InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now. Learn more →
Top 21 Rust Static Analysis Projects
-
Project mention: Python MCP Remote Server — The Dawn of the Streamable HTTP Era ~ With a Minimalist Template Featuring uv / Docker / pytest ~ | dev.to | 2025-05-11
Ruff: A Rust-based, ultra-fast Python linter and formatter developed by Astral (official website). What's astounding is not just its speed, but its ability to cover most of the checks and formatting previously done by multiple tools like Flake8, isort, pydocstyle, pyupgrade, etc., with Ruff alone. This simplifies configuration files and significantly reduces tool management costs. Ruff hooks are defined in .pre-commit-config.yaml. When you try to commit, static code analysis (detecting potential bugs or deprecated practices) and formatting (unifying coding style) are automatically executed. If issues are found, the commit is aborted, prompting you to fix them. In many cases, Ruff can automatically fix the problems it finds.
-
InfluxDB
InfluxDB – Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.
-
static-analysis
⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.
-
The amazing ast-grep tool does not support vue and scss by default but can be configured to do so.
-
Project mention: Binsider – Analyze binaries without leaving the terminal | news.ycombinator.com | 2024-09-30
-
Project mention: So, you want to set up a Monaco editor with a language server | dev.to | 2024-10-19
Note on LSP servers Usually when using VSCode, you just select a language and install the corresponding language server extension from Marketplace, e.g. Pyright of Ruff for Python. Under the hood, most of these VSCode language server extensions utilize vscode-languageclient api. The API allows to launch LSP server in several ways, e.g. as a node module running in runtime provided by VSCode itself, or as a child process via runnable command. You can take a look at the Pylyzer Python LSP extension to see an example of usage of the API. Note that in order to use it, you need a runtime that has access to your files. There is a possibility to add VSCode server to your Monaco project and use it to launch language servers, however it adds additional complexity and dependency. In this guide I will avoid it. There are other ways to run Language Server, e.g. one can create a new language server or a wrapper for existing one with pygls, to run it as Python process providing websocket server. Here is a great guide with introduction to language servers and monaco language client. Other similar option but for Rust is tower-lsp.
-
It's great to see auto-formatting continuing to become universal across all languages. As LLMs write more code, full auto-formatting helps keep diffs clean.
For anyone looking to try dockerfmt, I just added a plugin to Qlty CLI, which is available in v0.508.0. The plugin took about ten minutes to add: https://github.com/qltysh/qlty/blob/main/qlty-plugins/plugin...
Full disclosure: I'm the founder of Qlty, which produces a universal code linter and formatter, Qlty CLI (https://github.com/qltysh/qlty). It is completely free and published under a Fair Source license.
-
Project mention: Zizmor: Static analysis tool for GitHub Actions | news.ycombinator.com | 2025-03-24
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
-
-
-
-
-
phanalist
Performant static analyzer for PHP, which is extremely easy to use. It helps you catch common mistakes in your PHP code.
This article is part of a series of articles in my journey of writing a static analysis tool for PHP that can scan massive projects in a couple of minutes/seconds. And look for rules that the developers want to have in their projects. At the time of writing this article, I'm working on a rule to stop people from using unserialize, and it should be ready for the next release. Follow the project so that you will get notified when I decided to write even more rules.
-
-
-
-
cpplumber
Static analysis tool based on clang, which detects source-to-binary information leaks in C and C++ projects
-
l3x
AI-driven Static Analyzer. Supports Rust and Smart contracts: Solana based on Rust, Ethereum based on Solidity.
-
treeedb
Generate Soufflé Datalog types, relations, and facts that represent ASTs from a variety of programming languages.
-
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
Rust Static Analysis discussion
Rust Static Analysis related posts
-
Zizmor: Static analysis tool for GitHub Actions
-
Zizmor – static analysis for GitHub Actions
-
Zizmor: Static Analysis for GitHub Actions
-
Writing Python code like Typescript
-
Phanalist: Easy to use, Performant static analyzer for PHP
-
Improve your CI output.
-
An IDE plugin for Rust that helps you focus on relevant code
-
A note from our sponsor - InfluxDB
www.influxdata.com | 15 May 2025
Index
What are some of the best open-source Static Analysis projects in Rust? This list will help you:
| # | Project | Stars |
|---|---|---|
| 1 | ruff | 38,922 |
| 2 | static-analysis | 13,796 |
| 3 | ast-grep | 8,636 |
| 4 | binsider | 3,211 |
| 5 | pylyzer | 2,831 |
| 6 | qlty | 2,635 |
| 7 | zizmor | 2,458 |
| 8 | flowistry | 1,988 |
| 9 | crabviz | 907 |
| 10 | crepe | 468 |
| 11 | shisho | 375 |
| 12 | debugoff | 316 |
| 13 | phanalist | 138 |
| 14 | fta | 120 |
| 15 | datadog-static-analyzer | 108 |
| 16 | enderpy | 83 |
| 17 | cpplumber | 82 |
| 18 | l3x | 81 |
| 19 | treeedb | 68 |
| 20 | progge.rs | 36 |
| 21 | arch_test | 12 |
Sponsored
InfluxDB – Built for High-Performance Time Series Workloads
InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.
www.influxdata.com