Static program analysis is the analysis of computer software that is performed without actually executing programs — Wikipedia
This is a collection of static analysis tools and code quality checkers. Pull requests are very welcome!
Note: ©️ stands for proprietary software. All other tools are Open Source.
- Codepeer - detects run-time and logic errors
- Polyspace for Ada ©️ - provide code verification that proves the absence of overflow, divide-by-zero, out-of-bounds array access, and certain other run-time errors in source code.
- Understand ©️ - IDE that provides code analysis, standards testing, metrics, graphing, dependency analysis and more for Ada and VHDL.
- gawk --lint - warns about constructs that are dubious or nonportable to other awk implementations.
- clang-tidy - clang static analyser
- CMetrics - Measures size and complexity for C files
- CodeSonar from GrammaTech ©️ - Advanced, whole program, deep path, static analysis of C and C++ with easy-to-understand explanations and code and path visualization.
- Corrode - Semi-automatic translation from C to Rust. Could reveal bugs in the original implementation by showing Rust compiler warnings and errors.
- cppcheck - static analysis of C/C++ code
- cpplint - automated C++ checker that follows Google's style guide
- cqmetrics - quality metrics for C code
- CScout - complexity and quality metrics for for C and C preprocessor code
- flawfinder - finds possible security weaknesses
- flint++ - cross-platform, zero-dependency port of flint, a lint program for C++ developed and used at Facebook.
- Frama-C - a sound and extensible static analyzer for C code
- oclint - static analysis of C/C++ code
- Polyspace Bug Finder ©️ - identifies run-time errors, concurrency issues, security vulnerabilities, and other defects in C and C++ embedded software.
- Polyspace Code Prover ©️ - provide code verification that proves the absence of overflow, divide-by-zero, out-of-bounds array access, and certain other run-time errors in C and C++ source code.
- scan-build - Analyzes C/C++ code using LLVM at compile-time
- splint - static analysis of C/C++ code
- tis-interpreter - An interpreter for finding subtle bugs in programs written in standard C
- vera++ - Vera++ is a programmable tool for verification, analysis and transformation of C++ source code.
- .NET Analyzers - An organization for the development of analyzers (diagnostics and code fixes) using the .NET Compiler Platform.
- Code Analysis Rule Collection - Contains a set of diagnostics, code fixes and refactorings built on the Microsoft .NET Compiler Platform "Roslyn".
- code-cracker - An analyzer library for C# and VB that uses Roslyn to produce refactorings, code analysis, and other niceties.
- CSharpEssentials - C# Essentials is a collection of Roslyn diagnostic analyzers, code fixes and refactorings that make it easy to work with C# 6 language features.
- CodeRush ©️ - Code creation, debugging, navigation, refactoring, analysis and visualization tools that use the Roslyn engine in Visual Studio 2015 and up.
- Designite ©️ - Designite is a software design quality assessment tool. It supports detection of implementation and design smells, computation of various code quality metrics, and trend analysis.
- Gendarme - Gendarme inspects programs and libraries that contain code in ECMA CIL format (Mono and .NET) and looks for common problems with the code, problems that compiler do not typically check or have not historically checked.
- NDepend ©️ - Measure, query and visualize your code and avoid unexpected issues, technical debt and complexity.
- Puma Scan - Puma Scan provides real time secure code analysis for common vulnerabilities (XSS, SQLi, CSRF, LDAPi, crypto, deserialization, etc.) as development teams write code in Visual Studio.
- Refactoring Essentials - The free Visual Studio 2015 extension for C# and VB.NET refactorings, including code best practice analyzers.
- ReSharper ©️ - Extends Visual Studio with on-the-fly code inspections for C#, VB.NET, ASP.NET, JavaScript, TypeScript and other technologies.
- Roslyn Security Guard - Project that focus on the identification of potential vulnerabilities such as SQL injection, cross-site scripting (XSS), CSRF, cryptography weaknesses, hardcoded passwords and many more.
- SonarLint for Visual Studio - SonarLint is a Visual Studio 2015 extension that provides on-the-fly feedback to developers on new bugs and quality issues injected into .NET code.
- VSDiagnostics - A collection of static analyzers based on Roslyn that integrate with VS.
- Wintellect.Analyzers - .NET Compiler Platform ("Roslyn") diagnostic analyzers and code fixes.
- crystal - The Crystal compiler has built-in linting functionality.
- credo - A static code analysis tool with a focus on code consistency and teaching.
- Dogma - A code style enforcer for Elixir
- sobelow - Security-focused static analysis for the Phoenix Framework
- elvis - Erlang Style Reviewer
- dingo-hunter - Static analyser for finding deadlocks in Go
- flen - Get info on length of functions in a Go package
- Go Meta Linter - Concurrently run Go lint tools and normalise their output
- go vet - Examines Go source code and reports suspicious constructs
- go-staticcheck - go vet on steroids, similar to ReSharper for C#
- go/ast - Package ast declares the types used to represent syntax trees for Go packages.
- gocyclo - Calculate cyclomatic complexities of functions in Go source code
- golint - Prints out coding style mistakes in Go source code.
- goreporter - concurrently runs many linters and normalises their output to a report
- goroutine-inspect - An interactive tool to analyze Golang goroutine dump.
- ineffassign - Detect ineffectual assignments in Go code
- safesql - Static analysis tool for Golang that protects against SQL injections
- CodeNarc - a static analysis tool for Groovy source code, enabling monitoring and enforcement of many coding standards and best practices
- HLint - HLint is a tool for suggesting possible improvements to Haskell code.
- Haxe Checkstyle - A static analysis tool to help developers write Haxe code that adheres to a coding standard.
- Checker Framework - Pluggable type-checking for Java http://checkerframework.org/
- checkstyle - checking Java source code for adherence to a Code Standard or set of validation rules (best practices)
- ckjm - calculates Chidamber and Kemerer object-oriented metrics by processing the bytecode of compiled Java files
- Error-prone - Catch common Java mistakes as compile-time errors
- fb-contrib - A plugin for FindBugs with additional bug detectors
- Find Security Bugs - IDE/SonarQube plugin for security audits of Java web applications.
- Findbugs - FindBugs is a program to find bugs in Java programs. It looks for patterns are likely to be errors.
- HuntBugs - Bytecode static analyzer tool based on Procyon Compiler Tools aimed to supersede FindBugs.
- NullAway - Type-based null-pointer checker with low build-time overhead; an Error Prone plugin
- Spoon - Library to write your own static analyses and architectural rule checkers for Java. Can be integrated in Maven and Gradle.
- SpotBugs - SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
- OWASP Dependency Check - Checks dependencies for known, publicly disclosed, vulnerabilities.
- Hopper - A static analysis tool written in scala for languages that run on JVM
- aether - Lint, analyze, normalize, transform, sandbox, run, step through, and visualize user JavaScript, in node or the browser.
- ClosureLinter - ensures that all of your project's JavaScript code follows the guidelines in the Google JavaScript Style Guide. It can also automatically fix many common errors
- coffeelint - A style checker that helps keep CoffeeScript code clean and consistent.
- complexity-report - Software complexity analysis for JavaScript projects
- escomplex - Software complexity analysis of JavaScript-family abstract syntax trees.
- eslint - A fully pluggable tool for identifying and reporting on patterns in JavaScript
- Esprima - ECMAScript parsing infrastructure for multipurpose analysis
- flow - A static type checker for JavaScript.
- jshint - detect errors and potential problems in JavaScript code and enforce your team's coding conventions
- JSLint ©️ - The JavaScript Code Quality Tool
- plato - Visualize JavaScript source complexity
- Prettier - An opinionated code formatter.
- quality - zero configuration code and module linting
- standard - An npm module that checks for Javascript Styleguide issues
- XO - Enforce strict code style. Never discuss code style on a pull request again!
- yardstick - Javascript code metrics
- detekt - Static code analysis for Kotlin code.
- ktlint - An anti-bikeshedding Kotlin linter with built-in formatter
- luacheck - A tool for linting and static analysis of Lua code.
- mlint ©️ - Check MATLAB code files for possible problems.
- Perl::Critic - Critique Perl source code for best-practices.
- dephpend - Dependency analysis tool
- deptrac - Enforce rules for dependencies between software layers.
- DesignPatternDetector - detection of design patterns in PHP code
- EasyCodingStandard - combine PHP_CodeSniffer and PHP-CS-Fixer
- exakat - An automated code reviewing engine for PHP
- GrumPHP - checks code on every commit
- Mondrian - a set of static analysis and refactoring tools which use graph theory
- Parse - A Static Security Scanner
- phan - a modern static analyzer from etsy
- Php Inspections (EA Extended) - A Static Code Analyzer for PHP.
- PHP Refactoring Browser - Refactoring helper
- PHP-Parser - A PHP parser written in PHP
- PHP-Token-Reflection - Library emulating the PHP internal reflection
- php7cc - PHP 7 Compatibility Checker
- php7mar - assist developers in porting their code quickly to PHP 7
- PHP_CodeSniffer - detects violations of a defined set of coding standards
- phpcpd - Copy/Paste Detector (CPD) for PHP code.
- phpdcd - Dead Code Detector (DCD) for PHP code.
- PhpDependencyAnalysis - builds a dependency graph for a project
- phpdoc-to-typehint - Add scalar type hints and return types to existing PHP projects using PHPDoc annotations
- PHPMD - finds possible bugs in your code
- PhpMetrics - calculates code complexity metrics
- PHPQA - A tool for running QA tools (phploc, phpcpd, phpcs, pdepend, phpmd, phpmetrics)
- phpqa - PHPQA all-in-one Analyzer CLI tool
- phpsa - Static analysis tool for PHP.
- PHPStan - PHP Static Analysis Tool - discover bugs in your code without running it!
- Progpilot - A static analysis tool for security purposes
- Psalm - Static analysis tool for finding errors in PHP applications
- RIPS - A static source code analyser for vulnerabilities in PHP scripts
- Tuli - A static analysis engine
- twig-lint - twig-lint is a lint tool for your twig files.
- WAP - Tool to detect and correct input validation vulnerabilities in PHP (4.0 or higher) web applications and predicts false positives. It combines source code static analysis and data mining to detect vulnerabilities and predict false positives.
- bandit - a tool to find common security issues in Python code
- jedi - autocompletion/static analysis library for Python
- linty fresh - parse lint errors and report them to Github as comments on a pull request
- mccabe - check McCabe complexity
- mypy - an experimental optional static type checker for Python that aims to combine the benefits of dynamic (or "duck") typing and static typing
- py-find-injection - find SQL injection vulnerabilities in Python code
- pycodestyle - (formerly
pep8
) check Python code against some of the style conventions in PEP 8 - pydocstyle - check compliance with Python docstring conventions
- pyflakes - check Python source files for errors
- pylint - looks for programming errors, helps enforcing a coding standard and sniffs for some code smells. It additionally includes
pyreverse
(an UML diagram generator) andsymilar
(a similarities checker). Optional extensions are also included. - pyroma - rate how well a Python project complies with the best practices of the Python packaging ecosystem, and list issues that could be improved
- PyT - Python Taint - A static analysis tool for detecting security vulnerabilities in Python web applications.
- vulture - find unused classes, functions and variables in Python code
- xenon - monitor code complexity using
radon
Wrappers:
- ciocheck - linter, formatter and test suite helper. As a linter, it is a wrapper around
pep8
,pydocstyle
,flake8
, andpylint
. - flake8 - a wrapper around
pyflakes
,pycodestyle
andmccabe
- prospector - a wrapper around
pylint
,pep8
,mccabe
and others
- lintr ©️ - Static Code Analysis for R
- brakeman - A static analysis security vulnerability scanner for Ruby on Rails applications
- cane - Code quality threshold checking as part of your build
- dawnscanner - a static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby on Rails frameworks.
- flay - Flay analyzes code for structural similarities.
- flog - Flog reports the most tortured code in an easy to read pain report. The higher the score, the more pain the code is in.
- laser - Static analysis and style linter for Ruby code.
- pelusa - Static analysis Lint-type tool to improve your OO Ruby code
- quality - Runs quality checks on your code using community tools, and makes sure your numbers don't get any worse over time.
- reek - Code smell detector for Ruby
- rubocop - A Ruby static code analyzer, based on the community Ruby style guide.
- Rubrowser - Ruby classes interactive dependency graph generator.
- ruby-lint - Static code analysis for Ruby
- rubycritic - A Ruby code quality reporter
- SandiMeter - Static analysis tool for checking Ruby code for Sandi Metz' rules.
- clippy - a code linter to catch common mistakes and improve your Rust code
- electrolysis - A tool for formally verifying Rust programs by transpiling them into definitions in the Lean theorem prover.
- herbie - Adds warnings or errors to your crate when using a numerically unstable floating point expression.
- linter-rust - Linting your Rust-files in Atom, using rustc and cargo
- rustfix - read and apply the suggestions made by rustc (and third-party lints, like those offered by clippy).
- Rust Language Server - Supports functionality such as 'goto definition', symbol search, reformatting, and code completion, and enables renaming and refactorings.
- linter - Linter is a Scala static analysis compiler plugin which adds compile-time checks for various possible bugs, inefficiencies, and style problems.
- Scalastyle - Scalastyle examines your Scala code and indicates potential problems with it.
- scapegoat - Scala compiler plugin for static code analysis
- WartRemover - a flexible Scala code linting tool.
- shellcheck - ShellCheck, a static analysis tool that gives warnings and suggestions for bash/sh shell scripts
- SwiftLint - A tool to enforce Swift style and conventions
- Tailor - A static analysis and lint tool for source code written in Apple's Swift programming language.
- Codelyzer - A set of tslint rules for static code analysis of Angular 2 TypeScript projects.
- TSLint - An extensible linter for the TypeScript language.
- tslint-microsoft-contrib - A set of tslint rules for static code analysis of TypeScript projects maintained by Microsoft.
- AppChecker ©️ - Static analysis for C/C++/C#, PHP and Java
- Application Inspector ©️ - Combined SAST, DAST, IAST security scanner for C#, PHP, Java, SQL languages
- APPscreener ©️ - Static code analysis for binary and source code - Java/Scala, PHP, Javascript, C#, PL/SQL, Python, T-SQL, C/C++, ObjectiveC/Swift, Visual Basic 6.0, Ruby, Delphi, ABAP, HTML5 and Solidity
- Axivion Bauhaus Suite ©️ - Tracks down error-prone code locations, style violations, cloned or dead code, cyclic dependencies and more for C/C++, C#/.NET, Java and Ada 83/Ada 95
- coala - Language independent framework for creating code analysis - supports over 60 languages by default
- codeburner - Provides a unified interface to sort and act on the issues it finds
- Coverity Save ©️ - Static analysis for C/C++, Java and C#
- DevSkim - Regex-based static analysis tool for Visual Studio, VS Code, and Sublime Text - C/C++, C#, PHP, ASP, Python, Ruby, Java, and others.
- graudit - Grep rough audit - source code auditing tool - C/C++, PHP, ASP, C#, Java, Perl, Python, Ruby
- Hound CI - Comments on style violations in GitHub pull requests. Supports Coffeescript, Go, HAML, JavaScript, Ruby, SCSS and Swift.
- imhotep - Comment on commits coming into your repository and check for syntactic errors and general lint warnings.
- Infer - A static analyzer for Java, C and Objective-C
- Klocwork ©️ - Quality and Security Static analysis for C/C++, Java and C#
- oclint - A static source code analysis tool to improve quality and reduce defects for C, C++ and Objective-C
- pfff - Facebook's tools for code analysis, visualizations, or style-preserving source transformation for many languages
- PMD - A source code analyzer for Java, Javascript, PLSQL, XML, XSL and others
- pre-commit - A framework for managing and maintaining multi-language pre-commit hooks.
- PVS-Studio ©️ - a (conditionaly free for FOSS) static analysis of C/C++ and C# code. For advertising purposes you can propose a large FOSS project for analysis by PVS employees.
- shipshape - Static program analysis platform that allows custom analyzers to plug in through a common interface
- SonarQube - SonarQube is an open platform to manage code quality.
- STOKE - a programming-language agnostic stochastic optimizer for the x86_64 instruction set. It uses random search to explore the extremely high-dimensional space of all possible program transformations
- Undebt - Language-independent tool for massive, automatic, programmable refactoring based on simple pattern definitions
- WALA - static analysis capabilities for Java bytecode and related languages and for JavaScript
- XCode ©️ - XCode provides a pretty decent UI for Clang's static code analyzer (C/C++, Obj-C)
- checkmake - Linter / Analyzer for Makefiles
- codechecker - a defect database and viewer extension for the Clang Static Analyzer
- BinSkim - A binary static analysis tool that provides security and correctness results for Windows portable executables.
- Manalyze - A static analyzer, which checks portable executables for malicious content.
- clair - Vulnerability Static Analysis for Containers
- collector - Run arbitrary scripts inside containers, and gather useful information
- dagda - Perform static analysis of known vulnerabilities in docker images/containers.
- Docker Label Inspector - Lint and validate Dockerfile labels
- Haskell Dockerfile Linter - A smarter Dockerfile linter that helps you build best practice Docker images
- gixy - a tool to analyze Nginx configuration. The main goal is to prevent misconfiguration and automate flaw detection.
- ansible-lint - Checks playbooks for practices and behaviour that could potentially be improved
- foodcritic - A lint tool that checks Chef cookbooks for common problems.
- Puppet Lint - Check that your Puppet manifests conform to the style guide.
- CSS Stats - Potentially interesting stats on stylesheets
- CSScomb - a coding style formatter for CSS. Supports own configurations to make style sheets beautiful and consistent
- CSSLint - Does basic syntax checking and finds problematic patterns or signs of inefficiency
- Parker - Stylesheet analysis tool
- sass-lint - A Node-only Sass linter for both sass and scss syntax.
- scsslint - Linter for SCSS files
- Specificity Graph - CSS Specificity Graph Generator
- Stylelint - Linter for SCSS/CSS files
- HTMLHint - A Static Code Analysis Tool for HTML
- HTML Inspector - HTML Inspector is a code quality tool to help you and your team write better markup.
- HTML Tidy - Corrects and cleans up HTML and XML documents by fixing markup errors and upgrading legacy code to modern standards.
- ale - Asynchronous Lint Engine for Vim and NeoVim with support for many languages
- Puma Scan - Puma Scan provides real time secure code analysis for common vulnerabilities (XSS, SQLi, CSRF, LDAPi, crypto, deserialization, etc.) as development teams write code in Visual Studio.
- vint - Fast and Highly Extensible Vim script Language Lint implemented by Python.
- ChkTeX - A linter for LaTex which catches some typographic errors LaTeX oversees.
- lacheck - A tool for finding common mistakes in LaTeX documents.
- portlint - A verifier for FreeBSD and DragonFlyBSD port directories
- mdl - A tool to check markdown files and flag style issues.
- FlowDroid - static taint analysis tool for Android applications
- paprika - A toolkit to detect some code smells in analyzed Android applications.
- qark - Tool to look for several security related Android application vulnerabilities
- android-lint-summary - Combines lint errors of multiple projects into one output, check lint results of multiple sub-projects at once.
- lintian - Static analysis tool for Debian packages
- rpmlint - Tool for checking common errors in rpm packages
- ember-template-lint - Linter for Ember or Handlebars templates.
- haml-lint - Tool for writing clean and consistent HAML
- slim-lint - Configurable tool for analyzing Slim templates
- yamllint - Checks YAML files for syntax validity, key repetition and cosmetic problems such as lines length, trailing spaces, and indentation.
- dennis - A set of utilities for working with PO files to ease development and improve quality.
- misspell fixer - Quick tool for fixing common misspellings, typos in source code
- proselint - a linter for English prose with a focus on writing style instead of grammar.
- vale - A customizable, syntax-aware linter for prose.
- Bithound ©️ - Code Analysis beyond Lint, specifically for Node.js.
- Codacy ©️ - Code Analysis to ship Better Code, Faster.
- Code Climate ©️ - The open and extensible static analysis platform, for everyone.
- ConQAT - a toolkit for rapid development and execution of software quality analyses.
- Functor Prevent ©️ - Static code analysis for C code.
- kiuwan ©️ - Software Analytics in the Cloud supporting more than 22 programming languages.
- Landscape ©️ - Static code analysis for Python
- Nitpick CI ©️ - Automated PHP code review
- Node Security Platform ©️ - Continuous Security monitoring for your node apps (free for Open Source Projects)
- QuantifiedCode ©️ - Automated code review & repair
- Scrutinizer ©️ - A proprietery code quality checker that can be integrated with GitHub
- SensioLabs Insight ©️ - Detect security risks, find bugs and provide actionable metrics for PHP projects
- SideCI ©️ - An automated code reviewing tool. Improving developers' productivity.
- Snyk ©️ - Vulnerability scanner for dependencies of node.js apps (free for Open Source Projects)
- Teamscale ©️ - analyze, monitor, and improve the quality of your code.
- Upsource ©️ - Code review tool with static code analysis and code-aware navigation for Java, PHP, JavaScript and Kotlin.
- go-tools - A collection of tools and libraries for working with Go code, including linters and static analysis
- linters - An introduction to static code analysis
- php-static-analysis-tools - A reviewed list of useful PHP static analysis tools
- Tools for C/C++ - A list of static analysis tools for C/C++
- Wikipedia - A list of tools for static code analysis.
To the extent possible under law, Matthias Endler has waived all copyright and related or neighboring rights to this work. Title image Designed by Freepik.