30 open-source projects similar to sds/overcommit, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Overcommit alternative.
Overcommit is a Git hook manager and workflow automation system used to configure, deploy, and orchestrate scripts that enforce coding standards and project workflows. It acts as a management layer for distributed hook configuration, applying global templates across multiple repositories to ensure consistent validation rules. The system functions as a parallel task runner, executing multiple validation scripts concurrently across CPU cores to reduce the time spent during pre-commit checks. It distinguishes itself through signature-based integrity verification to detect unauthorized changes to
Prek is a Git hook manager written in Rust that runs configured hooks as a single binary without requiring Python or other external runtimes. It executes hooks faster than standard tools through parallel processing and bundled Rust implementations, and includes a built-in hook repository that enables fully offline operation without network access or environment setup. The tool supports both TOML and YAML configuration formats with identical semantics, and can run hooks from existing pre-commit configuration files without modification. Prek distinguishes itself through workspace-aware monorepo
Lefthook is a Git hook manager and workflow automation tool designed to execute user-defined scripts during version control events. It automates the execution of linters, tests, and formatters to validate changes and maintain code quality before commits or pushes. The project distinguishes itself through a parallel execution model that runs multiple shell commands concurrently to reduce latency. It supports complex configuration management, including the ability to merge global, remote, and local settings and synchronize configurations from external repositories to standardize development env
GrumPHP is a Git commit validator and PHP code quality orchestrator. It functions as a Git hook manager that automates the installation and execution of script triggers to enforce code quality standards within PHP projects. The tool prevents non-compliant code from being committed by running a suite of validation and linting tasks during the Git workflow. It integrates automated quality checks directly into the local development environment to maintain project standards. The system manages pre-commit testing workflows by executing quality tests and automating Git hooks. It uses a task-based
This project is a comprehensive collection of pre-commit hooks designed to automate code linting, style enforcement, and file validation before changes are committed to version control. It provides a suite of ready-to-use scripts that serve as quality guards, including static analysis hooks, configuration file validators, and tools for maintaining version control integrity. The collection distinguishes itself by offering specialized guards for repository health and security. This includes detection of leaked credentials and private keys, prevention of large file commits, and enforcement of br
Combination of multiple linters to run as a GitHub Action or standalone
This project is a dependency manager plugin that automates the management and synchronization of version control hooks. By integrating directly into project dependency configuration files, it ensures that automated tasks and validation rules are consistently applied across local development environments. The tool distinguishes itself by enabling configuration-driven task orchestration, where version control triggers are mapped to custom command sequences. It supports global configuration inheritance, allowing developers to enforce uniform workflows and validation standards across multiple rep
DevOps-Bash-tools is a collection of shell scripts and aliases designed to automate cloud infrastructure, container orchestration, and CI/CD pipelines. It provides a comprehensive toolset for managing operational workflows through the command line. The project specializes in automating tasks across multiple platforms, including managing namespaces and secrets in Kubernetes, auditing resources in AWS and GCP, and triggering builds or managing environment variables in GitHub Actions, GitLab CI, and CircleCI. It also includes a toolkit for interacting with container registries to query manifests
Ruff is a high-performance static analysis and code formatting tool designed for Python. Built in Rust, it functions as a comprehensive engine that scans source code to detect programming errors, security vulnerabilities, and deviations from established coding standards. By parsing source code into a structured tree representation, it provides both automated linting and style enforcement across entire projects. The tool distinguishes itself through its speed and deep integration into the development lifecycle. It utilizes parallelized file processing to maximize throughput on large codebases
danger-js is an automated code review tool and CI pipeline plugin that functions as a pull request linter. It verifies commit messages, tracks dependency changes, and ensures pull requests meet project standards by posting automated feedback and comments directly into the version control interface. The system integrates with various Git providers, including GitHub, GitLab, and BitBucket, to retrieve pull request metadata and execute custom review rules. It allows teams to package and distribute review conventions as shareable modules and supports the execution of rules written in transpiled l
Lefthook is a Git hook manager and workflow automator that uses a configuration-driven approach to manage scripts triggered by version control events. It functions as a parallel task runner, executing multiple scripts simultaneously to reduce the time required for pre-commit or pre-push checks. The project provides a containerized hook runner to ensure consistent dependencies and toolsets across different developer machines. It also supports monorepo orchestration by executing scripts within specific subdirectories and managing complex project structures. The system includes capabilities for
Husky is a Git hook manager that automates the installation and execution of version control lifecycle events within a project repository. It functions by redirecting standard version control event triggers to a centralized configuration directory, allowing teams to standardize development workflows and enforce code quality without requiring manual setup on every machine. The tool enables custom workflow automation by triggering shell scripts during operations such as committing or pushing code. It distinguishes itself by integrating directly into package manager lifecycles, ensuring that aut
Simple-git-hooks is a utility for managing version control hooks through project configuration files. It automates the installation and execution of custom tasks, ensuring that specific commands run consistently across local development environments whenever version control operations occur. The tool functions by injecting managed scripts into the repository directory structure, replacing existing hooks to maintain uniform development standards. It supports environment-specific configurations, allowing developers to define custom initialization scripts to ensure necessary binaries and system
Lint-staged is a command-line utility designed to automate code quality checks and formatting tasks within a Git repository. It functions as a pre-commit hook runner that executes defined operations exclusively on files currently staged for commit, ensuring that only code meeting project standards is permanently saved. The tool distinguishes itself by providing granular control over the development workflow through file filtering and task orchestration. It uses glob-pattern matching to isolate specific file types and executes sequences of shell commands in a strict order. To maintain reposito
osv-scanner is a software composition analysis tool and vulnerability scanner that checks project dependencies and container images against the Open Source Vulnerabilities database. It functions as a dependency remediation tool and can be integrated into custom Go applications as a programmable security library. The project distinguishes itself through a remediation workflow that includes an interactive terminal user interface and automated scripting for upgrading vulnerable packages in lockfiles and manifests. It employs call-graph reachability analysis to determine if vulnerable code is act
Moon is a monorepo build system and task runner designed to orchestrate complex projects with multiple packages. It functions as a dependency graph orchestrator that executes build targets in topological order and utilizes input hashing to cache results and skip redundant work. The project features a polyglot toolchain manager that automates the installation and versioning of language runtimes and CLI tools to ensure environment consistency. It also includes a plugin framework based on WebAssembly, allowing developers to extend build logic and toolchain behavior using any supported language.
This project is a command line interface for managing, installing, and publishing JavaScript packages to a remote registry. It serves as a dependency resolution tool, a software registry publishing client, and a security auditor for Node.js development workflows. The tool distinguishes itself by providing integrated monorepo workspace management and a comprehensive registry authentication client that supports multi-factor authentication. It enables detailed control over the software supply chain through provenance attestations, package signature verification, and the generation of a Software
This project is a static analysis runner designed to identify bugs, performance bottlenecks, and stylistic inconsistencies within Go codebases. It functions as a comprehensive quality assurance suite that executes multiple analysis tools concurrently to provide a unified diagnostic report. By parsing source code into a structured representation, the tool enforces coding standards, validates import structures, and ensures consistent formatting across entire projects. The tool distinguishes itself through its ability to automate the remediation of identified issues, applying programmatic fixes
Pylint is a static code analysis tool for Python that checks source code for errors, coding standard violations, and code smells without executing the program. It parses code into an abstract syntax tree and walks the tree to detect issues, enforces configurable style rules and naming conventions, and identifies duplicate code blocks by comparing tokenised source sequences. The tool also includes an inference engine that deduces variable types by simulating code paths, enabling deeper analysis even in untyped code. What distinguishes Pylint is its plugin-based checker architecture, which allo
This project is a software engineering style guide and a curated collection of architectural patterns and coding standards. It provides a multi-language coding standard to ensure maintainable software across Ruby, Python, JavaScript, and Swift. The project establishes a development workflow specification for version control, continuous integration, and peer review to maintain a linear project history. It also includes a web accessibility framework based on ARIA and WCAG standards, using design tokens and semantic HTML patterns to build inclusive interfaces. The guides cover a broad range of
my-git is a comprehensive framework and reference guide for Git version control administration, repository governance, and software release management. It provides a structured approach to managing the software development lifecycle, from initial feature branching to final production deployment. The project distinguishes itself through a specialized AI-assisted development framework. This includes workflows for managing AI-generated code via automated diff reviews, intent-based commit splitting, and governance models for multi-agent coordination and session isolation using worktrees. The cod
Larastan is a static analysis tool for PHP and a specialized extension for PHPStan. It serves as a code analyzer designed to detect bugs and architectural issues within Laravel applications by analyzing source code without executing it. The project provides framework-specific rule sets and specialized type-inference to handle the unique patterns and logic used in the Laravel ecosystem. This allows for more accurate error detection and type checking than generic analysis tools. The tool includes systems for managing legacy code debt through error baseline tracking and regex-based error suppre
gts provides standardized utilities for project bootstrapping and the application of consistent linting and formatting style guides. It functions as a TypeScript project bootstrapper that initializes new projects with standardized dependencies, build scripts, and compiler settings. The project implements a comprehensive TypeScript style guide consisting of a predefined collection of rules for static analysis and a code formatter that automatically adjusts source code spacing and syntax. These tools identify and fix code style violations to ensure uniformity across codebases. Additional capab
The Snyk CLI is a command-line security scanner that detects known vulnerabilities across open-source dependencies, proprietary application code, container images, and infrastructure-as-code configuration files. It also serves as a platform management tool, allowing users to configure organizations, users, SSO, and reporting from the terminal rather than the web dashboard. The CLI integrates directly into development workflows, enabling scanning within IDEs, build pipelines, and version control systems. It implements static analysis with interfile data flow analysis to find complex security f
lakeFS is a data lake versioning system that provides Git-like branching and commits for large datasets stored in object storage. It functions as a version control layer, enabling the creation of immutable snapshots, atomic commits, and zero-copy branching to create isolated environments for data experimentation without duplicating physical files. The system serves as an S3-compatible storage gateway and an Iceberg REST catalog, allowing standard cloud storage protocols and compatible clients to manage versioned tables. It acts as a data quality gatekeeper by using an event-driven hook system
Checkov is a static analysis tool and security scanner designed to identify misconfigurations in infrastructure as code, container images, and Kubernetes configurations. It functions as a cloud security posture tool, an SCA vulnerability scanner, and a secret scanning utility to prevent security breaches and version control leaks. The project distinguishes itself through deep graph analysis and variable resolution, allowing it to map relationships between interconnected resources and evaluate the final state of infrastructure attributes. It provides extensibility for defining custom security
Pipenv is a Python dependency manager and virtual environment manager that ensures reproducible environments across different systems. It functions as a lockfile resolver, generating deterministic lockfiles from high-level dependency constraints to prevent version drift. The tool integrates project workflow automation by loading environment variables and executing custom project scripts. It also includes security auditing capabilities to scan installed packages for known vulnerabilities. The system covers a broad range of capabilities including dependency version locking, package installatio
TruffleHog is a secret scanning tool designed to identify leaked credentials and API keys across version control systems, cloud storage, and filesystems. It functions as a git secret detector that enumerates hidden commits and a cloud storage security auditor for inspecting container images and storage buckets. The project is distinguished by a credential verification engine that tests discovered secrets against service APIs to confirm they are active, which eliminates false positive alerts. It further analyzes these verified credentials to determine the specific access levels and resources t