Open Source Mac Source Code Analysis Tools - Page 3
Sort By:
Source Code Analysis Tools for Mac
View 1429 business solutions-
Gen AI apps are built with MongoDB AtlasMongoDB Atlas provides built-in vector search and a flexible document model so developers can build, scale, and run gen AI apps without stitching together multiple databases. From LLM integration to semantic search, Atlas simplifies your AI architecture—and it’s free to get started.
-
Get the most trusted enterprise browserDefend against security incidents with Chrome Enterprise. Create customizable controls, manage extensions and set proactive alerts to keep your data and employees protected without slowing down productivity.
-
1
Imgbot
An Azure Function solution to crawl through all of your image files
Don’t spend another second worrying about compressing your images. Install Imgbot into your GitHub projects, and focus on your application. Install Imgbot from the GitHub marketplace into your projects with the click of a button. Imgbot will send you your first pull request optimizing all of the images that it can find. Imgbot watches for new images in your repository and opens more pull requests. When you’re shipping code and hitting deadlines, it’s easy to forget about optimizing your images. But the truth is if you don’t optimize your images, you are losing out. Web pages with optimized images load faster. Faster pages have higher conversion rates, lower bounce rates, and happier users. And of course, smaller images reduce bandwidth costs for you and your visitors. Setting up and configuring your own tools can be a complicated and lengthy process. That means you are not focusing on shipping your next big update. With a few clicks, you can install Imgbot and permanently solve it. -
2
NERD Commenter
Vim plugin for intensely nerdy commenting powers
NERD Commenter is a Vim plugin offering powerful and highly customizable commenting capabilities. It simplifies toggling comments, supports multiple styles and nesting, and integrates cleanly with various plugin managers. Several settings can be added to your vimrc to change the default behavior. While the plugin does not directly support motions, you can leverage its support for selections to do something very similar. You can turn off default settings mappings to provide your own from scratch. Comment out the current line or text selected in visual mode. -
3
PHP Coding Standards Fixer
A tool to automatically fix PHP Coding Standards issues
The PHP Coding Standards Fixer (PHP CS Fixer) tool fixes your code to follow standards, whether you want to follow PHP coding standards as defined in the PSR-1, PSR-2, etc., or other community driven ones like the Symfony one. You can also define your (team’s) style through configuration. It can modernize your code (like converting the pow function to the operator on PHP 5.6) and (micro) optimize it. If you are already using a linter to identify coding standards problems in your code, you know that fixing them by hand is tedious, especially on large projects. This tool does not only detect them, but also fixes them for you. If you need to apply code styles that are not supported by the tool, you can create custom rules. Dedicated plugins exist for Atom, NetBeans, PhpStorm, Sublime Text, Vim, and VS Code. -
4
Restangular
AngularJS service to handle Rest API Restful Resources
Restangular is an AngularJS service that simplifies common GET, POST, DELETE, and UPDATE requests with a minimum of client code. It's a perfect fit for any WebApp that consumes data from a RESTful API. Note This version of Restangular only supports Angular 1. For an Angular 2+ version of Restangular, check out ngx-restangular. It's a separate project with different maintainers, so issues regarding ngx-restangular should be reported over there. Learn Restangular! Try the live demo on plunkr. It uses the same example as the official Angular Javascript Project, but with Restangular! With $resource, you need to write the URL Template. In here, you don't write any urls. You just write the name of the resource you want to fetch and that's it. You don't have to know the URL, the path, or anything to do all of the HTTP operations you want. You can create your own methods to run the operation that you want. The sky is the limit. -
No-Nonsense Code-to-Cloud Security for Devs | AikidoAikido provides a unified security platform for developers, combining 12 powerful scans like SAST, DAST, and CSPM. AI-driven AutoFix and AutoTriage streamline vulnerability management, while runtime protection blocks attacks.
-
5
SafeQL
Validate and auto-generate TypeScript types from raw SQL queries
SafeQL is an ESLint plugin for writing SQL queries in a type-safe way. SafeQL automatically infers the type of the query result based on the query itself. SafeQL works with any PostgreSQL client, including Prisma, Sequelize, pg, Postgres.js, and more. SafeQL was built in mind to be easy to use and integrate with your existing codebase. SafeQL was built with monorepos and microservices in mind, and it's easy to use with multiple databases. SafeQL is an ESLint plugin that helps you write SQL (PostgreSQL) queries safely. SafeQL was never meant to replace your current SQL library. Instead, It's a plugin that you can use to add extra functionality to your existing SQL library. It means that you can use SafeQL with any SQL library that you want. You can even use SafeQL with multiple SQL libraries at the same time. -
6
Semgrep
Lightweight static analysis for many languages
Static analysis at ludicrous speed. Find bugs and enforce code standards. Find and prevent security issues in Terraform, Docker, Kubernetes, nginx, and AWS configs before they go into production. Go beyond application code and protect the entire stack with a breadth of scanning capabilities. Don't leak secrets, scan every commit and ensure secrets don't make it to production. Protect the privileged CI/CD environment from malicious activity that could result in access to source code, secrets, and more. Run with registry rules or your own. Code is analyzed locally (not uploaded). Get results at ludicrous speed with diff-aware scans, review findings in MR and PR comments, and deploy Semgrep across your organization’s projects. Go beyond the registry with rules specific to your organization. Write rules to enforce your own code guardrails. -
7
Tencent Cloud Code Analysis
Static code analysis
Tencent Cloud Code Analysis (TCA for short, used internally by the R&D code CodeDog ) is a cloud-native, distributed, high-performance comprehensive code analysis and tracking platform that integrates many analysis tools, including server, web and client The three components have integrated a number of self-developed tools, and also support the dynamic integration of analysis tools of various programming languages in the industry. Obtain the Tencent Cloud code analysis platform by deploying TCA Server and Web, and complete the creation of related projects on the platform. After the project is created, you can deploy and configure the Tencent Cloud code analysis client to perform code analysis locally or as an online resident node. Before starting your first code analysis project, you need to deploy the Tencent Cloud Code Analysis client locally. After completing the project configuration on the client, you can start your first code analysis project and view your analysis results. -
8
elasticsearc-php
PHP low-level client for Elasticsearch
Introducing Elasticsearch DSL library to provide objective query builder for Elasticsearch bundle and elasticsearch-php client. You can easily build any Elasticsearch query and transform it to an array. This agnostic package is a lightweight wrapper on top of the Elasticsearch PHP client. Its main goal is to allow for easier structuring of queries and indices in your application. It does not want to hide or replace the functionality of the Elasticsearch PHP client. Feature complete, object oriented, composable, extendable Elasticsearch query DSL builder for PHP. Deliberately built to be as simple as possible, easily usable and with explicit naming. Elasticsearch Bundle was created in order to serve the need for professional Elasticsearch integration with enterprise level Symfony 2 systems. Automatically generate mappings using a serializer. Listeners for Doctrine events for automatic indexing. -
9
eslint-plugin-flowtype
Flow type linting rules for ESLint
Flow type linting rules for ESLint. This plugin exports a recommended configuration that enforces Flow type good practices. To enable this configuration use the extends property in your .eslintrc config file. ESLint is designed to be flexible and configurable for your use case. You can turn off every rule and run only with basic syntax validation or mix and match the bundled rules and your custom rules to fit the needs of your project. There are two primary ways to configure ESLint. Use JavaScript comments to embed configuration information directly into a file. Use a JavaScript, JSON, or YAML file to specify configuration information for an entire directory and all of its subdirectories. This can be in the form of a .eslintrc.* file or an eslintConfig field in a package.json file, both of which ESLint will look for and read automatically, or you can specify a configuration file on the command line. -
Secure remote access solution to your private network, in the cloud or on-prem.OpenVPN is here to bring simple, flexible, and cost-effective secure remote access to companies of all sizes, regardless of where their resources are located.
-
10
eslint-plugin-import
ESLint plugin with rules that help validate proper imports.
This plugin intends to support linting of ES2015+ (ES6+) import/export syntax, and prevent issues with misspelling of file paths and import names. All the goodness that the ES2015+ static module syntax intends to provide, is marked up in your editor. The maintainers of eslint-plugin-import and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open-source dependencies you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact dependencies you use. With the advent of module bundlers and the current state of modules and module syntax specs, it's not always obvious where import x from 'module' should look to find the file behind module. Up through v0.10ish, this plugin has directly used substack's resolve plugin, which implements Node's import behavior. This works pretty well in most cases. -
11
eslint-plugin-jsx-a11y
Static AST checker for a11y rules on JSX elements
Static AST checker for accessibility rules on JSX elements. This plugin does a static evaluation of the JSX to spot accessibility issues in React apps. Because it only catches errors in static code, use it in combination with axe-core/react to test the accessibility of the rendered DOM. Consider these tools just as one step of a larger a11y testing process and always test your apps with assistive technology. If you installed ESLint globally (using the -g flag in npm, or the global prefix in yarn) then you must also install eslint-plugin-jsx-a11y globally. To enable your custom components to be checked as DOM elements, you can set global settings in your configuration file by mapping each custom component name to a DOM element type. Enforce all elements that require alternative text have meaningful information to relay back to the end user. -
12
eslint-plugin-node
Additional ESLint's rules for Node.js
Additional ESLint's rules for Node.js. plugin:node/recommended considers both CommonJS and ES Modules. If "type":"module" field existed in package.json then it considers files as ES Modules. Otherwise it considers files as CommonJS. In addition, it considers *.mjs files as ES Modules and *.cjs files as CommonJS. plugin:node/recommended-module considers all files as ES Modules. plugin:node/recommended-script considers all files as CommonJS. -
13
eslint-plugin-testing-library
ESLint plugin to follow best practices and anticipate common mistakes
ESLint plugin to follow best practices and anticipate common mistakes when writing tests with Testing Library. You can find detailed guides for migrating eslint-plugin-testing-library in the migration guide docs. Add testing-library to the plugins section of your .eslintrc configuration file. You can omit the eslint-plugin- prefix. With the default setup mentioned before, eslint-plugin-testing-library will be run against your whole codebase. You can run this plugin only against your tests files. One way of restricting ESLint config by file patterns is by using ESLint overrides. Another approach for customizing ESLint config by paths is through ESLint Cascading and Hierarchy. This is useful if all your tests are placed under the same folder, so you can place there another .eslintrc where you enable eslint-plugin-testing-library for applying it only to the files under such folder, rather than enabling it on your global .eslintrc which would apply to your whole project. -
14
eslint-plugin-vue
ESLint plugin for Vue.js
ESLint plugin for Vue.js. This plugin allows us to check the template and script of .vue files with ESLint, as well as Vue code in .js files. This plugin supports the basic syntax of Vue.js 3.2, script setup, and CSS variable injection, but the ref sugar, an experimental feature of Vue.js 3.2, is not yet supported. If you have issues with these, please also refer to the FAQ. If you can't find a solution, search for the issue and if the issue doesn't exist, open a new issue. Be aware that depending on the code samples you write in tests, the RuleTester parser property must be set accordingly (this can be done on a test-by-test basis). The default JavaScript parser must be replaced because Vue.js single file components are not plain JavaScript, but a custom file format. vue-eslint-parser is a replacement parser that generates an enhanced AST with nodes that represent specific parts of the template syntax, as well as the contents of the script tag. -
15
esprint
Fast eslint runner
esprint (pronounced E-S-sprint) speeds up eslint by running the linting engine across multiple threads. esprint sets up a server daemon to cache the lint status of each file in memory. It uses a watcher to determine when files change, to only lint files as necessary. It also has a CI mode where it does not set up a daemon and just lints in parallel. In order to use esprint, first place an .esprintrc file in the root directory your project. This is similar to a .flowconfig if you use flow types. The .esprintrc file describes which paths to lint and which paths to ignore. You can also override the port to start the background server on. esprint will find the root of your project automatically and lint the whole project. In default mode, esprint will start a background server to watch source files and cache lint results in memory. -
16
jscodeshift
A JavaScript codemod toolkit
jscodeshift is a toolkit for running codemods over multiple JavaScript or TypeScript files. It provides A runner, which executes the provided transform for each file passed to it. It also outputs a summary of how many files have (not) been transformed. A wrapper around recast, providing a different API. Recast is an AST-to-AST transform tool and also tries to preserve the style of original code as much as possible. As already mentioned, jscodeshift also provides a wrapper around recast. In order to properly use the jscodeshift API, one has to understand the basic building blocks of recast (and ASTs) as well. An AST node is a plain JavaScript object with a specific set of fields, in accordance with the Mozilla Parser API. The primary way to identify nodes is via their type. It's OK to not know the structure of every AST node type. The (esprima) AST explorer is an online tool to inspect the AST for a given piece of JS code. -
17
nodejsscan
nodejsscan is a static security code scanner for Node.js applications
Static security code scanner (SAST) for Node.js applications powered by libsast and semgrep. nodejsscan is a static security code scanner for Node.js applications. -
18
plato
JavaScript code visualization, static analysis, and complexity tool
plato is a JavaScript source code visualization, static analysis, and complexity tool. Visualize JavaScript source complexity with plato. -
19
postcss-cssnext
PostCSS plugin that helps you to use the latest CSS syntax
PostCSS-cssnext is a PostCSS plugin that helps you to use the latest CSS syntax today. It transforms CSS specs into more compatible CSS so you don’t need to wait for browser support. -
20
prettier-eslint
Formats your JavaScript using prettier followed by eslint --fix
The fix feature of eslint is pretty great and can auto-format/fix much of your code according to your ESLint config. prettier is a more powerful automatic formatter. One of the nice things about prettier is how opinionated it is. Unfortunately, it's not opinionated enough and/or some opinions differ from my own. So after prettier formats the code, I start getting linting errors. This formats your code via prettier, and then passes the result of that to eslint --fix. This way you can get the benefits of prettier's superior formatting capabilities, but also benefit from the configuration capabilities of eslint. The path of the file being formatted can be used to override eslintConfig (eslint will be used to find the relevant config for the file). -
21
prettydiff
Beautifier and language aware code comparison tool for many languages
Beautifier and language-aware code comparison tool for many languages. It also minifies and a few other things. In this personal project I am trying to solve the problem of decentralization with a focus on privacy, permissions, performance, and automation. Decentralization is likely not what you think it is. For an excellent and mature example of decentralization see the architecture of WebRTC. My current project approaches the application considerations of decentralization far more aggressively than the media considerations defined by WebRTC. If you need a JavaScript/TypeScript developer that enjoys solving new and challenging problems email me at info at prettydiff.com. -
22
rest.js
GitHub REST API client for JavaScript
GitHub REST API client for JavaScript. Import the Octokit constructor based on your platform. Instantiate your octokit API. All options are optional, but authentication is strongly encouraged. API Previews can be enabled globally by setting the previews option. They can be set per-request as well. A default time zone can be enabled by setting the timeZone option. In order to use Octokit with GitHub Enterprise, set the baseUrl option. Most of GitHub’s REST API endpoints have matching methods. All endpoint methods are asynchronous, in order to use await in the code examples, we wrap them into an anonymous async function. Authentication is optional for some REST API endpoints accessing public data, but is required for GraphQL queries. Using authentication also increases your API rate limit. -
23
tslint-to-eslint-config
Converts your TSLint configuration to the closest possible ESLint
Converts your TSLint configuration to the closest reasonable ESLint equivalent. The tslint-to-eslint-config command reads in any existing linter, TypeScript, and package configuration files, then creates an .eslintrc.js result based on them. For any TSLint rules with corresponding ESLint equivalents, those equivalents will be used in the new configuration. TSLint rules without ESLint equivalents will be wrapped with eslint-plugin-tslint. If passed without arguments, respects the excludes, files, and includes in your TypeScript configuration. -
24
wemake-python-styleguide
The strictest and most opinionated python linter ever!
Welcome to the strictest and most opinionated Python linter ever. wemake-python-styleguide is actually a flake8 plugin with some other plugins as dependencies. Ensures consistency - no matter who works on it, the end product will always be the same dependable code. Helps avoid potential bugs - strict rules make sure that you don't make common mistakes. Efficient code reviews - each piece of code has a similar familiar style and syntax. If it passes all the checks, there's little left to review! Fewer code revisions - strict linting ensures that you don't have to re-write the codebase again and again. Reduce code redundancy - Sometimes we write complex code as we are thinking in a certain way about a problem. The linter offers suggestions that can help simplify the code and eliminate redundant statements. The ultimate goal of this project is to make all people write exactly the same Python code. -
25
Cyber Ghost — Scanner
Cyber Ghost Scanner Code Or Anything
CyberGhost Code Scanner — Smart Malware Detection for Developers CyberGhost Code Scanner is a powerful, all-in-one executable tool designed for source code and file threat detection. It helps developers, researchers, and IT professionals identify malicious patterns like RATs, Trojans, spyware, and backdoors hidden within code files or executables. Built with precision and efficiency, CyberGhost Code Scanner runs fully offline, ensuring complete privacy and data security. Whether you’re scanning your project files or verifying third-party code, CyberGhost gives you accurate, fast, and transparent results — all from a clean and professional interface.
