool that scans your source code and analyzes your data flows to discover, filter and prioritize security risks and vulnerabilities leading to sensitive data exposures (PII, PHI, PD). We provides built-in rules against a common set of security risks and vulnerabilities, known as OWASP Top 10. Leakage of sensitive data through cookies, internal loggers, third-party logging services, and into analytics... -
16
lintr
Static Code Analysis for R
lintr is a static code analysis tool for R that identifies syntax errors, style inconsistencies, and other potential issues in R scripts and packages. It supports customizable lint rules and integrates with many editors to provide realtime feedback and enforce coding standards (e.g., tidyverse style). -
17
tfsec
Security scanner for your Terraform code
tfsec is a static analysis security scanner for your Terraform code. Designed to run locally and in your CI pipelines, developer-friendly output and fully documented checks mean detection and remediation can take place as quickly and efficiently as possible. tfsec takes a developer-first approach to scanning your Terraform templates; using static analysis and deep integration with the official HCL parser it ensures that security issues can be detected before your infrastructure changes take... -
18
Code Quality and Security for C#
Code analyzer for C# and VB.NET projects
Sonar offers a single cohesive solution with a consistent set of metrics and hundreds of static analysis rules to detect your coding issues early. Plus fast and high-precision analysis means high value, low noise, and reliable results always. A single solution for dozens of popular languages, development frameworks and IaC platforms. Our powerful language-specific analysis not only detects coding issues but also helps you understand what's wrong and how to fix it. Our publicly available... -
19
detekt Kotlin
Static code analysis for Kotlin
...Enjoy static analysis on Android, JVM, JS, Native, and Multiplatform projects out of the box. detekt can be easily extended with custom rules that help you track and fix anti-patterns in your codebase. detekt is entirely open-source and developed by the community. Join us on GitHub and help us shape the future of this tool. -
20
AWS SigV4 Library
AWS library to sign AWS HTTP requests with Signature Version 4
...This library can optionally be used by applications sending direct HTTP requests to AWS services requiring SigV4 authentication. This library has no dependencies on any additional libraries other than the standard C library. This library is distributed under the MIT Open Source License. This library has gone through code quality checks including verification that no function has a GNU Complexity score over 8, and checks against deviations from mandatory rules in the MISRA coding standard. Deviations from the MISRA C:2012 guidelines are documented under MISRA Deviations. This library has also undergone static code analysis using Coverity static analysis, and validation of memory safety through the CBMC automated reasoning tool. -
21
PHP CS Fixer
A tool to automatically fix PHP Coding Standards issues
PHP-CS-Fixer is a tool that automatically fixes coding standards issues in PHP files. It helps developers maintain consistent coding style by applying rules defined by PHP-FIG (PSR standards) or custom configuration. It is widely used in CI/CD pipelines to enforce style conformity and reduce code review overhead. -
22
PHPDoc-Parser for PHPStan
Next-gen phpDoc parser with support for intersection types
Next-generation phpDoc parser with support for intersection types and generics. This project adheres to a Contributor Code of Conduct. By participating in this project and its community, you are expected to uphold this code. Initially you need to run composer install or composer update in case you aren't working in a folder that was built before. Afterward, you can either run the whole build including linting and coding standards. -
23
Credo
A static code analysis tool for the Elixir language
Credo is a static code analysis and linting tool for the Elixir language, with an emphasis on promoting code consistency, teaching best practices, and helping developers identify refactoring opportunities, style inconsistencies, and potentially problematic code patterns. Elixir plugin for JetBrains IDEs (IntelliJ IDEA, Rubymine, PHPStorm, PyCharm, etc). Checks your code from style to security, duplication, complexity, and also integrates with coverage. -
24
RuboCop Performance
An extension of RuboCop focused on code performance checks
Performance optimization analysis for your projects, as an extension to RuboCop. You need to tell RuboCop to load the Performance extension. Now you can run rubocop and it will automatically load the RuboCop Performance cops together with the standard cops. You need to tell RuboCop to load the Performance extension. Now you can run rubocop and it will automatically load the RuboCop Performance cops together with the standard cops. -
25
gosec
Golang security checker
A project devoted to secure programming in the Go language. Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with the License. You can integrate third-party code analysis tools with GitHub code scanning by uploading data as SARIF files. The workflow shows an example of running the gosec as a step in a GitHub action workflow that outputs the results.sarif file. The workflow then uploads the results.sarif file to GitHub using the...
