30 open-source projects similar to github/codeql, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Codeql alternative.
gosec is a static analysis security tool designed to scan Go source code for vulnerabilities and common coding flaws. It functions as a security analyzer that inspects the abstract syntax tree to identify insecure function calls, API usage, and potential security risks. The tool distinguishes itself by mapping detected vulnerabilities to Common Weakness Enumeration identifiers for standardized reporting and integrating with external AI models to suggest code fixes for identified issues. Its capabilities cover the detection of injection vulnerabilities, hardcoded credentials, weak cryptograph
Pyre is a high-performance static type checker and analysis tool for Python. It identifies type errors and ensures type safety without executing the program, utilizing a static type inference engine to maintain consistency across functions. The project is distinguished by an incremental type analysis engine that operates as a background daemon. This system monitors filesystem changes to re-validate only modified parts of a project, reducing the time required for repeated analysis. It also includes a static analysis security tool that uses taint analysis to track untrusted data flows and ident
Bearer is a static analysis security testing tool and privacy compliance auditor. It identifies security vulnerabilities, hard-coded secrets, and privacy risks in source code through static analysis and data flow tracing. The tool distinguishes itself by tracking the movement of sensitive data through code to identify leaks and by mapping personal and health-related information flows to generate evidence for privacy impact assessments. It also provides differential scanning for pull requests and uses fingerprint-based suppression to exclude known false positives from reports. The platform co
ApplicationInspector is a multi-language static analysis tool designed to detect specific features and characteristics within source code. It utilizes a declarative JSON rules engine to identify patterns and structural tags across project directories without requiring the analyzer to be recompiled. The system distinguishes itself through a code version differ that compares two different source paths to report changes in detected features. It also provides utilities for creating and validating custom JSON-based rules, including a validation pipeline to verify syntax and identifier uniqueness.
🐊 Pluggable and configurable JavaScript Linter, code transformer and formatter with superpowers 💪: built-in support of js, jsx, ts, markdown, yaml, toml, json and ignore. Write declarative codemods in a simplest possible way 😏
SonarQube is a static code analysis platform used to scan source code and infrastructure scripts across multiple languages. It detects bugs, security vulnerabilities, and maintainability issues to ensure software meets reliability and security standards. The platform implements automated quality gates for continuous integration and delivery pipelines, verifying code against defined rules during merge or pull requests. It also integrates directly with code editors to provide real-time analysis results and quick-fix guidance during development. The system covers broad functional areas includin
PMD is a multi-language static code analyzer used to identify programming flaws, unused variables, and dead code without executing the program. It functions as a code smell detector and coding standard enforcer, ensuring source code adheres to specific naming conventions, structural requirements, and project style guides. The project features an XPath-based rule engine that allows users to define custom analysis patterns using queries against an abstract syntax tree. It also includes a copy-paste detector to identify duplicated code blocks across multiple files and a visual rule designer for
Potpie is an LLM codebase analysis platform and multi-agent orchestration framework designed to act as an AI software engineer. It parses repositories into a structured code knowledge graph, enabling AI agents to perform multi-hop reasoning, dependency tracing, and grounded technical analysis across large codebases. The system distinguishes itself through a spec-driven development framework where agents generate detailed technical specifications and architecture plans before implementing multi-file code changes. It utilizes a durable execution engine to coordinate specialized AI personas for
JSHint is a JavaScript static analysis tool and linter designed to detect errors and enforce coding standards. It functions as a syntax validator that scans source code to identify potential logic problems and programming mistakes before the code is executed. The tool provides a command line interface for analyzing files and directories. It supports the export of analysis results into standardized formats such as Checkstyle for integration with external build tools. Analysis is managed through a system of linting rule management and environment global configuration. This includes the ability
Esprima is a JavaScript parser that converts source code into a structured abstract syntax tree. It implements a specification-driven grammar to ensure compliance with ECMAScript standards, enabling the programmatic analysis and transformation of JavaScript programs. The project provides capabilities for lexical tokenization to break source code into individual symbols and static syntax validation to verify that scripts are well-formed without executing the code. Its functional surface covers JavaScript static analysis, lexical analysis, and the generation of abstract syntax trees.
Gixy is a static configuration analyzer and security auditor for Nginx. It functions as an infrastructure-as-code security scanner and web server configuration linter designed to identify vulnerabilities and misconfigurations in server definitions before deployment. The tool focuses on detecting high-risk security flaws, including host header spoofing, server-side request forgery, and path traversal. It specifically audits Nginx configurations for risks such as HTTP splitting, multiline header issues, and unauthorized third-party access resulting from incorrect Referer or Origin header patter
code2flow is a static program flow mapper and source code call graph generator. It analyzes source code to produce visual flow diagrams that map function call relationships and execution paths. The project includes an asynchronous call trace visualizer that follows execution paths through async and await calls to map the logic of asynchronous programs. It also provides a programmable code analysis interface, allowing the call graph generation logic to be integrated into other software applications. The system handles static code analysis by converting source code into abstract syntax trees t
This project is an AI-powered code reviewer and static analysis server that identifies low-quality files and generates automated critiques. It functions as an automated quality scoring tool that evaluates source code structure and complexity through local parsing. The system utilizes a standardized context protocol to stream analysis results to AI agents and editors. It integrates large language models to produce automated reviews and suggestions for improvement based on quantitative quality metrics. The tool includes a weight-based scoring engine and an asynchronous analysis pipeline for pr
CodeGraphContext is a code graph indexer and visualization tool that analyzes source code to build graphs of functions, classes, and inheritance relationships. It functions as a Model Context Protocol server, providing a structured codebase index to AI assistants for context retrieval and natural language querying. The project features an interactive web interface that uses force-directed layouts to visualize code dependencies and symbols. To accelerate the setup of large projects, it supports the import of pre-calculated knowledge bundles for popular repositories. The system provides capabi
nodejsscan is a static analysis security tool and vulnerability detection engine designed to scan Node.js source code for security flaws and common coding vulnerabilities. It functions as a static application security testing tool that analyzes code without executing the program. The tool operates as a security linter that can be integrated into continuous integration pipelines to block insecure code from merging into main branches. It automates the auditing process through rule-based detection and pattern-based static analysis. The project provides capabilities for vulnerability alert autom
This project is an interactive learning resource and tutorial for implementing the Apollo GraphQL client. It provides a guided instructional experience to teach frontend data management, specifically focusing on how to connect web applications to GraphQL data sources. The platform uses a sequenced path of hands-on lessons and interactive code walkthroughs. These modules combine instructional text with executable code blocks to demonstrate real-time API behavior and the integration of GraphQL into frontend frameworks. The curriculum covers the use of declarative queries and schema-driven data
Oclint is a static analysis engine and extensible linting framework designed for C, C++, and Objective-C source code. It functions as a code quality tool that identifies bugs, code smells, and structural complexities by parsing source code into abstract syntax trees to perform semantic inspection. The project is distinguished by its modular architecture, which supports dynamic plugin loading for custom inspection rules and a pluggable reporter system for exporting analysis findings in multiple formats. It replicates build configurations by reading compiler flags and include paths to ensure th
Skill Seekers is a toolset for generating large language model knowledge bases, featuring a multi-source content scraper and a dedicated RAG data pipeline. It extracts technical data from documentation, code, and video to create structured assets and configuration files for AI-powered IDE extensions. The project distinguishes itself through the ability to transform raw data into polished tutorials and specialized skills for AI plugin marketplaces. It utilizes abstract syntax tree parsing and optical character recognition to analyze GitHub repositories, PDFs, and video frames, converting these
Security-101 is a vendor-agnostic, foundational cybersecurity learning curriculum organized into modular, framework-aligned modules. It is designed to build core knowledge across multiple security domains without tying content to specific products or platforms, making it suitable for both beginners and professionals seeking a structured introduction to the field. The curriculum is built around established security frameworks, including the MITRE ATT&CK framework for standardized threat analysis and the NIST Cybersecurity Framework for incident response workflows. It covers a broad range of do
weggli is a fast and robust semantic search tool for C and C++ codebases. It is designed to help security researchers identify interesting functionality in large codebases.
Linter for dangerous Postgres migration patterns in Diesel and SQLx. Prevents downtime caused by unsafe schema changes.
Open source local-first PR scanner that finds dead code, security bugs, secrets, quality regressions, and AI-code mistakes before merge. For first timers refer to https://duriantaco.github.io/skylos/repo-map/
DevSkim is a set of IDE plugins, language analyzers, and rules that provide security "linting" capabilities.
Ale is a Neovim LSP client and asynchronous linter wrapper designed to integrate language servers and syntax checkers into the editor. It provides infrastructure for background syntax validation and automated code fixing without blocking the editor interface. The project implements the Language Server Protocol to enable advanced semantic navigation, including symbol renaming, definition jumping, and the application of automatic refactoring changes. It functions as an automatic code fixer that applies formatting and repairs based on feedback from linting tools and language servers. The plugin
T.J. Watson Libraries for Analysis, with front ends for Java, Android, and JavaScript, and many common static program analyses.
Tools for code analysis, visualizations, or style-preserving source transformation.
Instant is a real-time backend as a service and relational graph database designed to synchronize data across clients automatically. It functions as a data synchronization layer that provides authentication, permissions, and relational data storage for web and mobile applications. The platform includes an optimistic UI framework that updates local interfaces immediately during writes and handles automatic server rollbacks. It also features a real-time presence system to broadcast transient user states, such as cursor positions and online status, to other connected clients. The system manages
Brakeman is a static analysis security tool and scanner specifically designed for Ruby on Rails source code. It identifies common security vulnerabilities, such as injection and cross-site scripting, by analyzing the application codebase without executing the application. The tool functions as a security auditor that detects mass assignment risks and template vulnerabilities. It evaluates the final output of rendered views and identifies unrestricted assignment patterns that could allow unauthorized modification of model attributes. The system provides vulnerability management through the us
Error Prone is a static code analyzer and Java compiler extension that identifies common programming mistakes during the build process. It functions as a compiler wrapper that flags potential errors as compile-time failures to prevent bugs from reaching execution. The tool integrates directly into the Java compilation workflow to provide compile-time validation. It allows for the definition of custom linting rules and analysis checks to enforce specific coding standards and detect prohibited API usage. The system utilizes abstract syntax tree analysis and type-aware pattern matching to inspe