The uncompromising Python code formatter.

Mega-Linter can handle any type of project thanks to its 70+ embedded Linters, its advanced reporting, runnable on any CI system or locally, with assisted installation and configuration, able to apply formatting and fixes

A static type checker that aims to combine the benefits of duck typing and static typing, frequently used with MonkeyType.

A code linter to catch common mistakes and improve your Rust code.

A fast, open-source, static analysis tool for finding bugs and enforcing code standards at editor, commit, and CI time. Its rules look like the code you already write; no abstract syntax trees or regex wrestling. Supports 17+ languages.

Static and dynamic analysis tool supporting more than 25 languages and direct IDE integration. Free hosting for Open Source projects available on request. Free academic licenses available.

An extensible linter for JS, following the ECMAScript standard.

Examines Go source code and reports suspicious.

PHP Static Analysis Tool - discover bugs in your code without running it!

A wrapper around pyflakes, pycodestyle and mccabe.

Static analysis of C/C++ code.

Open-Source static code analysis tool to discover, filter and prioritize security risks and vulnerabilities leading to sensitive data exposures (PII, PHI, PD). Highly configurable and easily extensible, built for security and engineering teams.

Looks for programming errors, helps enforcing a coding standard and sniffs for some code smells. It additionally includes pyreverse (an UML diagram generator) and symilar (a similarities checker).

Clang-based C++ linter tool with the (limited) ability to fix issues, too.

Static analysis tool for finding type errors in PHP applications.

A Ruby static code analyzer, based on the community Ruby style guide.

ggshield is a CLI application that runs in your local environment or in a CI environment to help you detect more than 350+ types of secrets, as well as other potential security vulnerabilities or policy breaks affecting your codebase.

Fast Python linter, written in Rust. 10-100x faster than existing linters. Compatible with Python 3.10. Supports file watcher.

Alternative to Go Meta Linter: GolangCI-Lint is a linters aggregator.

Supports functionality such as 'goto definition', type inference, symbol search, reformatting, and code completion, and enables renaming and refactorings.

Checks Java source and byte code for incorrect uses of cryptographic APIs.

Reports known vulnerabilities in common dependencies and recommends updated packages to minimize breaking changes

Audit Cargo.lock for crates with security vulnerabilities reported to the RustSec Advisory Database.

An opinionated code formatter.

Go static analysis that specialises in finding bugs, simplifying code and improving performance.

A (conditionally free for FOSS and individual developers) static analysis of C, C++, C# and Java code. For advertising purposes you can propose a large FOSS project for analysis by PVS employees. Supports CWE mapping, OWASP ASVS, MISRA, AUTOSAR and SEI CERT coding standards.

Vulnerability Scanner and Risk Evaluation for containers, serverless and hosts at runtime. ThreatMapper generates runtime BOMs from dependencies and operating system packages, matches against multiple threat feeds, scans for unprotected secrets, and scores issues based on severity and risk-of-exploit.

Check the Android Source code thoroughly to uncover and address potential security concerns and vulnerabilities. Static application security testing (Static Code Analysis) tool Online

A tool to find common security issues in Python code.

Fixes your code according to standards like PSR-1, PSR-2, and the Symfony standard.

A tool for formatting Rust code according to style guidelines.

CodeScene is a quality visualization tool for software. Prioritize technical debt, detect delivery risks, and measure organizational aspects. Fully automated.

Strict coding standard for Kotlin and a linter that detects and auto-fixes code smells.

Sigrid helps you to improve your software by measuring your system's code quality, and then compares the results against a benchmark of thousands of industry systems to give you concrete advice on areas where you can improve.

CLI to generate an interactive graph of functions and calls from your TypeScript files

A modern static analyzer from etsy.

A static analysis security vulnerability scanner for Ruby on Rails applications.

Fast detection of composer dependency issues.

• 💪 Powerful: Detects unused, shadow and misplaced composer dependencies
• ⚡ Performant: Scans 15 000 files in 2s!
• ⚙️ Configurable: Fine-grained ignores via PHP config
• 🕸️ Lightweight: No composer dependencies
• 🍰 Easy-to-use: No config needed for first try
• ✨ Compatible: PHP >= 7.2

A sound and extensible static analyzer for C code.

A Static Code Analyzer for PHP.

Checks if the code is properly formatted and could not be further simplified.

Multiple dialect SQL linter and formatter.

Modern repositories include many technologies, each with its own set of linters. With 30+ linters and counting, Trunk makes it dead-simple to identify, install, configure, and run the right linters, static analyzers, and formatters for all your repos.

Synopsys Coverity supports 20 languages and over 70 frameworks including Ruby on rails, Scala, PHP, Python, JavaScript, TypeScript, Java, Fortran, C, C++, C#, VB.NET.

In-depth static analysis to find issues in verticals of bug risks, security, anti-patterns, performance, documentation and style. Native integrations with GitHub, GitLab and Bitbucket. Less than 5% false positives.

Pixeebot finds security and code quality issues in your code and creates merge-ready pull requests with recommended fixes.

Static type checker for Python, created to address gaps in existing tools like mypy.

A tool to enforce Swift style and conventions.

Autocompletion/static analysis library for Python.

A symbolic execution framework with batteries included, can be used to find and exploit vulnerabilities in smart contracts automatically.