48 个仓库
Static analysis tools for linting, quality checking, and refactoring.
Explore 48 awesome GitHub repositories matching part of an awesome list · Code Analysis. Refine with filters or upvote what's useful.
Ruff is a high-performance static analysis and code formatting tool designed for Python. Built in Rust, it functions as a comprehensive engine that scans source code to detect programming errors, security vulnerabilities, and deviations from established coding standards. By parsing source code into a structured tree representation, it provides both automated linting and style enforcement across entire projects. The tool distinguishes itself through its speed and deep integration into the development lifecycle. It utilizes parallelized file processing to maximize throughput on large codebases
Listed in the “Code Analysis” section of the Awesome Python awesome list.
该项目是一个不妥协的、确定性的 Python 代码格式化程序。它的工作原理是将源代码解析为抽象语法树,并根据一套严格的、主观的样式规则重新生成它。通过自动化格式化过程,它消除了手动样式争论和配置开销,确保代码在整个项目中保持一致,无论原始输入如何。 该工具通过专注于速度和与开发工作流的无缝集成而脱颖而出。它利用基于内容的文件缓存和并行处理来在大型代码库上保持高性能,同时支持版本控制钩子,以在代码提交前强制执行样式一致性。为了保留项目历史,它提供了在版本控制追溯中忽略特定提交的机制,确保自动化的样式更改不会掩盖原始作者身份。 除了标准源文件外,该格式化程序还将其功能扩展到 Jupyter 笔记本、类型存根以及文档中的嵌入式代码示例。它通过主流文本编辑器和集成开发环境的插件,以及对语言服务器协议的支持,提供了广泛的兼容性。配置通过在目录层次结构中自动发现的项目级文件进行管理,从而允许在不同的开发环境中保持一致的行为。
Listed in the “Code Analysis” section of the Awesome Python awesome list.
p3c is a Java static analysis tool and code quality linter designed to enforce professional coding guidelines and quality standards. It utilizes a set of custom rules based on the PMD engine to scan source code for style violations, performance bottlenecks, and potential bugs. The project is distributed as an IDE linting plugin that provides real-time feedback and warnings during development. It also includes functionality for pre-commit code quality gates, allowing modified files to be scanned and blocked if they violate defined rules before being committed to version control. The analysis
Alibaba coding guidelines for static analysis tools.
mypy is a static type checker for Python that analyzes source code to detect type errors and inconsistencies without executing the program. It functions as a static analysis tool and type inference engine, providing a gradual typing system that allows type hints to be added to a codebase incrementally while maintaining compatibility with dynamic typing. The project distinguishes itself through a combination of performance and precision features. It utilizes a daemon-based incremental checking system and multi-process parallel analysis to manage large codebases, supported by binary cache persi
Listed in the “Code Analysis” section of the Awesome Python awesome list.
This project is a high-performance static type checker and comprehensive development toolkit for Python. It functions as a core analysis engine that identifies type inconsistencies and enforces code correctness, while simultaneously providing a language server implementation to deliver real-time diagnostics and intelligence directly within development environments. The tool distinguishes itself through a parallelized execution engine that maximizes performance across large-scale codebases and monorepo structures. It supports gradual type adoption, allowing developers to integrate type checkin
Listed in the “Code Analysis” section of the Awesome Python awesome list.
Infer is a static analysis toolset for Java, C, C++, and Objective-C designed to detect memory leaks, null dereferences, and resource bugs. It functions as a multi-language bug finder that identifies race conditions, deadlocks, and memory safety issues by translating source code into a common intermediate representation for analysis. The project distinguishes itself through an inter-procedural data flow analyzer that tracks movement between sources and sinks to detect tainted flows and generate data flow graphs. It also includes a framework for verifying temporal properties and reachability u
Static analysis tool for identifying potential bugs in mobile code.
This project is a comprehensive, curated directory of static analysis, linting, and security scanning utilities. It serves as a central resource for developers to discover, compare, and select tools based on specific programming languages, licensing models, and integration requirements. The directory distinguishes itself by providing deep metadata for each listed utility, including community-driven popularity rankings, maintenance status, and deployment methods. By aggregating these tools into a single searchable index, it enables teams to identify solutions for enforcing coding standards, ma
Listed in the “Code Analysis” section of the Awesome Python awesome list.
Checkstyle is a Java static analysis tool and linter designed to identify and enforce coding standards and best practices. It functions as a code quality auditor and Javadoc validation tool, checking source code against configurable rulesets to ensure structural and stylistic consistency. The project allows for the creation of custom linting rules by extending a core API to inspect the abstract syntax tree. It further enables specialized validation through the use of XPath expressions to query the syntax tree for specific code patterns and violations. Capability areas include the enforcement
Static analysis of coding conventions and standards.
Bandit is a static analysis security testing tool and vulnerability detection scanner for Python source code. It functions as a security-focused linter and static analyzer that identifies common vulnerabilities and architectural flaws without executing the program. The tool utilizes an abstract syntax tree to analyze code patterns and identifies risky function calls or insecure configurations. It employs a plugin-based rule engine to decouple scanning logic from individual security checks and supports configuration-driven filtering to exclude specific files or ignore certain warnings. The sy
Listed in the “Code Analysis” section of the Awesome Python awesome list.
Error Prone is a static code analyzer and Java compiler extension that identifies common programming mistakes during the build process. It functions as a compiler wrapper that flags potential errors as compile-time failures to prevent bugs from reaching execution. The tool integrates directly into the Java compilation workflow to provide compile-time validation. It allows for the definition of custom linting rules and analysis checks to enforce specific coding standards and detect prohibited API usage. The system utilizes abstract syntax tree analysis and type-aware pattern matching to inspe
Catches common programming mistakes at compile-time.
isort is a Python import sorter and code formatter that organizes import statements into alphabetical groups and sections. It functions as both a utility to automatically rearrange imports for a consistent layout and as a linting tool to verify if code follows specific ordering rules. The project provides configurable layout settings for indentation, wrapping modes, and section ordering to ensure compliance with project style guides and PEP 8. It allows for the exclusion of specific lines or files through inline comments and docstrings. The tool integrates into development workflows via IDE
Listed in the “Code Analysis” section of the Awesome Python awesome list.
Pylint is a static code analyzer for Python that scans source code for errors, coding standard violations, code smells, and type-related issues without executing the program. It functions as a plugin-based linter framework, allowing users to extend its analysis capabilities with custom or third-party checks for project-specific rules and framework support. The tool also includes a duplicate code detector that identifies identical or near-identical code blocks across a project to help reduce redundancy. Beyond its core linting functionality, Pylint can generate UML class and package diagrams f
Listed in the “Code Analysis” section of the Awesome Python awesome list.
PMD 是一种多语言静态代码分析器,用于在不执行程序的情况下识别编程缺陷、未使用的变量和死代码。它作为代码异味检测器和编码标准执行器,确保源代码遵循特定的命名约定、结构要求和项目风格指南。 该项目具有基于 XPath 的规则引擎,允许用户使用针对抽象语法树的查询来定义自定义分析模式。它还包括一个复制粘贴检测器,用于识别跨多个文件的重复代码块,以及一个用于创建和测试自定义检测模式的可视化规则设计器。 分析范围涵盖了错误检测、识别可维护性问题以减少技术债务,以及验证测试实现。它还提供了识别过于复杂的方法和过多参数列表的功能。
Source code analysis for finding bad coding practices.
Pyrefly is a static type checker for Python that operates as a language server, delivering real-time diagnostics, completions, and navigation in any editor supporting the Language Server Protocol. It also performs static tensor shape analysis, using symbolic dimension variables and arithmetic to verify shape consistency in deep learning models without runtime execution. Beyond core type checking, Pyrefly supports gradual adoption workflows: it can generate a baseline of known errors so only new issues are reported, migrate configuration from other type checkers, and automatically suppress exi
Listed in the “Code Analysis” section of the Awesome Python awesome list.
Credo 是一个用于 Elixir 的静态分析工具和 Linter。它作为一个代码质量分析器,扫描源代码以识别风格不一致、常见错误和潜在的安全漏洞。 该工具提供了一个可定制的框架,用于定义和测试专门的规则,以强制执行项目特定的编码标准。它识别复杂的代码片段和重复代码,以突出重构和简化的机会。 其功能涵盖自动化代码审查、Elixir 编码标准的强制执行,以及通过编辑器集成提供的实时开发者反馈。
Static code analysis for consistency and style.
Typeshed 是一个为 Python 标准库和第三方包提供静态类型定义和存根(stubs)的集合。它作为静态分析器和集成开发环境(IDE)的标准资源,用于验证代码正确性并提供基于类型的代码补全,而无需修改库的原始源代码。 该项目专注于创建和维护外部类型提示文件,将类型注解与运行时实现分离。它利用一套版本控制系统,将这些存根映射到运行时包的特定版本,以保持兼容性。 该仓库包含一个验证套件,以确保这些定义的准确性。这涵盖了运行时到存根的验证(以识别声明类型与实际类型之间的不匹配)、目录结构验证以及回归测试(以防止已知类型检查错误的再次引入)。
Listed in the “Code Analysis” section of the Awesome Python awesome list.
Pytype 是一个 Python 静态代码分析工具和类型推断引擎。它作为一个静态类型分析器,在无需完全手动标注的情况下检测类型不匹配并验证类型注解,同时还作为类型存根(stub)生成器,用于生产独立的定义文件。 该项目的特色在于通过分析代码模式和赋值自动确定变量和函数类型。此推断引擎允许进行结构化代码验证,并生成描述模块和函数接口的类型存根。 该系统涵盖了广泛的静态分析操作,包括类层级和函数调用的结构验证,以及追踪符号以检测命名空间错误和属性访问违规。它还提供类型检查原语以强制执行注解,以及一个能够使用联合(unions)和可选(optionals)类型建模复杂数据结构的类型系统。
Listed in the “Code Analysis” section of the Awesome Python awesome list.
MonkeyType 是一个用于 Python 的运行时类型推断和分析工具。它在程序执行期间从函数调用中收集实际的参数和返回类型,以自动生成静态类型注解和兼容的存根文件。 该系统将捕获的执行跟踪转换为静态类型提示,这些提示可以直接插入到源代码函数定义中,或用于生成外部类型存根。通过分析真实数据类型而非手动审计,该过程能够为现有代码库增加类型安全性。 该工具的功能涵盖运行时类型收集、动态类型推断以及静态类型定义的生成。它利用源代码修改和调用跟踪持久化,将观察到的运行时模式映射到静态签名。
Listed in the “Code Analysis” section of the Awesome Python awesome list.
Vulture is a static analysis tool and linter designed to find unused variables, functions, and classes in Python source code. It operates as a dead code detector and unused code finder that scans source files to identify unreachable expressions and imports without executing the code. The tool employs a confidence-based heuristic scoring system to assign probability values to detections, helping to distinguish truly unused symbols from potential false positives. It further assists in pruning dead logic by sorting detected unused classes and functions by line count to prioritize the removal of
Listed in the “Code Analysis” section of the Awesome Python awesome list.
code2flow 是一个静态程序流程映射器和源代码调用图生成器。它分析源代码以生成可视化流程图,映射函数调用关系和执行路径。 该项目包括一个异步调用跟踪可视化器,它通过 async 和 await 调用跟踪执行路径,以映射异步程序的逻辑。它还提供了一个可编程的代码分析接口,允许将调用图生成逻辑集成到其他软件应用中。 该系统通过将源代码转换为抽象语法树(AST)来识别函数定义和调用点,从而处理静态代码分析。它支持调用图过滤,通过内容过滤器和深度限制路径提取来限制可视化范围,同时提供视觉样式来区分逻辑流。
Listed in the “Code Analysis” section of the Awesome Python awesome list.