[Collection] C/C++/C#: Static analysis tools

Static program analysis is the analysis of computer software that is performed without actually executing programs (analysis performed on executing programs is known as dynamic analysis).[1] In most cases the analysis is performed on some version of the source code, and in the other cases, some form of the object code.

The term is usually applied to the analysis performed by an automated tool, with human analysis being called program understanding, program comprehension, or code reviewSoftware inspections and software walkthroughs are also used in the latter case. __Wiki

C/C ++

CMetrics CMetrics measures size and complexity for C files

Cqmetrics C Quality Metrics

Clang-tidy a clang-based C++ “linter” tool

Cppcheck a static analysis tool for C/C++ code

Flawfinder examines C/C++ source code and reports possible security weaknesses (“flaws”) sorted by risk level

Flint ++ A CPP Linter for better coding

Oclintstatic code analysis tool for improving quality and reducing defects by inspecting C, C++ and Objective-C code and looking for potential problems.

Splint a tool for statically checking C programs for security vulnerabilities and coding mistakes.

Tis-interpreter An interpreter for finding subtle bugs in programs written in standard C

Vera ++ a programmable tool for verification, analysis and transformation of C++ source code.


Code Analysis Rule Collection Contains a set of features, code fixes, and refactoring on the Microsoft .NET compiler platform “Roslyn”

Code-cracker an analysis library for C # and VB, and refactoring with Roslyn, code analysis

CSharpEssentials C# Essentials is a collection of Roslyn diagnostic analyzers, code fixes and refactorings that make it easy to work with C# 6 language features.

Designite Designite is a design quality assessment tool that measures a wide variety of code quality metrics and trend analysis

Gendarme Gendarme detects the items and libraries in the ECMA CIL format (Mono and .NET), looking for some common problems that may arise in the code (the compiler does not normally detect problems)

.NET Analyzers an organization that focuses on developing parsers (features, code fixes, refactoring), using .NET compilation platforms

SonarLint for Visual Studio SonarLint is an extension in Visual Studio 2015 that supports dynamic feedback of new bugs to developers and injection of quality issues into .NET code

Refactoring Essentials Visual Studio 2015 Extensions for C # and VB.NET refactoring, providing advice on code quality

ReSharper extended Visual Studio support for dynamic code detection C #, VB.NET, ASP.NET, JavaScript, TypeScript and other technologies

VSDiagnostics A static parser set based on Roslyn and integrated with VS

Wintellect.Analyzers Wintellect Written by .NET Compiler Platform (“Roslyn”) Feature Analyzer and Code Repair Tool