GitHub topics: static-code-analysis

Repositories

SonarSource/sonar-java

:coffee: SonarSource Static Analyzer for Java Code Quality and Security

Language: Java - Size: 67.8 MB - Last synced at: about 3 hours ago - Pushed at: about 5 hours ago - Stars: 1,181 - Forks: 700

phpstan/phpstan-nette

Nette Framework class reflection extension for PHPStan & framework-specific rules

Language: PHP - Size: 285 KB - Last synced at: about 5 hours ago - Pushed at: 18 days ago - Stars: 107 - Forks: 39

RalfKoban/MiKo-Analyzers

Provides analyzers that are based on the .NET Compiler Platform.

Language: C# - Size: 15.1 MB - Last synced at: about 22 hours ago - Pushed at: about 24 hours ago - Stars: 15 - Forks: 2

jenkinsci/analysis-model

A library to read static analysis reports into a Java object model

Language: Java - Size: 13.6 MB - Last synced at: about 24 hours ago - Pushed at: 1 day ago - Stars: 88 - Forks: 189

jenkinsci/warnings-ng-plugin

Jenkins Warnings Plugin - Next Generation

Language: Java - Size: 27.2 MB - Last synced at: about 24 hours ago - Pushed at: 1 day ago - Stars: 348 - Forks: 283

felipebz/zpa

Parser and static code analysis tool for PL/SQL and Oracle SQL.

Language: Kotlin - Size: 6.71 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 231 - Forks: 81

securego/gosec

Go security checker

Language: Go - Size: 5.14 MB - Last synced at: 1 day ago - Pushed at: 3 days ago - Stars: 8,444 - Forks: 657

DannyBen/rentacop

A more relaxed default set of RuboCop rules

Language: Ruby - Size: 36.1 KB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 1 - Forks: 0

Exlint/cli

Exlint CLI 📦️ Centralize coding standards across repositories in seconds.

Language: TypeScript - Size: 13.2 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 35 - Forks: 1

eclipse-pmd/eclipse-pmd Fork of acanda/eclipse-pmd

PMD Plugin for the Eclipse IDE

Language: Java - Size: 17.2 MB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 13 - Forks: 1

Ali5tan/bandit

Solutions and walkthroughs for OverTheWire: Bandit - learn Linux command-line basics through real hacking challenges.

Language: Shell - Size: 6.84 KB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 0 - Forks: 0

tnir/prospector Fork of prospector-dev/prospector

Inspects Python source files and provides information about type and location of classes, methods etc

Language: Python - Size: 1.94 MB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 0 - Forks: 0

PyCQA/bandit

Bandit is a tool designed to find common security issues in Python code.

Language: Python - Size: 5.64 MB - Last synced at: 1 day ago - Pushed at: 7 days ago - Stars: 7,311 - Forks: 685

sartcod/ruff

An extremely fast Python linter and code formatter, written in Rust.

Size: 19.5 KB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 0 - Forks: 0

SonarSource/sonar-dotnet

Code analyzer for C# and VB.NET projects

Language: C# - Size: 138 MB - Last synced at: 2 days ago - Pushed at: 3 days ago - Stars: 858 - Forks: 231

uber/NullAway

A tool to help eliminate NullPointerExceptions (NPEs) in your Java code with low build-time overhead

Language: Java - Size: 6.87 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 3,846 - Forks: 318

wala/WALA

T.J. Watson Libraries for Analysis, with frontends for Java, Android, and JavaScript, and may common static program analyses

Language: Java - Size: 58.6 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 814 - Forks: 237

eslint/eslint

Find and fix problems in your JavaScript code.

Language: JavaScript - Size: 48.3 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 26,246 - Forks: 4,792

Prevent Kubernetes misconfigurations from reaching production (again 😤 )! From code to cloud, Datree provides an E2E policy enforcement solution to run automatic checks for rule violations. See our docs: https://hub.datree.io

Language: Go - Size: 8.9 MB - Last synced at: 2 days ago - Pushed at: over 1 year ago - Stars: 6,360 - Forks: 362

SonarSource/sonar-php

:elephant: SonarPHP: PHP static analyzer for SonarQube & SonarLint

Language: Java - Size: 21.9 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 417 - Forks: 108

phpstan/phpdoc-parser

Next-gen phpDoc parser with support for intersection types and generics

Language: PHP - Size: 981 KB - Last synced at: about 19 hours ago - Pushed at: 9 days ago - Stars: 1,474 - Forks: 65

analysis-tools-dev/static-analysis

⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.

Language: Rust - Size: 40.9 MB - Last synced at: 3 days ago - Pushed at: 7 days ago - Stars: 14,092 - Forks: 1,400

soot-oss/SootUp

A new version of Soot with a completely overhauled architecture

Language: Java - Size: 321 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 731 - Forks: 97

spotbugs/spotbugs

SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.

Language: Java - Size: 140 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 3,733 - Forks: 630

mysticatea/eslint-plugin-node

Additional ESLint's rules for Node.js

Language: JavaScript - Size: 965 KB - Last synced at: 1 day ago - Pushed at: about 1 year ago - Stars: 962 - Forks: 180

phan/phan

Phan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.

Language: PHP - Size: 43.5 MB - Last synced at: 2 days ago - Pushed at: 5 days ago - Stars: 5,582 - Forks: 372

rubocop/rubocop

A Ruby static code analyzer and formatter, based on the community Ruby style guide.

Language: Ruby - Size: 47.9 MB - Last synced at: 3 days ago - Pushed at: 4 days ago - Stars: 12,777 - Forks: 3,085

coderaiser/putout

🐊 Pluggable and configurable JavaScript Linter, code transformer and formatter, drop-in ESLint superpower replacement 💪 with built-in support for js, jsx, typescript, markdown, yaml and json. Write declarative codemods in a simplest possible way 😏

Language: JavaScript - Size: 19.9 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 761 - Forks: 42

PyCQA/flake8

flake8 is a python tool that glues together pycodestyle, pyflakes, mccabe, and third-party plugins to check the style and quality of some python code.

Language: Python - Size: 3.56 MB - Last synced at: 4 days ago - Pushed at: about 1 month ago - Stars: 3,682 - Forks: 336

semgrep/semgrep

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

Language: OCaml - Size: 88.3 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 12,716 - Forks: 783

phpstan/phpstan-strict-rules

Extra strict and opinionated rules for PHPStan

Language: PHP - Size: 402 KB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 659 - Forks: 52

Feuermagier/autograder

Automatic grading of student's Java code

Language: Java - Size: 3.62 MB - Last synced at: about 19 hours ago - Pushed at: 19 days ago - Stars: 15 - Forks: 9

tiagoporto/limitlines

Lint and report number of lines by file.

Language: JavaScript - Size: 866 KB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 4 - Forks: 0

TWiStErRob/android-lint-examples

Project that reproduces every lint violation out there. (At least that's the idea, contributions welcome.)

Language: Java - Size: 862 KB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 7 - Forks: 1

Correia-jpv/fucking-static-analysis

⚙️ A curated list of static analysis (SAST) tools for all programming languages, config files, build tools, and more. With repository stars⭐ and forks🍴

Language: Rust - Size: 41.1 MB - Last synced at: 5 days ago - Pushed at: 6 days ago - Stars: 23 - Forks: 1

mebigfatguy/fb-contrib

a FindBugs/SpotBugs plugin for doing static code analysis for java code bases

Language: Java - Size: 12.1 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 163 - Forks: 44

Tekooo99/Sputnik

🚀 Build a visual language model for aerospace, enabling deep recognition, status analysis, and operational understanding of aircraft using specialized vocabulary.

Language: Python - Size: 29.3 KB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 0 - Forks: 0

astral-sh/ruff

An extremely fast Python linter and code formatter, written in Rust.

Language: Rust - Size: 89.2 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 42,322 - Forks: 1,525

biomejs/biome

A toolchain for web projects, aimed to provide functionalities to maintain them. Biome offers formatter and linter, usable via CLI and LSP.

Language: Rust - Size: 215 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 20,971 - Forks: 690

pmd/pmd

An extensible multilanguage static code analyzer.

Language: Java - Size: 512 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 5,208 - Forks: 1,528

reviewdog/reviewdog

🐶 Automated code review tool integrated with any code analysis tools regardless of programming language

Language: Go - Size: 5.41 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 8,688 - Forks: 457

eslint/markdown

Lint JavaScript code blocks in Markdown documents

Language: JavaScript - Size: 852 KB - Last synced at: 5 days ago - Pushed at: 6 days ago - Stars: 493 - Forks: 76

SonarSource/SonarJS

SonarSource Static Analyzer for JavaScript and TypeScript

Language: TypeScript - Size: 88.1 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 1,143 - Forks: 188

abaplint/abaplint

Standalone static analysis for ABAP

Language: TypeScript - Size: 78.1 MB - Last synced at: 4 days ago - Pushed at: 6 days ago - Stars: 242 - Forks: 78

goblint/analyzer

Static analysis framework for C

Language: OCaml - Size: 39.2 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 202 - Forks: 84

mgechev/revive

🔥 ~6x faster, stricter, configurable, extensible, and beautiful drop-in replacement for golint

Language: Go - Size: 6.54 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 5,288 - Forks: 305

pylint-dev/pylint

It's not just a linter that annoys you!

Language: Python - Size: 39.5 MB - Last synced at: 6 days ago - Pushed at: 7 days ago - Stars: 5,559 - Forks: 1,182

glebm/i18n-tasks

Manage translation and localization with static analysis, for Ruby i18n

Language: Ruby - Size: 3.01 MB - Last synced at: 4 days ago - Pushed at: 6 days ago - Stars: 2,135 - Forks: 273

pep8speaks-org/pep8speaks

A GitHub :octocat: app to automatically review Python code style over Pull Requests

Language: Python - Size: 4.74 MB - Last synced at: about 23 hours ago - Pushed at: 24 days ago - Stars: 619 - Forks: 87

gauge-sh/tach

A Python tool to visualize + enforce dependencies, using modular architecture 🌎 Open source 🐍 Installable via pip 🔧 Able to be adopted incrementally - ⚡ Implemented with no runtime impact ♾️ Interoperable with your existing systems 🦀 Written in rust

Language: Rust - Size: 23 MB - Last synced at: 3 days ago - Pushed at: 8 days ago - Stars: 2,458 - Forks: 68

JohT/code-graph-analysis-examples

Shows how to use the code-graph-analysis-pipeline based on examples

Size: 1.23 GB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 0 - Forks: 0

ccoVeille/golangci-lint-config-examples

These are .golangci.yml to go based on your need

Size: 53.7 KB - Last synced at: 3 days ago - Pushed at: 7 days ago - Stars: 29 - Forks: 1

tyhal/crie

Universal meta-linter using containerized execution

Language: Go - Size: 1.3 MB - Last synced at: 3 days ago - Pushed at: 7 days ago - Stars: 10 - Forks: 2

zhukovgreen/friendly-sequences

Friendly, Scala like, Sequence interface

Language: Python - Size: 59.6 KB - Last synced at: 5 days ago - Pushed at: 7 days ago - Stars: 11 - Forks: 0

checkstyle/checkstyle

Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.

Language: Java - Size: 199 MB - Last synced at: 7 days ago - Pushed at: 7 days ago - Stars: 8,670 - Forks: 3,844

openrewrite/rewrite-static-analysis

OpenRewrite recipes for identifying and fixing static analysis issues.

Language: Java - Size: 4.17 MB - Last synced at: 7 days ago - Pushed at: 7 days ago - Stars: 46 - Forks: 88

JetBrains/qodana-cli

🔧 JetBrains Qodana’s official command line tool

Language: Go - Size: 3.35 MB - Last synced at: 7 days ago - Pushed at: 7 days ago - Stars: 207 - Forks: 28

ipyflow/ipyflow

A reactive Python kernel for Jupyter notebooks.

Language: Python - Size: 23.2 MB - Last synced at: 4 days ago - Pushed at: about 1 month ago - Stars: 1,244 - Forks: 23

phpstan/phpstan-symfony

Symfony extension for PHPStan

Language: PHP - Size: 690 KB - Last synced at: 2 days ago - Pushed at: 7 days ago - Stars: 750 - Forks: 96

phpstan/phpstan-phpunit

PHPUnit extensions and rules for PHPStan

Language: PHP - Size: 334 KB - Last synced at: about 4 hours ago - Pushed at: 12 days ago - Stars: 504 - Forks: 50

phpstan/phpstan-mockery

PHPStan extension for Mockery

Language: PHP - Size: 144 KB - Last synced at: about 10 hours ago - Pushed at: 18 days ago - Stars: 95 - Forks: 19

realvizu/NsDepCop

NsDepCop is a static code analysis tool that enforces namespace and assembly dependency rules in C# projects.

Language: C# - Size: 16.7 MB - Last synced at: 2 days ago - Pushed at: 5 months ago - Stars: 216 - Forks: 32

facebook/infer

A static analyzer for Java, C, C++, and Objective-C

Language: OCaml - Size: 193 MB - Last synced at: 7 days ago - Pushed at: 7 days ago - Stars: 15,379 - Forks: 2,049

felipebz/zpa-cli

Command-line interface for ZPA.

Language: Kotlin - Size: 588 KB - Last synced at: 8 days ago - Pushed at: 8 days ago - Stars: 27 - Forks: 10

simonkowallik/irulescan

:shield: irulescan - security analyzer for iRules

Language: Rust - Size: 350 KB - Last synced at: 4 days ago - Pushed at: 2 months ago - Stars: 9 - Forks: 1

mccright/references

Collection of reusable references

Size: 1000 KB - Last synced at: 8 days ago - Pushed at: 8 days ago - Stars: 12 - Forks: 4

bolajiwahab/pgrubic

PostgreSQL linter and formatter for schema migrations and design best practices.

Language: Python - Size: 6.01 MB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 8 - Forks: 2

JohT/code-graph-analysis-pipeline

Fully automated pipeline for static code graph analysis

Language: Jupyter Notebook - Size: 1.96 GB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 23 - Forks: 1

phpstan/phpstan-deprecation-rules

PHPStan rules for detecting usage of deprecated classes, methods, properties, constants and traits.

Language: PHP - Size: 249 KB - Last synced at: 1 day ago - Pushed at: 18 days ago - Stars: 421 - Forks: 20

phpstan/phpstan-doctrine

Doctrine extensions for PHPStan

Language: PHP - Size: 1.15 MB - Last synced at: 9 days ago - Pushed at: 9 days ago - Stars: 640 - Forks: 108

phpstan/phpstan

PHP Static Analysis Tool - discover bugs in your code without running it!

Language: PHP - Size: 6.16 GB - Last synced at: 9 days ago - Pushed at: 9 days ago - Stars: 13,578 - Forks: 930

yamadashy/phpstan-friendly-formatter

🤝 A friendly error formatter extension for PHPStan that provides more readable and informative output, including code snippets and color highlighting.

Language: PHP - Size: 1.75 MB - Last synced at: 9 days ago - Pushed at: 4 months ago - Stars: 56 - Forks: 2

rubocop/rubocop-performance

An extension of RuboCop focused on code performance checks.

Language: Ruby - Size: 24.8 MB - Last synced at: 3 days ago - Pushed at: 10 days ago - Stars: 713 - Forks: 86

souffle-lang/souffle

Soufflé is a variant of Datalog for tool designers crafting analyses in Horn clauses. Soufflé synthesizes a native parallel C++ program from a logic specification.

Language: C++ - Size: 516 MB - Last synced at: 9 days ago - Pushed at: 3 months ago - Stars: 1,004 - Forks: 221

jborgers/PMD-jPinpoint-rules

PMD rule set for responsible Java and Kotlin coding: performance, sustainability, multi-threading, data mixup and more.

Language: Java - Size: 3 MB - Last synced at: 10 days ago - Pushed at: 10 days ago - Stars: 49 - Forks: 10

Bearer/bearer

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

Language: Go - Size: 23.6 MB - Last synced at: 10 days ago - Pushed at: 12 days ago - Stars: 2,389 - Forks: 128

qiniu/reviewbot

Empower Your Code Quality with Self-Hosted Automated Analysis and Review

Language: Go - Size: 5.03 MB - Last synced at: 3 days ago - Pushed at: about 1 month ago - Stars: 81 - Forks: 22

rubocop/rubocop-rails

A RuboCop extension focused on enforcing Rails best practices and coding conventions.

Language: Ruby - Size: 28.3 MB - Last synced at: 3 days ago - Pushed at: 18 days ago - Stars: 845 - Forks: 282

saleor/shellcheck-gha

Extracts and checks shell scripts in Github Workflows for potential issues using ShellCheck.

Language: Python - Size: 68.4 KB - Last synced at: 7 days ago - Pushed at: 10 days ago - Stars: 6 - Forks: 0

MaibornWolff/codecharta

CodeCharta is a visualization tool that transforms complex software architecture and code metrics into interactive, customizable visual maps, empowering everyone to communicate and analyze your codebase. Improve code quality, maintainability, and architectural decisions

Language: TypeScript - Size: 109 MB - Last synced at: 7 days ago - Pushed at: 7 days ago - Stars: 325 - Forks: 41

securesauce/precli

Precaution CLI - command line static application security testing tool

Language: Python - Size: 2.54 MB - Last synced at: 10 days ago - Pushed at: 11 days ago - Stars: 25 - Forks: 3

slackhq/compose-lints

Lint checks to aid with a healthy adoption of Compose

Language: Kotlin - Size: 4.27 MB - Last synced at: 9 days ago - Pushed at: 10 days ago - Stars: 450 - Forks: 31

JetBrains/Qodana

📝 Source repository of Qodana Help

Size: 249 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 398 - Forks: 80

jvillard/infer Fork of facebook/infer

A static analyzer for Java, C and Objective-C

Language: OCaml - Size: 170 MB - Last synced at: 11 days ago - Pushed at: 11 days ago - Stars: 3 - Forks: 1

standard/standard

🌟 JavaScript Style Guide, with linter & automatic code fixer

Language: JavaScript - Size: 3.58 MB - Last synced at: 12 days ago - Pushed at: 2 months ago - Stars: 29,349 - Forks: 2,322

ckaznocha/intrange

intrange is a program for checking for loops that could use the Go 1.22 integer range feature.

Language: Go - Size: 229 KB - Last synced at: 12 days ago - Pushed at: 12 days ago - Stars: 34 - Forks: 2

ballerina-platform/static-code-analysis-tool

Tool for performing static code analysis for Ballerina projects.

Language: Java - Size: 5.96 MB - Last synced at: 12 days ago - Pushed at: 12 days ago - Stars: 3 - Forks: 8

opalj/opal

Language: Scala - Size: 740 MB - Last synced at: 10 days ago - Pushed at: 10 days ago - Stars: 65 - Forks: 32

pylint-dev/astroid

A common base representation of python source code for pylint and other projects

Language: Python - Size: 16.8 MB - Last synced at: 13 days ago - Pushed at: 13 days ago - Stars: 554 - Forks: 301

stefmolin/build-your-own-simple-static-code-analyzer-talk

Slides for my PyCon Lithuania 2025 keynote "Build Your Own (Simple) Static Code Analyzer"

Size: 993 KB - Last synced at: 9 days ago - Pushed at: 14 days ago - Stars: 0 - Forks: 0

baikaishuipp/jcci

Java code commit impact, java code change impact analysis，java代码改动影响范围分析工具，精准测试，回归测试范围划定

Language: Python - Size: 1.75 MB - Last synced at: 2 days ago - Pushed at: 9 months ago - Stars: 325 - Forks: 56

mgechev/codelyzer

Static analysis for Angular projects.

Language: TypeScript - Size: 17.7 MB - Last synced at: 7 days ago - Pushed at: 15 days ago - Stars: 2,458 - Forks: 237

muttistefano/ros2_sonarcloud

ROS2 code quality tool based on sonarcloud

Language: Python - Size: 2.47 MB - Last synced at: 15 days ago - Pushed at: 15 days ago - Stars: 5 - Forks: 0

nohype-ai/Codeface

Mac App for Architecture Analytics

Language: Swift - Size: 154 MB - Last synced at: about 4 hours ago - Pushed at: about 1 month ago - Stars: 49 - Forks: 4

praetorian-inc/gokart 📦

A static analysis tool for securing Go code

Language: Go - Size: 189 KB - Last synced at: 2 days ago - Pushed at: over 1 year ago - Stars: 2,174 - Forks: 107

JetBrains/qodana-action

⚙️ Scan your Go, Java, Kotlin, PHP, Python, JavaScript, TypeScript, .NET projects at GitHub with Qodana. This repository contains Qodana for Azure, GitHub, CircleCI and Gradle

Language: JavaScript - Size: 20.5 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 289 - Forks: 42

prayas7102/NodejsSecurify

NodejsSecurify is an advanced NPM package designed to enhance the security of Node.js applications using AI/ML models. It provides a comprehensive set of security features and analysis capabilities to identify potential vulnerabilities and enforce best practices in accordance with OWASP guidelines.

Language: TypeScript - Size: 1.06 MB - Last synced at: 9 days ago - Pushed at: 10 months ago - Stars: 6 - Forks: 5