Open-source alternatives to Ruff

This project is a high-performance static type checker and comprehensive development toolkit for Python. It functions as a core analysis engine that identifies type inconsistencies and enforces code correctness, while simultaneously providing a language server implementation to deliver real-time diagnostics and intelligence directly within development environments. The tool distinguishes itself through a parallelized execution engine that maximizes performance across large-scale codebases and monorepo structures. It supports gradual type adoption, allowing developers to integrate type checkin

Bandit is a static analysis security testing tool and vulnerability detection scanner for Python source code. It functions as a security-focused linter and static analyzer that identifies common vulnerabilities and architectural flaws without executing the program. The tool utilizes an abstract syntax tree to analyze code patterns and identifies risky function calls or insecure configurations. It employs a plugin-based rule engine to decouple scanning logic from individual security checks and supports configuration-driven filtering to exclude specific files or ignore certain warnings. The sy

Flake8 is a Python style checker and static analysis tool that identifies programmatic errors and violations of coding standards in source files. It serves as a linting wrapper that aggregates multiple checkers into a single interface, functioning as a pluggable framework for Python code analysis. The tool incorporates a cyclomatic complexity analyzer to measure the logical complexity of functions and identify code that requires refactoring. It is designed for extensibility, allowing the integration of custom plugins and rules through defined entry points. The system provides capabilities fo

This project is a static analysis tool and linter designed to improve the quality, reliability, and portability of shell scripts. By performing deep structural analysis, it identifies common programming pitfalls, syntax errors, and security vulnerabilities before scripts are executed. It functions as an automated code reviewer that enforces best practices and helps developers maintain consistent, robust code across different operating environments. The tool distinguishes itself through its dialect-aware grammar resolution, which adapts its parsing logic based on the specific shell interpreter

Standard is a suite of static analysis tools for JavaScript, comprising a linter, formatter, and a predefined style guide. It functions as a static code analyzer that scans source code for style violations and potential errors without executing the program. The project provides an automatic code fixer that rewrites source code to resolve formatting issues and enforce syntax consistency. It implements a standardized set of rules for JavaScript formatting and syntax to ensure a uniform appearance across different projects. The system covers a wide range of static analysis capabilities, includi

This project is a comprehensive, curated directory of static analysis, linting, and security scanning utilities. It serves as a central resource for developers to discover, compare, and select tools based on specific programming languages, licensing models, and integration requirements. The directory distinguishes itself by providing deep metadata for each listed utility, including community-driven popularity rankings, maintenance status, and deployment methods. By aggregating these tools into a single searchable index, it enables teams to identify solutions for enforcing coding standards, ma

Continue is an automated code review platform that integrates AI agents directly into the software development lifecycle. By executing custom validation rules against pull request diffs, it provides immediate feedback through repository status checks, allowing teams to enforce quality, security, and documentation standards before manual review begins. The system distinguishes itself through a file-based configuration model where validation logic is defined in version-controlled markdown files. These files act as system prompts that guide autonomous agents in evaluating code changes. This appr

Oxc is a high-performance toolchain designed for the analysis, linting, formatting, and transformation of JavaScript and TypeScript codebases. It functions as a comprehensive static analysis engine and compiler-based utility, providing the infrastructure necessary to parse source code into high-performance abstract syntax trees and map complex module dependency graphs across entire projects. The project distinguishes itself through its use of multi-core parallel processing to maximize throughput during intensive tasks like linting and minification. It offers deep, type-aware static analysis t

This project is a comprehensive collection of pre-commit hooks designed to automate code linting, style enforcement, and file validation before changes are committed to version control. It provides a suite of ready-to-use scripts that serve as quality guards, including static analysis hooks, configuration file validators, and tools for maintaining version control integrity. The collection distinguishes itself by offering specialized guards for repository health and security. This includes detection of leaked credentials and private keys, prevention of large file commits, and enforcement of br

Pylint is a static code analysis tool for Python that checks source code for errors, coding standard violations, and code smells without executing the program. It parses code into an abstract syntax tree and walks the tree to detect issues, enforces configurable style rules and naming conventions, and identifies duplicate code blocks by comparing tokenised source sequences. The tool also includes an inference engine that deduces variable types by simulating code paths, enabling deeper analysis even in untyped code. What distinguishes Pylint is its plugin-based checker architecture, which allo

lsp-mode is a Language Server Protocol client and IDE feature set for Emacs. It functions as a semantic code analysis tool and JSON-RPC communication layer that connects the editor to external language servers to provide intelligent code completion and real-time diagnostics. The project also serves as a Debug Adapter Protocol client, enabling interactive debugging sessions and breakpoint management. This allows for stepping through code and inspecting variables via a standardized protocol, including support for debugging within Docker containers. The system covers a broad range of developmen

vim-lsp is a Vim plugin that implements the Language Server Protocol to provide an asynchronous code intelligence tool for the editor. It serves as a bridge between Vim and external language servers, providing semantic code analysis and IDE-like navigation and diagnostics. The project provides a refactoring interface for renaming symbols across a workspace and applying quick-fixes. It also enables semantic highlighting, which color-codes elements based on their meaning as determined by the language server. The plugin covers a broad surface of capabilities, including symbol navigation and dis

This project is a collection of Swift coding standards and static analysis rules designed to ensure consistency across Swift projects. It provides a defined set of naming conventions and structural guidelines to maintain a shared style for teams. The repository centers on a SwiftLint configuration used to automate the detection and correction of style violations in source code. This configuration enables automated style enforcement, ensuring that code adheres to organizational standards without requiring manual review. The guidelines cover the standardization of code formatting, naming, and

Standard is a zero-configuration static analyzer, linter, and formatter for JavaScript. It functions as a style guide that enforces consistent coding rules and identifies programming errors without requiring manual configuration files. The tool distinguishes itself by providing an automatic code fixer that scans source files to correct style violations and ensure a uniform codebase. It implements a predefined rule set to eliminate the need for project-specific configuration. The project covers a broad range of static analysis capabilities, including support for experimental language syntax a

This project is a static analysis engine designed to identify patterns, enforce coding standards, and automate code quality improvements in software projects. By parsing source code into structured abstract syntax trees, it enables deep programmatic inspection and the automated remediation of identified programming issues. The engine functions as a pluggable linting framework, allowing developers to extend its core capabilities through a modular architecture. Users can inject custom rules, parsers, and processors to support non-standard file formats or domain-specific logic. This extensibilit

Checkstyle is a Java static analysis tool and linter designed to identify and enforce coding standards and best practices. It functions as a code quality auditor and Javadoc validation tool, checking source code against configurable rulesets to ensure structural and stylistic consistency. The project allows for the creation of custom linting rules by extending a core API to inspect the abstract syntax tree. It further enables specialized validation through the use of XPath expressions to query the syntax tree for specific code patterns and violations. Capability areas include the enforcement

Infer is a static analysis toolset for Java, C, C++, and Objective-C designed to detect memory leaks, null dereferences, and resource bugs. It functions as a multi-language bug finder that identifies race conditions, deadlocks, and memory safety issues by translating source code into a common intermediate representation for analysis. The project distinguishes itself through an inter-procedural data flow analyzer that tracks movement between sources and sinks to detect tainted flows and generate data flow graphs. It also includes a framework for verifying temporal properties and reachability u

This project is a comprehensive productivity guide and configuration reference for the VS Code editor. It provides a curated collection of shortcuts, configuration tips, and tutorials designed to improve efficiency and optimize the daily coding workflow. The resource covers advanced AI-assisted development, including the integration of autonomous agents, custom prompt files, and AI-powered coding assistants for task automation and code generation. It also provides specialized guidance on integrated terminal management, such as configuring shell profiles and automating command execution. Addi

Tinymist is a comprehensive suite of tools for Typst document authoring, serving as a language server, document compiler, and project manager. It provides a standardized language service via the Language Server Protocol to enable editor features such as autocompletion, navigation, and semantic highlighting. The project distinguishes itself by integrating a TCP-based live preview server for real-time visual rendering and an advanced static analysis tool that utilizes abstract syntax trees and bidirectional type checking. It also includes a project management system capable of handling multi-fi

Pylint is a static code analyzer for Python that scans source code for errors, coding standard violations, code smells, and type-related issues without executing the program. It functions as a plugin-based linter framework, allowing users to extend its analysis capabilities with custom or third-party checks for project-specific rules and framework support. The tool also includes a duplicate code detector that identifies identical or near-identical code blocks across a project to help reduce redundancy. Beyond its core linting functionality, Pylint can generate UML class and package diagrams f

Credo is a static analysis tool and linter for Elixir. It functions as a code quality analyzer that scans source code to identify stylistic inconsistencies, common mistakes, and potential security vulnerabilities. The tool provides a customizable framework for defining and testing specialized rules to enforce project-specific coding standards. It identifies complex code fragments and duplication to highlight opportunities for refactoring and simplification. Its capabilities cover automated code reviews, the enforcement of Elixir coding standards, and real-time developer feedback through edit

This project is a comprehensive knowledge base and educational resource for JavaScript developers, focused on establishing industry-standard methodologies for automated software testing. It provides a structured collection of design patterns and actionable guidelines designed to improve code reliability, maintainability, and overall software quality across the development lifecycle. The repository distinguishes itself by offering a granular, pattern-based approach to testing that spans unit, integration, and end-to-end verification. It emphasizes specific architectural strategies such as comp

p3c is a Java static analysis tool and code quality linter designed to enforce professional coding guidelines and quality standards. It utilizes a set of custom rules based on the PMD engine to scan source code for style violations, performance bottlenecks, and potential bugs. The project is distributed as an IDE linting plugin that provides real-time feedback and warnings during development. It also includes functionality for pre-commit code quality gates, allowing modified files to be scanned and blocked if they violate defined rules before being committed to version control. The analysis

Strix is an automated security research and vulnerability scanning platform that leverages language models to orchestrate complex security analysis tasks. It functions as a comprehensive framework for penetration testing and continuous security integration, allowing users to embed automated vulnerability research directly into development pipelines or execute it within isolated, containerized environments. The platform distinguishes itself through a multi-agent orchestration engine that coordinates specialized autonomous agents to perform parallel security assessments. By integrating LLM-agno

This project is a comprehensive development plugin for the Vim text editor, designed to transform the editor into a specialized environment for Go software development. It provides a suite of integrated tools that facilitate the entire development lifecycle, including writing, maintaining, and navigating Go source code. The plugin distinguishes itself by orchestrating external command-line binaries and language servers to perform heavy analysis, compilation, and formatting tasks as background processes. By mapping editor events to these external tools and utilizing virtual file system synchro

Pyrefly is a static type checker for Python that operates as a language server, delivering real-time diagnostics, completions, and navigation in any editor supporting the Language Server Protocol. It also performs static tensor shape analysis, using symbolic dimension variables and arithmetic to verify shape consistency in deep learning models without runtime execution. Beyond core type checking, Pyrefly supports gradual adoption workflows: it can generate a baseline of known errors so only new issues are reported, migrate configuration from other type checkers, and automatically suppress exi

This project provides a framework for managing multi-agent systems, designed to automate complex software development, infrastructure, and business workflows. It functions as a multi-agent workflow orchestrator that routes tasks to domain-specific workers while maintaining state persistence and infrastructure automation. By leveraging large language models, the system decomposes high-level objectives into actionable plans, ensuring that complex operations are executed with consistency and reliability. The framework distinguishes itself through its hierarchical agent registry and policy-driven