awesome-repositories.com
Blog
awesome-repositories.com

Entdecke die besten Open-Source-Repositories mit KI-gestützter Suche.

EntdeckenKuratierte SuchenOpen-Source-AlternativenSelf-hosted SoftwareBlogSitemap
ProjektÜber unsRanking-MethodikPresseMCP-Server
RechtlichesDatenschutzAGB
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

155 Repos

Awesome GitHub RepositoriesStatic Code Analysis

Automated scanning of source code to detect bugs, vulnerabilities, and maintainability issues without executing the program.

Distinct from Static Code Analysis: Existing candidates are either educational exercises or limited to specific 'awesome' lists

Explore 155 awesome GitHub repositories matching testing & quality assurance · Static Code Analysis. Refine with filters or upvote what's useful.

Awesome Static Code Analysis GitHub Repositories

Finde die besten Repos mit KI.Wir suchen mit KI nach den am besten passenden Repositories.
  • kelseyhightower/nocodeAvatar von kelseyhightower

    kelseyhightower/nocode

    65,391Auf GitHub ansehen↗

    This project is a satirical software development framework and conceptual parody of modern DevOps. It functions as an empty-project generator and non-functional deployment tool designed to automate the total absence of code and infrastructure. The framework distinguishes itself by providing a zero-code application building process that removes the need for source code authoring. It includes a nowhere deployment capability, which distributes applications to non-existent environments to eliminate hosting requirements and technical liability. Additional capabilities include a build pipeline tha

    Evaluates codebase changes by verifying that no modifications have been made.

    Dockerfile
    Auf GitHub ansehen↗65,391
  • grafana/k6Avatar von grafana

    grafana/k6

    30,874Auf GitHub ansehen↗

    k6 is a performance testing framework used to measure the scalability and stability of network services and APIs. It functions as a JavaScript load testing tool that uses a Go engine to simulate concurrent user traffic. The tool enables the enforcement of service level objectives by comparing response time percentiles against quantitative performance thresholds. It also operates as a performance regression tool for continuous integration pipelines and a browser performance testing tool that executes scripts within a bundled headless browser instance. Its capabilities cover workload scenario

    Scans source code for stylistic and programmatic errors using predefined linting rules.

    Goes6gogolang
    Auf GitHub ansehen↗30,874
  • alibaba/p3cAvatar von alibaba

    alibaba/p3c

    30,827Auf GitHub ansehen↗

    p3c is a Java static analysis tool and code quality linter designed to enforce professional coding guidelines and quality standards. It utilizes a set of custom rules based on the PMD engine to scan source code for style violations, performance bottlenecks, and potential bugs. The project is distributed as an IDE linting plugin that provides real-time feedback and warnings during development. It also includes functionality for pre-commit code quality gates, allowing modified files to be scanned and blocked if they violate defined rules before being committed to version control. The analysis

    Provides automated scanning of source code to detect bugs, vulnerabilities, and maintainability issues.

    Kotlin
    Auf GitHub ansehen↗30,827
  • wearehive/project-guidelinesAvatar von wearehive

    wearehive/project-guidelines

    29,458Auf GitHub ansehen↗

    This project is a comprehensive set of architectural and coding standards for organizing and maintaining high-quality JavaScript applications. It provides a framework for JavaScript project best practices across the full software development lifecycle, establishing unified guidelines for project organization and development. The guidelines cover specific standards for REST API design, utilizing resource-oriented interfaces and standardized HTTP methods. It also includes a web accessibility standard focused on semantic HTML and automated audits, alongside a defined Git workflow standard for br

    Specifies the use of static analysis tools to enforce code quality and consistent styling.

    JavaScript
    Auf GitHub ansehen↗29,458
  • standard/standardAvatar von standard

    standard/standard

    29,431Auf GitHub ansehen↗

    Standard is a suite of static analysis tools for JavaScript, comprising a linter, formatter, and a predefined style guide. It functions as a static code analyzer that scans source code for style violations and potential errors without executing the program. The project provides an automatic code fixer that rewrites source code to resolve formatting issues and enforce syntax consistency. It implements a standardized set of rules for JavaScript formatting and syntax to ensure a uniform appearance across different projects. The system covers a wide range of static analysis capabilities, includi

    Programmatically analyzes source code to detect bugs and maintainability issues without executing the program.

    JavaScriptdevelopmentecmascriptes6
    Auf GitHub ansehen↗29,431
  • feross/standardAvatar von feross

    feross/standard

    29,431Auf GitHub ansehen↗

    Standard is a zero-configuration static analyzer, linter, and formatter for JavaScript. It functions as a style guide that enforces consistent coding rules and identifies programming errors without requiring manual configuration files. The tool distinguishes itself by providing an automatic code fixer that scans source files to correct style violations and ensure a uniform codebase. It implements a predefined rule set to eliminate the need for project-specific configuration. The project covers a broad range of static analysis capabilities, including support for experimental language syntax a

    Analyzes source code to identify programming errors and style inconsistencies without executing the JavaScript code.

    JavaScript
    Auf GitHub ansehen↗29,431
  • ycm-core/youcompletemeAvatar von ycm-core

    ycm-core/YouCompleteMe

    25,904Auf GitHub ansehen↗

    YouCompleteMe is a completion engine and semantic code analyzer for the Vim editor. It provides an integrated suite of development tools, including a Language Server Protocol client and a semantic analyzer that utilizes Clang to offer context-aware symbols and type-based highlighting. The project distinguishes itself through specialized semantic completion for C-family languages and JavaScript, offering identifiers, snippets, and automatic imports. It provides advanced visual feedback such as inlay hints for type information and parameter names, as well as semantic highlighting based on the a

    Identifies errors and warnings in real-time using static analysis to provide immediate developer feedback.

    Pythoncode-analysiscode-completionsemantic-engine
    Auf GitHub ansehen↗25,904
  • rwaldron/idiomatic.jsR

    rwaldron/idiomatic.js

    25,712Auf GitHub ansehen↗

    This project is a JavaScript style guide and a set of coding standards designed to ensure codebase consistency. It provides a collection of best practices for writing maintainable and idiomatic code, focusing on variable naming, type checking, and execution context. The project serves as a static analysis guide, offering frameworks and guidelines for using linters and automated tools to identify bugs and verify code correctness before deployment. It establishes standards for formatting, syntax, and variable declarations to standardize code style across a project. The scope of the project cov

    Uses automated scanning of source code to detect bugs and style violations before deployment.

    Auf GitHub ansehen↗25,712
  • jenkinsci/jenkinsAvatar von jenkinsci

    jenkinsci/jenkins

    25,452Auf GitHub ansehen↗

    Jenkins is a CI/CD automation server and build automation tool used to orchestrate software build, test, and deployment pipelines. It functions as a pipeline orchestration engine and continuous delivery platform that manages the movement of software from source control to production environments. The project is built as a plugin-based automation framework, utilizing an extensibility model that integrates third-party tools and custom scripts to expand its capabilities. This architecture allows for the integration of specialized automation workflows and custom tool support through a plugin syst

    Integrates tools to scan source code for security vulnerabilities and stylistic inconsistencies without executing the code.

    Java
    Auf GitHub ansehen↗25,452
  • you-dont-need/you-dont-need-lodash-underscoreAvatar von you-dont-need

    you-dont-need/You-Dont-Need-Lodash-Underscore

    19,159Auf GitHub ansehen↗

    This project is a dependency reduction tool and ESLint plugin designed to remove heavy utility libraries from JavaScript projects. It functions as a static analysis tool that identifies third-party library method calls and suggests native ECMAScript alternatives to decrease bundle size. The tool provides a curated replacement guide consisting of native JavaScript code snippets that replicate the behavior of common external utility functions. This allows developers to migrate older codebases to current language standards and reduce project complexity. The system integrates into the linting li

    Implements static analysis by parsing source code into abstract syntax trees to detect utility library calls.

    JavaScriptalternativeseslint-pluginfindindex
    Auf GitHub ansehen↗19,159
  • tirth8205/code-review-graphAvatar von tirth8205

    tirth8205/code-review-graph

    18,822Auf GitHub ansehen↗

    This project is a static code analysis tool and local-first code indexer that builds a persistent dependency graph of functions, classes, and imports. It functions as an AI context optimizer and codebase dependency graph, designed to reduce token usage by providing AI assistants with only the most relevant code fragments and impact analysis for a given change. The system implements a Model Context Protocol server that exposes code intelligence and architectural graph queries to external AI coding tools. It distinguishes itself by computing the change blast radius and risk scores of modificati

    Implements a parsing pipeline that converts source code into a structural map of functions, classes, and imports.

    Pythonai-codingclaudeclaude-code
    Auf GitHub ansehen↗18,822
  • trekhleb/learn-pythonAvatar von trekhleb

    trekhleb/learn-python

    18,058Auf GitHub ansehen↗

    This project is an educational resource designed for learning the Python programming language. It serves as a tutorial repository and programming guide, providing a collection of annotated scripts, code examples, and cheatsheets to help users master syntax and core fundamentals. The resource focuses on moving from basic language syntax to advanced implementation, with a particular emphasis on object-oriented programming, the use of the Python standard library, and scripting automation for business workflows. The content covers a broad range of programming capabilities, including control flow

    Guides users in employing static analysis tools to identify stylistic errors and potential bugs.

    Pythonlearninglearning-by-doinglearning-python
    Auf GitHub ansehen↗18,058
  • uber-go/guideAvatar von uber-go

    uber-go/guide

    17,573Auf GitHub ansehen↗

    This project is a collection of guidelines and best practices for the Go programming language, providing a comprehensive style guide and set of programming standards. It establishes a framework for writing maintainable and performant source code through standardized naming, structuring, and organizational conventions. The guide focuses on specific patterns for concurrency, error handling, and performance optimization. It details methods for managing goroutine lifecycles to prevent race conditions, designing structured error wrapping and routing to maintain observability, and implementing memo

    Advocates for the use of automated linting and static analysis to ensure consistent coding style.

    Makefilebest-practicesgogolang
    Auf GitHub ansehen↗17,573
  • nikic/php-parserAvatar von nikic

    nikic/PHP-Parser

    17,437Auf GitHub ansehen↗

    PHP-Parser is a tool that converts PHP source code into an abstract syntax tree for static analysis and programmatic manipulation. It functions as a parser, a code generator, and a static analysis framework. The project enables the programmatic construction of abstract syntax tree nodes through a fluent interface and provides the ability to transform these trees back into formatted source code. It includes a serializer that exports abstract syntax trees to JSON format and reconstructs them from strings. The toolset covers several capability areas, including namespace resolution, constant exp

    Provides a comprehensive framework for analyzing PHP source code to detect bugs and enforce standards.

    PHP
    Auf GitHub ansehen↗17,437
  • bbatsov/ruby-style-guideAvatar von bbatsov

    bbatsov/ruby-style-guide

    16,546Auf GitHub ansehen↗

    This project is a community-driven Ruby coding style guide and static analysis standard. It provides a collection of agreed-upon rules for syntax, naming conventions, and structural guidelines to ensure uniform code appearance and maintainability across Ruby projects. The project serves as both a human-readable documentation resource for developers and a machine-readable RuboCop configuration specification. This allows natural language style guidelines to be mapped directly to automated linting rules. The system covers Ruby code standardization, style enforcement, and project governance thro

    Uses automated tools to evaluate source code against predefined patterns.

    Auf GitHub ansehen↗16,546
  • facebook/inferAvatar von facebook

    facebook/infer

    15,646Auf GitHub ansehen↗

    Infer is a static analysis toolset for Java, C, C++, and Objective-C designed to detect memory leaks, null dereferences, and resource bugs. It functions as a multi-language bug finder that identifies race conditions, deadlocks, and memory safety issues by translating source code into a common intermediate representation for analysis. The project distinguishes itself through an inter-procedural data flow analyzer that tracks movement between sources and sinks to detect tainted flows and generate data flow graphs. It also includes a framework for verifying temporal properties and reachability u

    Provides automated scanning of Java, C, C++, and Objective-C source code to detect bugs and memory leaks.

    OCamlccode-qualitycpp
    Auf GitHub ansehen↗15,646
  • grab/front-end-guideAvatar von grab

    grab/front-end-guide

    15,235Auf GitHub ansehen↗

    This project is a front-end development study guide and technical roadmap designed to introduce the tools, libraries, and patterns used in modern web application development. It serves as an educational resource covering single page application architecture, the integration of modern web tech stacks, and the design of components using static typing. The guide focuses on the orchestration of front-end CI/CD pipelines, providing a walkthrough for automating the linting, testing, bundling, and deployment of static assets to cloud hosting. It specifically addresses the implementation of reusable

    Provides guidance on using automated scanning to detect bugs and maintainability issues without executing the program.

    JavaScriptbabelcsscss-modules
    Auf GitHub ansehen↗15,235
  • facebook/prepackAvatar von facebook

    facebook/prepack

    14,118Auf GitHub ansehen↗

    Prepack is a build-time transformation tool and static analysis engine designed to optimize JavaScript source code. By executing code during the build process, it evaluates program logic and state to precompute results, effectively simplifying complex operations before the application is deployed. The tool functions as a bundle optimizer that integrates into existing development pipelines to refine application logic. It employs abstract interpretation and symbolic execution to track program behavior across various paths, allowing it to perform constant folding, eliminate unreachable code, and

    Evaluates JavaScript execution paths at build time to simplify logic before deployment.

    JavaScript
    Auf GitHub ansehen↗14,118
  • rust-lang/rust-clippyAvatar von rust-lang

    rust-lang/rust-clippy

    13,309Auf GitHub ansehen↗

    This project is a static analysis linter, code quality tool, and language auditor for Rust. It functions as an automated refactoring system designed to identify common mistakes and suggest idiomatic improvements for Rust source code. The tool identifies non-idiomatic patterns, performance bottlenecks, and code smells to improve the overall correctness and quality of the code. It specifically audits memory safety by flagging suspicious use of unsafe blocks and pointer manipulations and detects inefficient operations to optimize execution speed. The analysis surface covers coding style enforce

    Finds common programming mistakes and logic bugs in Rust source code through automated scanning and analysis.

    Rustlintrust
    Auf GitHub ansehen↗13,309
  • kodecocodes/swift-style-guideAvatar von kodecocodes

    kodecocodes/swift-style-guide

    13,173Auf GitHub ansehen↗

    This project is a comprehensive set of standards for the Swift ecosystem, providing a code style guide, API design standards, and a memory management guide. It establishes standardized naming and formatting rules to ensure consistent and maintainable source code. The project includes a linting configuration used by automated tools to detect and enforce syntax patterns. These rules are designed to standardize code style and can be integrated into build phases to block commits with formatting errors. The guidelines cover a broad range of development capabilities, including the use of access mo

    Provides a framework for inspecting source code without execution to identify style inconsistencies and memory leaks.

    Auf GitHub ansehen↗13,173
Vorherige123456…8Nächste
  1. Home
  2. Testing & Quality Assurance
  3. Static Code Analysis

Unter-Tags erkunden

  • AST Extraction2 Sub-TagsExtracting abstract syntax trees for structural analysis of source code. **Distinct from Static Code Analysis:** Focuses on the extraction of ASTs via compiler plugins, whereas Static Code Analysis is the broader process of scanning for bugs.
  • Absence Analysis1 Sub-TagStatic analysis specifically designed to verify that no code changes or additions have occurred. **Distinct from Static Code Analysis:** Distinct from Static Code Analysis: verifies the total absence of modifications rather than detecting bugs in existing code.
  • Analysis Output FormattingVisual formatting of the results produced by static analysis and linting tools. **Distinct from Static Code Analysis:** Distinct from Static Code Analysis: focuses on the visual presentation of analysis results rather than the detection of bugs or vulnerabilities.
  • Build Validation ChecksAutomated checks performed during the build process to verify code compatibility across target architectures. **Distinct from Static Code Analysis:** Distinct from general static code analysis: focuses specifically on build-time compatibility validation across multiple OS and hardware targets.
  • Code Unit Identification1 Sub-TagLocating encompassing functions or methods for a given line via static analysis. **Distinct from Static Code Analysis:** Focuses on locating the containing unit rather than detecting vulnerabilities or bugs.
  • Dependency DiscoveryUsing static analysis to automatically identify required external packages by scanning source code imports. **Distinct from Static Code Analysis:** Specifically targets the discovery of dependencies rather than general bug or vulnerability detection.
  • Multi-Pass AnalysisStatic analysis performed in multiple sequential stages to verify complex constraints. **Distinct from Static Code Analysis:** Distinct from general Static Code Analysis by specifically requiring multiple sequential passes to verify memory safety constraints.
  • Python Code ModernizersTools that automatically update legacy Python source code to remove deprecated patterns and technical debt. **Distinct from Python Static Analyzers:** Distinct from analyzers which only detect issues; modernizers actively rewrite code to remove deprecated imports and compatibility shims.
  • Python Static Analyzers1 Sub-TagStatic analysis tools specifically designed for Python source code to detect errors, style violations, and code smells. **Distinct from Static Code Analysis:** Distinct from Static Code Analysis: focuses on Python-specific analysis rather than language-agnostic scanning.
  • Range-Based TargetingMatching patterns based on specific line and column coordinates to integrate with analysis data. **Distinct from Static Code Analysis:** Distinct from general static analysis: focuses on the targeting mechanism using coordinates for the transformation engine.
  • Route-Based Static AnalysisStatic analysis specifically targeting the extraction of routing structures and associated assets. **Distinct from Static Code Analysis:** Unlike general static analysis for bugs, this specifically maps application routes to their required assets.
  • Runtime Logic MonitoringStatic analysis that enables the injection of probes to track program flow during execution. **Distinct from Static Code Analysis:** Focuses on the hybrid use of static analysis to enable runtime monitoring, unlike general bug detection.
  • Static Analysis Specifications1 Sub-TagShared specifications for representing code elements during programmatic inspection. **Distinct from Static Code Analysis:** Distinct from Static Code Analysis: focuses on the specification of representations rather than the scanning process itself.
  • Structural Rule Enforcement1 Sub-TagUses static analysis to enforce structural rules and coding standards based on parsed metadata. **Distinct from Static Code Analysis:** Focuses on enforcing structural standards via metadata rather than general bug or vulnerability detection.
  • Structural Static Analysis5 Sub-TagsAnalyzing code structure without execution to identify functional units. **Distinct from Static Code Analysis:** Focuses on unit discovery and physical structure rather than bug or vulnerability detection.
  • Symbol Graph BuildersBuilds a complete abstract syntax tree and symbol graph from source code without execution, enabling precise cross-referencing and navigation. **Distinct from Static Code Analysis:** Distinct from Static Code Analysis: focuses on building a symbol graph for navigation, not detecting bugs or vulnerabilities.
  • Type Inference SupportProviding annotations and hints that enable static analysis tools to infer types for formal verification. **Distinct from Static Code Analysis:** Focuses on aiding the analysis tool's inference process via assertions, rather than the act of scanning the code itself.
  • Unreachable Code Analysis1 Sub-TagAnalysis of program control flow to find blocks of code that cannot be executed during runtime. **Distinct from Static Code Analysis:** Specifically targets unreachable execution paths, whereas static code analysis is a broader category for all non-executing checks.