30 Containers Static Analysis Tools
Mega-Linter
Mega-Linter can handle any type of project thanks to its 70+ embedded Linters, its advanced reporting, runnable on any CI system or locally, with assisted installation and configuration, able to apply formatting and fixes
- ansible
- apex
- arm
- c
- ci
- clojure
- cloudformation
- coffeescript
- configfile
- configmanagement
- container
- cpp
- css
- csharp
- dart
- dockerfile
- dotenv
- dotnet
- editorconfig
- formatter
- gherkin
- go
- graphql
- groovy
- html
- java
- javascript
- json
- jsonschema
- jsx
- kotlin
- kubernetes
- latex
- lua
- lwc
- markdown
- nodejs
- perl
- php
- powershell
- protobuf
- puppet
- python
- r
- raku
- rst
- ruby
- rust
- scala
- shell
- snakemake
- sql
- terraform
- typescript
- vbnet
- vue
- writing
- xml
- yaml
DeepSource
In-depth static analysis to find issues in verticals of bug risks, security, anti-patterns, performance, documentation and style. Native integrations with GitHub, GitLab and Bitbucket. Less than 5% false positives.
KubeLinter
KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adhere to best practices.
Codeac
Automated code review tool integrates with GitHub, Bitbucket and GitLab (even self-hosted). Available for JavaScript, TypeScript, Python, Ruby, Go, PHP, Java, Docker, and more. (open-source free)
Datree
A CLI tool to prevent Kubernetes misconfigurations by ensuring that manifests and Helm charts follow best practices as well as your organization’s policies
Haskell Dockerfile Linter
A smarter Dockerfile linter that helps you build best practice Docker images.
trivy
A Simple and Comprehensive Vulnerability Scanner for Containers and other Artifacts, Suitable for CI. Trivy detects vulnerabilities of OS packages (Alpine, RHEL, CentOS, etc.) and application dependencies (Bundler, Composer, npm, yarn, etc.). Checks containers and filesystems.
CodeFlow
Automated code analysis tool to deal with technical depth. Integrates with Bitbucket and Gitlab. (free for Open Source Projects)
kics
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations in your infrastructure-as-code. Supports Terraform, Kubernetes, Docker, AWS CloudFormation and Ansible
ThreatMapper
Vulnerability Scanner and Risk Evaluation for containers, serverless and hosts at runtime. ThreatMapper generates runtime BOMs from dependencies and operating system packages, matches against multiple threat feeds, scans for unprotected secrets, and scores issues based on severity and risk-of-exploit.
anchore
Discover, analyze, and certify container images. A service that analyzes Docker images and applies user-defined acceptance policies to allow automated container image validation and certification
chart-testing
ct is the the tool for testing Helm charts. It is meant to be used for linting and testing pull requests. It automatically detects charts changed against the target branch.
clusterlint
Clusterlint queries live Kubernetes clusters for resources, executes common and platform specific checks against these resources and provides actionable feedback to cluster operators. It is a non invasive tool that is run externally. Clusterlint does not alter the resource configurations.
kube-lint
A linter for Kubernetes resources with a customizable rule set. You define a list of rules that you would like to validate against your resources and kube-lint will evaluate those rules against them.
kube-linter
KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adhere to best practices.
kubeval
Validates your Kubernetes configuration files and supports multiple Kubernetes versions.
OpenSCAP
Suite of automated audit tools to examine the configuration and known vulnerabilities following the NIST-certified Security Content Automation Protocol (SCAP).
Qualys Container Security
Container native application protection to provide visibility and control of containerized applications.
Super-Linter
Combination of multiple linters to install as a GitHub Action.
❤️ Sponsor this project
We are currently looking for partners who want to sponsor hosting and development of the project.
Missing an entry? Please let us know.