Free Static Code Analyzers
Static Source Code Analysis Utilities / Lint
Free Static Code Analyzers (Static Source Code Analysis Tools/Lint)
These static code analysis tools scan the source code of your program looking for potential bugs and suspicious constructs that can may be a bug waiting to happen. The term "lint" is sometimes used to refer to such tools because the earliest program (or, if not the earliest, then the most famous of the early tools) that performed such a function was called that.
The free programs below may validate code for different computer languages; that is, at the time this introduction was written, there are tools below to check C, C++, C#, Fortran, Go, Java, JavaScript, Python, PHP, Ruby, TypeScript, VB.NET, and so on. Read the description for each program to find out the specific language it supports.
Related Pages
- How to Make / Create a Website - distribute your program on the Internet
- Free Debuggers and Bug Trackers
- Free Debugging Source Code and Libraries
- Free Help Authoring Tools
- Free Text Search and Replace Utilities
- Free Source Code Version Control Software
Free Static Code Analyzers (Static Source Code Analysis Tools/Lint)
- Frama-C (C)
Frama-C is a source code analysis tool for C programs. It is an open source program that work on Linux, macOS and Windows (via Windows Subsystem for Linux, or WSL). You can use it to prove formal properties on your code, infer the absence of runtime errors, detect deadlocks in multithreaded C programs with mutexes (via an open source plugin), detect undefined behaviours, and lots more.
- SonarQube (C#, Java, JavaScript, Python, PHP, Ruby, TypeScript, VB.NET, etc)
SonarQube detects bugs, vulnerabilities, code smells (ie, a characteristic in the source code that may suggest a deeper problem) in code written in Java, JavaScript, C#, TypeScript, Kotlin, Ruby, Go, Scala, Flex, Python, PHP, HTML, CSS, XML and VB.NET. Note that it installs a web server on your machine that has to be accessed using your web browser. It is written in Java, and thus works on systems that have a Java virtual machine (eg, Windows, macOS, and Linux). The Community Edition is open source.
- cppcheck (C, C++)
Cppcheck analyzes C/C++ code to look for undefined behaviour and dangerous constructs. Among the many types of bugs/errors caught by the program are dead pointers, division by zero, integer overflow, invalid bit shift operands, invalid conversions, memory management issues (eg, leaks), null pointer dereferences, out of bounds checking, uninitialized variables, writing const data, invalid use of STL, exception safety, unused functions, checking of conditions (eg, mismatched assignments/conditions, useless conditions), buffer overruns, etc. Precompiled executables are available for Windows, although you can also compile it from source code (which you will need to do if you use other systems, like Linux).
- Phan (PHP)
Phan is a static code analyzer for PHP programs. It depends on PHP 7.1 and later, and can analyze the syntax of PHP 7.0 to 8.2 (and presumably later versions when those become available). Among other things, it can check type safety; backward compatibility between PHP 7 and 5; features that aren't supported in various PHP versions; valid return values; unused, dead and unreachable code; unused variables and parameters; redefinition of classes, functions and methods; make sure that methods, functions, classes, traits, interfaces, constants, variables are defined and accessible; sanity with array accesses; redundant, impossible, or pointless casts; sanity with class inheritance; and so on. It works on Windows, Mac OS X, Linux, and probably other Unix-based systems like the BSDs.
- Clang Static Analyzer (C, C++, Objective C)
The Clang Static Analyzer scans your C, C++ or Objective C source code looking for potential sources of bugs. Binaries are only provided for Mac OS X, but you can build the program from its sources if you use Windows, Linux or perhaps other Unix-like systems. It can be used as a standalone tool to analyze your code even if you aren't compiling with Clang.
- JSLint (JavaScript)
JSLint checks your JavaScript programs for style and structural constructs that may result in bugs. The program itself is written in JavaScript.
- Splint / LCLint (C)
Splint (formerly LCLint) is a rewrite of the famous Unix lint utility. It is a static source code analyser, that checks your C program source code for bugs and potential problems. This static source code analysis tool requires a certain amount of configuration before you can use it productively. There are versions for a number of operating systems, including Windows, Linux and other Unix systems.
- Ftncheck (Fortran)
ftncheck, a static source code analysis utility, checks your Fortran programs for semantic errors, leaks and potential bugs. For example, you can use ftncheck to scan your program for the use of uninitialized variables and undeclared variables. Source code and binaries for Windows, Mac OS X, Linux and Sun Solaris are available.
- Jlint: Java Program Checker (Java)
Like the lint utility which checks C programs, jlint is a static source code analysis tool that scrutinizes your Java source code for "bugs, inconsistencies and synchronization problems". The source code is available under the GNU General Public License. Precompiled binaries for Windows are available.
Related Pages
- Free Encryption / Cryptographic Libraries and Source Code
- Free Game Engines (Game Programming Libraries)
- Free GUI Builders, Application Builders and Rapid Application Development (RAD) Software
- Free Disassemblers, Decompilers, Binary / Hex Editors and Viewers
- Free Hard Disk Backup and Restore, Hard Disk Image and Cloning Utilities
- How to Move Your Website to SSL (ie, Convert from HTTP to HTTPS)
- Is it Possible to Create a Website Without Buying a Domain Name? The High Price of "Free"
- What's the Difference Between a Domain Name Registrar and a Web Host?
Newest Pages
- How to Convert Your Website from XHTML 1.0 to HTML5 the Quick and Easy Way
- How to Set the Height of a DIV Relative to a Browser Window (CSS)
- Free EPUB Readers (Ebook Viewing Software)
- How to Generate the Free Let's Encrypt SSL Certificate on Your Own (Windows) Computer
- How to Insert Meta Tags into a Web Page with BlueGriffon
- How to Play a Song (or Some Other Audio Clip) from a List on a Website
- Two Ways to View a Binary File on Windows Without Installing Anything
- How to Draw a Horizontal Line on a Web Page with Expression Web
- How to Create a Website Free of Charge
- Why Can't I Make Up Any Domain I Want? Is There a Way to Do Away with a Registrar Altogether?
How to Link to This Page
It will appear on your page as:
Free Static Code Analyzers (Static Source Code Analysis Tools/Lint)