Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

Static code analysis

Static program analysis (or static analysis) is the analysis of computer programs performed without executing them, in contrast with dynamic program analysis, which is performed on programs during their execution.

https://github.com/seachicken/inga

Visualizing the Impact of Code Changes

code-quality static-analysis static-code-analysis

Last synced: 10 Oct 2025

https://github.com/ckaznocha/intrange

intrange is a program for checking for loops that could use the Go 1.22 integer range feature.

go golang lint linter linting static-analysis static-code-analysis style-lint style-linter

Last synced: 14 Aug 2025

https://github.com/iagoabal/eba

EBA is a static bug finder for C.

c static-analysis static-analyzer static-code-analysis

Last synced: 10 Apr 2025

https://github.com/v-thakkar/talks

This repository contains the slides of my talks.

coccinelle ebpf embedded-linux kernel linux security static-code-analysis virtualization xen

Last synced: 17 Mar 2025

https://github.com/tomasbjerre/violation-comments-lib

Library for commenting things with violations from static code analysis.

static-code-analysis

Last synced: 12 Apr 2025

https://github.com/dgkf/scriptgloss

dynamically reconstruct static code for shiny outputs

r reproducibility shiny static-code-analysis

Last synced: 14 Apr 2025

https://github.com/cmu-sei/scaife-api

Source Code Analysis Integrated Framework Environment (SCAIFE) API: YAML specification

alerts api api-documentation architecture classification restful-api servers static-analysis static-code-analysis yaml

Last synced: 14 Apr 2025

https://github.com/piraces/kube-score-ga

Github action to execute kube-score with selected manifests (YAML, Helm or Kustomize)

analysis automation charts ci github-actions helm kube-score kubernetes linter security static-code-analysis

Last synced: 15 Apr 2025

https://github.com/mrseanryan/tslint-folders

:file_folder: Use tslint to check for invalid imports between packages and folders in your TypeScript project. Automatic validation and documentation of package architecture.

analysis architecture checker code-analysis dependencies diagram disabled-tests folders linter linting static-analysis static-code-analysis structure tslint

Last synced: 12 Apr 2025

https://github.com/johnstoncode/phpstan-moneyphp

Moneyphp Money class reflection extension for PHPStan

php php7 phpstan static-analysis static-code-analysis

Last synced: 10 Apr 2025

https://github.com/tomasbjerre/violation-comments-to-gitlab-command-line

Report static code analysis to GitLab

gitlab static-code-analysis

Last synced: 12 Apr 2025

https://github.com/twisterrob/android-lint-examples

Project that reproduces every lint violation out there. (At least that's the idea, contributions welcome.)

android android-development lint static-analysis static-code-analysis

Last synced: 07 Aug 2025

https://github.com/yonyong/sonar-custom-pmd-plugin

由于目前自定义sonar插件开发没有统一的框架,实现比较复杂, 因此开发了此骨架项目。开发者可以按照文档步骤新增自定义的sonar插件。

custom-plugin java p3c pmd sonar-plugin sonarqube sonarqube-plugin static-analyzer static-code-analysis

Last synced: 11 Jun 2025

https://github.com/xyproto/purefunction

Given a Go source code file, find all known pure functions

optimization-tools static-code-analysis

Last synced: 15 Apr 2025

https://github.com/cathive/concourse-sonarqube-qualitygate-task

A task for Concourse CI to be used in conjunction with the concourse-sonarqube-resource to break builds if the criteria of a quality gate cannot be met

code-quality concourse-ci sonarqube static-code-analysis

Last synced: 06 Oct 2025

https://github.com/hdorgeval/testcafe-static-analyser

This tool performs a static analysis of your TestCafe tests and produces a nice and searchable html report

e2e gherkin report-generator static-code-analysis testcafe visual-studio-code vscode

Last synced: 15 Jun 2025

https://github.com/ezienecker/static-code-review-plugin

A plugin which comments the found bugs (by static code analyzer) to your merge request

code-analysis findbugs hacktoberfest spotbugs spotbugs-maven-plugin static-analysis static-code-analysis

Last synced: 29 Jul 2025

https://github.com/prayas7102/nodejssecurify

NodejsSecurify is an advanced NPM package designed to enhance the security of Node.js applications using AI/ML models. It provides a comprehensive set of security features and analysis capabilities to identify potential vulnerabilities and enforce best practices in accordance with OWASP guidelines.

brute-force-attacks callbackhell cybersecurity dos-attack hacktoberfest input-validation javascript machine-learning naive-bayes-classifier nodejs owasp redos-detector regex-dos static-code-analysis typescript whitebox-testing xss-vulnerability

Last synced: 18 Apr 2025

https://github.com/ballerina-platform/static-code-analysis-tool

Tool for performing static code analysis for Ballerina projects.

ballerina static-code-analysis

Last synced: 19 Jun 2025

https://github.com/tomasbjerre/violation-comments-to-gitlab-lib

Comment gitlab with violations found with static code analysis.

gitlab static-code-analysis

Last synced: 12 Apr 2025

https://github.com/tomasbjerre/violation-comments-to-bitbucket-server-lib

A library for commenting Bitbucket Server with violations from static code analyzer reports.

bitbucket-server static-code-analysis

Last synced: 12 Apr 2025

https://github.com/stefan-kolb/texcop

CLI and static code analyzer for TeX and BibTeX files.

academia best-practices bibtex latex linter static-code-analysis style-checker style-guide tex thesis

Last synced: 13 Mar 2025

https://github.com/standardnotes/brakeman-action

Runs Brakeman against a repository's source code to find security vulnerabilities, using GitHub actions.

brakeman rails review ruby security static-code-analysis

Last synced: 25 Aug 2025

https://github.com/tomasbjerre/violation-comments-action

A GitHub action to help use violation-comments-to-github-command-line.

code-rev static-code-analysis

Last synced: 02 Aug 2025

https://github.com/kennethlarsen/lannister

💸 A Lannister always pays his technical debt

automated-analysis static-analysis static-code-analysis technical-debt

Last synced: 23 Apr 2025

https://github.com/daomephsta/fantastic-chainsaw

A static analysis tool to assist MC modders in updating their mods

eclipse minecraft static-analysis static-code-analysis

Last synced: 04 Aug 2025

https://github.com/olekscode/identifiernamesplitter

A tool for splitting identifier names into separate words, numbers, and symbols. For example, 'aName_AST42:' gets separated into 'a', 'Name', '_', 'AST', '42', and ':'

code-analysis identifier identifier-names pharo smalltalk static-code-analysis

Last synced: 05 Apr 2025

https://github.com/protosec-research/tree-of-ast

Tree-of-AST: Python Security Analysis framework inspired by ToT (Tree-of-Thoughts) of Deliberate Code analysing states using ToT-based ways.

ai gpt-4 ml python security security-audit security-tools source-to-sink static-code-analysis tree-of-thoughts

Last synced: 04 Sep 2025

https://github.com/yardexx/dart_shield

Security CLI tool (SAST) to detect security issues in your Dart and Flutter code.

appsec dart flutter sast security security-scanner security-tools static-analysis static-code-analysis vulnerability

Last synced: 26 Feb 2025

https://github.com/lastnpe/external-annotations-esperanto

Tooling to convert different representations of externalized Java annotations to & fro' each other

code-analysis eclipse eea esperanto java null-analysis nullability nullable star-trek startrek static-analysis static-code-analysis

Last synced: 06 Oct 2025

https://github.com/vegardit/depcheck-maven-plugin

Maven plugin to check for used unused direct and used indirect (transitive) dependencies.

asm dependency-analysis java maven-plugin static-code-analysis

Last synced: 15 Mar 2025

https://github.com/scheb/tombstone-logger

[READ ONLY] Tracking of tombstones to find dead code in your codebase

dead-code-removal dynamic-code-analysis static-code-analysis tombstones

Last synced: 15 Feb 2025

https://github.com/ukinimod/iac-count

Measures the quality of IaC through metrics

ansible golang iac metrics static-code-analysis

Last synced: 03 Apr 2025

https://github.com/danini-the-panini/will_it_ruby

Run your Ruby code before actually running it

ruby static-code-analysis

Last synced: 09 Oct 2025

https://github.com/lucascorpion/instant-sonar

Instantly analyse your code with SonarQube in Docker, with a single command.

cli docker sonarqube static-code-analysis

Last synced: 03 Aug 2025

https://github.com/mariha/null-safety

A holistic approach to bring null-safety to the code written in Java.

java npe nullability nullability-analysis nullable static-analysis static-code-analysis

Last synced: 17 Oct 2025

https://github.com/kffl/bsdetector-server

BSDetector server - JavaScript static code analysis tool

code-smells good-practices static-code-analysis

Last synced: 06 Apr 2025

https://github.com/ariddlestone/phpstan-cakephp2

An extension to help test CakePHP 2 projects with PHPStan

cakephp2 php php7 phpstan-extension static-analysis static-code-analysis

Last synced: 13 Apr 2025

https://github.com/buraksenyurt/webservice-detective

Eski bir uygulamadaki web servis ve web servis metotlarını kodu statik analiz yoluyla tarayarak bulmak istersek ne yapabiliriz sorusuna Roslyn'den de destek alıp bakmaya çalışıyoruz.

dotnet roslyn static-code-analysis web-services

Last synced: 01 Aug 2025

https://github.com/solitudera/fractalfathom-cli

A Kotlin-based project for enhancing Java code analysis, leveraging GraphCodeBERT and GPT-4 to generate PlantUML diagrams that visualize code structure, relationships, and functional components.

chatgpt code-comprehension graphcodebert java kotlin spoon static-code-analysis

Last synced: 04 Apr 2025

https://github.com/sage/rubocop-custom-cops

Custom checks for Rubocop - Static code analysis

rubocop rubocop-rails ruby ruby-gem static-code-analysis

Last synced: 13 May 2025

https://github.com/nerdfiles/chordlike

handling modality in reactjs

coverage docs reactjs static-code-analysis unit-testing

Last synced: 15 Mar 2025

https://github.com/fortify/sample-scala

Simple example showing how Fortify scanning can be performed in Scala applications built with Maven (using the "scala-maven-plugin" from https://github.com/davidB/) or Gradle.

appsec fortify fortify-sca sample sast sbt scala source-code-analysis static-code-analysis vulnerable-sample-app

Last synced: 02 Sep 2025

https://github.com/ballerina-platform/sonar-ballerina

This plugin provides an interface to report Ballerina static code analysis results to SonarQube

ballerina static-code-analysis

Last synced: 19 Jun 2025

https://github.com/janniclas/swift-llvm-statistics-comparison

This repository contains microbenchmarks written in Swift and C++.

cpp llvm-ir static-code-analysis swift

Last synced: 14 Jul 2025

https://github.com/quantummeta4/devflow-pro

🚀 Lightning-fast AI code analyzer built in Rust. Detect issues, measure complexity, and improve code quality in seconds. Built to function in your favorite IDE.

ai artificial-intelligence code-analysis code-metrics code-quality developer-tools performance-optimization rust rust-lang security-tools static-analysis static-code-analysis

Last synced: 16 Jun 2025

https://github.com/gionniboy/phpdemo-cicd

A demo to illustrate the powerful of ci/cd pipeline: for php7 projects. Pdf slide from speech @phpusergrouppalermo

composer continuous-delivery continuous-deployment continuous-integration continuous-testing gitlab-ci php7 phpcs phpmd phpunit static-code-analysis

Last synced: 02 Apr 2025

https://github.com/archtaqi/php-metrics

PhpMetrics Static analyzer tool for PHP Customize, Installed using Ansible

ansible jenkins php phpcs phpmd phpstan static-code-analysis

Last synced: 01 Aug 2025

https://github.com/kyaak/danger-warnings

Danger plugin to report lint warnings of different tools

bandit danger danger-plugin pylint rubocop static-analysis static-code-analysis

Last synced: 05 Oct 2025

https://github.com/secure-software-engineering/cognicrypt-intellij

Static Code Analysis for Crypto-API misuse detection. IDE Plugin for IntelliJ and Android Studio

android-studio-plugin api-misuse intellij-plugin security-scanner static-code-analysis

Last synced: 18 Feb 2025

https://github.com/dannyben/rentacop

A more relaxed default set of RuboCop rules

rubocop rubocop-configuration rubocop-defaults ruby ruby-gem static-code-analysis

Last synced: 01 Mar 2025

https://github.com/mayconfsousa/eslint-config-nebula

Elevate JS, TS, and React with best practices for stellar code quality and consistency

eslint eslint-config javascript react reactjs static-code-analysis style-guide typescript

Last synced: 13 Apr 2025

https://github.com/jorischau/checkglobals

Find (missing) dependencies in R-source code

package-dependencies r static-code-analysis

Last synced: 14 Mar 2025

https://github.com/dalisoft/biome-rs-npm

A toolchain for web projects, aimed to provide functionalities to maintain them. Biome offers formatter and linter, usable via CLI and LSP

css formatter javascript json jsx linter static-code-analysis typescript web

Last synced: 25 Mar 2025

https://github.com/sshaaf/kantra-examples

A repo to demonstrate differnt types of rules with Kantra cli a Konveyor.io project for static code analysis

static-code-analysis

Last synced: 14 Mar 2025

https://github.com/beevelop/docker-sonarlint

SonarLint scans code for bugs and quality issues, with several languages supported and simple usage.

continuous-integration docker docker-image sonarlint sonarqube static-code-analysis

Last synced: 20 Feb 2025

https://github.com/abelflopes/eslint-config-tsr-pro

Professional grade eslint configuration targeted for typescript & react projects

code-quality config eslint javascript lint react standard static-code-analysis typescript

Last synced: 08 May 2025

https://github.com/seanox/review

Programming language-independent static code analysis with replacement, based on regular expressions

expression-based static-code-analysis

Last synced: 25 Aug 2025

https://github.com/the-lone-druid/sonarqube-issues-exporter

Interactive HTML report generator for SonarQube issues with advanced filtering, searching, and data visualization capabilities.

bootstrap code-quality datatable developer-tools html-report nodejs quality-assurance reporting-tool sonarqube sonarqube-api static-analysis static-code-analysis

Last synced: 02 Sep 2025

https://github.com/aditeyabaral/parabolic-encryptor

A C project made as a part of the Secure Programming with C course (UE18CS257C) course at PES University to demonstrate static code analysis.

c encryption-decryption secure-programming static-code-analysis

Last synced: 09 Mar 2025

https://github.com/mardem1/perl-critic-mardem

Perl-Critic Policies for simple Refactoring-Support

perl perl-critic perl5 static-analysis static-analysis-plugin static-code-analysis

Last synced: 17 Mar 2025

https://github.com/codebytemirza/llmgrep

LLMGrep combines the precision of Semgrep's static analysis with the power of Large Language Models to deliver comprehensive security scanning, interactive vulnerability discussions, and intelligent rule generation capabilities.

ai-powered code-analysis code-security docker groq llm llm-applications python security-analysis security-automation security-scanning security-tools semgrep static-analysis static-code-analysis streamlit vulnerability-scanner

Last synced: 28 Mar 2025

https://github.com/thepalbi/sootlab

Interactive lab for experimenting with Soot IRs

java lab soot static-code-analysis

Last synced: 13 Mar 2025

https://github.com/murat-kaya/fortifyazuredevopsplugin

Extended Microfocus Azure Devops Bugtracker Plugin

fortify plugin sast security-tools static-code-analysis visual-studio-code

Last synced: 02 Apr 2025

https://github.com/ogs-gmbh/linter

This repository contains custom linter rules to ensure consistent and clean code. Optimized for developers who prioritize quality and best practices.

code-quality eslint linter static-code-analysis typescript-eslint

Last synced: 05 Oct 2025

https://github.com/tomasbjerre/violation-comments-to-bitbucket-cloud-lib

A library for commenting Bitbucket Cloud with violations from static code analyzer reports.

bitbucket-cloud static-code-analysis

Last synced: 09 Sep 2025

https://github.com/imsalmanmalik/devsecops-project-netflix-deployment

Deploy a Netflix clone application using a secure CI/CD pipeline built with Jenkins, Docker 🐳 , and Kubernetes ☸️. This project includes implementing code quality and security tools (SonarQube, Trivy), as well as monitoring solutions (Prometheus, Grafana) to ensure reliability and visibility

aws devops devsecops devsecops-pipeline docker eks-cluster grafana jenkins kubernetes monitoring networking node-exporter owasp-dependencycheck prometheus security sonarqube static-code-analysis trivy-scan

Last synced: 09 Mar 2025

https://github.com/machi1990/static-analyzer

Static analysis of a c-ish programming language

static-analysis static-code-analysis

Last synced: 16 May 2025

Static code analysis Awesome Lists
static-analysis 710 awesome-standard 58 fucking-static-analysis 331
Static code analysis Categories
Programming Languages 217 Other 104 Multiple languages 99 forks 15 code/project generators 7 editor plugins 7 build tools 6 packages used by standard 5 pretty terminal output (reporters) 5 More Collections 4 Meaning of Symbols: 4 License 3 Sponsors 3 usage stats 3 automatic code formatters 2 standard 1