infer VS Error Prone

Compare infer vs Error Prone and see what are their differences.

infer

A static analyzer for Java, C, C++, and Objective-C (by facebook)

Error Prone

Catch common Java mistakes as compile-time errors (by google)
Our great sponsors
  • SonarQube - Static code analysis for 29 languages.
  • InfluxDB - Access the most powerful time series database as a service
  • SaaSHub - Software Alternatives and Reviews
infer Error Prone
39 16
14,051 6,461
0.5% 0.7%
9.9 9.3
4 days ago 3 days ago
OCaml Java
MIT License Apache License 2.0
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

infer

Posts with mentions or reviews of infer. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-04-09.
  • Interesting ocaml mention in buck2 by fb
    5 projects | /r/ocaml | 9 Apr 2023
    Meta/Facebook are long time OCaml users, their logo is on the OCaml website. Their static analysis tool and its predecessor are both written in OCaml.
  • A plan for cybersecurity and grid safety
    6 projects | dev.to | 10 Feb 2023
    Efforts: Dependabot, CodeQL, Coverity, facebook's Infer tool, etc
  • A quick look at free C++ static analysis tools
    3 projects | /r/cpp | 4 Jan 2023
    I notice there isn't fbinfer. It's pretty cool, and is used for this library.
  • OCaml 5.0 Multicore is out
    19 projects | news.ycombinator.com | 16 Dec 2022
  • Beyond Functional Programming: The Verse Programming Language (Epic Games' new language with Simon Peyton Jones)
    5 projects | /r/programming | 12 Dec 2022
    TBH, there's a non-zero amount of non-"ivory tower" tools you may have used that are written in functional languages. Say, Pandoc or Shellcheck are written in Haskell; Infer and Flow are written in OCaml. RabbitMQ and Whatsapp are implemented in Erlang (FB Messenger was too, originally; they switched to the C++ servers later). Twitter backend is (or was, at least) written in Scala.
  • The State of Affine Types in C++?
    2 projects | /r/cpp | 22 Nov 2022
    - borrow-cpp which exploits some null dereference checks in the infer static analyzer to model some of borrow checking.
  • Prusti: Static Analyzer for Rust
    8 projects | news.ycombinator.com | 13 Oct 2022
  • Programming Breakthroughs We Need
    17 projects | news.ycombinator.com | 17 Aug 2022
    > Maybe you could write tests as queries that would test a whole set of possible programs, not only the current version of your program at the moment.

    I think that the future of programming is more sophisticated static analysis. Programmers will write statements like, "every code path that writes to the Payments database must have called validate_user()." Then, the tooling will confirm that rule with every commit.

    We kind of have this already (for example, Facebook's Infer tool [0]), but I think it will become much more important in the coming decade.

    0: https://github.com/facebook/infer

  • Formally Verifying Industry Cryptography
    2 projects | news.ycombinator.com | 14 Jul 2022
    Great question! Formal methods groups in industry are growing rapidly and popping up in surprising places. Amazon's group is probably the most famous, but I think pretty much every big tech company has something going on in the formal verification / static analysis space. There's also a lot going on in blockchain . It's definitely becoming harder to hire people with FM skills, so in that sense, I think it's a great space to get into.

    The downside is that the space is quite fragmented and a lot of tools have a high skill bar. If I was starting out, I'd probably focus on static analysis (eg. Infer or something similar - https://github.com/facebook/infer) because those tools tend to be easier to learn, and they have the potential to scale to really big systems. In contrast, Coq is a fine tool, but most people learn it by going to grad school which isn't useful short term career advice.

    There are lot of great interviews with practitioners on the Galois podcast, Building Better Systems - that might be a good place to start exploring: https://www.stitcher.com/show/building-better-systems

  • Hard Things in Computer Science
    2 projects | news.ycombinator.com | 28 Jun 2022
    > The only reliable way to have bug-free code is to prove it. It requires solid mathematical foundations and a programming language that allows formal proofs.

    I'm going to be the "actually" guy and say that, actually, you can formally verify some studff about programs written in traditional/mainstream languages, like C. Matter of fact, this is a pretty lively research area, with some tools like CBMC [0] and Infer [1] also getting significant adoption in the industry.

    [0]: https://github.com/diffblue/cbmc

    [1]: https://fbinfer.com/

Error Prone

Posts with mentions or reviews of Error Prone. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-05-27.

What are some alternatives?

When comparing infer and Error Prone you can also consider the following projects:

SonarQube - Continuous Inspection

Spotbugs - SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.

PMD - An extensible multilanguage static code analyzer.

FindBugs - The new home of the FindBugs project

Checkstyle - Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.

SonarJava - :coffee: SonarSource Static Analyzer for Java Code Quality and Security

Lombok - Very spicy additions to the Java programming language.