Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →
Top 22 static-analyzer Open-Source Projects
-
-
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
-
PHP Mess Detector
PHPMD is a spin-off project of PHP Depend and aims to be a PHP equivalent of the well known Java tool PMD. PHPMD can be seen as an user friendly frontend application for the raw metrics stream measured by PHP Depend.
-
codechecker
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
-
-
-
-
-
-
njsscan
njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
-
-
-
nakedret
nakedret is a Go static analysis tool to find naked returns in functions greater than a specified function length.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
As part of the journey to PHP perfection, you should embrace Rector. It's a amazing, free, and open-source tool for migrations, code quality, type coverage, pushing PHPStan to the highest levels, and yes, it can even auto-fix your existing code! It seamlessly integrates into the CI process, making your development workflow smoother than ever.
Project mention: New EMBA firmware analyzer release - EMBA v1.2.3 - R.I.P. Binwalk | /r/netsec | 2023-05-11
PHPMD - PHP Mess Detector: PHPMD is a spin-off project of PHP Depend and aims to be a PHP equivalent of the well known Java tool PMD. PHPMD can be seen as an user friendly frontend application for the raw metrics stream measured by PHP Depend.
(I actually held the same opinion as you until recently: https://github.com/kalessil/phpinspectionsea/issues/1718 tl;dr the performance impact is negligible)
Project mention: Is breaking out from an infinite async iterator via cancellation considered a code smell? | /r/dotnet | 2023-06-09👍 I've reported an issue here, let's see how it goes. I think it will probably be turned down 🙂
There's tracing-mutex that builds a dag of your locks when you acquire them and panics (at runtime) if it could deadlock: https://github.com/bertptrs/tracing-mutex
parking_lot has a deadlock detection feature for when you deadlock that iirc tells you what deadlocked (so you're not trying to figure it out with a debugger and a lot of time) https://amanieu.github.io/parking_lot/parking_lot/deadlock/i...
I also just found out about https://github.com/BurtonQin/lockbud which seems to detect deadlocks and a few other issues statically? (seems to require compiling your crate with the same version of rust as lockbud uses, which from the docs is an old 1.63 nightly build?)
Project mention: Bpftime: Userspace eBPF runtime for fast Uprobe and Syscall hook and Plugins | news.ycombinator.com | 2023-11-14This project can use a standalone eBPF verifier in this project: https://github.com/vbpf/ebpf-verifier
It can also use kernel verifier to verify the programs, then “offload”the BPF byte code from kernel, and runs it in userspace.
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
static-analyzer related posts
- Bpftime: Userspace eBPF runtime for fast Uprobe and Syscall hook and Plugins
- Is breaking out from an infinite async iterator via cancellation considered a code smell?
- Top 6 PHP code quality tools 2023
- PHP in 2023 - stitcher.io
- Preventing possible deadlocks with RwLock
- Underestimated PHP
- Comparing strict and lazy
-
A note from our sponsor - InfluxDB
www.influxdata.com | 25 Apr 2024
Index
What are some of the best open-source static-analyzer projects? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | PHPStan | 12,536 |
| 2 | PHP Metrics | 2,435 |
| 3 | EMBA | 2,419 |
| 4 | PHP Mess Detector | 2,289 |
| 5 | codechecker | 2,094 |
| 6 | BinAbsInspector | 1,518 |
| 7 | phpinspectionsea | 1,427 |
| 8 | Tailor | 1,400 |
| 9 | SVF | 1,290 |
| 10 | SonarJava | 1,088 |
| 11 | cwe_checker | 1,049 |
| 12 | SonarJS | 993 |
| 13 | sonar-dotnet | 715 |
| 14 | stan | 559 |
| 15 | lockbud | 346 |
| 16 | njsscan | 343 |
| 17 | scan-build | 341 |
| 18 | ebpf-verifier | 340 |
| 19 | opem | 185 |
| 20 | miss_hit | 143 |
| 21 | nakedret | 124 |
| 22 | dockerfile-security | 93 |
Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com