awesome-repositories.com
Blog
awesome-repositories.com

Descoperă cele mai bune repository-uri open source cu căutare AI.

ExploreazăCăutări recomandateAlternative open-sourceSoftware self-hostedBlogHartă site
ProiectDespreCum realizăm clasamentulPresăServer MCP
LegalConfidențialitateTermeni
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

52 repository-uri

Awesome GitHub RepositoriesStatic Code Analysis Tools

Software that examines source code without executing it to identify potential bugs, vulnerabilities, and style violations.

Explore 52 awesome GitHub repositories matching testing & quality assurance · Static Code Analysis Tools. Refine with filters or upvote what's useful.

Awesome Static Code Analysis Tools GitHub Repositories

Găsește cele mai bune repo-uri cu AI.Vom căuta cele mai potrivite repository-uri folosind AI.
  • fffaraz/awesome-cppAvatar fffaraz

    fffaraz/awesome-cpp

    71,817Vezi pe GitHub↗

    This project is a comprehensive, curated directory of high-quality libraries, tools, and educational resources for C and C++ development. It serves as an ecosystem discovery index, helping developers navigate the vast landscape of third-party components, frameworks, and technical documentation available for the language. The collection is distinguished by its focus on high-performance systems programming and technical mastery. It provides deep coverage of specialized domains including SIMD-accelerated data processing, compile-time template metaprogramming, and asynchronous event-driven archit

    Pinpoints utilities for static analysis to detect bugs, vulnerabilities, and style violations in source code.

    awesomeawesome-listc
    Vezi pe GitHub↗71,817
  • alibaba/p3cAvatar alibaba

    alibaba/p3c

    30,827Vezi pe GitHub↗

    p3c is a Java static analysis tool and code quality linter designed to enforce professional coding guidelines and quality standards. It utilizes a set of custom rules based on the PMD engine to scan source code for style violations, performance bottlenecks, and potential bugs. The project is distributed as an IDE linting plugin that provides real-time feedback and warnings during development. It also includes functionality for pre-commit code quality gates, allowing modified files to be scanned and blocked if they violate defined rules before being committed to version control. The analysis

    Examines Java source code without execution to identify potential bugs, style violations, and performance bottlenecks.

    Kotlin
    Vezi pe GitHub↗30,827
  • standard/standardAvatar standard

    standard/standard

    29,431Vezi pe GitHub↗

    Standard is a suite of static analysis tools for JavaScript, comprising a linter, formatter, and a predefined style guide. It functions as a static code analyzer that scans source code for style violations and potential errors without executing the program. The project provides an automatic code fixer that rewrites source code to resolve formatting issues and enforce syntax consistency. It implements a standardized set of rules for JavaScript formatting and syntax to ensure a uniform appearance across different projects. The system covers a wide range of static analysis capabilities, includi

    Scans JavaScript source code without executing it to identify style violations and potential programming errors.

    JavaScriptdevelopmentecmascriptes6
    Vezi pe GitHub↗29,431
  • feross/standardAvatar feross

    feross/standard

    29,431Vezi pe GitHub↗

    Standard is a zero-configuration static analyzer, linter, and formatter for JavaScript. It functions as a style guide that enforces consistent coding rules and identifies programming errors without requiring manual configuration files. The tool distinguishes itself by providing an automatic code fixer that scans source files to correct style violations and ensure a uniform codebase. It implements a predefined rule set to eliminate the need for project-specific configuration. The project covers a broad range of static analysis capabilities, including support for experimental language syntax a

    The tool's core engine that analyzes source code to identify style inconsistencies and programmer errors.

    JavaScript
    Vezi pe GitHub↗29,431
  • biomejs/biomeAvatar biomejs

    biomejs/biome

    23,741Vezi pe GitHub↗

    Biome is a unified developer tooling suite that provides code formatting, linting, and static analysis for JavaScript and TypeScript projects. It functions as a command-line interface designed to automate the maintenance of code quality and style consistency throughout the development lifecycle. The tool distinguishes itself through a high-performance engine built in Rust, which utilizes a single-pass abstract syntax tree to perform formatting and linting simultaneously. By leveraging parallel multi-threaded execution and incremental file system caching, it minimizes latency during analysis t

    Inspects source code for bugs and vulnerabilities without execution as a core static analysis utility.

    Rustcssformatterjavascript
    Vezi pe GitHub↗23,741
  • ruby/rubyAvatar ruby

    ruby/ruby

    23,497Vezi pe GitHub↗

    Ruby is a general-purpose, dynamic programming language built on an object-oriented runtime environment. It treats every piece of data as an object, ensuring a consistent interface for manipulation across the entire system. The language is designed to support programmer productivity through a focus on natural syntax and flexible metaprogramming capabilities. The runtime distinguishes itself through a pure object model that allows for dynamic class modification and runtime method definition. It supports functional programming patterns by encapsulating code blocks as objects that capture their

    Supports static analysis to identify type inconsistencies and structural improvements without execution.

    Rubycjitlanguage
    Vezi pe GitHub↗23,497
  • quozd/awesome-dotnetAvatar quozd

    quozd/awesome-dotnet

    21,410Vezi pe GitHub↗

    This project serves as a comprehensive, community-driven directory for the .NET ecosystem. It functions as a curated index of high-quality libraries, frameworks, and tools designed to assist developers in identifying recommended solutions for a wide range of project requirements and software engineering tasks. The repository distinguishes itself by providing a categorized catalogue that simplifies the discovery of resources across the entire .NET development lifecycle. By maintaining a standardized collection of community-contributed utilities, it helps developers navigate the ecosystem to fi

    Examines source code without execution to identify potential bugs, vulnerabilities, and style violations.

    awesomeawesome-listclr
    Vezi pe GitHub↗21,410
  • python/mypyAvatar python

    python/mypy

    20,489Vezi pe GitHub↗

    mypy is a static type checker for Python that analyzes source code to detect type errors and inconsistencies without executing the program. It functions as a static analysis tool and type inference engine, providing a gradual typing system that allows type hints to be added to a codebase incrementally while maintaining compatibility with dynamic typing. The project distinguishes itself through a combination of performance and precision features. It utilizes a daemon-based incremental checking system and multi-process parallel analysis to manage large codebases, supported by binary cache persi

    Scans source code to identify bugs and type inconsistencies before runtime execution.

    Pythonlinterpythontypechecker
    Vezi pe GitHub↗20,489
  • usestrix/strixAvatar usestrix

    usestrix/strix

    20,138Vezi pe GitHub↗

    Strix is an automated security research and vulnerability scanning platform that leverages language models to orchestrate complex security analysis tasks. It functions as a comprehensive framework for penetration testing and continuous security integration, allowing users to embed automated vulnerability research directly into development pipelines or execute it within isolated, containerized environments. The platform distinguishes itself through a multi-agent orchestration engine that coordinates specialized autonomous agents to perform parallel security assessments. By integrating LLM-agno

    Inspects source code using structural pattern matching and syntax tree parsing to identify security vulnerabilities.

    Pythonagentsartificial-intelligencecybersecurity
    Vezi pe GitHub↗20,138
  • realm/swiftlintAvatar realm

    realm/SwiftLint

    19,456Vezi pe GitHub↗

    SwiftLint is a static analysis tool and code formatter designed to enforce consistent coding styles and identify semantic issues within Swift source code. It functions as a command-line utility that evaluates code against established conventions to ensure uniform structure and architectural standards across a project. The tool distinguishes itself through a custom linting engine that leverages compiler-integrated syntax analysis to perform deep inspections of code structure. Beyond simple pattern matching, it supports automated source code transformation to correct formatting violations and r

    Enforces consistent Swift coding styles and identifies semantic issues using compiler-level syntax analysis.

    Swiftcode-qualityhacktoberfestlinter
    Vezi pe GitHub↗19,456
  • you-dont-need/you-dont-need-lodash-underscoreAvatar you-dont-need

    you-dont-need/You-Dont-Need-Lodash-Underscore

    19,159Vezi pe GitHub↗

    This project is a dependency reduction tool and ESLint plugin designed to remove heavy utility libraries from JavaScript projects. It functions as a static analysis tool that identifies third-party library method calls and suggests native ECMAScript alternatives to decrease bundle size. The tool provides a curated replacement guide consisting of native JavaScript code snippets that replicate the behavior of common external utility functions. This allows developers to migrate older codebases to current language standards and reduce project complexity. The system integrates into the linting li

    Examines source code without execution to identify non-native patterns and recommend ECMAScript equivalents.

    JavaScriptalternativeseslint-pluginfindindex
    Vezi pe GitHub↗19,159
  • tirth8205/code-review-graphAvatar tirth8205

    tirth8205/code-review-graph

    18,822Vezi pe GitHub↗

    This project is a static code analysis tool and local-first code indexer that builds a persistent dependency graph of functions, classes, and imports. It functions as an AI context optimizer and codebase dependency graph, designed to reduce token usage by providing AI assistants with only the most relevant code fragments and impact analysis for a given change. The system implements a Model Context Protocol server that exposes code intelligence and architectural graph queries to external AI coding tools. It distinguishes itself by computing the change blast radius and risk scores of modificati

    Implements a static analysis pipeline that parses source code into structural maps and automated architectural documentation.

    Pythonai-codingclaudeclaude-code
    Vezi pe GitHub↗18,822
  • typescript-eslint/typescript-eslintAvatar typescript-eslint

    typescript-eslint/typescript-eslint

    16,103Vezi pe GitHub↗

    This project is a static analysis framework and linting engine designed to inspect TypeScript codebases. It functions as a plugin suite that enables standard linting workflows to parse source code into abstract syntax trees, allowing for the automated enforcement of coding standards and the identification of potential bugs through a modular, rule-based visitor pattern. The engine distinguishes itself by integrating directly with the TypeScript compiler to perform type-aware analysis. By accessing compiler type information, it can identify complex errors and unsafe patterns that standard synta

    Provides a framework for parsing source code into syntax trees to identify bugs and enforce consistency.

    TypeScripteslinteslint-plugineslintplugin
    Vezi pe GitHub↗16,103
  • semgrep/semgrepAvatar semgrep

    semgrep/semgrep

    15,603Vezi pe GitHub↗

    Semgrep is a static analysis security testing tool designed to identify vulnerabilities and logic errors by matching source code against declarative patterns. It functions as an automated scanner that integrates into development workflows to detect insecure code patterns and enforce coding standards before deployment. The engine utilizes a language-agnostic intermediate representation and a modular parser architecture to normalize diverse programming languages into a unified format. This allows for consistent rule execution across different codebases, enabling users to perform custom structur

    Identifies security vulnerabilities and logic errors by matching source code patterns against defined rules.

    OCamlcgojava
    Vezi pe GitHub↗15,603
  • grab/front-end-guideAvatar grab

    grab/front-end-guide

    15,235Vezi pe GitHub↗

    This project is a front-end development study guide and technical roadmap designed to introduce the tools, libraries, and patterns used in modern web application development. It serves as an educational resource covering single page application architecture, the integration of modern web tech stacks, and the design of components using static typing. The guide focuses on the orchestration of front-end CI/CD pipelines, providing a walkthrough for automating the linting, testing, bundling, and deployment of static assets to cloud hosting. It specifically addresses the implementation of reusable

    Covers the use of automated tools to scan source code for bugs, vulnerabilities, and style violations.

    JavaScriptbabelcsscss-modules
    Vezi pe GitHub↗15,235
  • analysis-tools-dev/static-analysisAvatar analysis-tools-dev

    analysis-tools-dev/static-analysis

    14,389Vezi pe GitHub↗

    This project is a comprehensive, curated directory of static analysis, linting, and security scanning utilities. It serves as a central resource for developers to discover, compare, and select tools based on specific programming languages, licensing models, and integration requirements. The directory distinguishes itself by providing deep metadata for each listed utility, including community-driven popularity rankings, maintenance status, and deployment methods. By aggregating these tools into a single searchable index, it enables teams to identify solutions for enforcing coding standards, ma

    Parses source code to detect runtime errors and quality issues without execution.

    Rustanalysisawesome-listcode-quality
    Vezi pe GitHub↗14,389
  • larksuite/cliAvatar larksuite

    larksuite/cli

    14,291Vezi pe GitHub↗

    Lark CLI is a terminal-based tool designed for automating tasks and managing resources across the Lark and Feishu productivity ecosystem. It functions as a cloud workspace automator and REST API client, providing a command line interface to programmatically manage organizational documents, calendars, emails, and tasks. The project distinguishes itself through an AI agent skill framework that allows for the integration and deployment of both bundled and custom skills. It features an identity-aware execution context that enables switching between user and bot identities, and employs a sidecar-b

    Executes custom source-level checks to enforce coding conventions and detect contract violations.

    Go
    Vezi pe GitHub↗14,291
  • phpstan/phpstanAvatar phpstan

    phpstan/phpstan

    13,999Vezi pe GitHub↗

    This project is a static analysis engine and type checker designed for PHP codebases. It evaluates source code structure and type annotations to identify potential bugs, type mismatches, and logic errors without executing the application. By parsing code into an abstract syntax tree and applying a rule-based validation framework, it enforces code quality and safety standards across a project. What distinguishes this tool is its sophisticated type inference engine, which models dynamic language features, magic methods, and conditional types to maintain accuracy even in unconventional code. It

    Identifies bugs, type mismatches, and logic errors by scanning source code without executing the application.

    PHPphpphp7phpstan
    Vezi pe GitHub↗13,999
  • dense-analysis/aleAvatar dense-analysis

    dense-analysis/ale

    13,966Vezi pe GitHub↗

    Ale is an asynchronous code analysis tool and integrated development environment plugin designed for lightweight text editors. It functions as a language server protocol client, enabling real-time code intelligence and diagnostic feedback by running analysis tasks in the background to ensure the editor interface remains responsive during intensive operations. The plugin utilizes an event-driven architecture to monitor text buffers and trigger linting or formatting routines automatically. It distinguishes itself through a modular extensibility framework that supports a wide range of language-s

    Identifies syntax errors and style violations in the background without interrupting the user typing experience.

    Vim Scriptautocompletelanguage-server-protocollanguageclient
    Vezi pe GitHub↗13,966
  • php-cs-fixer/php-cs-fixerAvatar PHP-CS-Fixer

    PHP-CS-Fixer/PHP-CS-Fixer

    13,463Vezi pe GitHub↗

    This tool is a command-line utility designed to automatically detect and correct coding standard violations in PHP source files. It functions as a static analysis and refactoring engine that ensures consistent project-wide formatting by applying predefined community conventions or custom organizational rules. The project distinguishes itself through a modular rule-based engine that supports both automated style correction and codebase modernization. It allows developers to update legacy syntax to align with newer language versions and testing framework requirements, facilitating the adoption

    Inspects PHP source code for stylistic inconsistencies and syntax patterns without requiring manual intervention or execution.

    PHPcode-standardscode-stylephp
    Vezi pe GitHub↗13,463
Înapoi123Înainte
  1. Home
  2. Testing & Quality Assurance
  3. Code Quality and Review
  4. Code Quality Tools
  5. Static Code Analysis Tools

Explorează sub-etichetele

  • Bug-Triggering Code MinimizationUtilities for reducing a codebase to the smallest possible snippet that triggers a specific bug or false positive. **Distinct from Static Code Analysis Tools:** Specific tool for isolating triggers via code reduction, rather than general static analysis scanning.