Topic: "static-code-analysis"
astral-sh/ruff
An extremely fast Python linter and code formatter, written in Rust.
Language: Rust - Size: 70.5 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 38,348 - Forks: 1,314
standard/standard
🌟 JavaScript Style Guide, with linter & automatic code fixer
Language: JavaScript - Size: 3.49 MB - Last synced at: 6 days ago - Pushed at: 8 months ago - Stars: 29,310 - Forks: 2,321
eslint/eslint
Find and fix problems in your JavaScript code.
Language: JavaScript - Size: 46.6 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 25,867 - Forks: 4,702
biomejs/biome
A toolchain for web projects, aimed to provide functionalities to maintain them. Biome offers formatter and linter, usable via CLI and LSP.
Language: Rust - Size: 206 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 18,642 - Forks: 577
facebook/infer
A static analyzer for Java, C, C++, and Objective-C
Language: OCaml - Size: 192 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 15,200 - Forks: 2,032
analysis-tools-dev/static-analysis
⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.
Language: Rust - Size: 41 MB - Last synced at: 4 days ago - Pushed at: 12 days ago - Stars: 13,769 - Forks: 1,389
phpstan/phpstan
PHP Static Analysis Tool - discover bugs in your code without running it!
Language: PHP - Size: 5.94 GB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 13,344 - Forks: 916
rubocop/rubocop
A Ruby static code analyzer and formatter, based on the community Ruby style guide.
Language: Ruby - Size: 48 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 12,733 - Forks: 3,075
semgrep/semgrep
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
Language: OCaml - Size: 86.6 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 11,589 - Forks: 690
checkstyle/checkstyle
Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.
Language: Java - Size: 188 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 8,578 - Forks: 3,839
reviewdog/reviewdog
🐶 Automated code review tool integrated with any code analysis tools regardless of programming language
Language: Go - Size: 4.98 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 8,380 - Forks: 442
securego/gosec
Go security checker
Language: Go - Size: 5.12 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 8,193 - Forks: 642
PyCQA/bandit
Bandit is a tool designed to find common security issues in Python code.
Language: Python - Size: 5.62 MB - Last synced at: 6 days ago - Pushed at: 13 days ago - Stars: 6,937 - Forks: 637
datreeio/datree 📦
Prevent Kubernetes misconfigurations from reaching production (again 😤 )! From code to cloud, Datree provides an E2E policy enforcement solution to run automatic checks for rule violations. See our docs: https://hub.datree.io
Language: Go - Size: 8.9 MB - Last synced at: 5 days ago - Pushed at: about 1 year ago - Stars: 6,374 - Forks: 360
phan/phan
Phan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.
Language: PHP - Size: 42.4 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 5,567 - Forks: 361
pylint-dev/pylint
It's not just a linter that annoys you!
Language: Python - Size: 40.4 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 5,454 - Forks: 1,173
mgechev/revive
🔥 ~6x faster, stricter, configurable, extensible, and beautiful drop-in replacement for golint
Language: Go - Size: 6.05 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 5,148 - Forks: 294
pmd/pmd
An extensible multilanguage static code analyzer.
Language: Java - Size: 497 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 5,057 - Forks: 1,509
google/pytype
A static type analyzer for Python code
Language: Python - Size: 42.4 MB - Last synced at: 5 days ago - Pushed at: 6 days ago - Stars: 4,879 - Forks: 285
uber/NullAway
A tool to help eliminate NullPointerExceptions (NPEs) in your Java code with low build-time overhead
Language: Java - Size: 6.67 MB - Last synced at: about 19 hours ago - Pushed at: about 20 hours ago - Stars: 3,739 - Forks: 302
spotbugs/spotbugs
SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
Language: Java - Size: 140 MB - Last synced at: 37 minutes ago - Pushed at: 3 days ago - Stars: 3,645 - Forks: 618
PyCQA/flake8
flake8 is a python tool that glues together pycodestyle, pyflakes, mccabe, and third-party plugins to check the style and quality of some python code.
Language: Python - Size: 3.52 MB - Last synced at: 2 days ago - Pushed at: 30 days ago - Stars: 3,599 - Forks: 325
zegl/kube-score
Kubernetes object analysis with recommendations for improved reliability and security. kube-score actively prevents downtime and bugs in your Kubernetes YAML and Charts. Static code analysis for Kubernetes.
Language: Go - Size: 1010 KB - Last synced at: 18 days ago - Pushed at: about 1 month ago - Stars: 2,883 - Forks: 183
standard/eslint-config-standard
ESLint Config for JavaScript Standard Style
Language: TypeScript - Size: 700 KB - Last synced at: 35 minutes ago - Pushed at: 2 days ago - Stars: 2,641 - Forks: 563
mgechev/codelyzer
Static analysis for Angular projects.
Language: TypeScript - Size: 17.7 MB - Last synced at: 4 days ago - Pushed at: 2 months ago - Stars: 2,458 - Forks: 238
gauge-sh/tach
A Python tool to visualize + enforce dependencies, using modular architecture 🌎 Open source 🐍 Installable via pip 🔧 Able to be adopted incrementally - ⚡ Implemented with no runtime impact ♾️ Interoperable with your existing systems 🦀 Written in rust
Language: Rust - Size: 23 MB - Last synced at: 1 day ago - Pushed at: 6 days ago - Stars: 2,384 - Forks: 59
Bearer/bearer
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
Language: Go - Size: 23.8 MB - Last synced at: 3 days ago - Pushed at: 6 days ago - Stars: 2,282 - Forks: 123
python-security/pyt
A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
Language: Python - Size: 3.2 MB - Last synced at: 28 days ago - Pushed at: over 4 years ago - Stars: 2,184 - Forks: 244
praetorian-inc/gokart 📦
A static analysis tool for securing Go code
Language: Go - Size: 189 KB - Last synced at: 4 days ago - Pushed at: over 1 year ago - Stars: 2,179 - Forks: 107
glebm/i18n-tasks
Manage translation and localization with static analysis, for Ruby i18n
Language: Ruby - Size: 2.82 MB - Last synced at: 4 days ago - Pushed at: 6 days ago - Stars: 2,108 - Forks: 269
Tencent/TscanCode
A static code analyzer for C++, C#, Lua
Language: C++ - Size: 37.5 MB - Last synced at: 27 days ago - Pushed at: over 1 year ago - Stars: 2,051 - Forks: 595
rubberduck-vba/Rubberduck
Every programmer needs a rubberduck. COM add-in for the VBA & VB6 IDE (VBE).
Language: C# - Size: 101 MB - Last synced at: 28 days ago - Pushed at: about 1 month ago - Stars: 1,966 - Forks: 308
ronami/HypeScript
🐬 A simplified implementation of TypeScript's type system written in TypeScript's type system
Language: TypeScript - Size: 2.15 MB - Last synced at: 30 days ago - Pushed at: 3 months ago - Stars: 1,951 - Forks: 23
kalessil/phpinspectionsea
A Static Code Analyzer for PHP (a PhpStorm/Idea Plugin)
Language: Java - Size: 127 MB - Last synced at: about 1 month ago - Pushed at: 8 months ago - Stars: 1,458 - Forks: 118
phpstan/phpdoc-parser
Next-gen phpDoc parser with support for intersection types and generics
Language: PHP - Size: 950 KB - Last synced at: 2 days ago - Pushed at: 26 days ago - Stars: 1,432 - Forks: 64
twitter/compose-rules
Static checks to aid with a healthy adoption of Compose
Language: Kotlin - Size: 2.33 MB - Last synced at: about 1 year ago - Pushed at: over 1 year ago - Stars: 1,326 - Forks: 84
ipyflow/ipyflow
A reactive Python kernel for Jupyter notebooks.
Language: Python - Size: 23 MB - Last synced at: 22 days ago - Pushed at: 22 days ago - Stars: 1,212 - Forks: 21
SonarSource/sonar-java
:coffee: SonarSource Static Analyzer for Java Code Quality and Security
Language: Java - Size: 67.1 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 1,166 - Forks: 692
SonarSource/SonarJS
SonarSource Static Analyzer for JavaScript and TypeScript
Language: TypeScript - Size: 78.8 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 1,104 - Forks: 186
souffle-lang/souffle
Soufflé is a variant of Datalog for tool designers crafting analyses in Horn clauses. Soufflé synthesizes a native parallel C++ program from a logic specification.
Language: C++ - Size: 516 MB - Last synced at: 6 days ago - Pushed at: about 1 month ago - Stars: 977 - Forks: 216
mysticatea/eslint-plugin-node
Additional ESLint's rules for Node.js
Language: JavaScript - Size: 965 KB - Last synced at: 6 days ago - Pushed at: 11 months ago - Stars: 962 - Forks: 176
security-code-scan/security-code-scan
Vulnerability Patterns Detector for C# and VB.NET
Language: C# - Size: 6.17 MB - Last synced at: about 2 months ago - Pushed at: 10 months ago - Stars: 950 - Forks: 164
tcosolutions/betterscan
Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners with One Report (Code, IaC) - Betterscan
Language: Python - Size: 12.7 MB - Last synced at: 4 days ago - Pushed at: about 2 months ago - Stars: 858 - Forks: 97
vincentcox/StaCoAn
StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
Language: JavaScript - Size: 38.8 MB - Last synced at: about 1 month ago - Pushed at: about 4 years ago - Stars: 841 - Forks: 131
rubocop/rubocop-rails
A RuboCop extension focused on enforcing Rails best practices and coding conventions.
Language: Ruby - Size: 28.2 MB - Last synced at: 30 minutes ago - Pushed at: 2 days ago - Stars: 840 - Forks: 272
SonarSource/sonar-dotnet
Code analyzer for C# and VB.NET projects
Language: C# - Size: 139 MB - Last synced at: 18 minutes ago - Pushed at: 1 day ago - Stars: 833 - Forks: 231
wala/WALA
T.J. Watson Libraries for Analysis, with frontends for Java, Android, and JavaScript, and may common static program analyses
Language: Java - Size: 57.2 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 787 - Forks: 236
coderaiser/putout
🐊 Pluggable and configurable JavaScript Linter, code transformer and formatter, drop-in ESLint superpower replacement 💪 with built-in support for js, jsx, typescript, markdown, yaml and json. Write declarative codemods in a simplest possible way 😏
Language: JavaScript - Size: 20.2 MB - Last synced at: 3 days ago - Pushed at: 4 days ago - Stars: 745 - Forks: 41
phpstan/phpstan-symfony
Symfony extension for PHPStan
Language: PHP - Size: 688 KB - Last synced at: 1 day ago - Pushed at: 6 days ago - Stars: 738 - Forks: 93
olacabs/jackhammer
Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
Language: Java - Size: 63.7 MB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 728 - Forks: 164
rubocop/rubocop-performance
An extension of RuboCop focused on code performance checks.
Language: Ruby - Size: 24.7 MB - Last synced at: 3 days ago - Pushed at: about 1 month ago - Stars: 711 - Forks: 82
FloeDesignTechnologies/phpcs-security-audit
phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code
Language: PHP - Size: 214 KB - Last synced at: 6 months ago - Pushed at: over 2 years ago - Stars: 710 - Forks: 85
scalastyle/scalastyle
scalastyle
Language: Scala - Size: 1.63 MB - Last synced at: 11 months ago - Pushed at: over 2 years ago - Stars: 676 - Forks: 216
soot-oss/SootUp
A new version of Soot with a completely overhauled architecture
Language: Java - Size: 277 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 670 - Forks: 91
alexkohler/prealloc
prealloc is a Go static analysis tool to find slice declarations that could potentially be preallocated.
Language: Go - Size: 59.6 KB - Last synced at: about 7 hours ago - Pushed at: about 1 year ago - Stars: 655 - Forks: 24
phpstan/phpstan-strict-rules
Extra strict and opinionated rules for PHPStan
Language: PHP - Size: 388 KB - Last synced at: 4 days ago - Pushed at: 26 days ago - Stars: 640 - Forks: 51
phpstan/phpstan-doctrine
Doctrine extensions for PHPStan
Language: PHP - Size: 1.18 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 625 - Forks: 103
pep8speaks-org/pep8speaks
A GitHub :octocat: app to automatically review Python code style over Pull Requests
Language: Python - Size: 4.74 MB - Last synced at: about 22 hours ago - Pushed at: about 2 months ago - Stars: 615 - Forks: 87
pylint-dev/astroid
A common base representation of python source code for pylint and other projects
Language: Python - Size: 16.7 MB - Last synced at: 7 days ago - Pushed at: 7 days ago - Stars: 543 - Forks: 288
glayzzle/php-parser
:herb: NodeJS PHP Parser - extract AST or tokens
Language: JavaScript - Size: 29.5 MB - Last synced at: about 1 month ago - Pushed at: 4 months ago - Stars: 542 - Forks: 71
mchalupa/dg
[LLVM Static Slicer] Various program analyses, construction of dependence graphs and program slicing of LLVM bitcode.
Language: C++ - Size: 5.72 MB - Last synced at: about 1 month ago - Pushed at: over 1 year ago - Stars: 499 - Forks: 136
phpstan/phpstan-phpunit
PHPUnit extensions and rules for PHPStan
Language: PHP - Size: 323 KB - Last synced at: 4 days ago - Pushed at: 26 days ago - Stars: 491 - Forks: 48
droidefense/engine
Droidefense: Advance Android Malware Analysis Framework
Language: Java - Size: 198 MB - Last synced at: 3 days ago - Pushed at: over 2 years ago - Stars: 482 - Forks: 105
vuejs/vue-eslint-parser
The ESLint custom parser for `.vue` files.
Language: TypeScript - Size: 2.19 MB - Last synced at: 3 days ago - Pushed at: about 1 month ago - Stars: 473 - Forks: 79
standard/eslint-config-standard-react
ESLint Shareable Config for React/JSX support in JavaScript Standard Style
Language: JavaScript - Size: 80.1 KB - Last synced at: 27 days ago - Pushed at: over 1 year ago - Stars: 458 - Forks: 86
eslint/markdown
Lint JavaScript code blocks in Markdown documents
Language: JavaScript - Size: 469 KB - Last synced at: 8 days ago - Pushed at: 8 days ago - Stars: 447 - Forks: 67
guilatrova/tryceratops
A linter to prevent exception handling antipatterns in Python (limited only for those who like dinosaurs).
Language: Python - Size: 1.49 MB - Last synced at: 3 days ago - Pushed at: 6 months ago - Stars: 441 - Forks: 25
amit-davidson/Chronos
Chronos - A static race detector for the go language
Language: Go - Size: 13.4 MB - Last synced at: 8 days ago - Pushed at: about 3 years ago - Stars: 435 - Forks: 11
slackhq/compose-lints
Lint checks to aid with a healthy adoption of Compose
Language: Kotlin - Size: 4.26 MB - Last synced at: 6 days ago - Pushed at: 11 days ago - Stars: 430 - Forks: 25
sharpenrocks/Sharpen
Visual Studio extension that intelligently introduces new C# features into your existing codebase
Language: C# - Size: 4.96 MB - Last synced at: about 1 month ago - Pushed at: over 2 years ago - Stars: 415 - Forks: 31
phpstan/phpstan-deprecation-rules
PHPStan rules for detecting usage of deprecated classes, methods, properties, constants and traits.
Language: PHP - Size: 241 KB - Last synced at: 4 days ago - Pushed at: 14 days ago - Stars: 405 - Forks: 20
SonarSource/sonar-php
:elephant: SonarPHP: PHP static analyzer for SonarQube & SonarLint
Language: Java - Size: 22.1 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 404 - Forks: 106
standard/awesome-standard
Documenting the explosion of packages in the standard ecosystem!
Size: 34.2 KB - Last synced at: 6 days ago - Pushed at: over 1 year ago - Stars: 397 - Forks: 35
JetBrains/Qodana
📝 Source repository of Qodana Help
Size: 186 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 392 - Forks: 75
Technologicat/pyan
Static call graph generator. The official Python 3 version. Development repo.
Language: Python - Size: 1.16 MB - Last synced at: 1 day ago - Pushed at: 10 months ago - Stars: 371 - Forks: 65
Shopify/theme-check 📦
The Ultimate Shopify Theme Linter
Language: Ruby - Size: 3.49 MB - Last synced at: 3 days ago - Pushed at: 10 months ago - Stars: 348 - Forks: 95
policeman-tools/forbidden-apis
Policeman's Forbidden API Checker
Language: Java - Size: 1.42 MB - Last synced at: 27 days ago - Pushed at: about 1 month ago - Stars: 347 - Forks: 36
jenkinsci/warnings-ng-plugin
Jenkins Warnings Plugin - Next Generation
Language: Java - Size: 27 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 346 - Forks: 284
designsecurity/progpilot
A static analysis tool for security
Language: PHP - Size: 26.2 MB - Last synced at: 9 days ago - Pushed at: 6 months ago - Stars: 339 - Forks: 61
baikaishuipp/jcci
Java code commit impact, java code change impact analysis,java代码改动影响范围分析工具,精准测试,回归测试范围划定
Language: Python - Size: 1.75 MB - Last synced at: 23 days ago - Pushed at: 5 months ago - Stars: 304 - Forks: 53
MaibornWolff/codecharta
CodeCharta is a visualization tool that transforms complex software architecture and code metrics into interactive, customizable visual maps, empowering everyone to communicate and analyze your codebase. Improve code quality, maintainability, and architectural decisions
Language: TypeScript - Size: 107 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 292 - Forks: 38
cs-au-dk/TIP
Static program analysis for TIP
Language: Scala - Size: 3.33 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 287 - Forks: 130
JetBrains/qodana-action
⚙️ Scan your Go, Java, Kotlin, PHP, Python, JavaScript, TypeScript, .NET projects at GitHub with Qodana. This repository contains Qodana for Azure, GitHub, CircleCI and Gradle
Language: JavaScript - Size: 19.5 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 279 - Forks: 42
jborgers/sonar-pmd
☕️ PMD Plugin for SonarQube
Language: Java - Size: 4.39 MB - Last synced at: 17 days ago - Pushed at: 17 days ago - Stars: 275 - Forks: 160
scheb/tombstone
Dead code detection with tombstones for PHP 🪦🧟
Language: PHP - Size: 1.25 MB - Last synced at: 27 days ago - Pushed at: 3 months ago - Stars: 270 - Forks: 19
jfmengels/elm-review
Analyzes Elm projects, to help find mistakes before your users find them.
Language: Elm - Size: 6.61 MB - Last synced at: about 1 month ago - Pushed at: 3 months ago - Stars: 268 - Forks: 13
codeintegrity-ai/mutahunter
Open Source, Language Agnostic Mutation Testing
Language: Python - Size: 1.63 MB - Last synced at: 23 days ago - Pushed at: 24 days ago - Stars: 266 - Forks: 21
usagitoneko97/klara
Automatic test case generation for python and static analysis library
Language: Python - Size: 9.13 MB - Last synced at: 8 days ago - Pushed at: about 3 years ago - Stars: 262 - Forks: 13
Feysh-Group/corax-community
Corax for Java: A general static analysis framework for java code checking.
Language: Kotlin - Size: 38 MB - Last synced at: 2 months ago - Pushed at: 5 months ago - Stars: 239 - Forks: 20
abaplint/abaplint
Standalone static analysis for ABAP
Language: TypeScript - Size: 70.2 MB - Last synced at: about 2 hours ago - Pushed at: about 2 hours ago - Stars: 236 - Forks: 74
webarx-security/wpbullet
A static code analysis for WordPress (and PHP)
Language: Python - Size: 227 KB - Last synced at: about 1 month ago - Pushed at: over 2 years ago - Stars: 236 - Forks: 47
DmitryTsepelev/rubocop-graphql
Rubocop extension for enforcing graphql-ruby best practices
Language: Ruby - Size: 357 KB - Last synced at: about 11 hours ago - Pushed at: about 2 months ago - Stars: 230 - Forks: 51
felipebz/zpa
Parser and static code analysis tool for PL/SQL and Oracle SQL.
Language: Kotlin - Size: 6.45 MB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 222 - Forks: 78
realvizu/NsDepCop
NsDepCop is a static code analysis tool that enforces namespace and assembly dependency rules in C# projects.
Language: C# - Size: 16.7 MB - Last synced at: 4 days ago - Pushed at: about 1 month ago - Stars: 210 - Forks: 33
chebuya/sastsweep
tool designed for identifying vulnerabilities in open source codebases at scale. It can gather and filter on key repository metrics such as popularity and project size
Language: Go - Size: 9 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 208 - Forks: 20
TouK/sputnik
Static code review for your Gerrit patchsets. Runs Checkstyle, PMD, FindBugs, Scalastyle, CodeNarc, JSLint for you!
Language: Java - Size: 2.87 MB - Last synced at: about 1 month ago - Pushed at: about 1 year ago - Stars: 203 - Forks: 121
goblint/analyzer
Static analysis framework for C
Language: OCaml - Size: 38 MB - Last synced at: about 4 hours ago - Pushed at: about 5 hours ago - Stars: 200 - Forks: 79
cs-au-dk/TAJS 📦
Type Analyzer for JavaScript
Language: Java - Size: 76.2 MB - Last synced at: 2 months ago - Pushed at: 3 months ago - Stars: 194 - Forks: 40
JetBrains/qodana-cli
🔧 JetBrains Qodana’s official command line tool
Language: Go - Size: 2.82 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 193 - Forks: 29
Perl-Critic/Perl-Critic
The leading static analyzer for Perl. Configurable, extensible, powerful.
Language: Perl - Size: 19.2 MB - Last synced at: 17 days ago - Pushed at: 7 months ago - Stars: 186 - Forks: 104
