SaaSHub helps you find the best software and product alternatives Learn more →
Top 23 Java Static Analysis Projects
-
bytecode-viewer
A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
Checkstyle
Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.
-
NullAway
A tool to help eliminate NullPointerExceptions (NPEs) in your Java code with low build-time overhead
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
find-sec-bugs
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
-
Spoon
Spoon is a metaprogramming library to analyze and transform Java source code. :spoon: is made with :heart:, :beers: and :sparkles:. It parses source files to build a well-designed AST with powerful analysis and transformation API.
-
jspecify
An artifact of fully-specified annotations to power static-analysis checks, beginning with nullness analysis.
-
RefactorFirst
Identifies and prioritizes God Classes and Highly Coupled classes in Java codebases you should refactor first.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
2. SonarQube: https://github.com/SonarSource/sonarqube SonarQube enhances code quality and security. It performs automatic reviews to detect bugs, vulnerabilities, and code smells in your code.
Project mention: We Have Code Quality At Home: Open Source Java Code Quality Tools | dev.to | 2024-05-06PMD is a source code static analysis tool. It inspects your Java files for any issues, and has a configurable set of rules to look at.
Fortunately, Uber made tooling for languages with broken type systems
* https://github.com/uber/NullAway
* https://github.com/uber-go/nilaway
Project mention: We Have Code Quality At Home: Open Source Java Code Quality Tools | dev.to | 2024-05-06SpotBugs is an open source static anlysis tool. "SpotBugs uses static analysis to inspect Java bytecode for occurrences of bug patterns." This means that SpotBugs runs against the compiled source source code, rather than raw Java files. Because it analyses bytecode, it can catch some types of bugs that source code analysis would not catch.
Project mention: Release Radar · April 2024 Edition: Major updates from the open source community | dev.to | 2024-05-03The creators at Spoon claim that "🥄 is made with ❤️, 🍻 and ✨"! And why not?! Spoon is a metaprogramming library to analyze and transform Java source code by parsing source files to build a well-designed AST (Abstract Syntax Tree). The latest version supports Java 17 and the modelling of receiver parameters has been changed. Read all about the changes in the release notes.
(I actually held the same opinion as you until recently: https://github.com/kalessil/phpinspectionsea/issues/1718 tl;dr the performance impact is negligible)
There's also a fair amount of content to explore starting at jspecify.org.
Learn more at https://github.com/jimbethancourt/RefactorFirst
Java Static Analysis related posts
-
We Have Code Quality At Home: Open Source Java Code Quality Tools
-
Handling EI_EXPOSE_REP & EI_EXPOSE_REP2 👨🏻💻
-
PMD 7 Is Here
-
Java, null, and JSpecify [video link]
-
Amazon CodeGuru Reviewer: already time for retirement?
-
📢📢📢RefactorFirst 0.4.0 is released!!!📢📢📢
-
Design document on nullability and value types (Brian Goetz)
-
A note from our sponsor - SaaSHub
www.saashub.com | 29 May 2024
Index
What are some of the best open-source Static Analysis projects in Java? This list will help you:
Project | Stars | |
---|---|---|
1 | bytecode-viewer | 14,385 |
2 | SonarQube | 8,642 |
3 | Checkstyle | 8,158 |
4 | Error Prone | 6,739 |
5 | Recaf | 5,653 |
6 | PMD | 4,688 |
7 | NullAway | 3,535 |
8 | Spotbugs | 3,367 |
9 | soot | 2,814 |
10 | find-sec-bugs | 2,213 |
11 | Spoon | 1,680 |
12 | phpinspectionsea | 1,430 |
13 | pysonar2 | 1,376 |
14 | SonarJava | 1,093 |
15 | FlowDroid | 1,008 |
16 | jspecify | 428 |
17 | sonar-php | 376 |
18 | Modernizer | 366 |
19 | ck | 360 |
20 | RefactorFirst | 334 |
21 | warnings-ng-plugin | 328 |
22 | forbidden-apis | 315 |
23 | SkidSuite | 304 |
Sponsored