Top 16 Python static-code-analysis Projects

bandit

5 5,254 8.6 Python

Bandit is a tool designed to find common security issues in Python code.

Project mention: The 36 tools that SaaS can use to keep their product and data safe from criminal hackers (manual research) | /r/SaaS | 2023-05-22

Bandit (for Python, open-source and free)
Pylint

16 4,700 9.0 Python

It's not just a linter that annoys you!

Project mention: Options for configuration of python libraries - Stack Overflow | /r/learnpython | 2023-05-14

In my opinion, the best way to expose configuration options is to read and parse them from the project's pyproject.toml file. Here's how Pylint handles it.
InfluxDB

www.influxdata.com
sponsored

Access the most powerful time series database as a service. Ingest, store, & analyze all types of time series data in a fully-managed, purpose-built database. Keep data forever with low-cost storage and superior data compression.
pytype

6 4,232 9.6 Python

A static type analyzer for Python code

Project mention: Writing Python like it's Rust | news.ycombinator.com | 2023-05-21

What is the smart money doing for type checking in Python? I've used mypy which seems to work well but is incredibly slow (3-4s to update linting after I change code). I've tried pylance type checking in VS Code, which seems to work well + fast but is less clear and comprehensive than mypy. I've also seen projects like pytype [1] and pyre [2] used by Google/Meta, but people say those tools don't really make sense to use unless you're an engineer for those companies.
Am just curious if mypy is really the best option right now?
[1] https://github.com/google/pytype
Flake8

18 2,855 7.0 Python

flake8 is a python tool that glues together pycodestyle, pyflakes, mccabe, and third-party plugins to check the style and quality of some python code.

Project mention: Which is your favourite or go-to YouTube channel for being up-to-date on Python? | /r/Python | 2023-05-05

He made yesqa and pyupgrade (among others), and also works on flake8. His main job is for https://sentry.io/.
pyt

0 2,117 0.0 Python

A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
ipyflow

14 911 3.3 Python

A reactive Python kernel for Jupyter notebooks.

Project mention: Excel Labs, a Microsoft Garage Project | news.ycombinator.com | 2023-05-26
PEP 8 Speaks

0 583 0.0 Python

A GitHub :octocat: app to automatically review Python code style over Pull Requests
Sonar

www.sonarsource.com
sponsored

Write Clean Python Code. Always.. Sonar helps you commit clean code every time. With over 225 unique rules to find Python bugs, code smells & vulnerabilities, Sonar finds the issues while you focus on the work.
betterscan-ce

10 454 0.0 Python

Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners + OpenAI GPT with One Report (Code, IaC) - Betterscan Community Edition (CE)

Project mention: Cloud and Code Security - betterscan.io | /r/roastmystartup | 2023-03-12

More on the website: www.betterscan.io
tryceratops

0 394 3.6 Python

A linter to prevent exception handling antipatterns in Python (limited only for those who like dinosaurs).
pyan

1 258 0.0 Python

Static call graph generator. The official Python 3 version. Development repo.

Project mention: Looking for app that visualizes python program | /r/learnpython | 2022-10-19
klara

0 252 0.0 Python

Automatic test case generation for python and static analysis library
unimport

2 217 8.6 Python

:rocket: The ultimate linter and formatter for removing unused import statements in your code. (by hakancelikdev)

Project mention: Unused Import Linter: A Tool for Optimizing Your Code | news.ycombinator.com | 2023-01-17
wpbullet

0 210 0.0 Python

A static code analysis for WordPress (and PHP)
pfun

0 140 2.2 Python

Functional, composable, asynchronous, type-safe Python.
flake8-bandit

2 102 0.0 Python

Automated security testing using bandit and flake8.

Project mention: The Ruff python linter is insanely good | /r/Python | 2023-03-16

flake8-bandit uses bandit behind the scenes: https://github.com/tylerwince/flake8-bandit/blob/main/flake8_bandit.py ruff doesn't and implements the rules directly
gct

1 42 10.0 Python

Graphical Code Tracer (GCT): Visualize code at lightning speed

Project mention: QasimWani/gct: Graphical Code Tracer (GCT): Visualize code at lightning speed | news.ycombinator.com | 2023-01-16
SaaSHub

www.saashub.com
sponsored

SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2023-05-26.

Python static-code-analysis related posts

GitHub - ipyflow/ipyflow: A reactive Python kernel for Jupyter notebooks
1 project | /r/Python | 22 May 2023
IPython kernel alternatives
1 project | /r/datascience | 11 May 2023
IPyflow: Reactive Python Notebooks in Jupyter(Lab)
1 project | /r/patient_hackernews | 10 May 2023
IPyflow: Reactive Python Notebooks in Jupyter(Lab)
1 project | /r/hackernews | 10 May 2023
IPyflow: Reactive Python Notebooks in Jupyter(Lab)
1 project | /r/hypeurls | 10 May 2023
The Ruff python linter is insanely good
10 projects | /r/Python | 16 Mar 2023
Cloud and Code Security - betterscan.io
1 project | /r/roastmystartup | 12 Mar 2023
A note from our sponsor - #<SponsorshipServiceOld:0x00007f091a63b2d8>
www.saashub.com | 9 Jun 2023

SaaSHub helps you find the best software and product alternatives Learn more →

Index

What are some of the best open-source static-code-analysis projects in Python? This list will help you:

	Project	Stars
1	bandit	5,254
2	Pylint	4,700
3	pytype	4,232
4	Flake8	2,855
5	pyt	2,117
6	ipyflow	911
7	PEP 8 Speaks	583
8	betterscan-ce	454
9	tryceratops	394
10	pyan	258
11	klara	252
12	unimport	217
13	wpbullet	210
14	pfun	140
15	flake8-bandit	102
16	gct	42