A curated list of static analysis (SAST) tools for all programming languages, config files, build tools, and more.
This repository lists static analysis tools for all programming languages, build tools, config files and more.
The official website, analysis-tools.dev is based on this repository and adds rankings, user comments, and additional resources like videos for each tool.
Static program analysis is the analysis of computer software that is performed without actually executing programs — Wikipedia
The most important thing I have done as a programmer in recent years is to aggressively pursue static code analysis. Even more valuable than the hundreds of serious bugs I have prevented with it is the change in mindset about the way I view software reliability and code quality. — John Carmack (Creator of Doom)
This project would not be possible without the generous support of our sponsors.
If you also want to support this project, head over to our Github sponsors page.
Pull requests are very welcome!
Also check out the sister project, awesome-dynamic-analysis.
Go Meta Linter: GolangCI-Lint is a linters aggregator.
pep8) Check Python code against some of the style conventions in PEP 8.
pyreverse(an UML diagram generator) and
symilar(a similarities checker).
golangci-lintfor new projects.
#includerelations of a given set of files.