Qodana Alternatives

Find and fix bug risks, anti-patterns, performance issues, security flaws automatically during code reviews. In addition, DeepSource automatically fixes some of the most commonly occurring issues. It works for Python, Go, Ruby, and JavaScript.

Landscape is an early warning system for the Python codebase. It integrates into GitHub, uses the Prospector code analysis tool for Python, and aggregates the analysis results nicely.

PhpMetrics provides metrics about PHP project and classes, with beautiful and readable HTML report.

Teamscale analyzes the quality of your code. Analyze your code with a variety of static and dynamic analyses to identify specific maintainability constraints and avoid unexpected maintenance costs in the future.

Code analysis tool, including breakdown of developer contributions, and a clear breakdown of different types of problems with trends over time.

We’re excited to introduce Opengrep, an open-source static code analysis engine built to ensure code security testing remains truly open and accessible to everyone. 🚀

Codegrip is an automated code review SaaS platform that helps developers to save time in code reviews and to tackle technical debt efficiently.

Exlint is a an open source project that enables developers to centralize their open source coding standards and policies, so that configuring repositories becomes as easy as typing one command.

Improve quality, reduce risk, and ship with confidence. GrammaTech's static analysis SAST tool as part of your secure SDLC identifies bugs that can result in system crashes, unexpected behavior, and security breaches.

Parasoft’s C/C++test is the fully-integrated software testing solution for embedded safety-critical industries. Its automated software testing capabilities are also made for today’s high-velocity Agile DevOps environments.

Promyze is a platform dedicated to best practices definition and sharing for software developers. Within a team or across teams, practices should be aligned and known by everyone. Otherwise, they face knowledge loss, time-wasting during code reviews, and bugs risks.

VCG is an automated code security review tool that handles C/C++, Java, C#, VB and PL/SQL. It has a few features that should hopefully make it useful to anyone conducting code security reviews, particularly where time is at a premium: