Best 37 Ruby static analysis tools

A Ruby static code analyzer, based on the community Ruby style guide.

Comments on style violations in GitHub pull requests. Supports Coffeescript, Go, HAML, JavaScript, Ruby, SCSS and Swift.

Beautify HTML, CSS, JavaScript, PHP, Python, Ruby, Java, C, C++, C#, Objective-C, CoffeeScript, TypeScript, Coldfusion, SQL, and more in Atom editor.

Creates reports of over 400 rule patterns for feature detection (e.g. the use of cryptography or version control in apps).

Static code analysis for binary and source code - Java/Scala, PHP, Javascript, C#, PL/SQL, Python, T-SQL, C/C++, ObjectiveC/Swift, Visual Basic 6.0, Ruby, Delphi, ABAP, HTML5 and Solidity.

A static analysis security vulnerability scanner for Ruby on Rails applications.

Code quality threshold checking as part of your build.

Commercial Static Code Analysis which doesn't require pre-compilation.

Automated code review tool integrates with GitHub, Bitbucket and GitLab (even self-hosted). Available for JavaScript, TypeScript, Python, Ruby, Go, PHP, Java, Docker, and more. (open-source free)

Static Code Analysis for C#, C, C++, CoffeeScript, CSS, Groovy, GO, JAVA, JavaScript, Less, Python, Ruby, Scala, SCSS, TypeScript.

A static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby on Rails frameworks.

Regex-based static analysis tool for Visual Studio, VS Code, and Sublime Text - C/C++, C#, PHP, ASP, Python, Ruby, Java, and others.

Flay analyzes code for structural similarities.

Flog reports the most tortured code in an easy to read pain report. The higher the score, the more pain the code is in.

A commercial static analysis platform that supports the scanning of C/C++, C#, VB.NET, VB6, ABAP/BSP, ActionScript, Apex, ASP.NET, Classic ASP, VB Script, Cobol, ColdFusion, HTML, Java, JS, JSP, MXML/Flex, Objective-C, PHP, PL/SQL, T-SQL, Python (2.6, 2.7), Ruby (1.9.3), Swift, Scala, VB, and XML.

Scan is a free open-source DevSecOps platform for detecting security issues in source code and dependencies. It supports a broad range of languages and CI/CD pipelines.

Combination of multiple linters to install as a GitHub Action.

Grep rough audit - source code auditing tool.

Comment on commits coming into your repository and check for syntactic errors and general lint warnings.

A multi-language static analyzer for C/C++/Obj-C/Python/Ruby to create a graph (in dot or graphml format) which shows all `#include` relations of a given set of files.

Static analysis and style linter for Ruby code.

Static analysis Lint-type tool to improve your OO Ruby code.

Quick automated code review of your changes. Supports more than 40 runners for various languages, including Clang, Elixir, JavaScript, PHP, Ruby and more.

Runs quality checks on your code using community tools, and makes sure your numbers don't get any worse over time.

Pattern Based Checking Tool for Ruby.

An open source static analysis security vulnerability scanner for Ruby on Rails applications.

Code smell detector for Ruby.

Ruby classes interactive dependency graph generator.

Static code analysis for Ruby.

A Ruby code quality reporter.

Static analysis tool for checking Ruby code for Sandi Metz' rules.

An automated code reviewing tool. Improving developers' productivity.

SAST tool which is capable of identifying vulnerabilities and undocumented features. The analyzer scans the source code and executables without debug info (i.e. binaries). Supports: Java/Scala/Kotlin, PHP, C#, JavaScript, TypeScript, VBScript, HTML5, Python, Perl, C/C++, Objective-C/Swift, PL/SQL, T-SQL, ABAP, 1C, Apex, Go, Ruby, Groovy, Delphi, VBA, Visual Basic 6, Solidity, Vyper, COBOL.

Vulnerability scanner for dependencies of node.js apps (free for Open Source Projects).

SonarQube is an open platform to manage code quality.

A fast, powerful type checker designed for Ruby.

A commercial static analysis platform that allows for scanning of multiple languages (C/C++, Android, C#, Java, JS, PHP, Python, Node.JS, Ruby, Fortran, and Swift).