Linter for ABAP, written in TypeScript.

Enhances the SAP Code Inspector with new and customizable checks.

Static checker for GitHub Actions workflow files. Provides an online version.

Identify database issues before they hit production.

Lint, analyze, normalize, transform, sandbox, run, step through, and visualize user JavaScript, in node or the browser.

Spell, style and grammar checker.

Asynchronous Lint Engine for Vim and NeoVim with support for many languages.

Catch insensitive, inconsiderate writing

Find inefficiently packed structs.

Inspects tar archives and tries to spot portability issues in regard to POSIX 2017 pax specification and common tar implementations. This project is intended to be used by maintainers of projects who want to offer portable source code archives for as many systems as possible. Checking tar archives with alquitran before publishing them should help spotting issues before they reach distributors and users.

A static code analysis tool for Crystal.

Discover, analyze, and certify container images. A service that analyzes Docker images and applies user-defined acceptance policies to allow automated container image validation and certification

Run static analysis on Android projects.

Combines lint errors of multiple projects into one output, check lint results of multiple sub-projects at once.

Based on IntelliJ IDEA, and comes bundled with tools for Android including Android Lint.

Binary code analysis tool that also supports symbolic execution.

Linter for Angular projects

Checks playbooks for practices and behaviour that could potentially be improved.

Static analysis for C/C++/C#, PHP and Java.

Commercial Static Code Analysis which generates exploits to verify vulnerabilities.

Creates reports of over 400 rule patterns for feature detection (e.g. the use of cryptography or version control in apps).

Unit test your Java or Kotlin architecture.

A C# architecture test library to specify and assert architecture rules in C# for automated testing.

ast-grep is a powerful tool designed for managing code at scale using Abstract Syntax Trees (AST). Think of it as a hybrid of grep, eslint, and codemod, with the ability to search, lint, and rewrite code based on its structure rather than plain text. It supports multiple languages and is designed to be extensible, allowing you to register custom languages.

Astrée automatically proves the absence of runtime errors and invalid con­current behavior in C/C++ applications. It is sound for floating-point computations, very fast, and exceptionally precise. The analyzer also checks for MISRA/CERT/CWE/Adaptive Autosar coding rules and supports qualification for ISO 26262, DO-178C level A, and other safety standards. Jenkins and Eclipse plugins are available.

Beautify HTML, CSS, JavaScript, PHP, Python, Ruby, Java, C, C++, C#, Objective-C, CoffeeScript, TypeScript, Coldfusion, SQL, and more in Atom editor.

A linter and formatter to help you to improve copywriting, correct spaces, words, punctuations between CJK (Chinese, Japanese, Korean).

Autoflake removes unused imports and unused variables from Python code.

A tool that automatically formats Python code to conform to the PEP 8 style guide. It uses the pycodestyle utility to determine what parts of the code needs to be formatted.

Check local CloudFormation templates against policy-as-code rules and generate rules from existing templates.

Tracks down error-prone code locations, style violations, cloned or dead code, cyclic dependencies and more for C/C++, C#/.NET, Java and Ada 83/Ada 95.

Secure DevOps kit for Azure (AzSK) provides security IntelliSense, Security Verification Tests (SVTs), CICD scan vulnerabilities, compliance issues, and infrastructure misconfiguration in your infrastructure-as-code. Supports Azure via ARM.

A tool to find common security issues in Python code.

Code style enforcement for bash programs. The output format aims to follow pycodestyle (pep8) default output format.

Open-Source static code analysis tool to discover, filter and prioritize security risks and vulnerabilities leading to sensitive data exposures (PII, PHI, PD). Highly configurable and easily extensible, built for security and engineering teams.

A linting engine supporting custom project-specific rules.

Better Code Hub checks your GitHub codebase against 10 engineering guidelines devised by the authority in software quality, Software Improvement Group.

Checks your code and infra (various Git repositories supported, cloud stacks, CLI, Web Interface platform, integrationss available) for security and quality issues. Code Scanning/SAST/Linting using many tools/Scanners deduplicated with One Report (AI optional).

Analyzes a raw binary firmware and determines features like endianness or the loading address. The tool is compatible with all architectures. Loading address: binbloom can parse a raw binary firmware and determine its loading address. Endianness: binbloom can use heuristics to determine the endianness of a firmware. UDS Database: binbloom can parse a raw binary firmware and check if it contains an array containing UDS command IDs.

A binary static analysis tool that provides security and correctness results for Windows portable executables.

A toolchain for web projects, aimed to provide functionalities to maintain them. Biome formats and lints code in a fraction of a second. It is the successor to Rome. It is designed to eventually replace Biome is designed to eventually replace Babel, ESLint, webpack, Prettier, Jest, and others.

The uncompromising Python code formatter.

Tool to analyze source code and binaries for reusable code, necessary licenses and potential security aspects.

Ever wondered what's making your binary big? Bloaty McBloatface will show you a size profile of the binary so you can understand what's taking up space inside. Bloaty performs a deep analysis of the binary. Using custom ELF, DWARF, and Mach-O parsers, Bloaty aims to accurately attribute every byte of the binary to the symbol or compileunit that produced it. It will even disassemble the binary looking for references to anonymous data. F

A language-agnostic linter that keeps code, documentation, and configuration in sync and enforces strict formatting and validation rules.

Checks whether HTTP response body is closed.

An HTML linter for Bootstrap projects.

Safe code refactoring for modern Python. Bowler is a refactoring tool for manipulating Python at the syntax tree level. It enables safe, large scale code modifications while guaranteeing that the resulting code compiles and runs. It provides both a simple command line interface and a fluent API in Python for generating complex code modifications in code.

A static analysis security vulnerability scanner for Ruby on Rails applications.

Haskell source code formatter