static-code-analysis

There are 74 repositories under static-code-analysis topic.

• standard / standard

  🌟 JavaScript Style Guide, with linter & automatic code fixer

  eslintjavascriptlinterstyle-guidestatic-code-analysisdevelopmentecmascriptstandardes6nodejs
  Language:JavaScript 28046

• eslint / eslint

  Find and fix problems in your JavaScript code.

  ecmascripteslintjavascriptlinterstatic-code-analysis
  Language:JavaScript 22451

• facebook / infer

  A static analyzer for Java, C, C++, and Objective-C

  static-analysisstatic-code-analysiscode-qualityjavaccppobjective-c
  Language:OCaml 13916

• rubocop / rubocop

  A Ruby static code analyzer and formatter, based on the community Ruby style guide.

  rubyrubocoplinterstatic-code-analysiscode-formatterhacktoberfest
  Language:Ruby 12188

• phpstan / phpstan

  PHP Static Analysis Tool - discover bugs in your code without running it!

  phpstanstatic-analysisphpphp7testingstatic-code-analysisstatic-analyzer
  Language:PHP 11783

• charliermarsh / ruff

  An extremely fast Python linter, written in Rust.

  linterpep8pythonpython3rustrustpythonstatic-analysisstatic-code-analysisstyle-guidestyleguideruff
  Language:Rust 11374
• static-analysis

  analysis-tools-dev / static-analysis

  ⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.

  analysisawesome-listcode-qualitylintersaststatic-analysisstatic-analyzersstatic-code-analysis
  Language:Rust 11091
• semgrep

  returntocorp / semgrep

  Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

  cgojavajavascriptpythonr2crubysastsemgrepstatic-analysisstatic-code-analysistypescript
  Language:OCaml 7934
• checkstyle

  checkstyle / checkstyle

  Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.

  javastatic-code-analysiscommand-line-toolstatic-analysiscode-quality
  Language:Java 7635

• securego / gosec

  Golang security checker

  golangsecuritysecurity-automationsecurity-toolsstatic-analysisstatic-code-analysis
  Language:Go 6705
• datree

  datreeio / datree

  Prevent Kubernetes misconfigurations from reaching production (again 😤 )! From code to cloud, Datree provides an E2E policy enforcement solution to run automatic checks for rule violations. See our docs: https://hub.datree.io

  kubernetespolicyguardrailbest-practicesclistatic-code-analysisdatreeadmission-webhookdevopspolicy-managementsecurity
  Language:Go 6214
• reviewdog

  reviewdog / reviewdog

  🐶 Automated code review tool integrated with any code analysis tools regardless of programming language

  lintergolintcicode-reviewgithubgitlabcodereviewclicode-qualitystatic-analysisstatic-code-analysisbitbucket
  Language:Go 6198

• phan / phan

  Phan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.

  phpstatic-analysisphananalysisanalyzerstatic-code-analysis
  Language:PHP 5402

• PyCQA / bandit

  Bandit is a tool designed to find common security issues in Python code.

  linterbanditsecurity-toolssecurity-scannersecuritystatic-code-analysispython
  Language:Python 5083

• pylint-dev / pylint

  It's not just a linter that annoys you!

  static-analysislinterstatic-code-analysiscode-qualitypep8closemberhacktoberfest
  Language:Python 4604

• pmd / pmd

  An extensible multilanguage static code analyzer.

  code-analysiscode-qualitystatic-analysisstatic-code-analysislinterjavaapexplsqlswift
  Language:Java 4213

• google / pytype

  A static type analyzer for Python code

  pythontypingtypecheckerlintertypesstatic-analysisstatic-code-analysis
  Language:Python 4169
• revive

  mgechev / revive

  🔥 ~6x faster, stricter, configurable, extensible, and beautiful drop-in replacement for golint

  gogolanglinterstatic-analysisgolintstatic-code-analysishacktoberfest
  Language:Go 4147

• uber / NullAway

  A tool to help eliminate NullPointerExceptions (NPEs) in your Java code with low build-time overhead

  javastatic-analysisandroidnullabilitynullability-analysisstatic-code-analysis
  Language:Java 3308

• spotbugs / spotbugs

  SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.

  code-analysisfindbugshacktoberfestlinterstatic-analysisstatic-code-analysis
  Language:Java 3008

• PyCQA / flake8

  flake8 is a python tool that glues together pycodestyle, pyflakes, mccabe, and third-party plugins to check the style and quality of some python code.

  pythonpython3static-analysisstatic-code-analysislinterlinter-flake8stylelintstyleguidestyle-guideflake8pep8complexity-analysis
  Language:Python 2730
• codelyzer

  mgechev / codelyzer

  Static analysis for Angular projects.

  codelyzerangulartslintlintingstatic-code-analysisstyle-guideangular-cli
  Language:TypeScript 2443

• standard / eslint-config-standard

  ESLint Config for JavaScript Standard Style

  developmentecmascriptes6eslintjavascriptlinterstandardstatic-code-analysisstyle-guidenodejs
  Language:JavaScript 2426

• codeclimate / codeclimate

  Code Climate CLI

  climate-cliqualitycode-qualitystatic-analysisstatic-code-analysiscodeclimatecodeclimate-enginedocker
  Language:Ruby 2389
• kube-score

  zegl / kube-score

  Kubernetes object analysis with recommendations for improved reliability and security

  kuberneteslintercigohelmchartsstatic-code-analysiskube-scoresecuritysecurity-scannerautomationkubernetes-monitoringanalysis
  Language:Go 2203

• python-security / pyt

  A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications

  pytcontrol-flow-graphstatic-analysispythonpython3securitystatic-code-analysisprogram-analysisfixed-pointfixed-point-analysisdataflowdataflow-analysistainttaint-analysisabstract-syntax-treeabstract-syntaxflask
  Language:Python 2117
• gokart

  praetorian-inc / gokart

  A static analysis tool for securing Go code

  golangsecuritystatic-code-analysisstatic-analysissecurity-tools
  Language:Go 2093

• glebm / i18n-tasks

  Manage translation and localization with static analysis, for Ruby i18n

  static-analysisstatic-code-analysisrubyi18ntranslation-management
  Language:Ruby 1877

• ronami / HypeScript

  🐬 A simplified implementation of TypeScript's type system written in TypeScript's type system

  examplefunctional-programminglearningparserrecursionstatic-code-analysistype-systemtypescript
  Language:TypeScript 1816

• rubberduck-vba / Rubberduck

  Every programmer needs a rubberduck. COM add-in for the VBA & VB6 IDE (VBE).

  vbac-sharpidemetaprogrammingstatic-code-analysisrefactoringsunit-testingvba-ideindentationparsingdot-netcomcom-interopwin32ms-officelinteraddinparsing-expression-grammarvb6hacktoberfest
  Language:C# 1739

• Tencent / TscanCode

  A static code analyzer for C++, C#, Lua

  static-code-analysisluacppcsharp
  Language:C++ 1639

• kalessil / phpinspectionsea

  A Static Code Analyzer for PHP (a PhpStorm/Idea Plugin)

  phpstormphpstatic-analysisphp7awesomeintellijintellij-pluginstatic-code-analysisstatic-analyzerphpstorm-pluginjava
  Language:Java 1375

• twitter / compose-rules

  Static checks to aid with a healthy adoption of Compose

  androidjetpack-composektlintstatic-code-analysis
  Language:Kotlin 1198

• SonarSource / sonar-java

  :coffee: SonarSource Static Analyzer for Java Code Quality and Security

  analysisanalyzerjavalanguage-teamqualitysonarcloudsonarlintsonarqubestatic-analysisstatic-analyzerstatic-code-analysis
  Language:Java 1000

• phpstan / phpdoc-parser

  Next-gen phpDoc parser with support for intersection types and generics

  phpstanstatic-analysisphpphp7testingstatic-code-analysisstatic-analyzerphpdoc
  Language:PHP 978
• bearer

  Bearer / bearer

  Code security scanning tool (SAST) that discover, filter and prioritize security risks and vulnerabilities leading to sensitive data exposures (PII, PHI, PD).

  appseccompliancedevsecopsdevsecops-toolssecuritysecurity-toolsdataflowgdprprivacysaststatic-code-analysisvulnerabilitysecurity-auditsecurity-scannervulnerabilitiescode-qualitystatic-analysissecurity-automationowasp
  Language:C 921