Open Source Linux Static Code Analysis Tools - Page 3
Sort By:
Static Code Analysis Tools for Linux
View 18 business solutions-
Go from Code to Production URL in SecondsSkip the Kubernetes configs. Cloud Run handles HTTPS, scaling, and infrastructure automatically. Two million requests free per month.
-
Train ML Models With SQL You Already KnowBuild and deploy ML models using familiar SQL. Automate data prep with built-in Gemini. Query 1 TB and store 10 GB free monthly.
-
1
Twitter's Jetpack Compose Rules
Static checks to aid with a healthy adoption of Compose
Twitter Compose Rules is a set of custom ktlint rules to ensure that your compostables don't fall into common pitfalls, that might be easy to miss in code reviews. It can be challenging for big teams to start adopting Compose, particularly because not everyone will start at the same time or with the same patterns. Twitter tried to ease the pain by creating a set of Compose static checks. Compose has lots of superpowers but also has a bunch of foot guns to be aware of as seen in this Twitter Thread. This is where our static checks come in. We want to detect as many potential issues as we can, as quickly as we can. In this case, we want an error to show prior to engineers having to review the code. Similar to other static check libraries we hope this leads to a "don't shoot the messengers" philosophy which will foster healthy Compose adoption. -
2
Highly customizable CASE-Tool for static code analysis based on software metrics with additional support for easy interpretation and Agile Development (evolutionary design).
-
3
WALA
Libraries for Analysis, with frontends for Java, Android, and JS
The T. J. Watson Libraries for Analysis (WALA) provide static analysis capabilities for Java bytecode and related languages and for JavaScript. The system is licensed under the Eclipse Public License, which has been approved by the OSI (Open Source Initiative) as a fully certified open-source license. The initial WALA infrastructure was independently developed as part of the DOMO research project at the IBM T.J. Watson Research Center. In 2006, IBM donated the software to the community. The WALA publications department is populating this wiki with technical documentation on a demand-driven basis, driven by questions posted to the wala-wala mailing list and also Gitter. -
4
codecat
static code analysis, to find/track sinks and bugs
CodeCat is a open source tool to help you in static code analysis, to find/track sinks and bugs, this points follow regex rules... -
99.99% Uptime for MySQL and PostgreSQL DatabasesCloud SQL Enterprise Plus delivers near-zero downtime with 35 days of point-in-time recovery. Supports MySQL, PostgreSQL, and SQL Server.
-
5
codelyzer
Static analysis for Angular projects
A set of tslint rules for static code analysis of Angular TypeScript projects. (If you are using ESLint check out the new angular-eslint repository.). You can run the static code analyzer over web apps, NativeScript, Ionic, etc. Note that by default all components are aligned with the style guide so you won't see any errors in the console. Codelyzer supports any template and style language by custom hooks. If you're using Sass for instance, you can allow codelyzer to analyze your styles by creating a file .codelyzer.js in the root of your project (where the node_modules directory is). In the configuration file can implement custom pre-processing and template resolution logic. Lint rules encode logic for syntactic & semantic checks of TypeScript, HTML, CSS and Angular expressions source code. -
6
i18n-tasks
Manage translation and localization with static analysis, for Ruby i18
Manage translation and localization with static analysis, for Ruby i18n. i18n-tasks helps you find and manage missing and unused translations. This gem analyses code statically for key usages, such as I18n.t('some.key'), in order to report keys that are missing or unused. Pre-fill missing keys, optionally from Google Translate or DeepL Pro. Remove unused keys. Thus addressing the two main problems of i18n gem design, missing keys only blow up at runtime. i18n-tasks can be used with any project using the ruby i18n gem (default in Rails). i18n-tasks health checks if any keys are missing or not used, that interpolations variables are consistent across locales, and that all the locale files are normalized (auto-formatted). -
7
kube-score
Kubernetes object analysis with recommendations
Kubernetes object analysis with recommendations for improved reliability and security. kube-score is a tool that does static code analysis of your Kubernetes object definitions. The output is a list of recommendations of what you can improve to make your application more secure and resilient. kube-score is open-source and available under the MIT-license. Container limits (should be set) Pod is targeted by a NetworkPolicy, both egress and ingress rules are recommended. Deployments and StatefulSets should have a PodDisruptionPolicy. Deployments and StatefulSets should have host PodAntiAffinity configured. For container probes, a readiness should be configured, and should not be identical to the liveness probe. Read more in README_PROBES.md. Container securityContext, run as a high number user/group, do not run as root or with privileged root fs. Read more in README_SECURITYCONTEXT.md. Stable APIs, use a stable API if available (supported: Deployments, StatefulSets, DaemonSet) -
8
lintr
Static Code Analysis for R
lintr is a static code analysis tool for R that identifies syntax errors, style inconsistencies, and other potential issues in R scripts and packages. It supports customizable lint rules and integrates with many editors to provide realtime feedback and enforce coding standards (e.g., tidyverse style). -
9
ngrev
Tool for reverse engineering of Angular applications
Graphical tool for reverse engineering of Angular projects. It allows you to navigate in the structure of your application and observe the relationship between the different modules, providers, and directives. The tool performs static code analysis which means that you don't have to run your application in order to use it. ngrev is not maintained by the Angular team. It's a side project developed by the open-source community. The application is not signed, so you may have to explicitly allow your mac to run it in System Preferences. You can add your own theme by creating a [theme-name].theme.json file in Electron [userData]/themes. For a sample theme see Dark. Your application needs to be compatible with Angular Ivy compiler. ngrev is not tested with versions older than v11. To stay up to date check the update guide on angular.io. -
Gemini 3 and 200+ AI Models on One PlatformBuild generative AI apps with Vertex AI. Switch between models without switching platforms.
-
10
phpcs-security-audit v3
A set of PHP_CodeSniffer rules that finds vulnerabilities
phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code. It currently has core PHP rules as well as Drupal 7-specific rules. The tool also checks for CVE issues and security advisories related to the CMS/framework. This enables you to follow the versioning of components during static code analysis. The main reason for this project being an extension of PHP_CodeSniffer is to have easy integration into continuous integration systems. It also allows for finding security bugs that are not detected with some object-oriented analysis (such as PHPMD). phpcs-security-audit in its beginning was backed by Pheromone (later on named Floe Design + Technologies) and written by Jonathan Marcil. Requires PHP CodeSniffer version 3.1.0 or higher with PHP 5.4 or higher. -
11
pkgdown
Generate static html documentation for an R package
pkgdown is an R package (by the r-lib group) whose purpose is to generate static websites (HTML) for R packages, automatically converting a package’s help files, vignettes, README, NEWS, etc., into a documentation website. It helps package authors share their documentation online with minimal friction. It supports custom templates, themes, and configuration. pkgdown 2.0.0 includes an upgrade from Bootstrap 3 to Bootstrap 5, which is accompanied by a whole bunch of minor UI improvements. If you’ve heavily customised your site, there’s a small chance that this will break your site, so everyone needs to explicitly opt in to the upgrade. -
12
reviewdog
Automated code review tool integrated with any code analysis tools
I’d like to introduce reviewdog! An automated code review tool working with any lint tools and supports local run as well. “reviewdog” provides a way to post review comments to code hosting services, such as GitHub, automatically by integrating with any linter tools with ease. It uses any output of lint tools, with translation if required, and posts them as a comment if the file and line are in diff of patches to review. reviewdog also supports running in a local environment to filter the output of lint tools by diff. We can use various linters and static code analysis tools to detect such problems in local machines, editors, CI services. However, here is the problem. Static analysis tools may report false-positive results. Reporting false-positive results itself is ok, but due to the false-positive results we cannot make build fail and it becomes difficult for us to find true positive results from messed up analysis results. -
13
revive Static Code
6x faster, stricter, configurable, and extensible
Fast, configurable, extensible, flexible, and beautiful linter for Go. Drop-in replacement of golint. Revive provides a framework for the development of custom rules, and lets you define a strict preset for enhancing your development & code review processes. Fast & extensible static code analysis framework for Go. Allows us to enable or disable rules using a configuration file. Allows us to configure the linting rules with a TOML file. 2x faster running the same rules as golint. Provides functionality for disabling a specific rule or the entire linter for a file or a range of lines. golint allows this only for generated files. Optional type checking. Most rules in golint do not require type-checking. If you disable them in the config file, revive will run over 6x faster than golint. Provides multiple formats which let us customize the output. Allows us to customize the return code for the entire linter or based on the failure of only some rules. -
14
torque - Automation Testing Tool
Automation unit testing tool for C & C++ on Linux platform
1. What is torque Torque is automation testing tool which is used for C and C++ application in Linux platform. It covers major testing areas such as Unit Testing, Functional Testing and Regression Testing. Two major sections of the testing area like memory management and code coverage is accomplished by open source tools, such as, • Valgrind -- Memory Management • Lcov -- Code Coverage • splint -- Static Code Analysis 2. Supported Platform • Linux operating system on Intel x86 architecture • Linux operating system on Intel x86_64 architecture
