Analysis tools logo

Best 13 Configuration Management static analysis tools

8

DeepSource

  • Type: service

In-depth static analysis to find issues in verticals of bug risks, security, anti-patterns, performance, documentation and style. Native integrations with GitHub, GitLab and Bitbucket. Less than 5% false positives.

1

ShiftLeft Scan

  • Type: cli
  • Type: service

Scan is a free open-source DevSecOps platform for detecting security issues in source code and dependencies. It supports a broad range of languages and CI/CD pipelines.

0

ansible-lint

  • Type: cli

Checks playbooks for practices and behaviour that could potentially be improved.

0

cfn-lint

  • Type: cli

AWS Labs CloudFormation linter.

0

cfn_nag

  • Type: cli

A linter for AWS CloudFormation templates.

0

checkov

  • Type: cli

Static analysis tool for Terraform files (tf>=v0.12), preventing cloud misconfigs at build time.

0

cookstyle

  • Type: cli

Cookstyle is a linting tool based on the RuboCop Ruby linting tool for Chef cookbooks.

0

foodcritic

  • Type: cli

A lint tool that checks Chef cookbooks for common problems.

0

Puppet Lint

  • Type: cli

Check that your Puppet manifests conform to the style guide.

0

terraform-compliance

  • Type: cli

A lightweight, compliance- and security focused, BDD test framework against Terraform.

0

terrascan

  • Type: cli

Collection of security and best practice tests for static code analysis of Terraform templates.

0

tflint

  • Type: cli

A Terraform linter for detecting errors that can not be detected by `terraform plan`.

❤️ Sponsor this project

We are currently looking for partners who want to sponsor hosting and development of the project.

Check out our Github Sponsors page here

Missing an entry? Please let us know.