Java static-code-analysis

Open-source Java projects categorized as static-code-analysis | Edit details

Top 9 Java static-code-analysis Projects

  • GitHub repo Checkstyle

    Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.

    Project mention: How can I help my partner write better code? | reddit.com/r/learnprogramming | 2021-11-27

    I’m a little out of date with Java, but I believe Checkstyle is currently popular: https://github.com/checkstyle/checkstyle

  • GitHub repo PMD

    An extensible multilanguage static code analyzer.

    Project mention: Is it possible to measure spaghettiness of code? | reddit.com/r/AskProgramming | 2021-11-25

    This is the definition of cohesion and there are many great tools to calculate cohesion metrics (depending on the programming language e.g Java). Cohesion metrics belong to a bigger set of metrics called OOP metrics (or ck metrics). Check out the following links: https://github.com/mauricioaniche/ck https://github.com/cqfn/jpeek https://github.com/rodhilton/jasome https://github.com/pmd/pmd

  • Nanos

    Run Linux Software Faster and Safer than Linux with Unikernels.

  • GitHub repo NullAway

    A tool to help eliminate NullPointerExceptions (NPEs) in your Java code with low build-time overhead

    Project mention: What are some new or upcoming Java projects or advancements that excite you the most? | reddit.com/r/java | 2021-10-29

    Check out Uber’s NullAway. It’s way better than any IDE plugins. https://github.com/uber/NullAway

  • GitHub repo Spotbugs

    SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.

    Project mention: SpotBugs supports SARIF that supports integration with other SAST tools | dev.to | 2021-10-16

    First, it's better to use SpotBugs 4.4.1 and above, that includes a fix to make SARIF report compatible with Github code scanning API requirements.

  • GitHub repo phpinspectionsea

    A Static Code Analyzer for PHP (a PhpStorm/Idea Plugin)

    Project mention: What are those micro-optimizations that you can't forget? | reddit.com/r/PHP | 2021-09-01

    The PHP-EA Extended static analysis plugin for PHPStorm has a number of Performance rules which has some of the same items as this list, although they're not all in the performance category, the single quotes inspection is under code style.

  • GitHub repo SonarJava

    :coffee: SonarSource Static Analyzer for Java Code Quality and Security

  • GitHub repo warnings-ng-plugin

    Jenkins Warnings Plugin - Next Generation

    Project mention: Any good alternative for SonarQube which is free of cost? | reddit.com/r/jenkinsci | 2021-04-03
  • Scout APM

    Scout APM: A developer's best friend. Try free for 14-days. Scout APM uses tracing logic that ties bottlenecks to source code so you know the exact line of code causing performance issues and can get back to building a great product faster.

  • GitHub repo forbidden-apis

    Policeman's Forbidden API Checker

    Project mention: Retrofit Java | reddit.com/r/java | 2021-05-14

    Regarding the "deleting them if not necessary any or are deprecated or do not make sense anymore ", something you can use today is this nice maven plugin:forbidden-apis.

  • GitHub repo violation-comments-to-github-command-line

    Report static code analysis to GitHub

    Project mention: In GitHub Actions, is there a way to post compiler warnings as PR review comments? | reddit.com/r/csharp | 2021-09-08

    Just looked that up and it seems like there may be a command line tool available for this already! https://github.com/tomasbjerre/violation-comments-to-github-command-line

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2021-11-27.

Java static-code-analysis related posts

Index

What are some of the best open-source static-code-analysis projects in Java? This list will help you:

Project Stars
1 Checkstyle 6,457
2 PMD 3,630
3 NullAway 3,026
4 Spotbugs 2,548
5 phpinspectionsea 1,275
6 SonarJava 842
7 warnings-ng-plugin 276
8 forbidden-apis 241
9 violation-comments-to-github-command-line 2
Find remote jobs at our new job board 99remotejobs.com. There are 33 new remote jobs listed recently.
Are you hiring? Post a new remote job listing for free.
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com