Coverity Scan Alternatives
A simple tool for finding bugs in shell scripts.
- - Shellcheck is the most popular Web-based alternative to Coverity Scan.
- - Shellcheck is the most popular Open Source & free alternative to Coverity Scan.
SonarQube is an open source quality management platform, dedicated to continuously analyze and measure source code quality, from the portfolio to the method. Static code analysis is available in the "Community Edition" (free / open source) for:
- - SonarQube is the most popular Windows, Mac & Linux alternative to Coverity Scan.
Cppcheck is an static analysis tool for C/C++ code. Unlike C/C++ compilers and many other analysis tools it does not detect syntax errors in the code. Cppcheck primarily detects the types of bugs that the compilers normally do not detect.Suggest and vote on features
Axivion Suite includes static code analysis, architecture analysis and tools to identify technical debt to keep sw projects maintainable. It is compliant with coding guidelines e.g. MISRA, AUTOSAR etc. and can be integrated into your DevOps pipeline.
Suggest and vote on features
- - Axivion Suite is the most popular commercial alternative to Coverity Scan.
Axivion Suite Features
PVS-Studio is a static analyzer that detects errors in source code of C, C++ and C# applications. The PVS-Studio tool is intended for developers of contemporary applications and it integrates into the Visual Studio 2005/2008/2010/2012/2013 environment.
Flawfinder examines C/C++ source code and reports possible security weaknesses ("flaws'') sorted by risk level. It's very useful for quickly finding and removing at least some potential security problems before a program is widely released to the public.Suggest and vote on features
Splint is a tool for statically checking C programs for security vulnerabilities and coding mistakes. With minimal effort, Splint can be used as a better lint. If additional effort is invested adding annotations to programs, Splint can perform stronger checking than can be done...Discontinued
Last version 3.1.2 is from August 2007.
The Clang Static Analyzer is a source code analysis tool that finds bugs in C, C++, and Objective-C programs.
lgtm.com is a platform for code analytics. It's free to use for open source software; results for over 55k projects are readily available (add your own!), has automatic code review pull request integration (GitHub, Bitbucket, GitLab), and much more.
Facebook Infer is a static analysis tool - if you give Infer some Objective-C, Java, or C code, it produces a list of potential bugs.
EDoC++ is a C++ source analysis tool designed to identify problems associated with the use of exceptions in C++ code. Additionally EDoC++ can be used to generate detailed documentationSuggest and vote on features
Parasoft’s C/C++test is the fully-integrated software testing solution for embedded safety-critical industries. Its automated software testing capabilities are also made for today’s high-velocity Agile DevOps environments.Suggest and vote on features
Parasoft C/C++test Features