COBOL

The Best COBOL Static Analysis Tools (Linters/Formatters)

We rank 9 COBOL linters, code analyzers, formatters, and more. Find and compare tools like DerScanner, SonarQube Cloud, SonarQube for IDE, and more. Please rate and review tools that you've used. This helps others find the best tools for their projects.

9 Multi-Language Tools

DerScanner

Multi-language Static Application Security Testing (SAST) platform that detects critical vulnerabilities, including hardcoded secrets, weak cryptography, backdoors, SQL injections, insecure configurations, etc.

  • MaintainedMaintained
  • MaintainedMulti-Language
  • MaintainedcliMaintainedservice
  • Maintainedlinter
  • 100% upvoted

SonarQube Cloud

SonarQube Cloud enables your team to deliver clean code consistently and efficiently with a code review tool that easily integrates into the cloud DevOps platforms and extend your CI/CD workflow. SonarQube Cloud provides a free plan.

  • MaintainedMaintained
  • MaintainedMulti-Language
  • Maintainedservice
  • Maintainedlinter
  • 0% upvoted

SonarQube for IDE

SonarQube for IDE (formerly SonarLint) is a free IDE extension available for IntelliJ, VS Code, Visual Studio, and Eclipse, to find and fix coding issues in real-time, flagging issues as you code, just like a spell-checker. More than a linter, it also delivers rich contextual guidance to help developers understand why there is an issue, assess the risk, and educate them on how to fix it.

  • MaintainedMaintained
  • MaintainedMulti-Language
  • Maintainedcli
  • Maintainedlinter
  • 0% upvoted

SonarQube Server

SonarQube empowers development teams with a code quality and security solution that deeply integrates into your enterprise environment; enabling you to deploy clean code consistently and reliably. SonarQube provides a free and open source Community Build.

  • MaintainedMaintained
  • MaintainedMulti-Language
  • Maintainedservice
  • Maintainedlinter
  • 0% upvoted

StaticReviewer

Static Reviewer executes code checks according to the most relevant Secure Coding Standards, OWASP, CWE, CVE, CVSS, MISRA, CERT, for 40+ programming languages, using 1000+ built-in validation rules for Security, Deadcode & Best Practices Available a module for Software Composition Analysis (SCA) to find vulnerabilities in open source and third party libraries.

  • MaintainedMaintained
  • MaintainedMulti-Language
  • Maintainedcli
  • Maintainedlinter
  • 36% upvoted

Fortify

A commercial static analysis platform that supports the scanning of C/C++, C#, VB.NET, VB6, ABAP/BSP, ActionScript, Apex, ASP.NET, Classic ASP, VB Script, Cobol, ColdFusion, HTML, Java, JS, JSP, MXML/Flex, Objective-C, PHP, PL/SQL, T-SQL, Python (2.6, 2.7), Ruby (1.9.3), Swift, Scala, VB, and XML.

  • MaintainedMaintained
  • MaintainedMulti-Language
  • Maintainedide-plugin
  • Maintainedlinter
  • 46% upvoted

HCL AppScan Source

Commercial Static Code Analysis.

  • MaintainedMaintained
  • MaintainedMulti-Language
  • Maintainedservice
  • Maintainedlinter
  • 33% upvoted

CAST Highlight

Commercial Static Code Analysis which runs locally, but uploads the results to its cloud for presentation.

  • MaintainedMaintained
  • MaintainedMulti-Language
  • Maintainedcli
  • Maintainedlinter
  • 27% upvoted

Understand

Code visualization tool that provides code analysis, standards testing, metrics, graphing, dependency analysis and more for Ada, VHDL, and others.

  • MaintainedMaintained
  • MaintainedMulti-Language
  • Maintainedcli
  • Maintainedlinter
  • 43% upvoted

Frequently Asked Questions

What are COBOL tools?

COBOL (an acronym for COmmon Business-Oriented Language) is a compiled English-like computer programming language designed for business use. COBOL is imperative, procedural and, since 2002, object-oriented. COBOL is primarily used in business, finance, and administrative systems for companies and governments. It is still in use despite the fact that many consider it an outdated programming language, due to the large amount of COBOL code written for business transactions.

What are the best COBOL static analysis tools and linters?

The most popular COBOL tools ranked by user votes are: DerScanner, SonarQube Cloud, SonarQube for IDE, SonarQube Server, StaticReviewer.

Which COBOL services are free for open source projects?

Commercial services with a free plan for open source include SonarQube Cloud, SonarQube for IDE, SonarQube Server.

Our Sponsors

This website is completely open source. To fund our work, we fully rely on sponsors. Thanks to them, we can keep the site free for everybody. Please check out their offers below.

  • BugProve
  • Pixee
  • semgrep
  • Offensive 360
  • BetterScan