⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.
CodeChecker is an analyzer tooling, defect database and viewer extension for static and dynamic analyzer tools.
A community-driven list of awesome linters.
Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners with One Report (Code, IaC) - Betterscan
"chanzi" is a simple and user-friendly JAVA SAST tool that utilizes taint analysis technology, includes built-in common vulnerability rules, supports decompile, custom rule, and is compatible with the technology stacks of Servlet&filter, Spring,struts,Dubbo,Thrift, jax-rs,jax-ws,JFinal,Netty,MyBatis,and JSP.
Rust-based static analysis for TypeScript projects
📚 a modular easy to use Library for Static Analysis aiming at multi-language analysis
Universal test framework for cli tools [mainly for code analyzers and compilers]
Clang plugin with several static analysis checks
An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Static Application Security Testing (SAST) Tools.
TypeScript Static Analyzer
Here I list my papers made for fun and for University of Tartu coursework
A textadept module for static analyzers
Add a description, image, and links to the static-analyzers topic page so that developers can more easily learn about it.
To associate your repository with the static-analyzers topic, visit your repo's landing page and select "manage topics."