Python static-analyzer

Open-source Python projects categorized as static-analyzer
Edit details
Static Analysis Clang Docker Database Chemistry
InfluxDB – Built for High-Performance Time Series Workloads
InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.
www.influxdata.com
featured

Top 6 Python static-analyzer Projects

static-analyzer

  1. codechecker

    CodeChecker is an analyzer tooling, defect database and viewer extension for static and dynamic analyzer tools.

    Project mention: PVS\-Studio 7\.34: support for Apple Silicon ARM64, \.NET 9, taint analysis in Java analyzer, and more | dev.to | 2024-12-18

    Starting with the CodeChecker 6.25.0 release, users can upload PVS-Studio reports directly into the web interface for a streamlined review of code analysis results. For more details on this integration, please consult the documentation.

  2. InfluxDB

    InfluxDB – Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.

    InfluxDB logo

  3. scan-build

    Clang's scan-build re-implementation in python

  4. opem

    OPEM (Open Source PEM Fuel Cell Simulation Tool)

  5. miss_hit

    MATLAB Independent, Small & Safe, High Integrity Tools - code formatter and more

  6. dockerfile-security

    Static security checker for Dockerfiles

  7. autogrep

    Autogrep automates Semgrep rule generation and filtering by using LLMs to analyze vulnerability patches, enabling automatic creation of high-quality security rules without manual curation.

    Project mention: Show HN: Globstar – Open-source static analysis toolkit | news.ycombinator.com | 2025-02-28

    That's a really interesting breakdown of the DSL vs. S-expression approach. I can see your point about the potential fragility of relying directly on tree-sitter outputs, especially with grammar drift. It took me a while to wrap my head around the S-expression syntax when I first started using tree-sitter, so I appreciate the comparison to a more human-readable DSL like Semgrep's.

    The other benefit of a DSL like Semgrep's is that LLMs have become very good at generating it. See https://github.com/lambdasec/autogrep on how to automatically generate Semgrep rules from existing CVEs.

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

Python static-analyzer discussion

Log in or Post with

Python static-analyzer related posts

  • Development shell with pros-cli available

    6 projects | /r/NixOS | 6 Mar 2022

  • Dockerfile-sec is a simple but powerful rules-based security checker for Dockerfiles

    1 project | /r/netsec | 8 Jun 2021

  • Static analyzers for GNU Octave

    1 project | /r/learnprogramming | 11 Mar 2021

  • CLion users: Is CLion a good choice for development in an old project that can only be built with a complicated mess of makefiles?

    2 projects | /r/cpp | 9 Feb 2021

Index

What are some of the best open-source static-analyzer projects in Python? This list will help you:

# Project Stars
1 codechecker 2,389
2 scan-build 372
3 opem 216
4 miss_hit 183
5 dockerfile-security 93
6 autogrep 27

Sponsored
InfluxDB – Built for High-Performance Time Series Workloads
InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.
www.influxdata.com
Loading...