Search Results for "static analysis tools for python"
Sort By:
Showing 29 open source projects for "static analysis tools for python"
View related business solutions-
Skillfully - The future of skills based hiringSkillfully transforms hiring through AI-powered skill simulations that show you how candidates actually perform before you hire them. Our platform helps companies cut through AI-generated resumes and rehearsed interviews by validating real capabilities in action. Through dynamic job specific simulations and skill-based assessments, companies like Bloomberg and McKinsey have cut screening time by 50% while dramatically improving hire quality.
-
Premier Construction SoftwareRated #1 Construction Accounting Software by Forbes Advisor in 2022 & 2023. Our modern SAAS solution is designed to meet the needs of General Contractors, Developers/Owners, Homebuilders & Specialty Contractors.
-
1
Static Analysis Tools for PHP
Docker image that provides static analysis tools for PHP
Docker image providing static analysis tools for PHP. The list of available tools and the installer is actually managed in the jakzal/toolbox repository. Docker image with quality analysis tools for PHP. To run the selected tool inside the container, you'll need to mount the project directory on the container with -v "$(pwd):/project". Some tools like to write to the /tmp directory (like PHPStan, or Behat in some cases), therefore it's often useful to share it between docker runs, i.e. with -v "$(pwd)/tmp-phpqa:/tmp". ... -
2
Tencent Cloud Code Analysis
Static code analysis
Tencent Cloud Code Analysis (TCA for short, used internally by the R&D code CodeDog ) is a cloud-native, distributed, high-performance comprehensive code analysis and tracking platform that integrates many analysis tools, including server, web and client The three components have integrated a number of self-developed tools, and also support the dynamic integration of analysis tools of various programming languages in the industry. Obtain the Tencent Cloud code analysis platform by... -
3
Pylint
It's not just a linter that annoys you!
Pylint is a static code analyzer for Python 2 or 3. The latest version supports Python 3.7.2 and above. Pylint analyses your code without actually running it. It checks for errors, enforces a coding standard, looks for code smells, and can make suggestions about how the code could be refactored. Projects that you might want to use alongside pylint include flake8 (faster and simpler checks with very few false positives), mypy, pyright or pyre (typing checks), bandit (security-oriented... -
4
reviewdog
Automated code review tool integrated with any code analysis tools
...We can use various linters and static code analysis tools to detect such problems in local machines, editors, CI services. However, here is the problem. Static analysis tools may report false-positive results. Reporting false-positive results itself is ok, but due to the false-positive results we cannot make build fail and it becomes difficult for us to find true positive results from messed up analysis results. -
Agentic AI SRE built for Engineering and DevOps teams.NeuBird AI's agentic AI SRE delivers autonomous incident resolution, helping team cut MTTR up to 90% and reclaim engineering hours lost to troubleshooting.
-
5
SonarQube
Continuous inspection
SonarQube empowers all developers to write cleaner and safer code. Thousands of automated Static Code Analysis rules, protecting your app on multiple fronts, and guiding your team. Catch tricky bugs to prevent undefined behavior from impacting end-users. Fix vulnerabilities that compromise your app, and learn AppSec along the way with Security Hotspots. Make sure your codebase is clean and maintainable, to increase developer velocity! -
6
pytype
A static type analyzer for Python code
pytype is a static type analyzer that checks and infers types for Python code without executing it, catching errors at “compile time” and generating actionable diagnostics. It grew alongside Python typing at Google and can understand both inline annotations and unannotated code via powerful inference. The tool consumes stub files (.pyi) for the standard library and third-party packages (from typeshed and its own built-ins), enabling accurate checks even in large, mixed-quality codebases.... -
7
Flow
A static type checker for JavaScript
Flow is a static type checker for JavaScript. It was designed to help improve code quality and developer productivity. It does this through several smart capabilities. First, it identifies problems as you code, so you no longer have to waste time guessing and checking again and again. Second, it understands your code and makes its knowledge available, allowing you to build other smart tools on top of it. Third, it helps you refactor safely so you can focus on the changes you want to make and... -
8
Pyright
Static type checker for Python
Pyright is a fast type checker meant for large Python source bases. It can run in a “watch” mode and performs fast incremental updates when files are modified. Pyright supports configuration files that provide granular control over settings. Different “execution environments” can be associated with subdirectories within a source base. Each environment can specify different module search paths, python language versions, and platform targets. Type inference for function return values, instance... -
9
eslint-plugin-jsx-a11y
Static AST checker for a11y rules on JSX elements
Static AST checker for accessibility rules on JSX elements. This plugin does a static evaluation of the JSX to spot accessibility issues in React apps. Because it only catches errors in static code, use it in combination with axe-core/react to test the accessibility of the rendered DOM. Consider these tools just as one step of a larger a11y testing process and always test your apps with assistive technology. If you installed ESLint globally (using the -g flag in npm, or the global prefix in... -
Outbound sales softwareAdversus is an outbound dialing solution that helps you streamline your call strategies, automate manual processes, and provide valuable insights to improve your outbound workflows and efficiency.
-
10
pmd
An extensible multilanguage static code analyzer
PMD is a source code analyzer. It finds common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and so forth. It supports Java, JavaScript, Salesforce.com Apex and Visualforce, PLSQL, Apache Velocity, XML, and XSL. Additionally, it includes CPD, the copy-paste-detector. CPD finds duplicated code in Java, C, C++, C#, Groovy, PHP, Ruby, Fortran, JavaScript, PLSQL, Apache Velocity, Scala, Objective C, Matlab, Python, Go, Swift and Salesforce.com Apex,... -
11
Application Inspector
A source code analyzer built for surfacing features of interest
...It uses hundreds of rules and regex patterns to surface interesting characteristics of source code to aid in determining what the software is or what it does from what file operations it uses, encryption, shell operations, cloud API's, frameworks and more and has received industry attention as a new and valuable contribution to OSS on ZDNet, SecurityWeek, CSOOnline, Linux.com/news, HelpNetSecurity, Twitter and more and was first featured on Microsoft.com. Application Inspector is different from traditional static analysis tools in that it doesn't attempt to identify "good" or "bad" patterns; it simply reports what it finds against a set of over 400 rule patterns for feature detection including features that impact security. -
12
todo_notifier
Todo Notifier simplifies the management of todo items in your project
Simplify Todo management with Todo Notifier - a versatile Python library that generates automated summaries and sends reminders via email, SNS, SES & more. Integrate easily with other project management tools. The package is available on PyPi: https://pypi.org/project/todonotifier/ For more information, please check out the GitHub repository: https://github.com/ashu-tosh-kumar/todo_notifier Detailed code documentation on GitHub Pages:... -
13
GIXY
Nginx configuration static analyzer
Gixy is a tool to analyze Nginx configuration. The main goal of Gixy is to prevent security misconfiguration and automate flaw detection. Currently supported Python versions are 2.7, 3.5, 3.6 and 3.7. Gixy is well tested only on GNU/Linux, other OSs may have some issues. You can find things that Gixy is learning to detect at Issues labeled with "new plugin". By default Gixy will try to analyze Nginx configuration placed in /etc/nginx/nginx.conf. Or something else, you can find all other gixy... -
14
nodejsscan
nodejsscan is a static security code scanner for Node.js applications
Static security code scanner (SAST) for Node.js applications powered by libsast and semgrep. nodejsscan is a static security code scanner for Node.js applications. -
15
JSHint
A tool that helps to detect errors and in your JavaScript code
...Any code base eventually becomes huge at some point, so simple mistakes, that would not show themselves when written, can become show stoppers and add extra hours of debugging. So, static code analysis tools come into play and help developers spot such problems. JSHint scans a program written in JavaScript and reports about commonly made mistakes and potential bugs. The potential problem could be a syntax error, a bug due to an implicit type conversion, a leaking variable, or something else entirely. -
16
Hydrogen
Run code interactively, inspect data, and plot
Hydrogen is an interactive coding environment that supports Python, R, JavaScript and other Jupyter kernels. Hydrogen was inspired by Bret Victor's ideas about the power of instantaneous feedback and the design of Light Table. Running code inline and in real-time is a more natural way to develop. By bringing the interactive style of Light Table to the rock-solid usability of Atom, Hydrogen makes it easy to write code the way you want to. You also may be interested in our latest project –... -
17
QtProjectTool
QtCreator plugin for some command line tools over a Qt (.pro) project.
qpt (Qt Project Tool) understands Qt C++ projects (.pro) and allows to pass this information to command line tools as "Code Counters" and "Static Analysis tools". It also can used inside QtCreator to act as a plugin for "Static Analysis tools" putting reported issues into QtCreator issues pane. -
18
Metrix++
Management of source code quality is possible.
The project has been moved to https://github.com/metrixplusplus/metrixplusplus ______________________ Metrix++ is an extendable tool to collect and analyse code metrics. - Multiple languages supported - Multiple metrics available - Configurable. Every metric has got 'turn-on' and other configuration options. There are no predefined thresholds for metrics or rules. You can choose and configure any limit you want. - High-performance. Processes thousands of files per minutes. -... -
19
OovAide
C++, Java IDE with auto class, sequence, zone, dependency, diagrams
The OovAide project used to be named oovcde. Searching the web will bring up more information about oovcde at this time. The OovAide project is a C++ or Java analysis IDE for Windows or Linux with an automated multi-tasking build system, cross compiler support, an analysis tool based on CLang that creates UML class, component, sequence as well as zone and portion diagrams from C++ or Java source, static analysis and test coverage. The diagrams allow navigation through the source code,... -
20
PhpDependencyAnalysis
Static code analysis to find violations in a dependency graph
PhpDependencyAnalysis is an extendable static code analysis for object-oriented PHP-Projects to generate dependency graphs from abstract datatypes (Classes, Interfaces and Traits) based on namespaces. Dependencies can be aggregated to build graphs for several levels, like Package-Level or Layer-Level. Each dependency can be verified to a defined architecture. -
21
oovcde
C++ analysis IDE with auto class, sequence, zone, dependency, diagrams
The Oovcde project has been renamed to OovAide. Downloades from either location work for now. The Oovcde project is a C++ IDE for Windows or Linux with an automated multi-tasking build system, cross compiler support, an analysis tool based on CLang that creates UML class, component, sequence as well as zone and portion diagrams from C++ source, static analysis and test coverage. The diagrams allow navigation through the source code, and can be edited manually and saved as .SVG files. It... -
22
Source Navigator NG is a source code analysis tool. With it, you can edit your source code, display relationships between classes and functions and members, and display call trees. You can navigate your source code and easily get to declarations or implementations of functions, variables and macros (commonly called "symbols") which helps you discovering and mapping unknown source code for enhancement or maintenance tasks.
-
23
TODOs
Search TODO, FIXME and similar comments in project files.
TODOs is a small command-line utility to search TODO, FIXME and similar comments in project files. It is written in Python 3 and licensed under the terms of GNU GPL 3 license. Supported output formats are TXT, HTML and XML. -
24
DEEEP
Detector of Integer Vulnerabilities in Software Portability
DEEEP is a open source static analysis tool to detect, in C programs, integer vulnerabilities caused by the bad adaption of aplications from ILP32 to LP64. It uses the tools Lint and Splint, and runs over Open Solaris and Linux operating systems. This tool semantically analyses source code. More precisely, it does type checking, data-flow analysis, and it automatically correlates the results of these two types of analysis. -
25
KDD: Kernel Data Disambiguation Tool
KDD: Kernel Data Disambiguation Tool
...KDD is able to scale to the enormous size of kernel code, unlike many other points-to analysis tools.
