About | FAQ | Backlog
Open Source projects, categorized.
add filters by typing...
...or clicking
.net administration agile ant apache ast audit auditing boinc bug build-tools c c# c++ callgraphs cecil check checkstyle cil code code-quality coding community compiler conventions cycle debugger debugging development directory eclipse eclipse-plugin effects gendarme graph graphics graphing graphviz hierarchy il java jdepend lint linux listing maven maven2plugin measurement metrics mono msil multi-platform ocaml optimization parser php plugin preprocessor probing productivity programming qa quality quality-assurance rbac rdf safety security selinux semantic-web simian software-development source static static-analysis statistics tcb testing tools trust types type-system utilities visualisation visualization
[215 users on Ohloh]
FindBugs is a defect detection tool for Java that uses static analysis to look for more than 200 bug patterns, such as null pointer dereferences, infinite recursive loops, bad uses of the Java libraries and deadlocks. FindBugs can identify hundreds of serious defects in large applications (typically about 1 defect per 1000-2000 lines of non-commenting source statements). FindBugs is open source, and has been downloaded more than 230,000 times, and is used by many major companies and financial in...
[143 users on Ohloh]
PMD is a Java source code analyzer. It finds unused variables, empty catch blocks, unnecessary object creation, and more. It includes CPD, a tool to detect chunks of identical code.
[35 users on Ohloh]
Gendarme is a extensible rule-based tool to find problems in .NET applications and libraries. Gendarme inspects programs and libraries that contain code in ECMA CIL format (Mono and .NET) and looks for common problems with the code, problems that compiler do not typically check or have not historically checked.

Gendarme uses the Cecil library to introspect code.

[26 users on Ohloh]
This website. Not completely open source (yet!), but you can use an open source component (called 'Ohcount') to generate similar source code metrics on your own.
[21 users on Ohloh]
Tags: code-analysis parser c static analysis compiler preprocessor lint
Sparse, the semantic parser, provides a compiler frontend capable of parsing most of ANSI C as well as many GCC extensions, and a collection of sample compiler backends, including a static analyzer also called "sparse". Sparse provides a set of annotations designed to convey semantic information about types, such as what address space pointers point to, or what locks a function acquires or releases.
[5 users on Ohloh]
pycallgraph is a Python library that creates call graphs for Python programs.
[3 users on Ohloh]
phpCallGraph is a tool to generate static call graphs for PHP source code. Such a graph visualizes the call dependencies among methods or functions of an application. Arrows represent calls from one method to another method. Classes are drawn as rectangles containing the respective methods. The graphs can be leveraged to gain a better understanding of large PHP applications or even to debunk design flaws in them.

The core of the call graph generator forms an object-oriented PHP5 library, ...

Apache RAT (Release Audit Tool)
[3 users on Ohloh]
Release Audit Tool (RAT) is a tool to improve accuracy and efficiency when checking releases. It is heuristic in nature: making guesses about possible problems. It will produce false positives and cannot find every possible issue with a release. It's reports require interpretation.

RAT was developed in response to a need felt in the Apache Incubator to be able to review releases for the most common faults less labour intensively. It is therefore highly tuned to the Apache style of releases...

Data Hierarchy
[3 users on Ohloh]
Tags: eclipse-plugin hierarchy code plugin java eclipse static analysis code-analysis
The question I very often have is: which objects (recursively) are loaded in memory if a particular object is created?

If you know Call Hierarchy plugin, you will find the Data Hierarchy very similar. It searches selected Java classes for declared fields, and starting with the found "Data" it recursively looks for fields which are declared on found classes ("Hierarchy").

At the end you can see kind of "Data Hierarchy" tree.

The plugin can not detect reflection based data, da...

JDepend plugin for Eclipse
[2 users on Ohloh]
JDepend4Eclipse plugin for Eclipse is a wrapper for running JDepend from within Eclipse.

- What is JDepend? (from www.clarkware.com):

JDepend traverses Java class file directories and generates design quality metrics for each Java package. JDepend allows you to automatically measure the quality of a design in terms of its extensibility, reusability, and maintainability to manage package dependencies effectively.

Advanced JDepend documantation are available as online help i...

[2 users on Ohloh]
The Panopticode project provides a standardized format for describing the structure of software projects and integrates metrics from several tools into that format. Reporting options provide correlation, historic analysis, and visualization.
[2 users on Ohloh]
The XRadar is an open extensible code report tool currently supporting all Java based systems. The batch-processing framework produces HTML/SVG reports of the systems current state and the development over time - all presented in sexy tables and graphs. It gets results from several brilliant open source projects and a couple of in house grown projects and presents the results as massive unified html/svg reports. The architecture is based on java, xml and xsl. Presently it only supports Java, but...
[1 users on Ohloh]
Tags: code-analysis analysis php ast static programming
A framework for static analysis of PHP scripts, PHP source to source transformations, and ultimately compiling PHP scripts down to native machine code.
GNU cflow
[1 users on Ohloh]
Tags: lint static analysis c c++ code static-analysis code-analysis
GNU cflow analyzes a collection of C source files and prints a graph charting control flow within the program.
[1 users on Ohloh]
A security static analysis tool for C aiming to answer the question: "what does this program do?"
[0 users on Ohloh]
Jlint will check your Java code and find bugs, inconsistencies and synchronization problems by doing data flow analysis on the code and building the lock graph. Jlint is fast, easy to learn, and requires no changes in the class files to be checked
[0 users on Ohloh]
Tags: analysis testing code-analysis check boinc c++ static metrics tools code
Distribution of static checks of open source programs using BOINC.