Analysis tools logo

5 Terraform Static Analysis Tools

Type:
Any
106

Mega-Linter

  • Type: cli
637

Mega-Linter can handle any type of project thanks to its 70+ embedded Linters, its advanced reporting, runnable on any CI system or locally, with assisted installation and configuration, able to apply formatting and fixes

69

Semgrep

  • Type: cli
  • Type: service
6559

A fast, open-source, static analysis tool for finding bugs and enforcing code standards at editor, commit, and CI time. Its rules look like the code you already write; no abstract syntax trees or regex wrestling. Supports 17+ languages.

4

trunk

  • Type: cli

Modern repositories include many technologies, each with its own set of linters. With 30+ linters and counting, Trunk makes it dead-simple to identify, install, configure, and run the right linters, static analyzers, and formatters for all your repos.

3

shisho

  • Type: cli
  • Type: service
336

A lightweight static code analyzer designed for developers and security teams. It allows you to analyze and transform source code with an intuitive DSL similar to sed, but for code.

1

kics

  • Type: cli
1033

Find security vulnerabilities, compliance issues, and infrastructure misconfigurations in your infrastructure-as-code. Supports Terraform, Kubernetes, Docker, AWS CloudFormation and Ansible

❤️ Sponsor this project

We are currently looking for partners who want to sponsor hosting and development of the project.

Check out our Github Sponsors page here

Missing an entry? Please let us know.