#programming languages

Linter for ABAP, written in TypeScript.

Enhances the SAP Code Inspector with new and customizable checks.

copyright: — Static analysis and formal verification toolset for Ada.

copyright: — Astrée automatically proves the absence of runtime errors and invalid con­current behavior in C/C++ applications. It is sound for floating-point computations, very fast, and exceptionally precise. The analyzer also checks for MISRA/CERT/CWE/Adaptive Autosar coding rules and supports qualification for ISO 26262, DO-178C level A, and other safety standards. Jenkins and Eclipse plugins are available.

Bounded model-checker for C programs, user-defined assertions, standard assertions, several coverage metric analyses.

A tool for configurable software verification of C programs. The name CPAchecker was chosen to reflect that the tool is based on the CPA concepts and is used for checking software programs.

Complexity and quality metrics for C and C preprocessor code.

A sound and extensible static analyzer for C code.

A static analyzer for the analysis of multi-threaded C programs. Its primary focus is the detection of data races, but it also reports other runtime errors, such as buffer overflows and null-pointer dereferences.

copyright: — Enterprise-grade static analysis for embedded software. Supports MISRA, CERT, and AUTOSAR coding standards.

A dynamic symbolic execution engine built on top of the LLVM compiler infrastructure. It can auto-generate test cases for programs such that the test cases exercise as much of the program as possible.

copyright: — A tool suite including static analysis (TBVISION) to various standards including MISRA C & C++, JSF++ AV, CWE, CERT C, CERT C++ & Custom Rules.

copyright: — Static analysis for C/C++. Runs natively under Windows/Linux/MacOS. Analyzes code for virtually any platform, supporting C11/C18 and C++17.

A LLVM-based static analysis framework which comes with a taint and type state analysis.

Annotation-assisted static program checker.

A static tool that enables scalable and precise interprocedural dependence analysis for C and C++ programs.

copyright: — Exhaustive detection of coding errors and their associated security vulnerabilities. This encompasses a sound undefined behavior detection (buffer overflows, out-of-bounds array accesses, null-pointer dereferences, use-after-free, divide-by-zeros, uninitialized memory accesses, signed overflows, invalid pointer arithmetic, etc.), data flow and control flow verification as well as full functional verification of formal specifications. All versions of C up to C18 and C++ up

An analyzer library for C# and VB that uses Roslyn to produce refactorings, code analysis, and other niceties.

copyright: — Designite supports detection of various architecture, design, and implementation smells, computation of various code quality metrics, and trend analysis.

Gendarme inspects programs and libraries that contain code in ECMA CIL format (Mono and .NET).