Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →
Top 23 Java Static Analysis Projects
-
bytecode-viewer
A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
Checkstyle
Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.
-
NullAway
A tool to help eliminate NullPointerExceptions (NPEs) in your Java code with low build-time overhead
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
find-sec-bugs
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
-
Spoon
Spoon is a metaprogramming library to analyze and transform Java source code. :spoon: is made with :heart:, :beers: and :sparkles:. It parses source files to build a well-designed AST with powerful analysis and transformation API.
-
jspecify
An artifact of fully-specified annotations to power static-analysis checks, beginning with nullness analysis.
-
RefactorFirst
Identifies and prioritizes God Classes and Highly Coupled classes in Java codebases you should refactor first.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Project mention: Experience Continuous Integration with Jenkins | Ansible | Artifactory | SonarQube | PHP | dev.to | 2024-02-24SonarQube (Scroll down to the Sonarqube section to see instructions on how to set up and configure SonarQube manually)
Project mention: Any library you would like to recommend to others as it helps you a lot? For me, mapstruct is one of them. Hopefully I would hear some other nice libraries I never try. | /r/java | 2023-05-27error-prone is good for some extra static analysis.
Spoon
(I actually held the same opinion as you until recently: https://github.com/kalessil/phpinspectionsea/issues/1718 tl;dr the performance impact is negligible)
There's also a fair amount of content to explore starting at jspecify.org.
Learn more at https://github.com/jimbethancourt/RefactorFirst
Java Static Analysis related posts
- PMD 7 Is Here
- Java, null, and JSpecify [video link]
- Amazon CodeGuru Reviewer: already time for retirement?
- 📢📢📢RefactorFirst 0.4.0 is released!!!📢📢📢
- Design document on nullability and value types (Brian Goetz)
- Code Review for Flows
- php inspections ea plugin
-
A note from our sponsor - InfluxDB
www.influxdata.com | 25 Apr 2024
Index
What are some of the best open-source Static Analysis projects in Java? This list will help you:
Project | Stars | |
---|---|---|
1 | bytecode-viewer | 14,338 |
2 | SonarQube | 8,543 |
3 | Checkstyle | 8,121 |
4 | Error Prone | 6,716 |
5 | Recaf | 5,543 |
6 | PMD | 4,663 |
7 | NullAway | 3,524 |
8 | Spotbugs | 3,331 |
9 | soot | 2,789 |
10 | find-sec-bugs | 2,201 |
11 | Spoon | 1,669 |
12 | phpinspectionsea | 1,427 |
13 | pysonar2 | 1,367 |
14 | SonarJava | 1,088 |
15 | FlowDroid | 997 |
16 | jspecify | 408 |
17 | sonar-php | 372 |
18 | Modernizer | 359 |
19 | ck | 355 |
20 | RefactorFirst | 331 |
21 | warnings-ng-plugin | 327 |
22 | forbidden-apis | 313 |
23 | SkidSuite | 293 |
Sponsored