Awesome Open Source
Awesome Open Source
Combined Topics
static-code-analysis
x
Advertising
📦 10
All Projects
Application Programming Interfaces
📦 124
Applications
📦 192
Artificial Intelligence
📦 78
Blockchain
📦 73
Build Tools
📦 113
Cloud Computing
📦 80
Code Quality
📦 28
Collaboration
📦 32
Command Line Interface
📦 49
Community
📦 83
Companies
📦 60
Compilers
📦 63
Computer Science
📦 80
Configuration Management
📦 42
Content Management
📦 175
Control Flow
📦 213
Data Formats
📦 78
Data Processing
📦 276
Data Storage
📦 135
Economics
📦 64
Frameworks
📦 215
Games
📦 129
Graphics
📦 110
Hardware
📦 152
Integrated Development Environments
📦 49
Learning Resources
📦 166
Legal
📦 29
Libraries
📦 129
Lists Of Projects
📦 22
Machine Learning
📦 347
Mapping
📦 64
Marketing
📦 15
Mathematics
📦 55
Media
📦 239
Messaging
📦 98
Networking
📦 315
Operating Systems
📦 89
Operations
📦 121
Package Managers
📦 55
Programming Languages
📦 245
Runtime Environments
📦 100
Science
📦 42
Security
📦 396
Social Media
📦 27
Software Architecture
📦 72
Software Development
📦 72
Software Performance
📦 58
Software Quality
📦 133
Text Editors
📦 49
Text Processing
📦 136
User Interface
📦 330
User Interface Components
📦 514
Version Control
📦 30
Virtualization
📦 71
Web Browsers
📦 42
Web Servers
📦 26
Web User Interface
📦 210
The Top 96 Static Code Analysis Open Source Projects
Categories
>
Software Quality
>
Static Code Analysis
Standard
⭐
24,978
🌟 JavaScript Style Guide, with linter & automatic code fixer
Eslint
⭐
17,763
Find and fix problems in your JavaScript code.
Infer
⭐
11,983
A static analyzer for Java, C, C++, and Objective-C
Rubocop
⭐
11,250
A Ruby static code analyzer and formatter, based on the community Ruby style guide.
Phpstan
⭐
9,529
PHP Static Analysis Tool - discover bugs in your code without running it!
Static Analysis
⭐
8,171
A curated list of static analysis (SAST) tools for all programming languages, config files, build tools, and more.
Checkstyle
⭐
5,757
Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.
Phan
⭐
4,996
Phan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.
Gosec
⭐
3,901
Golang security checker
Pmd
⭐
3,230
An extensible multilanguage static code analyzer.
Pylint
⭐
3,173
It's not just a linter that annoys you!
Pytype
⭐
3,075
A static type analyzer for Python code
Bandit
⭐
2,933
Bandit is a tool designed to find common security issues in Python code.
Reviewdog
⭐
2,919
🐶 Automated code review tool integrated with any code analysis tools regardless of programming language
Nullaway
⭐
2,881
A tool to help eliminate NullPointerExceptions (NPEs) in your Java code with low build-time overhead
Semgrep
⭐
2,704
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
Revive
⭐
2,494
🔥 ~6x faster, stricter, configurable, extensible, and beautiful drop-in replacement for golint
Larastan
⭐
2,407
⚗️ Adds static analysis to Laravel improving developer productivity and code quality
Codelyzer
⭐
2,396
Static analysis for Angular projects.
Spotbugs
⭐
2,168
SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
Codeclimate
⭐
2,150
Code Climate CLI
Eslint Config Standard
⭐
2,038
ESLint Config for JavaScript Standard Style
Pyt
⭐
2,008
A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
I18n Tasks
⭐
1,667
Manage translation and localization with static analysis, for Ruby i18n
Rubberduck
⭐
1,245
Every programmer needs a rubberduck. COM add-in for the VBA & VB6 IDE (VBE).
Phpinspectionsea
⭐
1,187
A Static Code Analyzer for PHP (a PhpStorm/Idea Plugin)
Tscancode
⭐
1,091
A static code analyzer for C++, C#, Lua
Flake8
⭐
1,065
The official GitHub mirror of https://gitlab.com/pycqa/flake8
Kube Score
⭐
1,064
Kubernetes object analysis with recommendations for improved reliability and security
Eslint Plugin Node
⭐
727
Additional ESLint's rules for Node.js
Sonar Java
⭐
720
☕️ SonarSource Static Analyzer for Java Code Quality and Security
Stacoan
⭐
693
StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
Scalastyle
⭐
678
scalastyle
Sonarjs
⭐
671
SonarSource Static Analyzer for JavaScript and TypeScript
Jackhammer
⭐
630
Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
Pep8speaks
⭐
541
A GitHub app to automatically review Python code style over Pull Requests
Phpdoc Parser
⭐
531
Next-gen phpDoc parser with support for intersection types and generics
Security Code Scan
⭐
516
Vulnerability Patterns Detector for C# and VB.NET
Phpcs Security Audit
⭐
512
phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code
Sonar Dotnet
⭐
457
Code analyzer for C# and VB.NET projects https://redirect.sonarsource.com/plugins/vbnet.html
Rubocop Rails
⭐
420
A RuboCop extension focused on enforcing Rails best practices and coding conventions.
Prealloc
⭐
413
prealloc is a Go static analysis tool to find slice declarations that could potentially be preallocated.
Eslint Config Standard React
⭐
411
ESLint Shareable Config for React/JSX support in JavaScript Standard Style
Souffle
⭐
401
Soufflé is a variant of Datalog for tool designers crafting analyses in Horn clauses. Soufflé synthesizes a native parallel C++ program from a logic specification.
Engine
⭐
385
Droidefense: Advance Android Malware Analysis Framework
Php Parser
⭐
384
🌿 NodeJS PHP Parser - extract AST or tokens (PHP5 and PHP7)
Wala
⭐
383
T.J. Watson Libraries for Analysis
Sharpen
⭐
341
Visual Studio extension that intelligently introduces new C# features into your existing codebase
Phpstan Symfony
⭐
341
Symfony extension for PHPStan
Rubocop Performance
⭐
323
An extension of RuboCop focused on code performance checks.
Phpstan Doctrine
⭐
315
Doctrine extensions for PHPStan
Awesome Standard
⭐
294
Documenting the explosion of packages in the standard ecosystem!
Phpstan Strict Rules
⭐
285
Extra strict and opinionated rules for PHPStan
Sonar Php
⭐
284
🐘 SonarPHP: PHP static analyzer for SonarQube & SonarLint
Chronos
⭐
272
Chronos - A static race detector for the go language
Warnings Ng Plugin
⭐
238
Jenkins Warnings Plugin - Next Generation
Dg
⭐
235
[LLVM Static Slicer] Various program analyses, construction of dependence graphs and program slicing of LLVM bitcode.
Eslint Plugin Markdown
⭐
235
Lint JavaScript code blocks in Markdown documents
Phpstan Phpunit
⭐
235
PHPUnit extensions and rules for PHPStan
Vue Eslint Parser
⭐
223
The ESLint custom parser for `.vue` files.
Progpilot
⭐
220
A static analysis tool for security
Forbidden Apis
⭐
215
Policeman's Forbidden API Checker
Sputnik
⭐
188
Static code review for your Gerrit patchsets. Runs Checkstyle, PMD, FindBugs, Scalastyle, CodeNarc, JSLint for you!
Tombstone
⭐
170
Dead code detection with tombstones for PHP 🪦🧟
Coveragechecker
⭐
158
Allows old code to use new standards
Phpstan Deprecation Rules
⭐
155
PHPStan rules for detecting usage of deprecated classes, methods, properties, constants and traits.
Cflint
⭐
151
Static code analysis for CFML (a linter)
Walkmod Core
⭐
151
walkmod: an open source tool to fix coding style issues
Perl Critic
⭐
148
The leading static analyzer for Perl. Configurable, extensible, powerful.
Wpbullet
⭐
147
A static code analysis for WordPress (and PHP)
Bento
⭐
147
[DEPRECATED] Find Python web-app bugs delightfully fast, without changing your workflow. 🍱
Tajs
⭐
143
Type Analyzer for JavaScript
Sonar Pmd
⭐
139
☕️ PMD Plugin for SonarQube
Tip
⭐
132
Static program analysis for TIP
Owasp Orizon
⭐
129
Owasp Orizon is a source code static analyzer tool designed to spot security issues in Java applications.
Feram
⭐
122
Feram finds & fixes bugs in your commits
Fb Contrib
⭐
121
a FindBugs/SpotBugs plugin for doing static code analysis for java code bases
Grepbugs
⭐
116
A regex based source code scanner.
Nsdepcop
⭐
108
NsDepCop is a static code analysis tool that helps to enforce namespace dependency rules in C# projects. No more unplanned or unnoticed dependencies in your system.
Abaplint
⭐
103
Standalone linter for ABAP
Drek
⭐
100
A static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development anti-patterns and footguns.
Npgsql.fsharp.analyzer
⭐
97
F# analyzer that provides embedded SQL syntax analysis, type-checking for parameters and result sets and nullable column detection when writing queries using Npgsql.FSharp.
Violations Lib
⭐
92
Java library for parsing report files from static code analysis.
Unimport
⭐
91
A linter, formatter for finding and removing unused import statements.
Sourcecodesniffer
⭐
87
The Source Code Sniffer is a poor man’s static code analysis tool (SCA) that leverages regular expressions. Designed to highlight high risk functions (Injection, LFI/RFI, file uploads etc) across multiple languages (ASP, Java, CSharp, PHP, Perl, Python, JavaScript, HTML etc) in a highly configurable manner.
Codecharta
⭐
85
CodeCharta visualizes multiple code metrics using 3D tree maps.
Eslint Config Standard Jsx
⭐
79
ESLint Shareable Config for JSX support in JavaScript Standard Style
Pest
⭐
77
🐞 Primitive Erlang Security Tool
Maven Examples
⭐
72
List of Maven examples
Pfun
⭐
69
Functional, composable, asynchronous, type-safe Python.
Whispers
⭐
66
Identify hardcoded secrets and dangerous behaviours
Hydiomatic
⭐
65
The Hy Transformer
Devreplay
⭐
36
A linter that replay your developing style
Cfmt
⭐
28
cfmt is a tool to wrap Go comments over a certain length to a new line.
Rubocop Packaging
⭐
27
A RuboCop extension focused on enforcing upstream best practices and coding conventions.
Eslint Plugin
⭐
19
ESLint configurations and additional rules for me
1-96 of 96 projects
Advertising
📦 10
All Projects
Application Programming Interfaces
📦 124
Applications
📦 192
Artificial Intelligence
📦 78
Blockchain
📦 73
Build Tools
📦 113
Cloud Computing
📦 80
Code Quality
📦 28
Collaboration
📦 32
Command Line Interface
📦 49
Community
📦 83
Companies
📦 60
Compilers
📦 63
Computer Science
📦 80
Configuration Management
📦 42
Content Management
📦 175
Control Flow
📦 213
Data Formats
📦 78
Data Processing
📦 276
Data Storage
📦 135
Economics
📦 64
Frameworks
📦 215
Games
📦 129
Graphics
📦 110
Hardware
📦 152
Integrated Development Environments
📦 49
Learning Resources
📦 166
Legal
📦 29
Libraries
📦 129
Lists Of Projects
📦 22
Machine Learning
📦 347
Mapping
📦 64
Marketing
📦 15
Mathematics
📦 55
Media
📦 239
Messaging
📦 98
Networking
📦 315
Operating Systems
📦 89
Operations
📦 121
Package Managers
📦 55
Programming Languages
📦 245
Runtime Environments
📦 100
Science
📦 42
Security
📦 396
Social Media
📦 27
Software Architecture
📦 72
Software Development
📦 72
Software Performance
📦 58
Software Quality
📦 133
Text Editors
📦 49
Text Processing
📦 136
User Interface
📦 330
User Interface Components
📦 514
Version Control
📦 30
Virtualization
📦 71
Web Browsers
📦 42
Web Servers
📦 26
Web User Interface
📦 210