Apps with 'Static Code Analysis' feature

SonarQube is an open source quality management platform, dedicated to continuously analyze and measure source code quality, from the portfolio to the method. Static code analysis is available in the "Community Edition" (free / open source) for:

Codacy automates code reviews and monitors code quality on every commit and pull request reporting back the impact of every commit or pull request, issues concerning code style, best practices, security, and many others.

PVS-Studio is a static analyzer that detects errors in source code of C, C++ and C# applications. The PVS-Studio tool is intended for developers of contemporary applications and it integrates into the Visual Studio 2005/2008/2010/2012/2013 environment.

A simple tool for finding bugs in shell scripts.

EiffelStudio is a development environment for the Eiffel programming language developed and distributed by Eiffel Software.

A Python source code analyzer which looks for programming errors, it helps to enforce a coding standard and to sniff for some code.

CodeFactor.io automatically and continuously tracks code quality with every commit and pull request, helping software developers save time in code reviews and efficiently tackle technical debt. Code Analysis Engine checks complexity, duplication, churn, problems for code style...

PhpMetrics provides metrics about PHP project and classes, with beautiful and readable HTML report.

pep8 is a tool to check your Python code against some of the style conventions in PEP 8.

Find and fix bug risks, anti-patterns, performance issues, security flaws automatically during code reviews. In addition, DeepSource automatically fixes some of the most commonly occurring issues. It works for Python, Go, Ruby, and JavaScript.

JSHint is a community-driven tool that detects errors and potential problems in JavaScript code. Since JSHint is so flexible, you can easily adjust it in the environment you expect your code to execute. JSHint is open source and will always stay this way.

JSLint is a JavaScript program that looks for problems in JavaScript programs. It is a code quality tool.

The Closure Compiler is a tool for making JavaScript download and run faster. It is a true compiler for JavaScript. Instead of compiling from a source language to machine code, it compiles from JavaScript to better JavaScript.

Coverity Scan Static Analysis allows to find and fix defects in your Java, C/C++ or C# open source project for free.

Feram is a service which finds bugs in your merge requests and automatically generates patches for those bugs. Afterwards you can step through the patches and decide which ones you want to apply. Finally, the selected patches are committed to your merge request.