Note: The master branch may be in an unstable or even broken state during development. Please use releases instead of the master branch in order to get stable binaries.Clair is an open source project for the static analysis of vulnerabilities in application containers (currently including appc and docker).
containers static-analysis kubernetes docker oci oci-image vulnerabilities clairPhan is a static analyzer for PHP that prefers to minimize false-positives. Phan attempts to prove incorrectness rather than correctness.Phan looks for common issues and will verify type compatibility on various operations when type information is available or can be deduced. Phan does not have a strong understanding of flow control and does not attempt to track values.
static-analysis phan analysis analyzerAn extensible static analysis linter for the TypeScript language
typescript linting-rules linter tslint static-analysis cliFindBugs uses static analysis to look for bugs in Java code. it can analyze programs compiled for any version of Java. Eclipse and Maven plugins are available. FindBugs has been downloaded more than 700,000 times.
code-quality static-analysis code-analysishonnef.co/go/tools/... is a collection of tools and libraries for working with Go code, including linters and static analysis.These tools are supported by patrons on Patreon and sponsors. If you use these tools at your company, consider purchasing commercial support.
linters static-analysis linterIf you simply want to use Panopticon follow the install instructions on the website.Panopticon builds with Rust stable. The only dependencies aside from a working Rust stable toolchain and Cargo you need is Qt 5.5 or higher.
disassembler static-analysis qml security reverse-engineeringInstall goreporter (see above).You have to confirm that your project is operational. In particular, the problem with vendor, when the package is not found in the default path, goreporter will look again from the possible vendor path.
codereview reporter golang-tools test staticcheck linter unit-testing static-analysis unit-test examination quality-reportCSSLint is an open source CSS code quality tool originally written by Nicholas C. Zakas and Nicole Sullivan. It was released in June 2011 at the Velocity conference.A lint tool performs static analysis of source code and flags patterns that might be errors or otherwise cause problems for the developer.
static-code-analysis static-analysis lint css-lintPHPStan focuses on finding errors in your code without actually running it. It catches whole classes of bugs even before you write tests for the code.PHPStan moves PHP closer to compiled languages in the sense that the correctness of each line of the code can be checked before you run the actual line.
phpstan static-analysis php7 testing static-code-analysis static-analyzerPHP_CodeSniffer is a set of two PHP scripts; the main phpcs script that tokenizes PHP, JavaScript and CSS files to detect violations of a defined coding standard, and a second phpcbf script to automatically correct coding standard violations. PHP_CodeSniffer is an essential development tool that ensures your code remains clean and consistent. PHP_CodeSniffer requires PHP version 5.4.0 or greater, although individual sniffs may have additional requirements such as external applications and scripts. See the Configuration Options manual page for a list of these requirements.
coding-standards automation cli qa static-analysisIf you have specific questions, please add an issue or ask on Stack Overflow with the label python-jedi. Jedi is a static analysis tool for Python that can be used in IDEs/editors. Its historic focus is autocompletion, but does static analysis for now as well. Jedi is fast and is very well tested. It understands Python on a deeper level than all other static analysis frameworks for Python.
static-analysis auto-complete python3 python2i18n-tasks helps you find and manage missing and unused translations. i18n-tasks can be used with any project using the ruby i18n gem (default in Rails).
static-analysis static-code-analysis i18n translation-managementBrakeman is an open source static analysis tool which checks Ruby on Rails applications for security vulnerabilities. Check out Brakeman Pro if you are looking for a commercially-supported version with a GUI and advanced features.
rails security static-analysis vulnerabilities brakeman security-vulnerability security-tools security-auditIf you find Cppcheck useful for you, feel free to make a donation. The original name of this program was "C++check", but it was later changed to "Cppcheck".
cppcheck c-plus-plus static-analysis cross-platform cppThis is a PHP 5.2 to PHP 7.2 parser written in PHP. Its purpose is to simplify static code analysis and manipulation. Documentation for version 4.x (stable; for running on PHP >= 7.0; for parsing PHP 5.2 to PHP 7.2).
parser ast static-analysisCredo is a static code analysis tool for the Elixir language with a focus on teaching and code consistency. It implements its own style guide.
elixir code-analysis static-analysis linter credoPsalm is a static analysis tool for finding errors in PHP applications, built on top of PHP Parser. It's able to find a large number issues, but it can also be configured to only care about a small subset of those.
static-analysis control-flow-analysis php7 php5This is a collection of static analysis tools and code quality checkers. Pull requests are very welcome! Note: ©️ stands for proprietary software. All other tools are Open Source. To the extent possible under law, Matthias Endler has waived all copyright and related or neighboring rights to this work. Title image Designed by Freepik.
static-analysis quality static-analyzers awesome linter list code-quality awesome-list programming-languagego-callvis is a development tool to help visualize call graph of your Go program using Graphviz's dot format. Purpose of this tool is to provide a visual overview of your program by using the data from call graph and its relations with packages and types. This is especially useful in larger projects where the complexity of the code rises or when you are just simply trying to understand code structure of somebody else.
callgraph graphviz visualization golang-tools development-utility static-analysis dot-format call-graphThis project is an OSS Static Code Analysis tool for PhpStorm (2016.2+) and Idea Ultimate. Some of inspections are expecting conditional statements (e.g. "if") to use group statement for wrapping body expressions. If this requirement is met then additional inspections are applied to the source code.
phpstorm static-analysis php7 awesome intellij intellij-plugin static-code-analysis static-analyzer phpstorm-plugin
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.