程序质量：代码静态检查

刚毕业的时候在搜狐畅游做白盒测试，最开始接触的是这一部分，那个时候做的是针对C/C++代码的，相比较而言要复杂一些，以及到后面我们不仅仅做简单的语法检查，还包括圈复杂度、代码规模、LLT、HLT等等。

什么是程序静态分析？

程序静态分析（Program Static Analysis）是指在不运行代码的方式下，通过词法分析、语法分析、控制流、数据流分析等技术对程序代码进行扫描，验证代码是否满足规范性、安全性、可靠性、可维护性等指标的一种代码分析技术。

下面是常见编程语言的静态检查工具，欢迎指导和交流！

Table of Contents

• Ada
• C/C++
• C#
• Containers
• Configuration Management
• CSS
• Elixir
• Erlang
• Go
• Groovy
• Haskell
• Haxe
• Html
• Java
• JavaScript
• Lua
• Makefile
• Packages
• Perl
• PHP
• Python
• R
• Ruby
• Rust
• Scala
• Shell
• SQL
• Swift
• TypeScript
• Meta
  • Build tools
  • Multiple languages
  • Other Collections
  • Web services

Ada

• Codepeer [PROPRIETARY] - detects run-time and logic errors

C/C++

• CMetrics [OSS] - Measures size and complexity for C files
• cqmetrics [OSS] - quality metrics for C code
• clang-tidy [OSS] - clang static analyser
• cppcheck [OSS] - static analysis of C/C++ code
• flawfinder [OSS] - finds possible security weaknesses
• flint++ [OSS] - cross-platform, zero-dependency port of flint, a lint program for C++ developed and used at Facebook.
• oclint [OSS] - static analysis of C/C++ code
• splint [OSS] - static analysis of C/C++ code
• tis-interpreter [OSS] - An interpreter for finding subtle bugs in programs written in standard C
• vera++ [OSS] - Vera++ is a programmable tool for verification, analysis and transformation of C++ source code.

C#

• Code Analysis Rule Collection [OSS] - Contains a set of diagnostics, code fixes and refactorings built on the Microsoft .NET Compiler Platform “Roslyn”.
• code-cracker [OSS] - An analyzer library for C# and VB that uses Roslyn to produce refactorings, code analysis, and other niceties.
• CSharpEssentials [OSS] - C# Essentials is a collection of Roslyn diagnostic analyzers, code fixes and refactorings that make it easy to work with C# 6 language features.
• Designite [PROPRIETARY] - Designite is a software design quality assessment tool. It supports detection of implementation and design smells, computation of various code quality metrics, and trend analysis.
• Gendarme [OSS] - Gendarme inspects programs and libraries that contain code in ECMA CIL format (Mono and .NET) and looks for common problems with the code, problems that compiler do not typically check or have not historically checked.
• .NET Analyzers [OSS] - An organization for the development of analyzers (diagnostics and code fixes) using the .NET Compiler Platform.
• Roslyn Security Guard [OSS] - Project that focus on the identification of potential vulnerabilities such as SQL injection, cross-site scripting (XSS), CSRF, cryptography weaknesses, hardcoded passwords and many more.
• SonarLint for Visual Studio [OSS] - SonarLint is a Visual Studio 2015 extension that provides on-the-fly feedback to developers on new bugs and quality issues injected into .NET code.
• Refactoring Essentials [OSS] - The premier free Visual Studio 2015 extension for C# and VB.NET refactorings, including code best practice analyzers to improve your projects.
• ReSharper [PROPRIETARY] - Extends Visual Studio with on-the-fly code inspections for C#, VB.NET, ASP.NET, JavaScript, TypeScript and other technologies.
• VSDiagnostics [OSS] - A collection of static analyzers based on Roslyn that integrate with VS.
• Wintellect.Analyzers [OSS] - .NET Compiler Platform (“Roslyn”) diagnostic analyzers and code fixes written by Wintellect.

Containers

• clair [OSS] - Vulnerability Static Analysis for Containers
• collector [OSS] - Run arbitrary scripts inside containers, and gather useful information
• Docker Label Inspector [OSS] - Lint and validate Dockerfile labels
• Haskell Dockerfile Linter [OSS] - A smarter Dockerfile linter that helps you build best practice Docker images

Configuration Management

Puppet Lint [OSS] - Check that your Puppet manifests conform to the style guide.

CSS

• CSScomb [OSS] - a coding style formatter for CSS. Supports own configurations to make style sheets beautiful and consistent
• CSSLint [OSS] - Does basic syntax checking and finds problematic patterns or signs of inefficiency
• CSS Stats [OSS] - Potentially interesting stats on stylesheets
• Parker [OSS] - Stylesheet analysis tool
• scsslint [OSS] - Linter for SCSS files
• Specificity Graph [OSS] - CSS Specificity Graph Generator
• Stylelint [OSS] - Linter for SCSS/CSS files

Elixir

• credo [OSS] - A static code analysis tool with a focus on code consistency and teaching.
• Dogma [OSS] - A code style enforcer for Elixir

Erlang

• elvis [OSS] - Erlang Style Reviewer

Go

• dingo-hunter [OSS] - Static analyser for finding deadlocks in Go
• flen [OSS] - Get info on length of functions in a Go package
• go/ast [OSS] - Package ast declares the types used to represent syntax trees for Go packages.
• gocyclo [OSS] - Calculate cyclomatic complexities of functions in Go source code
• golint [OSS] - Prints out coding style mistakes in Go source code.
• go-staticcheck [OSS] - go vet on steroids, similar to ReSharper for C#
• Go Meta Linter [OSS] - Concurrently run Go lint tools and normalise their output
• go vet [OSS] - Examines Go source code and reports suspicious constructs
• ineffassign [OSS] - Detect ineffectual assignments in Go code
• safesql [OSS] - Static analysis tool for Golang that protects against SQL injections

Groovy

• CodeNarc [OSS] - a static analysis tool for Groovy source code, enabling monitoring and enforcement of many coding standards and best practices

Haskell

• HLint [OSS] - HLint is a tool for suggesting possible improvements to Haskell code.

Haxe

• Haxe Checkstyle [OSS] - A static analysis tool to help developers write Haxe code that adheres to a coding standard.

HTML

• HTMLHint [OSS] - A Static Code Analysis Tool for HTML
• HTML Inspector [OSS] - HTML Inspector is a code quality tool to help you and your team write better markup.

Java

• Checker Framework [OSS] - Pluggable type-checking for Java http://checkerframework.org/
• checkstyle [OSS] - checking Java source code for adherence to a Code Standard or set of validation rules (best practices)
• ckjm [OSS] - calculates Chidamber and Kemerer object-oriented metrics by processing the bytecode of compiled Java files
• Error-prone [OSS] - Catch common Java mistakes as compile-time errors
• fb-contrib [OSS] - A plugin for FindBugs with additional bug detectors
• Findbugs [OSS] - FindBugs is a program to find bugs in Java programs. It looks for patterns are likely to be errors.
• Find Security Bugs [OSS] - IDE/SonarQube plugin for security audits of Java web applications.
• HuntBugs [OSS] - Bytecode static analyzer tool based on Procyon Compiler Tools aimed to supersede FindBugs.
• OWASP Dependency Check [OSS] - Checks dependencies for known, publicly disclosed, vulnerabilities.
• PMD [OSS] - A Java source code analyzer

JavaScript

• aether [OSS] - Lint, analyze, normalize, transform, sandbox, run, step through, and visualize user JavaScript, in node or the browser.
• ClosureLinter [OSS] - ensures that all of your project’s JavaScript code follows the guidelines in the Google JavaScript Style Guide. It can also automatically fix many common errors
• coffeelint [OSS] - A style checker that helps keep CoffeeScript code clean and consistent.
• complexity-report [OSS] - Software complexity analysis for JavaScript projects
• escomplex [OSS] - Software complexity analysis of JavaScript-family abstract syntax trees.
• eslint [OSS] - A fully pluggable tool for identifying and reporting on patterns in JavaScript
• Esprima [OSS] - ECMAScript parsing infrastructure for multipurpose analysis
• quality [OSS] - zero configuration code and module linting
• jshint [OSS] - detect errors and potential problems in JavaScript code and enforce your team’s coding conventions
• JSLint [PROPRIETARY] - The JavaScript Code Quality Tool
• plato [OSS] - Visualize JavaScript source complexity
• standard [OSS] - An npm module that checks for Javascript Styleguide issues
• yardstick [OSS] - Javascript code metrics
• XO [OSS] - Enforce strict code style. Never discuss code style on a pull request again!

Lua

• luacheck [OSS] - A tool for linting and static analysis of Lua code.

Makefile

• portlint [OSS] - A verifier for FreeBSD and DragonFlyBSD port directories

Packages

• lintian [OSS] - Static analysis tool for Debian packages

Perl

• Perl::Critic [OSS] - Critique Perl source code for best-practices.

PHP

• DesignPatternDetector [OSS] - detection of design patterns in PHP code
• dephpend [OSS] - Dependency analysis tool
• deptrac [OSS] - Enforce rules for dependencies between software layers.
• exakat [OSS] - An automated code reviewing engine for PHP
• GrumPHP [OSS] - checks code on every commit
• phan [OSS] - a modern static analyzer from etsy
• php7cc [OSS] - PHP 7 Compatibility Checker
• php7mar [OSS] - assist developers in porting their code quickly to PHP 7
• phpcpd [OSS] - Copy/Paste Detector (CPD) for PHP code.
• PHP_CodeSniffer [OSS] - detects violations of a defined set of coding standards
• phpdcd [OSS] - Dead Code Detector (DCD) for PHP code.
• PhpDependencyAnalysis [OSS] - builds a dependency graph for a project
• phpdoc-to-typehint [OSS] - Add scalar type hints and return types to existing PHP projects using PHPDoc annotations
• Php Inspections (EA Extended) [OSS] - A Static Code Analyzer for PHP.
• phpsa [OSS] - Static analysis tool for PHP.
• PHPMD [OSS] - finds possible bugs in your code
• PhpMetrics [OSS] - calculates code complexity metrics
• PHPQA [OSS] - A tool for running QA tools (phploc, phpcpd, phpcs, pdepend, phpmd, phpmetrics)
• PHP Refactoring Browser [OSS] - Refactoring helper
• PHP-Token-Reflection [OSS] - Library emulating the PHP internal reflection
• PHP-Parser [OSS] - A PHP parser written in PHP
• RIPS [OSS] - A static source code analyser for vulnerabilities in PHP scripts
• Tuli [OSS] - A static analysis engine
• twig-lint [OSS] - twig-lint is a lint tool for your twig files.

Python

• bandit [OSS] - a tool to find common security issues in Python code
• jedi [OSS] - autocompletion/static analysis library for Python
• linty fresh [OSS] - parse lint errors and report them to Github as comments on a pull request
• mccabe [OSS] - check McCabe complexity
• mypy [OSS] - an experimental optional static type checker for Python that aims to combine the benefits of dynamic (or “duck”) typing and static typing
• py-find-injection [OSS] - find SQL injection vulnerabilities in Python code
• pycodestyle [OSS] - (formerly pep8) check Python code against some of the style conventions in PEP 8
• pydocstyle [OSS] - check compliance with Python docstring conventions
• pyflakes [OSS] - check Python source files for errors
• pylint [OSS] - looks for programming errors, helps enforcing a coding standard and sniffs for some code smells. It additionally includes pyreverse (an UML diagram generator) and symilar (a similarities checker). Optional extensions are also included.
• pyroma [OSS] - rate how well a Python project complies with the best practices of the Python packaging ecosystem, and list issues that could be improved
• pytype [OSS] - a static type inferencer for Python code - commented out because it is very buggy and is not even installable from pypi )
• vulture [OSS] - find unused classes, functions and variables in Python code
• xenon [OSS] - monitor code complexity using radon

Wrappers:

• ciocheck [OSS] - linter, formatter and test suite helper. As a linter, it is a wrapper around pep8, pydocstyle, flake8, and pylint.
• flake8 [OSS] - a wrapper around pyflakes, pycodestyle and mccabe
• prospector [OSS] - a wrapper around pylint, pep8, mccabe and others

R

• lintr [PROPRIETARY] - Static Code Analysis for R

Ruby

• brakeman [OSS] - A static analysis security vulnerability scanner for Ruby on Rails applications
• cane [OSS] - Code quality threshold checking as part of your build
• dawnscanner [OSS] - a static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby on Rails frameworks.
• flay [OSS] - Flay analyzes code for structural similarities.
• flog [OSS] - Flog reports the most tortured code in an easy to read pain report. The higher the score, the more pain the code is in.
• laser [OSS] - Static analysis and style linter for Ruby code.
• Mondrian [OSS] - a set of static analysis and refactoring tools for more abstraction
• pelusa [OSS] - Static analysis Lint-type tool to improve your OO Ruby code
• quality [OSS] - Runs quality checks on your code using community tools, and makes sure your numbers don’t get any worse over time.
• reek [OSS] - Code smell detector for Ruby
• rubocop [OSS] - A Ruby static code analyzer, based on the community Ruby style guide.
• rubycritic [OSS] - A Ruby code quality reporter
• ruby-lint [OSS] - Static code analysis for Ruby
• SandyMeter [OSS] - Static analysis tool for checking Ruby code for Sandi Metz’ rules.

Rust

• clippy [OSS] - a code linter to catch common mistakes and improve your Rust code
• electrolysis [OSS] - A tool for formally verifying Rust programs by transpiling them into definitions in the Lean theorem prover.
• herbie [OSS] - Adds warnings or errors to your crate when using a numerically unstable floating point expression.
• linter-rust [OSS] - Linting your Rust-files in Atom, using rustc and cargo
• rustfix [OSS] - read and apply the suggestions made by rustc (and third-party lints, like those offered by clippy).

Scala

• linter [OSS] - Linter is a Scala static analysis compiler plugin which adds compile-time checks for various possible bugs, inefficiencies, and style problems.
• ScalaStyle [OSS] - Scalastyle examines your Scala code and indicates potential problems with it.
• scapegoat [OSS] - Scala compiler plugin for static code analysis
• WartRemover [OSS] - a flexible Scala code linting tool.

【引用】

静态检查工具