infer - A static analyzer for Java, C, C++, and Objective-C open-sourced by Facebook

This page summarizes the projects mentioned and recommended in the original post on reddit.com/r/programming
#Static Analysis #static-code-analysis #Java #C #Tools

Our great sponsors
  • SonarQube - Static code analysis for 29 languages.
  • InfluxDB - Build time-series-based applications quickly and at scale.
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • infer

    A static analyzer for Java, C, C++, and Objective-C

  • pfff

    pfff is mainly an OCaml API to write static analysis, dynamic analysis, code visualizations, code navigations, or style-preserving source-to-source transformations such as refactorings on source code. (by returntocorp)

    I'm guessing this is a successor to pfff given that it's a static analysis tool written in OCaml at Facebook. I use and like semgrep already but more competition in this space is always good.

  • SonarQube

    Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.

  • semgrep

    Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

    I'm guessing this is a successor to pfff given that it's a static analysis tool written in OCaml at Facebook. I use and like semgrep already but more competition in this space is always good.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts