PHP Static Analysis Tool - discover bugs in your code without running it!

PHPStan - PHP Static Analysis Tool PHPStan focuses on finding errors in your code without actually running it. It catches whole classes of bugs even before you write tests for the code. It moves PHP closer to compil

Related Repos



nikic PHP Parser This is a PHP 5.2 to PHP 7.4 parser written in PHP. Its purpose is to simplify static code analysis and manipulation. Documentation for version 4.x (stable; for running on PHP >= 7.0; for parsing PHP 5.2 to PHP
 
Popular
4.4k

vimeo Psalm is a static analysis tool for finding errors in PHP applications. v0.3.x supports checking PHP 5.4 - 7.1 code, and requires PHP 5.6+ to run. v0.2.x supports checking PHP 5.4 - 7.0 code and requires PHP 5.4+ to r
 

jakzal Static Analysis Tools for PHP Docker image providing static analysis tools for PHP. The list of available tools and the installer are actually managed in the jakzal/toolbox repository. Supported platforms and PHP ve
 
18

Roave Static analysis on top of mutation testing - prevents escaped mutants from being invalid according to static analysis
 
Featured
2.9k

MattPD C++ links A categorized list of C++ resources. Categories Analysis - program analysis Dynamic analysis - instrumentation, translation, sanitizers Static analysis - static analysis (static checkers and c
 

returntocorp Semgrep is a fast, open-source, static analysis tool that excels at expressing code standards — without complicated queries — and surfacing bugs early at editor, commit, and CI time. Precise rules look like the code you’re searching; no more traversing abstract syntax trees or wrestling with regexes.
 
CMS
17

cusiman7 Static Fire Static Fire is an engine for creating static websites, primarily blogs. Instead of a standard database Static Fire uses Git as its primary data store. Static Fire was built by @RobertCusimano and powers ShadedTriangle
 

scrutinizer-ci PHP Analyzer Please report bugs or feature requests via our website support system ? in bottom right or by emailing [email protected] Contributing Stubs PHP Analyzer uses stubs for built-in PHP classes and f
 

woj-ciech LeakLooker X - GUI Powered by Binary Edge Discover, browse and monitor database/source code leaks Write-up https://medium.com/@woj_ciech/leaklooker-gui-discover-browse-and-monitor-database-source-code-leaks-
 
Popular
4.1k

rrrene Credo Credo is a static code analysis tool for the Elixir language with a focus on teaching and code consistency. It can show you refactoring opportunities in your code, complex code fragments, warn you about common mistakes,
 
CMS
45

Anyon3 NinjaCMS ABOUT forbidden the access web for the following directory : cache/ php/Crypt/ php/File/ php/La/ php/Math/ php/Net/ php/System/ php/Library/ php/security/ EXTRA The directory extra/ contain the
 
Popular
5k

davidhalter Jedi - an awesome autocompletion/static analysis library for Python If you have specific questions, please add an issue or ask on stackoverflow with the label python-jedi. Jedi is a static analysis tool for Python that can b
 

Ubpa Feature the best C++ static reflection libliray in the whole world tiny, handy, elegant basic (non-static / static) member variable (non-static / static) member function
 

qax-os goreporter A Golang tool that does static analysis, unit testing, code review and generate code quality report. This is a tool that concurrently runs a whole bunch of those linters and normalizes their output to a report:
 

qax-os goreporter A Golang tool that does static analysis, unit testing, code review and generate code quality report. This is a tool that concurrently runs a whole bunch of those linters and normalizes their output to a report:
 

barbushin PHP Console server library PHP Console allows you to handle PHP errors & exceptions, dump variables, execute PHP code remotely and many other things using Google Chrome extension PHP Console and PhpConsole server libra
 

vincentcox StaCoAn StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications*. This tool will look for interesting lines in the code which can
 

chrisallenlane drek drek is a static-code-analysis tool that can be used to perform security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development a
 

alexkohler unimport unimport is a Go static analysis tool to find unnecessary import aliases. Installation go get -u github.com/alexkohler/unimport Usage Similar to other Go static anaylsis tools (such as golint, go
 

alexkohler prealloc prealloc is a Go static analysis tool to find slice declarations that could potentially be preallocated. Installation go get -u github.com/alexkohler/prealloc Usage Similar to other Go static ana
 

kalessil Php Inspections (EA Extended) This project is an OSS Static Code Analysis tool for PhpStorm (2016.2+) and Idea Ultimate. It covers: architecture related issues weak types control and possible code construct simpli