⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality. - analysis-tools-...

Code scanning at ludicrous speed. Semgrep is a fast, open-source, static analysis tool that searches code, finds bugs, and enforces secure guardrails and coding standards. Semgrep …

Joern is a platform for analyzing source code, bytecode, and binary executables. It generates code property graphs (CPGs), a graph representation of code for cross-language code analysis.

Code inspection: Discover code quality defects, code specification problems, code security vulnerabilities, invalid codes, etc. At present, many self-developed and well-known open …

Static program analysis is the analysis of computer software that is performed without actually executing programs — Wikipedia This is a collection of static analysis tools and code quality …

Mar 24, 2023 · GitHub is where people build software. More than 150 million people use GitHub to discover, fork, and contribute to over 420 million projects.

A list of resources for source code analysis application using Machine Learning techniques (eg, Deep Learning, PCA, SVM, Bayesian, proabilistic models, reinformcement learning techniques …

A curated list of static analysis (SAST) tools for all programming languages, config files, build tools, and more. - d2s/awesome-static-analysis

"Large Language Models (LLMs) for Source Code Analysis: applications, models and datasets" [2025-03] [paper] "Challenges and Paths Towards AI for Software Engineering" [2025-03] [paper]

Software composition analysis (SCA) helps developers identify and manage security vulnerabilities in open source software, leading to more compliant, better quality code.