awesome-repositories.com
Blog
awesome-repositories.com

Descoperă cele mai bune repository-uri open source cu căutare AI.

ExploreazăCăutări recomandateAlternative open-sourceSoftware self-hostedBlogHartă site
ProiectDespreCum realizăm clasamentulPresăServer MCP
LegalConfidențialitateTermeni
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

28 repository-uri

Awesome GitHub RepositoriesCode Analysis Platforms

Comprehensive suites for scanning, visualizing, and managing code quality and security across multiple languages.

Explore 28 awesome GitHub repositories matching part of an awesome list · Code Analysis Platforms. Refine with filters or upvote what's useful.

Awesome Code Analysis Platforms GitHub Repositories

Găsește cele mai bune repo-uri cu AI.Vom căuta cele mai potrivite repository-uri folosind AI.
  • eslint/eslintAvatar eslint

    eslint/eslint

    27,349Vezi pe GitHub↗

    This project is a static analysis engine designed to identify patterns, enforce coding standards, and automate code quality improvements in software projects. By parsing source code into structured abstract syntax trees, it enables deep programmatic inspection and the automated remediation of identified programming issues. The engine functions as a pluggable linting framework, allowing developers to extend its core capabilities through a modular architecture. Users can inject custom rules, parsers, and processors to support non-standard file formats or domain-specific logic. This extensibilit

    Extensible linting framework for JavaScript and ECMAScript.

    JavaScriptecmascripteslintjavascript
    Vezi pe GitHub↗27,349
  • web-infra-dev/oxcAvatar web-infra-dev

    web-infra-dev/oxc

    21,721Vezi pe GitHub↗

    oxc is a high-performance JavaScript toolchain developed in Rust for parsing, transforming, and analyzing JavaScript and TypeScript source code. It provides a set of core utilities including a parser that converts code into an abstract syntax tree, a linter for identifying problematic patterns, a formatter for standardizing visual style, and a minifier for reducing production file sizes. The project focuses on high-performance execution through a system design that utilizes single-pass parsing, zero-copy string slicing, and parallel worker processing to handle large codebases. It further opti

    High-performance toolchain for JavaScript and TypeScript analysis.

    Rust
    Vezi pe GitHub↗21,721
  • w0rp/aleAvatar w0rp

    w0rp/ale

    14,005Vezi pe GitHub↗

    Ale is a Neovim LSP client and asynchronous linter wrapper designed to integrate language servers and syntax checkers into the editor. It provides infrastructure for background syntax validation and automated code fixing without blocking the editor interface. The project implements the Language Server Protocol to enable advanced semantic navigation, including symbol renaming, definition jumping, and the application of automatic refactoring changes. It functions as an automatic code fixer that applies formatting and repairs based on feedback from linting tools and language servers. The plugin

    Asynchronous linting and fixing for Vim and NeoVim.

    Vim Script
    Vezi pe GitHub↗14,005
  • codota/tabnineAvatar codota

    codota/TabNine

    10,784Vezi pe GitHub↗

    TabNine is an AI-powered code completion engine that runs a deep-learning model to generate real-time code suggestions across all programming languages. It operates as an editor plugin that communicates with a backend through a JSON message-passing interface, processing code entirely on the local machine or within a private cloud to keep source code secure and private. The system provides a completion request API that accepts cursor context and returns ranked text completions, with features for configuring completion regions, prefetching files for indexing, and managing binary versions and up

    Processes code locally or in a private cloud to ensure no code is sent to external servers.

    Shellaiartificial-intelligenceatom-package
    Vezi pe GitHub↗10,784
  • github/codeqlAvatar github

    github/codeql

    9,252Vezi pe GitHub↗

    CodeQL is a semantic code analysis engine and vulnerability scanning tool that treats source code as data. It utilizes a static analysis query language to define complex patterns and security vulnerabilities within a code graph database. The system represents source code as a relational database, enabling the execution of structural queries and data flow analysis. This approach allows for the detection of security flaws and coding errors across large-scale repositories. The tool provides capabilities for automated code auditing, static analysis security testing, and custom vulnerability dete

    Semantic code analysis using dataflow queries for multiple languages.

    CodeQLcodeqlgithub-advanced-securitygithub-security-lab
    Vezi pe GitHub↗9,252
  • lintsinghua/deepauditAvatar lintsinghua

    lintsinghua/DeepAudit

    4,668Vezi pe GitHub↗

    DeepAudit is a privacy-preserving code audit platform that combines multiple specialized AI agents to identify and verify security vulnerabilities in source code. It functions as a local LLM vulnerability scanner, an automated security report generator, and a sandboxed exploit verifier, all operating entirely within an internal network to keep sensitive code and data on premises. What distinguishes DeepAudit is its multi-agent cooperative approach: teams of AI agents jointly plan, analyze, and cross-check findings across the codebase, moving beyond single-pass scanning. The platform also sand

    Runs entirely within the internal network, ensuring source code and analysis remain on premises.

    Pythonaibug-detectioncode-audit
    Vezi pe GitHub↗4,668
  • microsoft/applicationinspectorAvatar microsoft

    microsoft/ApplicationInspector

    4,391Vezi pe GitHub↗

    ApplicationInspector este un instrument de analiză statică multi-limbaj conceput pentru a detecta caracteristici și trăsături specifice în codul sursă. Utilizează un motor de reguli declarativ JSON pentru a identifica tipare și tag-uri structurale în directoarele proiectului fără a necesita recompilarea analizatorului. Sistemul se distinge printr-un differ de versiuni de cod care compară două căi sursă diferite pentru a raporta modificările în caracteristicile detectate. De asemenea, oferă utilitare pentru crearea și validarea regulilor personalizate bazate pe JSON, inclusiv un pipeline de validare pentru a verifica sintaxa și unicitatea identificatorilor. Instrumentul acoperă domenii largi de capabilități, inclusiv descoperirea caracteristicilor codului, auditarea componentelor software și gestionarea domeniului de analiză prin filtrare bazată pe glob. Rezultatele pot fi exportate ca rezumate în formate HTML, Markdown sau JSON. Utilitarele command-line sunt furnizate pentru automatizarea validării sintaxei regulilor și efectuarea comparațiilor de versiuni între diferite iterații ale proiectului.

    Feature detection and rule-based reporting for application codebases.

    C#
    Vezi pe GitHub↗4,391
  • classgraph/classgraphAvatar classgraph

    classgraph/classgraph

    2,987Vezi pe GitHub↗

    An uber-fast parallelized Java classpath scanner and module scanner.

    Scans and queries class metadata and module paths.

    Java
    Vezi pe GitHub↗2,987
  • prontolabs/prontoAvatar prontolabs

    prontolabs/pronto

    2,670Vezi pe GitHub↗

    Quick automated code review of your changes

    Automated code review runner supporting multiple languages.

    Ruby
    Vezi pe GitHub↗2,670
  • bearer/bearerAvatar Bearer

    Bearer/bearer

    2,566Vezi pe GitHub↗

    Bearer is a static analysis security testing tool and privacy compliance auditor. It identifies security vulnerabilities, hard-coded secrets, and privacy risks in source code through static analysis and data flow tracing. The tool distinguishes itself by tracking the movement of sensitive data through code to identify leaks and by mapping personal and health-related information flows to generate evidence for privacy impact assessments. It also provides differential scanning for pull requests and uses fingerprint-based suppression to exclude known false positives from reports. The platform co

    Security-focused analysis to identify and prioritize sensitive data exposure risks.

    Goappseccode-qualitycompliance
    Vezi pe GitHub↗2,566
  • googleprojectzero/weggliAvatar googleprojectzero

    googleprojectzero/weggli

    2,483Vezi pe GitHub↗

    weggli is a fast and robust semantic search tool for C and C++ codebases. It is designed to help security researchers identify interesting functionality in large codebases.

    Semantic search tool for identifying patterns in C/C++.

    Rust
    Vezi pe GitHub↗2,483
  • facebookarchive/pfffAvatar facebookarchive

    facebookarchive/pfff

    2,442Vezi pe GitHub↗

    Tools for code analysis, visualizations, or style-preserving source transformation.

    Tools for code analysis, visualization, and source transformation.

    OCaml
    Vezi pe GitHub↗2,442
  • terryyin/lizardAvatar terryyin

    terryyin/lizard

    2,395Vezi pe GitHub↗

    A simple code complexity analyser without caring about the C/C++ header files or Java imports, supports most of the popular languages.

    Cyclomatic complexity analyzer supporting numerous programming languages.

    Python
    Vezi pe GitHub↗2,395
  • tencent/tscancodeAvatar Tencent

    Tencent/TscanCode

    2,117Vezi pe GitHub↗

    A static code analyzer for C++, C#, Lua

    Fast static analysis for C, C++, C#, and Lua.

    C++
    Vezi pe GitHub↗2,117
  • dotnet/roslyn-analyzersAvatar dotnet

    dotnet/roslyn-analyzers

    1,671Vezi pe GitHub↗

    The Microsoft.CodeAnalysis.NetAnalyzers package moved into the dotnet/sdk repository for further development and respond to issues formerly in this repository.

    Roslyn-based implementation of standard code analyzers.

    hacktoberfest
    Vezi pe GitHub↗1,671
  • yelp/undebtAvatar Yelp

    Yelp/undebt

    1,624Vezi pe GitHub↗

    Undebt is a fast, straightforward, reliable tool for performing massive, automated code refactoring used @Yelp. Undebt lets you define complex find-and-replace rules using standard, straightforward Python that can be applied quickly to an entire code base with a simple command.

    Programmable refactoring tool based on pattern definitions.

    Python
    Vezi pe GitHub↗1,624
  • microsoft/devskimAvatar microsoft

    microsoft/DevSkim

    995Vezi pe GitHub↗

    DevSkim is a set of IDE plugins, language analyzers, and rules that provide security "linting" capabilities.

    Regex-based security analysis for various IDEs and languages.

    C#lintersdlsecurity
    Vezi pe GitHub↗995
  • wala/walaAvatar wala

    wala/WALA

    858Vezi pe GitHub↗

    T.J. Watson Libraries for Analysis, with front ends for Java, Android, and JavaScript, and many common static program analyses.

    Static analysis framework for Java bytecode and JavaScript.

    Java
    Vezi pe GitHub↗858
  • coderaiser/putoutAvatar coderaiser

    coderaiser/putout

    793Vezi pe GitHub↗

    🐊 Pluggable and configurable JavaScript Linter, code transformer and formatter with superpowers 💪: built-in support of js, jsx, ts, markdown, yaml, toml, json and ignore. Write declarative codemods in a simplest possible way 😏

    Pluggable code transformer for JS, TS, and configuration files.

    JavaScript
    Vezi pe GitHub↗793
  • houqp/sqlvetAvatar houqp

    houqp/sqlvet

    499Vezi pe GitHub↗

    Sqlvet performs static analysis on raw SQL queries in your Go code base to surface potential runtime errors at build time.

    Static analysis for detecting runtime errors in raw SQL.

    Go
    Vezi pe GitHub↗499
Înapoi12Înainte
  1. Home
  2. Part of an Awesome List
  3. Developer Tools
  4. Code Analysis Platforms

Explorează sub-etichetele

  • Privacy-Preserving Code Auditors1 sub-tagCode analysis platforms that perform all scanning and analysis within the internal network to ensure source code never leaves the premises. **Distinct from Code Analysis Platforms:** Distinct from Code Analysis Platforms: specifically designed for on-premises, private operation without sending code to external services.