Open Source Windows Static Code Analysis Tools - Page 3

A RuboCop extension focused on enforcing Rails best practices and coding conventions. It’s based on the community-driven Rails style guide. You need to tell RuboCop to load the Rails extension. Now you can run rubocop and it will automatically load the RuboCop Rails cops together with the standard cops. If you are using Rails 6.1 or newer, add the following config.generators.after_generate setting to your config/application.rb to apply RuboCop autocorrection to code generated by bin/rails g. It uses rubocop -A to apply Style/FrozenStringLiteralComment and other unsafe autocorretion cops. rubocop -A is unsafe autocorrection, but code generated by default is simple and less likely to be incompatible with rubocop -A. If you have problems you can replace it with rubocop -a instead.

The SQOPS project makes it possible to analyze and optimize ETL processes. in particular the Talend ETL.

Detects various security vulnerability patterns. SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), XML eXternal Entity Injection (XXE), etc. Inter-procedural taint analysis for input data. Continuous Integration (CI) support for GitHub and GitLab pipelines. Stand-alone runner or through MSBuild for custom integrations. Analyzes .NET and .NET Core projects in the background (IntelliSense) or during a build. Works with Visual Studio 2019 or higher. Visual Studio Community, Professional and Enterprise editions are supported. Other editors that support Roslyn-based analyzers like Rider or OmniSharp should work too. Security Code Scan (SCS) is not a Linter. It is a real static analysis tool that does extensive computations. Thus installing it as a Visual Studio extension or NuGet package will slow down your Visual Studio IDE.

Rapid prototyping for your analysis problems with logic; enabling deep design-space explorations; designed for large-scale static analysis; e.g., points-to analysis for Java, taint-analysis, and security checks. Futamura projections/partial evaluation for effective translation to parallel C++; optimized staged compilation; specialized data-structures for logical relations. Efficient translation to parallel C++ of Datalog programs (CAV'16, CC'16) Efficient interpretation using de-specialization techniques (PLDI'21) Specialized data structure for relations (PACT'19, PPoPP'19, PMAM'19) with optimal index selection (VLDB'18) Extended semantics of Datalog, e.g., permitting unbounded recursions with numbers and terms. Simple component model for Datalog specifications. Recursively defined record types/ADTs (aka. constructors) for tuples. User-defined functors. Strongly-typed types for safety. Subsumption, aggregation, Choice Construct (APLAS'21).

Tencent Cloud Code Analysis (TCA for short, used internally by the R&D code CodeDog ) is a cloud-native, distributed, high-performance comprehensive code analysis and tracking platform that integrates many analysis tools, including server, web and client The three components have integrated a number of self-developed tools, and also support the dynamic integration of analysis tools of various programming languages ​​in the industry. Obtain the Tencent Cloud code analysis platform by deploying TCA Server and Web, and complete the creation of related projects on the platform. After the project is created, you can deploy and configure the Tencent Cloud code analysis client to perform code analysis locally or as an online resident node. Before starting your first code analysis project, you need to deploy the Tencent Cloud Code Analysis client locally. After completing the project configuration on the client, you can start your first code analysis project and view your analysis results.

Highly customizable CASE-Tool for static code analysis based on software metrics with additional support for easy interpretation and Agile Development (evolutionary design).

The T. J. Watson Libraries for Analysis (WALA) provide static analysis capabilities for Java bytecode and related languages and for JavaScript. The system is licensed under the Eclipse Public License, which has been approved by the OSI (Open Source Initiative) as a fully certified open-source license. The initial WALA infrastructure was independently developed as part of the DOMO research project at the IBM T.J. Watson Research Center. In 2006, IBM donated the software to the community. The WALA publications department is populating this wiki with technical documentation on a demand-driven basis, driven by questions posted to the wala-wala mailing list and also Gitter.

Extensible Angular 5+ enterprise-grade project generator based on angular-cli with best practices from the community. Bootstrap, Angular Material or even Ionic are available, just pick one and start to code. Save time and maintenance effort by creating Progressive Web App and mobile app with the same code base. The app template is based on HTML5, TypeScript and Sass. Optimized build and bundling process with Webpack. Development server with backend proxy and live reload. Cross-browser CSS with autoprefixer and browsers list. Internationalization managed by ngx-translate. Asset revisioning for better cache management. Unit tests using Jasmine, Karma, and headless Chrome. End-to-end tests using Protractor. Static code analysis: TSLint, Codelyzer, Stylelint and HTMLHint. Local knowledgebase server using Hads. Progressive Web App (PWA) support.

phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code. It currently has core PHP rules as well as Drupal 7-specific rules. The tool also checks for CVE issues and security advisories related to the CMS/framework. This enables you to follow the versioning of components during static code analysis. The main reason for this project being an extension of PHP_CodeSniffer is to have easy integration into continuous integration systems. It also allows for finding security bugs that are not detected with some object-oriented analysis (such as PHPMD). phpcs-security-audit in its beginning was backed by Pheromone (later on named Floe Design + Technologies) and written by Jonathan Marcil. Requires PHP CodeSniffer version 3.1.0 or higher with PHP 5.4 or higher.

pkgdown is an R package (by the r-lib group) whose purpose is to generate static websites (HTML) for R packages, automatically converting a package’s help files, vignettes, README, NEWS, etc., into a documentation website. It helps package authors share their documentation online with minimal friction. It supports custom templates, themes, and configuration. pkgdown 2.0.0 includes an upgrade from Bootstrap 3 to Bootstrap 5, which is accompanied by a whole bunch of minor UI improvements. If you’ve heavily customised your site, there’s a small chance that this will break your site, so everyone needs to explicitly opt in to the upgrade.