Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

Projects in Awesome Lists tagged with static-code-analysis

A curated list of projects in awesome lists tagged with static-code-analysis .

https://github.com/mysticatea/eslint-plugin

ESLint configurations and additional rules for me

ecmascript eslint eslint-plugin javascript static-code-analysis

Last synced: 25 Aug 2025

https://github.com/integerman/gitstractor

A library for visualizing the commits, authors, and files of any git repository

code-analysis data-analysis data-visualization dotnet git powerbi repository-management static-code-analysis utilities visualization

Last synced: 14 Jan 2026

https://github.com/securesauce/precli

Precaution CLI - command line static application security testing tool

command-line go java python sast security security-tools static-analysis static-code-analysis

Last synced: 09 Apr 2025

https://github.com/karlosagudo/fixtro

A QA static analysis code, with a different approach

php php7 qatools static-analysis static-code-analysis

Last synced: 25 Apr 2025

https://github.com/koic/rubocop-faker

A RuboCop extension for Faker.

converter faker linter rubocop ruby static-code-analysis

Last synced: 05 Apr 2025

https://github.com/jenkinsci/violation-comments-to-gitlab-plugin

Comments GitLab merge requests with static code analyzer findings.

gitlab-plugin jenkins-plugin pipeline static-code-analysis violation-comments

Last synced: 12 Jul 2025

https://github.com/IQTLabs/AuraBorealisApp

Do You Know What's In Your Python Packages? A Tool for Visualizing Python Package Registry Security Audit Data

flask malware pypi registry security security-audit security-tools static-analysis static-code-analysis

Last synced: 11 Jul 2025

https://github.com/correia-jpv/fucking-static-analysis

⚙️ A curated list of static analysis (SAST) tools for all programming languages, config files, build tools, and more. With repository stars⭐ and forks🍴

analysis awesome awesome-list code-quality lint linter sast static-analysis static-analyzer static-code-analysis

Last synced: 27 Apr 2025

https://github.com/florentpoujol/php8-type-system

A comprehensive guide of everything related to PHP8.1+ type system and the tools used for static analysis

php static-analysis static-code-analysis

Last synced: 16 Apr 2025

https://github.com/paulveillard/cybersecurity-sast

An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Static Application Security Testing (SAST) Tools.

static-analyzers static-api-generator static-app static-application-security-testing static-binary static-blocks static-build static-code static-code-analysis static-code-analyzer

Last synced: 07 Jan 2026

https://github.com/seachicken/inga

Visualizing the Impact of Code Changes

code-quality static-analysis static-code-analysis

Last synced: 14 Feb 2026

https://github.com/corgibytes/freshli-lib

A tool for collecting historical metrics about a project's dependencies

dependencies dependency-metrics metrics static-code-analysis

Last synced: 14 Jan 2026

https://github.com/phpstan/phpstan-dibi

Dibi class reflection extension for PHPStan

dibi php php7 phpstan static-analysis static-analyzer static-code-analysis testing

Last synced: 15 Apr 2025

https://github.com/nrodear/staticcodeanalyser

Static code analysis for Delphi 12 / RAD Studio. IDE plugin + standalone GUI + CLI (same engine). 150+ detectors (Pascal AST + DFM): leaks, SQL injection, dead handlers, hardcoded secrets, locale traps, Win64 pointer bugs. Sonar push, SARIF for CI/CD, Claude AI hand-off.

ast-parser code-quality code-smell-detector delphi delphi-ide dfm-linter dfm-scanner git-integration ide-plugin linter memory-leak-detection object-pascal rad-studio sarif sonarqube-style sql-injection-detection static-analysis static-code-analysis tools-api vcl

Last synced: 31 May 2026

https://github.com/tomasbjerre/violations-command-line

Command line tool that will find report files from static code analysis, present and optionally fail the command.

lint static-code-analysis

Last synced: 12 Apr 2025

https://github.com/ckaznocha/intrange

intrange is a program for checking for loops that could use the Go 1.22 integer range feature.

go golang lint linter linting static-analysis static-code-analysis style-lint style-linter

Last synced: 14 Aug 2025

https://github.com/v-thakkar/talks

This repository contains the slides of my talks.

coccinelle ebpf embedded-linux kernel linux security static-code-analysis virtualization xen

Last synced: 17 Mar 2025

https://github.com/iagoabal/eba

EBA is a static bug finder for C.

c static-analysis static-analyzer static-code-analysis

Last synced: 10 Apr 2025

https://github.com/tomasbjerre/violation-comments-lib

Library for commenting things with violations from static code analysis.

static-code-analysis

Last synced: 12 Apr 2025

https://github.com/tyhal/crie

Universal meta-linter using containerized execution

code-quality containerization developer-tools docker formatter go linter podman static-code-analysis

Last synced: 15 Feb 2026

https://github.com/cmu-sei/scaife-api

Source Code Analysis Integrated Framework Environment (SCAIFE) API: YAML specification

alerts api api-documentation architecture classification restful-api servers static-analysis static-code-analysis yaml

Last synced: 14 Apr 2025

https://github.com/dgkf/scriptgloss

dynamically reconstruct static code for shiny outputs

r reproducibility shiny static-code-analysis

Last synced: 14 Apr 2025

https://github.com/mrseanryan/tslint-folders

:file_folder: Use tslint to check for invalid imports between packages and folders in your TypeScript project. Automatic validation and documentation of package architecture.

analysis architecture checker code-analysis dependencies diagram disabled-tests folders linter linting static-analysis static-code-analysis structure tslint

Last synced: 12 Apr 2025

https://github.com/piraces/kube-score-ga

Github action to execute kube-score with selected manifests (YAML, Helm or Kustomize)

analysis automation charts ci github-actions helm kube-score kubernetes linter security static-code-analysis

Last synced: 15 Apr 2025

https://github.com/johnstoncode/phpstan-moneyphp

Moneyphp Money class reflection extension for PHPStan

php php7 phpstan static-analysis static-code-analysis

Last synced: 25 Oct 2025

https://github.com/stormsidali2001/ioc-arise

Arise type-safe IoC containers from your code. Zero overhead, zero coupling.

ast dependency-injection ioc nodejs static-code-analysis typescript

Last synced: 18 Apr 2026

https://github.com/tomasbjerre/violation-comments-to-gitlab-command-line

Report static code analysis to GitLab

gitlab static-code-analysis

Last synced: 12 Apr 2025

https://github.com/cathive/concourse-sonarqube-qualitygate-task

A task for Concourse CI to be used in conjunction with the concourse-sonarqube-resource to break builds if the criteria of a quality gate cannot be met

code-quality concourse-ci sonarqube static-code-analysis

Last synced: 04 Mar 2026

https://github.com/yonyong/sonar-custom-pmd-plugin

由于目前自定义sonar插件开发没有统一的框架,实现比较复杂, 因此开发了此骨架项目。开发者可以按照文档步骤新增自定义的sonar插件。

custom-plugin java p3c pmd sonar-plugin sonarqube sonarqube-plugin static-analyzer static-code-analysis

Last synced: 11 Jun 2025

https://github.com/twisterrob/android-lint-examples

Project that reproduces every lint violation out there. (At least that's the idea, contributions welcome.)

android android-development lint static-analysis static-code-analysis

Last synced: 07 Aug 2025

https://github.com/xyproto/purefunction

Given a Go source code file, find all known pure functions

optimization-tools static-code-analysis

Last synced: 15 Apr 2025

https://github.com/saleor/shellcheck-gha

Extracts and checks shell scripts in Github Workflows for potential issues using ShellCheck.

bash github-workflows linter shell shellcheck static-analysis static-code-analysis

Last synced: 11 Apr 2026

https://github.com/hdorgeval/testcafe-static-analyser

This tool performs a static analysis of your TestCafe tests and produces a nice and searchable html report

e2e gherkin report-generator static-code-analysis testcafe visual-studio-code vscode

Last synced: 25 Feb 2026

https://github.com/prayas7102/nodejssecurify

NodejsSecurify is an advanced NPM package designed to enhance the security of Node.js applications using AI/ML models. It provides a comprehensive set of security features and analysis capabilities to identify potential vulnerabilities and enforce best practices in accordance with OWASP guidelines.

brute-force-attacks callbackhell cybersecurity dos-attack hacktoberfest input-validation javascript machine-learning naive-bayes-classifier nodejs owasp redos-detector regex-dos static-code-analysis typescript whitebox-testing xss-vulnerability

Last synced: 18 Apr 2025

https://github.com/ezienecker/static-code-review-plugin

A plugin which comments the found bugs (by static code analyzer) to your merge request

code-analysis findbugs hacktoberfest spotbugs spotbugs-maven-plugin static-analysis static-code-analysis

Last synced: 29 Jul 2025

https://github.com/angelej/php-insider

A simple static application security testing (SAST) tool for locating dangerous sinks in php applications.

appsec php sast security static-code-analysis whitebox

Last synced: 06 Apr 2026

https://github.com/tomasbjerre/violation-comments-action

A GitHub action to help use violation-comments-to-github-command-line.

code-rev static-code-analysis

Last synced: 07 Feb 2026

https://github.com/yardexx/dart_shield

Security CLI tool (SAST) to detect security issues in your Dart and Flutter code.

appsec dart flutter sast security security-scanner security-tools static-analysis static-code-analysis vulnerability

Last synced: 23 Feb 2026

https://github.com/tomasbjerre/violation-comments-to-gitlab-lib

Comment gitlab with violations found with static code analysis.

gitlab static-code-analysis

Last synced: 12 Apr 2025

https://github.com/tomasbjerre/violation-comments-to-bitbucket-server-lib

A library for commenting Bitbucket Server with violations from static code analyzer reports.

bitbucket-server static-code-analysis

Last synced: 12 Apr 2025

https://github.com/stefan-kolb/texcop

CLI and static code analyzer for TeX and BibTeX files.

academia best-practices bibtex latex linter static-code-analysis style-checker style-guide tex thesis

Last synced: 24 Apr 2026

https://github.com/standardnotes/brakeman-action

Runs Brakeman against a repository's source code to find security vulnerabilities, using GitHub actions.

brakeman rails review ruby security static-code-analysis

Last synced: 25 Aug 2025

https://github.com/aziule/filebuildtag

Linter enforcing files to contain expected build tags, based on the file name.

ci code-quality developer-tools go golang linter static-analysis static-code-analysis

Last synced: 11 Jan 2026

https://github.com/daomephsta/fantastic-chainsaw

A static analysis tool to assist MC modders in updating their mods

eclipse minecraft static-analysis static-code-analysis

Last synced: 04 Aug 2025

https://github.com/kennethlarsen/lannister

💸 A Lannister always pays his technical debt

automated-analysis static-analysis static-code-analysis technical-debt

Last synced: 25 Oct 2025

https://github.com/ballerina-platform/static-code-analysis-tool

Tool for performing static code analysis for Ballerina projects.

ballerina static-code-analysis

Last synced: 19 Jun 2025

https://github.com/protosec-research/tree-of-ast

Tree-of-AST: Python Security Analysis framework inspired by ToT (Tree-of-Thoughts) of Deliberate Code analysing states using ToT-based ways.

ai gpt-4 ml python security security-audit security-tools source-to-sink static-code-analysis tree-of-thoughts

Last synced: 04 Sep 2025

https://github.com/olekscode/identifiernamesplitter

A tool for splitting identifier names into separate words, numbers, and symbols. For example, 'aName_AST42:' gets separated into 'a', 'Name', '_', 'AST', '42', and ':'

code-analysis identifier identifier-names pharo smalltalk static-code-analysis

Last synced: 05 Apr 2025

https://github.com/vegardit/depcheck-maven-plugin

Maven plugin to check for used unused direct and used indirect (transitive) dependencies.

asm dependency-analysis java maven-plugin static-code-analysis

Last synced: 15 Mar 2025

https://github.com/mariha/null-safety

A holistic approach to bring null-safety to the code written in Java.

java npe nullability nullability-analysis nullable static-analysis static-code-analysis

Last synced: 17 Oct 2025

https://github.com/buraksenyurt/webservice-detective

Eski bir uygulamadaki web servis ve web servis metotlarını kodu statik analiz yoluyla tarayarak bulmak istersek ne yapabiliriz sorusuna Roslyn'den de destek alıp bakmaya çalışıyoruz.

dotnet roslyn static-code-analysis web-services

Last synced: 15 May 2026

https://github.com/lucascorpion/instant-sonar

Instantly analyse your code with SonarQube in Docker, with a single command.

cli docker sonarqube static-code-analysis

Last synced: 11 Apr 2026

https://github.com/smyachenkov/run-detekt-maven-plugin

maven plugin for detekt code analysis tool

detekt kotlin maven-plugin static-code-analysis

Last synced: 16 Jan 2026

https://github.com/scheb/tombstone-logger

[READ ONLY] Tracking of tombstones to find dead code in your codebase

dead-code-removal dynamic-code-analysis static-code-analysis tombstones

Last synced: 30 Oct 2025

https://github.com/ariddlestone/phpstan-cakephp2

An extension to help test CakePHP 2 projects with PHPStan

cakephp2 php php7 phpstan-extension static-analysis static-code-analysis

Last synced: 13 Apr 2025

https://github.com/solitudera/fractalfathom-cli

A Kotlin-based project for enhancing Java code analysis, leveraging GraphCodeBERT and GPT-4 to generate PlantUML diagrams that visualize code structure, relationships, and functional components.

chatgpt code-comprehension graphcodebert java kotlin spoon static-code-analysis

Last synced: 04 Apr 2025

https://github.com/kffl/bsdetector-server

BSDetector server - JavaScript static code analysis tool

code-smells good-practices static-code-analysis

Last synced: 18 Jan 2026

https://github.com/danini-the-panini/will_it_ruby

Run your Ruby code before actually running it

ruby static-code-analysis

Last synced: 09 Oct 2025

https://github.com/lastnpe/external-annotations-esperanto

Tooling to convert different representations of externalized Java annotations to & fro' each other

code-analysis eclipse eea esperanto java null-analysis nullability nullable star-trek startrek static-analysis static-code-analysis

Last synced: 02 Mar 2026

https://github.com/ukinimod/iac-count

Measures the quality of IaC through metrics

ansible golang iac metrics static-code-analysis

Last synced: 03 May 2026

https://github.com/mayconfsousa/eslint-config-nebula

Elevate JS, TS, and React with best practices for stellar code quality and consistency

eslint eslint-config javascript react reactjs static-code-analysis style-guide typescript

Last synced: 03 Mar 2026

https://github.com/launchdarkly-labs/refaudit

Audit your public go declarations against code that references them

static-code-analysis

Last synced: 11 Mar 2026

https://github.com/nerdfiles/chordlike

handling modality in reactjs

coverage docs reactjs static-code-analysis unit-testing

Last synced: 12 Apr 2026

https://github.com/janniclas/swift-llvm-statistics-comparison

This repository contains microbenchmarks written in Swift and C++.

cpp llvm-ir static-code-analysis swift

Last synced: 16 May 2026

https://github.com/ballerina-platform/sonar-ballerina

This plugin provides an interface to report Ballerina static code analysis results to SonarQube

ballerina static-code-analysis

Last synced: 19 Jun 2025

https://github.com/fortify/sample-scala

Simple example showing how Fortify scanning can be performed in Scala applications built with Maven (using the "scala-maven-plugin" from https://github.com/davidB/) or Gradle.

appsec fortify fortify-sca sample sast sbt scala source-code-analysis static-code-analysis vulnerable-sample-app

Last synced: 02 Sep 2025