155 Repos
Automated scanning of source code to detect bugs, vulnerabilities, and maintainability issues without executing the program.
Distinct from Static Code Analysis: Existing candidates are either educational exercises or limited to specific 'awesome' lists
Explore 155 awesome GitHub repositories matching testing & quality assurance · Static Code Analysis. Refine with filters or upvote what's useful.
This project is a satirical software development framework and conceptual parody of modern DevOps. It functions as an empty-project generator and non-functional deployment tool designed to automate the total absence of code and infrastructure. The framework distinguishes itself by providing a zero-code application building process that removes the need for source code authoring. It includes a nowhere deployment capability, which distributes applications to non-existent environments to eliminate hosting requirements and technical liability. Additional capabilities include a build pipeline tha
Evaluates codebase changes by verifying that no modifications have been made.
k6 is a performance testing framework used to measure the scalability and stability of network services and APIs. It functions as a JavaScript load testing tool that uses a Go engine to simulate concurrent user traffic. The tool enables the enforcement of service level objectives by comparing response time percentiles against quantitative performance thresholds. It also operates as a performance regression tool for continuous integration pipelines and a browser performance testing tool that executes scripts within a bundled headless browser instance. Its capabilities cover workload scenario
Scans source code for stylistic and programmatic errors using predefined linting rules.
p3c is a Java static analysis tool and code quality linter designed to enforce professional coding guidelines and quality standards. It utilizes a set of custom rules based on the PMD engine to scan source code for style violations, performance bottlenecks, and potential bugs. The project is distributed as an IDE linting plugin that provides real-time feedback and warnings during development. It also includes functionality for pre-commit code quality gates, allowing modified files to be scanned and blocked if they violate defined rules before being committed to version control. The analysis
Provides automated scanning of source code to detect bugs, vulnerabilities, and maintainability issues.
This project is a comprehensive set of architectural and coding standards for organizing and maintaining high-quality JavaScript applications. It provides a framework for JavaScript project best practices across the full software development lifecycle, establishing unified guidelines for project organization and development. The guidelines cover specific standards for REST API design, utilizing resource-oriented interfaces and standardized HTTP methods. It also includes a web accessibility standard focused on semantic HTML and automated audits, alongside a defined Git workflow standard for br
Specifies the use of static analysis tools to enforce code quality and consistent styling.
Standard is a suite of static analysis tools for JavaScript, comprising a linter, formatter, and a predefined style guide. It functions as a static code analyzer that scans source code for style violations and potential errors without executing the program. The project provides an automatic code fixer that rewrites source code to resolve formatting issues and enforce syntax consistency. It implements a standardized set of rules for JavaScript formatting and syntax to ensure a uniform appearance across different projects. The system covers a wide range of static analysis capabilities, includi
Programmatically analyzes source code to detect bugs and maintainability issues without executing the program.
Standard is a zero-configuration static analyzer, linter, and formatter for JavaScript. It functions as a style guide that enforces consistent coding rules and identifies programming errors without requiring manual configuration files. The tool distinguishes itself by providing an automatic code fixer that scans source files to correct style violations and ensure a uniform codebase. It implements a predefined rule set to eliminate the need for project-specific configuration. The project covers a broad range of static analysis capabilities, including support for experimental language syntax a
Analyzes source code to identify programming errors and style inconsistencies without executing the JavaScript code.
YouCompleteMe is a completion engine and semantic code analyzer for the Vim editor. It provides an integrated suite of development tools, including a Language Server Protocol client and a semantic analyzer that utilizes Clang to offer context-aware symbols and type-based highlighting. The project distinguishes itself through specialized semantic completion for C-family languages and JavaScript, offering identifiers, snippets, and automatic imports. It provides advanced visual feedback such as inlay hints for type information and parameter names, as well as semantic highlighting based on the a
Identifies errors and warnings in real-time using static analysis to provide immediate developer feedback.
This project is a JavaScript style guide and a set of coding standards designed to ensure codebase consistency. It provides a collection of best practices for writing maintainable and idiomatic code, focusing on variable naming, type checking, and execution context. The project serves as a static analysis guide, offering frameworks and guidelines for using linters and automated tools to identify bugs and verify code correctness before deployment. It establishes standards for formatting, syntax, and variable declarations to standardize code style across a project. The scope of the project cov
Uses automated scanning of source code to detect bugs and style violations before deployment.
Jenkins is a CI/CD automation server and build automation tool used to orchestrate software build, test, and deployment pipelines. It functions as a pipeline orchestration engine and continuous delivery platform that manages the movement of software from source control to production environments. The project is built as a plugin-based automation framework, utilizing an extensibility model that integrates third-party tools and custom scripts to expand its capabilities. This architecture allows for the integration of specialized automation workflows and custom tool support through a plugin syst
Integrates tools to scan source code for security vulnerabilities and stylistic inconsistencies without executing the code.
This project is a dependency reduction tool and ESLint plugin designed to remove heavy utility libraries from JavaScript projects. It functions as a static analysis tool that identifies third-party library method calls and suggests native ECMAScript alternatives to decrease bundle size. The tool provides a curated replacement guide consisting of native JavaScript code snippets that replicate the behavior of common external utility functions. This allows developers to migrate older codebases to current language standards and reduce project complexity. The system integrates into the linting li
Implements static analysis by parsing source code into abstract syntax trees to detect utility library calls.
This project is a static code analysis tool and local-first code indexer that builds a persistent dependency graph of functions, classes, and imports. It functions as an AI context optimizer and codebase dependency graph, designed to reduce token usage by providing AI assistants with only the most relevant code fragments and impact analysis for a given change. The system implements a Model Context Protocol server that exposes code intelligence and architectural graph queries to external AI coding tools. It distinguishes itself by computing the change blast radius and risk scores of modificati
Implements a parsing pipeline that converts source code into a structural map of functions, classes, and imports.
This project is an educational resource designed for learning the Python programming language. It serves as a tutorial repository and programming guide, providing a collection of annotated scripts, code examples, and cheatsheets to help users master syntax and core fundamentals. The resource focuses on moving from basic language syntax to advanced implementation, with a particular emphasis on object-oriented programming, the use of the Python standard library, and scripting automation for business workflows. The content covers a broad range of programming capabilities, including control flow
Guides users in employing static analysis tools to identify stylistic errors and potential bugs.
This project is a collection of guidelines and best practices for the Go programming language, providing a comprehensive style guide and set of programming standards. It establishes a framework for writing maintainable and performant source code through standardized naming, structuring, and organizational conventions. The guide focuses on specific patterns for concurrency, error handling, and performance optimization. It details methods for managing goroutine lifecycles to prevent race conditions, designing structured error wrapping and routing to maintain observability, and implementing memo
Advocates for the use of automated linting and static analysis to ensure consistent coding style.
PHP-Parser is a tool that converts PHP source code into an abstract syntax tree for static analysis and programmatic manipulation. It functions as a parser, a code generator, and a static analysis framework. The project enables the programmatic construction of abstract syntax tree nodes through a fluent interface and provides the ability to transform these trees back into formatted source code. It includes a serializer that exports abstract syntax trees to JSON format and reconstructs them from strings. The toolset covers several capability areas, including namespace resolution, constant exp
Provides a comprehensive framework for analyzing PHP source code to detect bugs and enforce standards.
This project is a community-driven Ruby coding style guide and static analysis standard. It provides a collection of agreed-upon rules for syntax, naming conventions, and structural guidelines to ensure uniform code appearance and maintainability across Ruby projects. The project serves as both a human-readable documentation resource for developers and a machine-readable RuboCop configuration specification. This allows natural language style guidelines to be mapped directly to automated linting rules. The system covers Ruby code standardization, style enforcement, and project governance thro
Uses automated tools to evaluate source code against predefined patterns.
Infer is a static analysis toolset for Java, C, C++, and Objective-C designed to detect memory leaks, null dereferences, and resource bugs. It functions as a multi-language bug finder that identifies race conditions, deadlocks, and memory safety issues by translating source code into a common intermediate representation for analysis. The project distinguishes itself through an inter-procedural data flow analyzer that tracks movement between sources and sinks to detect tainted flows and generate data flow graphs. It also includes a framework for verifying temporal properties and reachability u
Provides automated scanning of Java, C, C++, and Objective-C source code to detect bugs and memory leaks.
This project is a front-end development study guide and technical roadmap designed to introduce the tools, libraries, and patterns used in modern web application development. It serves as an educational resource covering single page application architecture, the integration of modern web tech stacks, and the design of components using static typing. The guide focuses on the orchestration of front-end CI/CD pipelines, providing a walkthrough for automating the linting, testing, bundling, and deployment of static assets to cloud hosting. It specifically addresses the implementation of reusable
Provides guidance on using automated scanning to detect bugs and maintainability issues without executing the program.
Prepack is a build-time transformation tool and static analysis engine designed to optimize JavaScript source code. By executing code during the build process, it evaluates program logic and state to precompute results, effectively simplifying complex operations before the application is deployed. The tool functions as a bundle optimizer that integrates into existing development pipelines to refine application logic. It employs abstract interpretation and symbolic execution to track program behavior across various paths, allowing it to perform constant folding, eliminate unreachable code, and
Evaluates JavaScript execution paths at build time to simplify logic before deployment.
This project is a static analysis linter, code quality tool, and language auditor for Rust. It functions as an automated refactoring system designed to identify common mistakes and suggest idiomatic improvements for Rust source code. The tool identifies non-idiomatic patterns, performance bottlenecks, and code smells to improve the overall correctness and quality of the code. It specifically audits memory safety by flagging suspicious use of unsafe blocks and pointer manipulations and detects inefficient operations to optimize execution speed. The analysis surface covers coding style enforce
Finds common programming mistakes and logic bugs in Rust source code through automated scanning and analysis.
This project is a comprehensive set of standards for the Swift ecosystem, providing a code style guide, API design standards, and a memory management guide. It establishes standardized naming and formatting rules to ensure consistent and maintainable source code. The project includes a linting configuration used by automated tools to detect and enforce syntax patterns. These rules are designed to standardize code style and can be integrated into build phases to block commits with formatting errors. The guidelines cover a broad range of development capabilities, including the use of access mo
Provides a framework for inspecting source code without execution to identify style inconsistencies and memory leaks.