30 open-source projects similar to google/error-prone, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Error Prone alternative.
JSHint is a JavaScript static analysis tool and linter designed to detect errors and enforce coding standards. It functions as a syntax validator that scans source code to identify potential logic problems and programming mistakes before the code is executed. The tool provides a command line interface for analyzing files and directories. It supports the export of analysis results into standardized formats such as Checkstyle for integration with external build tools. Analysis is managed through a system of linting rule management and environment global configuration. This includes the ability
PMD is a multi-language static code analyzer used to identify programming flaws, unused variables, and dead code without executing the program. It functions as a code smell detector and coding standard enforcer, ensuring source code adheres to specific naming conventions, structural requirements, and project style guides. The project features an XPath-based rule engine that allows users to define custom analysis patterns using queries against an abstract syntax tree. It also includes a copy-paste detector to identify duplicated code blocks across multiple files and a visual rule designer for
Checkstyle is a Java static analysis tool and linter designed to identify and enforce coding standards and best practices. It functions as a code quality auditor and Javadoc validation tool, checking source code against configurable rulesets to ensure structural and stylistic consistency. The project allows for the creation of custom linting rules by extending a core API to inspect the abstract syntax tree. It further enables specialized validation through the use of XPath expressions to query the syntax tree for specific code patterns and violations. Capability areas include the enforcement
Pylint is a static code analyzer for Python that scans source code for errors, coding standard violations, code smells, and type-related issues without executing the program. It functions as a plugin-based linter framework, allowing users to extend its analysis capabilities with custom or third-party checks for project-specific rules and framework support. The tool also includes a duplicate code detector that identifies identical or near-identical code blocks across a project to help reduce redundancy. Beyond its core linting functionality, Pylint can generate UML class and package diagrams f
Infer is a static analysis toolset for Java, C, C++, and Objective-C designed to detect memory leaks, null dereferences, and resource bugs. It functions as a multi-language bug finder that identifies race conditions, deadlocks, and memory safety issues by translating source code into a common intermediate representation for analysis. The project distinguishes itself through an inter-procedural data flow analyzer that tracks movement between sources and sinks to detect tainted flows and generate data flow graphs. It also includes a framework for verifying temporal properties and reachability u
Semgrep is a static analysis security testing tool designed to identify vulnerabilities and logic errors by matching source code against declarative patterns. It functions as an automated scanner that integrates into development workflows to detect insecure code patterns and enforce coding standards before deployment. The engine utilizes a language-agnostic intermediate representation and a modular parser architecture to normalize diverse programming languages into a unified format. This allows for consistent rule execution across different codebases, enabling users to perform custom structur
Pylint is a static code analysis tool for Python that checks source code for errors, coding standard violations, and code smells without executing the program. It parses code into an abstract syntax tree and walks the tree to detect issues, enforces configurable style rules and naming conventions, and identifies duplicate code blocks by comparing tokenised source sequences. The tool also includes an inference engine that deduces variable types by simulating code paths, enabling deeper analysis even in untyped code. What distinguishes Pylint is its plugin-based checker architecture, which allo
SonarQube is a static code analysis platform used to scan source code and infrastructure scripts across multiple languages. It detects bugs, security vulnerabilities, and maintainability issues to ensure software meets reliability and security standards. The platform implements automated quality gates for continuous integration and delivery pipelines, verifying code against defined rules during merge or pull requests. It also integrates directly with code editors to provide real-time analysis results and quick-fix guidance during development. The system covers broad functional areas includin
go-ast-book is a collection of educational and technical resources focused on abstract syntax tree analysis, compiler development, and static code verification. It provides guides and manuals for parsing, traversing, and analyzing Go source code to extract semantic meaning. The project serves as a reference for building compiler frontends, covering the translation of high-level code into intermediate representations and single static assignment forms. It also provides instructions for using these techniques to develop language tooling and perform static code analysis. The resources cover a b
RuboCop is a static code analyzer, linter, and formatter for the Ruby language. It identifies style violations, smells, and errors in source code to ensure consistency and maintainability based on community guidelines. The project provides automatic source code formatting to rewrite files according to defined stylistic standards. It also functions as a language server protocol implementation, surfacing violations and suggested fixes directly within code editors. The tool covers code complexity monitoring to track the size of classes and methods and employs non-inclusive language detection to
RuboCop is a static code analyzer and linter for Ruby. It functions as a static analysis tool designed to detect potential bugs, identify style violations, and improve overall code quality in Ruby projects. The project provides an automated code formatter that rewrites source code to align with established community standards. It also implements a language server protocol to surface linting and formatting errors directly within text editors. Its capabilities cover automated code linting and the analysis of Ruby code style to ensure consistency across a project. These functions are driven by
Standard is a zero-configuration static analyzer, linter, and formatter for JavaScript. It functions as a style guide that enforces consistent coding rules and identifies programming errors without requiring manual configuration files. The tool distinguishes itself by providing an automatic code fixer that scans source files to correct style violations and ensure a uniform codebase. It implements a predefined rule set to eliminate the need for project-specific configuration. The project covers a broad range of static analysis capabilities, including support for experimental language syntax a
ApplicationInspector is a multi-language static analysis tool designed to detect specific features and characteristics within source code. It utilizes a declarative JSON rules engine to identify patterns and structural tags across project directories without requiring the analyzer to be recompiled. The system distinguishes itself through a code version differ that compares two different source paths to report changes in detected features. It also provides utilities for creating and validating custom JSON-based rules, including a validation pipeline to verify syntax and identifier uniqueness.
TSLint is an extensible static analysis tool that checks TypeScript source files against a configurable set of lint rules. It scans code by walking the parsed TypeScript abstract syntax tree, applying rule objects to detect readability, maintainability, and functionality errors. The tool supports rule severity configuration, inline suppression through comment directives, and automatic attachment of fix objects for correcting violations. The project provides a framework for developing custom lint rules and formatters, allowing teams to enforce project-specific coding conventions beyond the bui
Luau is a high-performance programming language evolved from Lua 5.1. It consists of a bytecode virtual machine, an embeddable scripting engine, and a static code analyzer designed to provide a secure, sandboxed execution environment for host applications. The project is distinguished by its gradual typing system, which combines automatic type inference with optional manual annotations to detect bugs without requiring full static typing. It also features native vector mathematics for high-performance operations and a specialized debugging system that uses bytecode patching to minimize executi
This project is a static analysis linter, code quality tool, and language auditor for Rust. It functions as an automated refactoring system designed to identify common mistakes and suggest idiomatic improvements for Rust source code. The tool identifies non-idiomatic patterns, performance bottlenecks, and code smells to improve the overall correctness and quality of the code. It specifically audits memory safety by flagging suspicious use of unsafe blocks and pointer manipulations and detects inefficient operations to optimize execution speed. The analysis surface covers coding style enforce
Detekt is a static analysis tool, code quality linter, and complexity analyzer for Kotlin source code. It functions as a code smell detector and static scanner designed to identify potential bugs, design flaws, and violations of coding standards without executing the program. The tool differentiates itself through the use of issue baselining, which allows users to create a snapshot of existing legacy code issues to filter out old violations and focus on preventing new regressions. It further supports extensibility via a plugin-based system that allows for the integration of custom rule sets a
RLS is a language server that provides language intelligence for the Rust programming language. It implements the Language Server Protocol to enable a standardized communication layer between the Rust compiler and various editor clients. The project focuses on providing real-time code completions, symbol navigation, and type information. It also supports automated structural changes, such as workspace-wide symbol renaming, to maintain semantic correctness during refactoring. The system incorporates static code analysis for linting and formatting, alongside a mechanism for incremental compila
p3c is a Java static analysis tool and code quality linter designed to enforce professional coding guidelines and quality standards. It utilizes a set of custom rules based on the PMD engine to scan source code for style violations, performance bottlenecks, and potential bugs. The project is distributed as an IDE linting plugin that provides real-time feedback and warnings during development. It also includes functionality for pre-commit code quality gates, allowing modified files to be scanned and blocked if they violate defined rules before being committed to version control. The analysis
This project is a static analysis framework and linting engine designed to inspect TypeScript codebases. It functions as a plugin suite that enables standard linting workflows to parse source code into abstract syntax trees, allowing for the automated enforcement of coding standards and the identification of potential bugs through a modular, rule-based visitor pattern. The engine distinguishes itself by integrating directly with the TypeScript compiler to perform type-aware analysis. By accessing compiler type information, it can identify complex errors and unsafe patterns that standard synta
This project is a static analysis engine designed to identify patterns, enforce coding standards, and automate code quality improvements in software projects. By parsing source code into structured abstract syntax trees, it enables deep programmatic inspection and the automated remediation of identified programming issues. The engine functions as a pluggable linting framework, allowing developers to extend its core capabilities through a modular architecture. Users can inject custom rules, parsers, and processors to support non-standard file formats or domain-specific logic. This extensibilit
Credo is a static analysis tool and linter for Elixir. It functions as a code quality analyzer that scans source code to identify stylistic inconsistencies, common mistakes, and potential security vulnerabilities. The tool provides a customizable framework for defining and testing specialized rules to enforce project-specific coding standards. It identifies complex code fragments and duplication to highlight opportunities for refactoring and simplification. Its capabilities cover automated code reviews, the enforcement of Elixir coding standards, and real-time developer feedback through edit
Typeshed is a collection of static type definitions and stubs for the Python standard library and third-party packages. It serves as a standardized resource for static analyzers and integrated development environments to validate code correctness and provide type-based code completion without modifying the original source code of the libraries. The project focuses on the creation and maintenance of external type hint files that separate type annotations from runtime implementation. It utilizes a system for versioning and mapping these stubs to specific versions of runtime packages to maintain
code2flow is a static program flow mapper and source code call graph generator. It analyzes source code to produce visual flow diagrams that map function call relationships and execution paths. The project includes an asynchronous call trace visualizer that follows execution paths through async and await calls to map the logic of asynchronous programs. It also provides a programmable code analysis interface, allowing the call graph generation logic to be integrated into other software applications. The system handles static code analysis by converting source code into abstract syntax trees t
Flake8 is a Python style checker and static analysis tool that identifies programmatic errors and violations of coding standards in source files. It serves as a linting wrapper that aggregates multiple checkers into a single interface, functioning as a pluggable framework for Python code analysis. The tool incorporates a cyclomatic complexity analyzer to measure the logical complexity of functions and identify code that requires refactoring. It is designed for extensibility, allowing the integration of custom plugins and rules through defined entry points. The system provides capabilities fo
NullAway is a Java static analysis tool and build-time detector designed to identify null pointer risks. It functions as a nullability checker that uses annotations to verify that references are not null before they are dereferenced, preventing runtime crashes. The analyzer implements the JSpecify standard to ensure consistent nullability annotations across different Java libraries. It distinguishes itself through the use of a service provider interface to model the nullability behavior of third-party libraries that lack source annotations and by providing specialized support for Lombok-gener
SpotBugs is a static analysis tool and bytecode analyzer for Java applications. It scans compiled class files to identify bugs, security vulnerabilities, and performance issues without executing the code. The system functions as both a bug detector and a static application security testing tool to locate logical errors and API misuse. The project distinguishes itself through a plugin-based detector architecture that allows the integration of external libraries to add custom detection rules. It provides specialized security auditing for vulnerabilities such as SQL injection, cross-site scripti
This project is a comprehensive, curated directory of static analysis, linting, and security scanning utilities. It serves as a central resource for developers to discover, compare, and select tools based on specific programming languages, licensing models, and integration requirements. The directory distinguishes itself by providing deep metadata for each listed utility, including community-driven popularity rankings, maintenance status, and deployment methods. By aggregating these tools into a single searchable index, it enables teams to identify solutions for enforcing coding standards, ma
Pyright is a static type checker for Python designed to validate type hints and identify potential errors within large codebases. It functions as a command-line utility that integrates into local development environments and continuous integration pipelines to ensure code quality and consistency. The tool distinguishes itself through a high-performance analysis engine that utilizes incremental dependency graph analysis and persistent state caching to re-evaluate only the affected portions of a project. By implementing the Language Server Protocol, it provides real-time feedback, including err