The Top 306 Static Code Analysis Open Source Projects on Github

Awesome Open Source

Awesome Open Source

Combined Topics

static-code-analysis x

Advertising 📦 9

Application Programming Interfaces 📦 120

Applications 📦 181

Artificial Intelligence 📦 72

Blockchain 📦 70

Build Tools 📦 111

Cloud Computing 📦 79

Code Quality 📦 28

Collaboration 📦 30

Command Line Interface 📦 48

Community 📦 81

Companies 📦 60

Compilers 📦 60

Computer Science 📦 74

Configuration Management 📦 39

Content Management 📦 167

Control Flow 📦 197

Data Formats 📦 77

Data Processing 📦 266

Data Storage 📦 132

Economics 📦 60

Frameworks 📦 198

Graphics 📦 103

Hardware 📦 148

Integrated Development Environments 📦 47

Learning Resources 📦 147

Libraries 📦 119

Lists Of Projects 📦 21

Machine Learning 📦 336

Mapping 📦 61

Marketing 📦 15

Mathematics 📦 55

Messaging 📦 97

Networking 📦 304

Operating Systems 📦 84

Operations 📦 120

Package Managers 📦 52

Programming Languages 📦 229

Runtime Environments 📦 96

Science 📦 42

Security 📦 375

Social Media 📦 26

Software Architecture 📦 70

Software Development 📦 68

Software Performance 📦 57

Software Quality 📦 127

Text Editors 📦 45

Text Processing 📦 131

User Interface 📦 310

User Interface Components 📦 465

Version Control 📦 29

Virtualization 📦 68

Web Browsers 📦 38

Web Servers 📦 25

Web User Interface 📦 194

The Top 306 Static Code Analysis Open Source Projects on Github

Categories > Software Quality > Static Code Analysis

Standard ⭐ 26,378

🌟 JavaScript Style Guide, with linter & automatic code fixer

Eslint ⭐ 19,567

Find and fix problems in your JavaScript code.

Infer ⭐ 12,778

A static analyzer for Java, C, C++, and Objective-C

Rubocop ⭐ 11,577

A Ruby static code analyzer and formatter, based on the community Ruby style guide.

Phpstan ⭐ 10,482

PHP Static Analysis Tool - discover bugs in your code without running it!

Static Analysis ⭐ 9,253

⚙️ A curated list of static analysis (SAST) tools for all programming languages, config files, build tools, and more.

Checkstyle ⭐ 6,459

Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.

Semgrep ⭐ 5,613

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

Gosec ⭐ 5,574

Golang security checker

Phan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.

Datree ⭐ 5,184

Prevent Kubernetes misconfigurations from reaching production (again 😤 )! Datree is a CLI tool to ensure K8s manifests and Helm charts follow best practices as well as your organization’s policies. See our docs: https://hub.datree.io

Reviewdog ⭐ 4,433

🐶 Automated code review tool integrated with any code analysis tools regardless of programming language

Bandit ⭐ 3,717

Bandit is a tool designed to find common security issues in Python code.

Pylint ⭐ 3,709

It's not just a linter that annoys you!

An extensible multilanguage static code analyzer.

Pytype ⭐ 3,522

A static type analyzer for Python code

Revive ⭐ 3,077

🔥 ~6x faster, stricter, configurable, extensible, and beautiful drop-in replacement for golint

Nullaway ⭐ 3,031

A tool to help eliminate NullPointerExceptions (NPEs) in your Java code with low build-time overhead

Spotbugs ⭐ 2,549

SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.

Codelyzer ⭐ 2,435

Static analysis for Angular projects.

Codeclimate ⭐ 2,258

Code Climate CLI

Eslint Config Standard ⭐ 2,197

ESLint Config for JavaScript Standard Style

A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications

Gokart ⭐ 1,847

A static analysis tool for securing Go code

I18n Tasks ⭐ 1,746

Manage translation and localization with static analysis, for Ruby i18n

Flake8 ⭐ 1,666

flake8 is a python tool that glues together pycodestyle, pyflakes, mccabe, and third-party plugins to check the style and quality of some python code.

Rubberduck ⭐ 1,466

Every programmer needs a rubberduck. COM add-in for the VBA & VB6 IDE (VBE).

Kube Score ⭐ 1,454

Kubernetes object analysis with recommendations for improved reliability and security

Phpinspectionsea ⭐ 1,278

A Static Code Analyzer for PHP (a PhpStorm/Idea Plugin)

Tscancode ⭐ 921

A static code analyzer for C++, C#, Lua

Sonar Java ⭐ 844

☕️ SonarSource Static Analyzer for Java Code Quality and Security

Eslint Plugin Node ⭐ 814

Additional ESLint's rules for Node.js

Sonarjs ⭐ 765

SonarSource Static Analyzer for JavaScript and TypeScript

Stacoan ⭐ 719

StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.

Scalastyle ⭐ 657

Security Code Scan ⭐ 656

Vulnerability Patterns Detector for C# and VB.NET

Phpdoc Parser ⭐ 632

Next-gen phpDoc parser with support for intersection types and generics

Jackhammer ⭐ 599

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

Pep8speaks ⭐ 541

A GitHub app to automatically review Python code style over Pull Requests

Phpcs Security Audit ⭐ 538

phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code

Rubocop Rails ⭐ 531

A RuboCop extension focused on enforcing Rails best practices and coding conventions.

Sonar Dotnet ⭐ 511

Code analyzer for C# and VB.NET projects https://redirect.sonarsource.com/plugins/vbnet.html

Souffle ⭐ 511

Soufflé is a variant of Datalog for tool designers crafting analyses in Horn clauses. Soufflé synthesizes a native parallel C++ program from a logic specification.

T.J. Watson Libraries for Analysis, with frontends for Java, Android, and JavaScript, and may common static program analyses

Prealloc ⭐ 436

prealloc is a Go static analysis tool to find slice declarations that could potentially be preallocated.

Phpstan Symfony ⭐ 430

Symfony extension for PHPStan

Php Parser ⭐ 423

🌿 NodeJS PHP Parser - extract AST or tokens (PHP5 and PHP7)

Rubocop Performance ⭐ 420

An extension of RuboCop focused on code performance checks.

Eslint Config Standard React ⭐ 419

ESLint Shareable Config for React/JSX support in JavaScript Standard Style

Droidefense: Advance Android Malware Analysis Framework

Phpstan Doctrine ⭐ 391

Doctrine extensions for PHPStan

Kotlin Modular Tdd Coroutines Mvvm ⭐ 367

A sample Kotlin app which was built with modular structure, Kotlin DSL, Kotlin Coroutines, TDD and MVVM patterns.

Phpstan Strict Rules ⭐ 346

Extra strict and opinionated rules for PHPStan

Sharpen ⭐ 327

Visual Studio extension that intelligently introduces new C# features into your existing codebase

Sonar Php ⭐ 313

🐘 SonarPHP: PHP static analyzer for SonarQube & SonarLint

Awesome Standard ⭐ 302

Documenting the explosion of packages in the standard ecosystem!

Phpstan Phpunit ⭐ 286

PHPUnit extensions and rules for PHPStan

[LLVM Static Slicer] Various program analyses, construction of dependence graphs and program slicing of LLVM bitcode.

Warnings Ng Plugin ⭐ 278

Jenkins Warnings Plugin - Next Generation

Vue Eslint Parser ⭐ 277

The ESLint custom parser for `.vue` files.

Chronos ⭐ 270

Chronos - A static race detector for the go language

Eslint Plugin Markdown ⭐ 264

Lint JavaScript code blocks in Markdown documents

Tryceratops ⭐ 258

A linter to prevent exception handling antipatterns in Python (limited only for those who like dinosaurs).

Forbidden Apis ⭐ 240

Policeman's Forbidden API Checker

Progpilot ⭐ 221

A static analysis tool for security

Automatic test case generation for python and static analysis library

Phpstan Deprecation Rules ⭐ 189

PHPStan rules for detecting usage of deprecated classes, methods, properties, constants and traits.

Sputnik ⭐ 189

Static code review for your Gerrit patchsets. Runs Checkstyle, PMD, FindBugs, Scalastyle, CodeNarc, JSLint for you!

Tombstone ⭐ 186

Dead code detection with tombstones for PHP 🪦🧟

Static program analysis for TIP

Elm Review ⭐ 167

Analyzes Elm projects, to help find mistakes before your users find them.

Coveragechecker ⭐ 164

Allows old code to use new standards

Static code analysis for CFML (a linter)

Sonar Pmd ⭐ 159

☕️ PMD Plugin for SonarQube

Perl Critic ⭐ 154

The leading static analyzer for Perl. Configurable, extensible, powerful.

Walkmod Core ⭐ 151

walkmod: an open source tool to fix coding style issues

[DEPRECATED] Find Python web-app bugs delightfully fast, without changing your workflow. 🍱

A parser and static source code analyzer for PL/SQL and Oracle SQL.

Abaplint ⭐ 140

Standalone linter for ABAP

Wpbullet ⭐ 135

A static code analysis for WordPress (and PHP)

Fb Contrib ⭐ 128

a FindBugs/SpotBugs plugin for doing static code analysis for java code bases

Owasp Orizon ⭐ 127

Owasp Orizon is a source code static analyzer tool designed to spot security issues in Java applications.

Type Analyzer for JavaScript

Fastlint Issues ⭐ 124

FastLint finds & fixes bugs in your commits

Nsdepcop ⭐ 120

NsDepCop is a static code analysis tool that helps to enforce namespace dependency rules in C# projects. No more unplanned or unnoticed dependencies in your system.

Npgsql.fsharp.analyzer ⭐ 117

F# analyzer that provides embedded SQL syntax analysis, type-checking for parameters and result sets and nullable column detection when writing queries using Npgsql.FSharp.

Static call graph generator. The official Python 3 version. Development repo.

Unimport ⭐ 111

A linter, formatter for finding and removing unused import statements.

Functional, composable, asynchronous, type-safe Python.

Grepbugs ⭐ 106

A regex based source code scanner.

Phpstan Webmozart Assert ⭐ 104

PHPStan extension for webmozart/assert

Violations Lib ⭐ 104

Java library for parsing report files from static code analysis.

Codecharta ⭐ 104

CodeCharta visualizes multiple code metrics using 3D tree maps.

Rubocop Graphql ⭐ 100

Rubocop extension for enforcing graphql-ruby best practices

A static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development anti-patterns and footguns.

Nbsafety ⭐ 97

Fearless interactivity for Jupyter notebooks.

Codeclimate Duplication ⭐ 95

Code Climate engine for code duplication analysis

Static program analysis framework for Ethereum smart contract bytecode.

Aem Rules For Sonarqube ⭐ 86

SonarQube plugin with set of rules detecting possible bugs and bad smells specific for AEM development.

Eslint Config Standard Jsx ⭐ 85

ESLint Shareable Config for JSX support in JavaScript Standard Style

1-100 of 306 projects

Related Projects

Java Static Code Analysis Projects (66)

Linter Static Code Analysis Projects (65)

Static Analysis Code Projects (3)

Advertising 📦 9

Application Programming Interfaces 📦 120

Applications 📦 181

Artificial Intelligence 📦 72

Blockchain 📦 70

Build Tools 📦 111

Cloud Computing 📦 79

Code Quality 📦 28

Collaboration 📦 30

Command Line Interface 📦 48

Community 📦 81

Companies 📦 60

Compilers 📦 60

Computer Science 📦 74

Configuration Management 📦 39

Content Management 📦 167

Control Flow 📦 197

Data Formats 📦 77

Data Processing 📦 266

Data Storage 📦 132

Economics 📦 60

Frameworks 📦 198

Graphics 📦 103

Hardware 📦 148

Integrated Development Environments 📦 47

Learning Resources 📦 147

Libraries 📦 119

Lists Of Projects 📦 21

Machine Learning 📦 336

Mapping 📦 61

Marketing 📦 15

Mathematics 📦 55

Messaging 📦 97

Networking 📦 304

Operating Systems 📦 84

Operations 📦 120

Package Managers 📦 52

Programming Languages 📦 229

Runtime Environments 📦 96

Science 📦 42

Security 📦 375

Social Media 📦 26

Software Architecture 📦 70

Software Development 📦 68

Software Performance 📦 57

Software Quality 📦 127

Text Editors 📦 45

Text Processing 📦 131

User Interface 📦 310

User Interface Components 📦 465

Version Control 📦 29

Virtualization 📦 68

Web Browsers 📦 38

Web Servers 📦 25

Web User Interface 📦 194

"GitHub" is a registered trademark of GitHub, Inc. Awesome Open Source is not affiliated with GitHub.

All non readme contents or Github based topics or project metadata copyright Awesome Open Source 2018-2021