static-code-analysis
There are 516 repositories under static-code-analysis topic.
standard/standard
🌟 JavaScript Style Guide, with linter & automatic code fixer
astral-sh/ruff
An extremely fast Python linter and code formatter, written in Rust.
eslint/eslint
Find and fix problems in your JavaScript code.
facebook/infer
A static analyzer for Java, C, C++, and Objective-C
analysis-tools-dev/static-analysis
⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.
phpstan/phpstan
PHP Static Analysis Tool - discover bugs in your code without running it!
rubocop/rubocop
A Ruby static code analyzer and formatter, based on the community Ruby style guide.
biomejs/biome
A toolchain for web projects, aimed to provide functionalities to maintain them. Biome offers formatter and linter, usable via CLI and LSP.
semgrep/semgrep
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
checkstyle/checkstyle
Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.
securego/gosec
Go security checker
reviewdog/reviewdog
🐶 Automated code review tool integrated with any code analysis tools regardless of programming language
datreeio/datree
Prevent Kubernetes misconfigurations from reaching production (again 😤 )! From code to cloud, Datree provides an E2E policy enforcement solution to run automatic checks for rule violations. See our docs: https://hub.datree.io
PyCQA/bandit
Bandit is a tool designed to find common security issues in Python code.
phan/phan
Phan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.
pylint-dev/pylint
It's not just a linter that annoys you!
pmd/pmd
An extensible multilanguage static code analyzer.
mgechev/revive
🔥 ~6x faster, stricter, configurable, extensible, and beautiful drop-in replacement for golint
google/pytype
A static type analyzer for Python code
uber/NullAway
A tool to help eliminate NullPointerExceptions (NPEs) in your Java code with low build-time overhead
spotbugs/spotbugs
SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
PyCQA/flake8
flake8 is a python tool that glues together pycodestyle, pyflakes, mccabe, and third-party plugins to check the style and quality of some python code.
zegl/kube-score
Kubernetes object analysis with recommendations for improved reliability and security. kube-score actively prevents downtime and bugs in your Kubernetes YAML and Charts. Static code analysis for Kubernetes.
standard/eslint-config-standard
ESLint Config for JavaScript Standard Style
codeclimate/codeclimate
Code Climate CLI
mgechev/codelyzer
Static analysis for Angular projects.
praetorian-inc/gokart
A static analysis tool for securing Go code
python-security/pyt
A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
glebm/i18n-tasks
Manage translation and localization with static analysis, for Ruby i18n
Tencent/TscanCode
A static code analyzer for C++, C#, Lua
ronami/HypeScript
🐬 A simplified implementation of TypeScript's type system written in TypeScript's type system
rubberduck-vba/Rubberduck
Every programmer needs a rubberduck. COM add-in for the VBA & VB6 IDE (VBE).
Bearer/bearer
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
kalessil/phpinspectionsea
A Static Code Analyzer for PHP (a PhpStorm/Idea Plugin)
twitter/compose-rules
Static checks to aid with a healthy adoption of Compose
phpstan/phpdoc-parser
Next-gen phpDoc parser with support for intersection types and generics