Open Source Source Code Analysis Tools - Page 2
Sort By:
Source Code Analysis Tools
View 5728 business solutions-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
Deliver secure remote access with OpenVPN.OpenVPN's products provide scalable, secure remote access — giving complete freedom to your employees to work outside the office while securely accessing SaaS, the internet, and company resources.
-
1
Sloc Cloc and Code (scc)
Sloc, Cloc and Code: scc is a very fast accurate code counter
Sloc, Cloc and Code: scc is a very fast accurate code counter with complexity calculations and COCOMO estimates written in pure Go. The tool is similar to cloc, sloccount and tokei. For counting the lines of code, blank lines, comment lines, and physical lines of source code in many programming languages. The goal is to be the fastest code counter possible, but also perform COCOMO calculations like sloccount, estimate code complexity similar to cyclomatic complexity calculators, and produce unique lines of code or DRYness metrics. In short one tool to rule them all. -
2
Static Analysis Tools for PHP
Docker image that provides static analysis tools for PHP
Docker image providing static analysis tools for PHP. The list of available tools and the installer is actually managed in the jakzal/toolbox repository. Docker image with quality analysis tools for PHP. To run the selected tool inside the container, you'll need to mount the project directory on the container with -v "$(pwd):/project". Some tools like to write to the /tmp directory (like PHPStan, or Behat in some cases), therefore it's often useful to share it between docker runs, i.e. with -v "$(pwd)/tmp-phpqa:/tmp". If you want to be able to interrupt the selected tool if it takes too much time to complete, you can use the --init option. Some tools are not included in the docker image, to use them refer to their documentation. Provides utilities to report legacy tests and usage of deprecated code. -
3
stylelint
A linter that helps you avoid errors and enforce conventions
stylelint understands the latest CSS syntax including custom properties and level 4 selectors. Extracts embedded styles from HTML, markdown and CSS-in-JS object & template literals. Parses CSS-like syntaxes like SCSS, Sass, Less and SugarSS. Has over 170 built-in rules to catch errors, apply limits and enforce stylistic conventions. Supports plugins so you can create your own rules or make use of plugins written by the community. Automatically fixes the majority of stylistic violations. Itis well tested with over 15000 unit tests. Supports shareable configs that you can extend or create. It is unopinionated so that you can customize it to your exact needs. stylelint has a growing community and is used by Facebook, GitHub and WordPress. You can configure the built-in stylistic rules to allow both multi-line and single-line rules. The choice of when to use each belongs to the user. -
4
Source Navigator NG is a source code analysis tool. With it, you can edit your source code, display relationships between classes and functions and members, and display call trees. You can navigate your source code and easily get to declarations or implementations of functions, variables and macros (commonly called "symbols") which helps you discovering and mapping unknown source code for enhancement or maintenance tasks.
-
No-Nonsense Code-to-Cloud Security for Devs | AikidoAikido provides a unified security platform for developers, combining 12 powerful scans like SAST, DAST, and CSPM. AI-driven AutoFix and AutoTriage streamline vulnerability management, while runtime protection blocks attacks.
-
5
Cinder
Community-developed library for professional-quality creative coding
Cinder is a free and open source library for professional-quality creative coding in C++. Cinder is available under the BSD License for macOS and Windows. The latest version is 0.9.2. To keep up-to-date with Cinder’s development, consider working from the github repository directly. Cinder is a C++ library for programming with aesthetic intent - the sort of development often called creative coding. This includes domains like graphics, audio, video, and computational geometry. Cinder is cross-platform, with official support for macOS, Windows, Linux, iOS, and Windows UWP. Cinder is production-proven, powerful enough to be the primary tool for professionals, but still suitable for learning and experimentation. Full keyboard, mouse (including scroll wheel), window, and file drag and drop. -
6
Code Maat
A command line tool to mine and analyze data from version-control
Code Maat is a command-line tool for analyzing version-control systems (Git, SVN, etc.) to uncover code health insights—development hotspots, author coupling, and temporal change metrics. Created by Adam Tornhill, it supports research in behavioral code analysis and is often paired with his books like Code as a Crime Scene and Software Design X‑Rays. -
7
Light Table
Code editor that connects you to your creation with instant feedback
Connects you to your creation with instant feedback and showing data values flow through your code. Embed anything you want, from graphs to games to running visualizations. Easily customizable from keybinds to extensions to be completely tailored to your specific project. Everything from eval and debugging to a fuzzy finder for files and commands to fit seamlessly into your workflow. Try new ideas quickly and easily. Ask questions about your software, to give you a more profound understanding of your code. An elegant, lightweight, beautifully designed layout so your IDE is no longer cluttered. Next-gen println to keep track of important values in your code. Just add a watch to an expression and the value will be streamed back to LT in real time. No more printing to the console in order to view your results. Simply evaluate your code and the results will be displayed inline. -
8
PHP Coding Standards Fixer
A tool to automatically fix PHP Coding Standards issues
The PHP Coding Standards Fixer (PHP CS Fixer) tool fixes your code to follow standards, whether you want to follow PHP coding standards as defined in the PSR-1, PSR-2, etc., or other community driven ones like the Symfony one. You can also define your (team’s) style through configuration. It can modernize your code (like converting the pow function to the operator on PHP 5.6) and (micro) optimize it. If you are already using a linter to identify coding standards problems in your code, you know that fixing them by hand is tedious, especially on large projects. This tool does not only detect them, but also fixes them for you. If you need to apply code styles that are not supported by the tool, you can create custom rules. Dedicated plugins exist for Atom, NetBeans, PhpStorm, Sublime Text, Vim, and VS Code. -
9
PHP Depend
PHP_Depend is an adaptation of the established Java development tool
PHP_Depend is an adaptation of the established Java development tool JDepend. This tool shows you the quality of your design in terms of extensibility, reusability and maintainability. The maintainers of PHP Depend and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open source dependencies you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact dependencies you use. -
Photo and Video Editing APIs and SDKsUnlock Picsart's full editing suite by embedding our Editor SDK directly into your platform. Offer your users the power of a full design suite without leaving your site.
-
10
Pylint
It's not just a linter that annoys you!
Pylint is a static code analyzer for Python 2 or 3. The latest version supports Python 3.7.2 and above. Pylint analyses your code without actually running it. It checks for errors, enforces a coding standard, looks for code smells, and can make suggestions about how the code could be refactored. Projects that you might want to use alongside pylint include flake8 (faster and simpler checks with very few false positives), mypy, pyright or pyre (typing checks), bandit (security-oriented checks), black and isort (auto-formatting), autoflake (automated removal of unused import or variable), pyupgrade (automated upgrade to newer python syntax) and pydocstringformatter (automated pep257). Pylint isn't smarter than you: it may warn you about things that you have conscientiously done or checks for some things that you don't care about. During adoption, especially in a legacy project where pylint was never enforced. -
11
Semgrep
Lightweight static analysis for many languages
Static analysis at ludicrous speed. Find bugs and enforce code standards. Find and prevent security issues in Terraform, Docker, Kubernetes, nginx, and AWS configs before they go into production. Go beyond application code and protect the entire stack with a breadth of scanning capabilities. Don't leak secrets, scan every commit and ensure secrets don't make it to production. Protect the privileged CI/CD environment from malicious activity that could result in access to source code, secrets, and more. Run with registry rules or your own. Code is analyzed locally (not uploaded). Get results at ludicrous speed with diff-aware scans, review findings in MR and PR comments, and deploy Semgrep across your organization’s projects. Go beyond the registry with rules specific to your organization. Write rules to enforce your own code guardrails. -
12
ShellCheck
A static analysis tool for shell scripts
ShellCheck is a GPLv3 tool that provides warnings and possible suggestions for bash/sh shell scripts. ShellCheck finds bugs in your shell scripts. You can cabal, apt, dnf, pkg or brew install it locally right now. ShellCheck highlights and clarifies typical beginner's syntax mistakes and issues that cause a shell to give a cryptic error message. It shows typical intermediate level semantic problems that cause a shell to behave in a abnormally and counter-intuitively. It can also discover ssubtle caveats, corner cases and pitfalls that may cause an user's working script to fail under probable future circumstances. ShellCheck.net is always synchronized to the latest git version, and is the simplest way to give ShellCheck a go. -
13
codeium-chrome
Free, ultrafast code autocomplete for Chrome
Free, ultrafast code autocomplete for Chrome. Codeium autocompletes your code with AI in all major IDEs. This includes web editors as well. The content attribute accepts a comma-separated list of supported editors. These currently include: "monaco" and "codemirror5". -
14
elasticsearc-php
PHP low-level client for Elasticsearch
Introducing Elasticsearch DSL library to provide objective query builder for Elasticsearch bundle and elasticsearch-php client. You can easily build any Elasticsearch query and transform it to an array. This agnostic package is a lightweight wrapper on top of the Elasticsearch PHP client. Its main goal is to allow for easier structuring of queries and indices in your application. It does not want to hide or replace the functionality of the Elasticsearch PHP client. Feature complete, object oriented, composable, extendable Elasticsearch query DSL builder for PHP. Deliberately built to be as simple as possible, easily usable and with explicit naming. Elasticsearch Bundle was created in order to serve the need for professional Elasticsearch integration with enterprise level Symfony 2 systems. Automatically generate mappings using a serializer. Listeners for Doctrine events for automatic indexing. -
15
prettydiff
Beautifier and language aware code comparison tool for many languages
Beautifier and language-aware code comparison tool for many languages. It also minifies and a few other things. In this personal project I am trying to solve the problem of decentralization with a focus on privacy, permissions, performance, and automation. Decentralization is likely not what you think it is. For an excellent and mature example of decentralization see the architecture of WebRTC. My current project approaches the application considerations of decentralization far more aggressively than the media considerations defined by WebRTC. If you need a JavaScript/TypeScript developer that enjoys solving new and challenging problems email me at info at prettydiff.com. -
16
A general purpose source code indexer and cross-referencer that provides web-based browsing of source code with links to the definition and usage of any identifier. Supports multiple languages. Up-to-date information in http://lxr.sourceforge.net
-
17
Web Application Protection
Tool to detect and correct vulnerabilities in PHP web applications
WAP automatic detects and corrects input validation vulnerabilities in web applications written in PHP Language (version 4.0 or higher) and with a low rate of false positives. WAP detects the following vulnerabilities: - SQL injection using MySQL, PostgreSQL and DB2 DBMS - Reflected cross-site scripting (XSS) - Stored XSS - Remote file inclusion - Local file inclusion - Directory traversal - Source code disclosure - OS command injection - PHP code injection WAP is a static analysis tool that performs taint analysis to detect vulnerabilities, tracking malicious users inputs and checking if they reach calls of sensitive functions. It has a low rate of false positives because has implemented a data mining module to predict false positives when detects vulnerabilities. The output of the tool is: - shows the vulnerabilities found and how they are corrected - new files with the corrections -
18
A drop-in replacement for the src.zip shipped with Oracle Java 7, that contains sources to all Java classes that are shipped or generated by the OpenJDK project (the official src.zip only covers public classes), plus tools to generate it.
-
19
.NET Interactive
.NET Interactive takes .NET and embeds it into your experiences
.NET Interactive takes the power of .NET and embeds it into your interactive experiences. Share code, explore data, write, and learn across your apps in ways you couldn't before. We recently introduced the .NET Interactive Notebooks extension for Visual Studio Code, which adds support for .NET Interactive using the new Visual Studio Code native notebook feature. We encourage you to try it out. .NET Interactive enables users to mix languages in a single notebook or cell without a wrapper. The multi-language experience opens up doors for users to use the best language for the task at hand. .NET Interactive enables you to write code in multiple languages within a single notebook and in order to take advantage of those languages' different strengths, you might find it useful to share data between them. In just a single line of code easily visualize data with Microsoft SandDance and nteract DataExplorer. -
20
Async PHP
Easily run code asynchronously
Spatie Async is a PHP library that allows developers to run parallel processes using asynchronous tasks. It helps optimize performance by executing long-running or resource-intensive tasks concurrently, instead of sequentially. The library is easy to use and integrates well with existing PHP applications, making it suitable for batch processing, data scraping, or any scenario where concurrency can boost efficiency. -
21
Code Climate CLI
Code Climate CLI
Align initiatives with strategic priorities, accelerate software delivery, and drive continuous improvement with the leading Engineering Intelligence Solution. Software development teams used to operate in the dark, forced to make decisions based on gut feel and anecdotes, causing friction, creating silos, and leading to mediocre outcomes. Today, forward-thinking engineering leaders leverage data-driven insights to build a culture of trust and high performance. Align on business priorities with improved transparency across every level of your organization, and ensure optimal resource allocation for your engineering teams. Deliver high-quality code quickly and consistently to achieve true Continuous Delivery and out-innovate your competition. Improve your team’s processes and engineering skills to create a high-performance culture, boost pipeline efficiency, and increase employee engagement. code climate is a command-line interface for the Code Climate analysis platform. -
22
Cross Platform Node Guide
Improve front-end engineer workflow & standard, powered by TypeScript
A command-line tool aims to improve front-end engineer workflow and standards, powered by Node.js. Feflow (pronounced /ˈfefləʊ/) is a front-end flow and rule tool to improve engineering efficiency., and is hosted on Github: feflow. At present, it has been used in many applications, such as Now, Huayang Live, Huayang Friends, Mobile QQ Near Hand, Group Video, Group Gift, Huiyin, Tencent Myapp, Penguins and etc. With 80+ WEB/IOS/Andriod stable users, the cumulative production project reached 240+. Feflow refers to the thinking of Pipeline and divides work into five steps: init, develop, build, test, deploy. And corresponding to five basic commands: init, dev, build, test, and deploy. In addition to serving basic development workflows and specifications, Feflow provides an easy-to-expand plug-in mechanism for creating a team-wide toolchain ecosystem. Feflow only provides a CLI and kernel. The CLI is responsible for interacting with the command line terminal. -
23
HTMLHint
The static code analysis tool you need for your HTML
Static code analysis tool you need for your HTML. By default, htmlhint looks for a .htmlhintrc file in the current directory and all parent directories and applies its rules when parsing a file. -
24
Hydrogen
Run code interactively, inspect data, and plot
Hydrogen is an interactive coding environment that supports Python, R, JavaScript and other Jupyter kernels. Hydrogen was inspired by Bret Victor's ideas about the power of instantaneous feedback and the design of Light Table. Running code inline and in real-time is a more natural way to develop. By bringing the interactive style of Light Table to the rock-solid usability of Atom, Hydrogen makes it easy to write code the way you want to. You also may be interested in our latest project – interact – a desktop application that wraps up the best of the web-based Jupyter notebook. Watch expressions let you keep track of variables and re-run snippets after every change. Completions from the running kernel, just like autocomplete in the Chrome dev tools. Code can be inspected to show useful information provided by the running kernel. One kernel per language (so you can run snippets from several files, all in the same namespace). -
25
Luacheck
A tool for linting and static analysis of Lua code
Luacheck is a static analyzer and a linter for Lua. Luacheck detects various issues such as usage of undefined global variables, unused variables and values, accessing uninitialized variables, unreachable code and more. Most aspects of checking are configurable: there are options for defining custom project-related globals, for selecting set of standard globals (version of Lua standard library), for filtering warnings by type and name of related variable, etc. The options can be used on the command line, put into a config or directly into checked files as Lua comments. Luacheck supports checking Lua files using the syntax of Lua 5.1, Lua 5.2, Lua 5.3, and LuaJIT. Luacheck itself is written in Lua and runs on all of the mentioned Lua versions.
