You are here: thefreecountry.com (main page) > Free Programming Tools and Utilities > Free Static Code Analyzers (Static Source Code Analysis Tools/Lint)

Free Static Code Analyzers (Static Source Code Analysis Tools/Lint)

These static code analysis tools scan the source code of your program looking for potential bugs and suspicious constructs that can may be a bug waiting to happen. The term "lint" is sometimes used to refer to such tools because the earliest program (or, if not the earliest, then the most famous of the early tools) that performed such a function was called that.

The free programs below may validate code for different computer languages; that is, at the time this introduction was written, there are tools below to check C, C++, C#, Fortran, Go, Java, JavaScript, Python, PHP, Ruby, TypeScript, VB.NET, and so on. Read the description for each program to find out the specific language it supports.

Related Pages

• How to Make / Create a Website - distribute your program on the Internet
• Free Debuggers and Bug Trackers
• Free Debugging Source Code and Libraries
• Free Help Authoring Tools
• Free Text Search and Replace Utilities
• Free Source Code Version Control Software

Free Static Code Analyzers (Static Source Code Analysis Tools/Lint)

SonarQube (C#, Java, JavaScript, Python, PHP, Ruby, TypeScript, VB.NET, etc)

SonarQube detects bugs, vulnerabilities, code smells (ie, a characteristic in the source code that may suggest a deeper problem) in code written in Java, JavaScript, C#, TypeScript, Kotlin, Ruby, Go, Scala, Flex, Python, PHP, HTML, CSS, XML and VB.NET. Note that it installs a web server on your machine that has to be accessed using your web browser. It is written in Java, and thus works on systems that have a Java virtual machine (eg, Windows, macOS, and Linux). The Community Edition is open source.

cppcheck (C, C++)

Cppcheck analyzes C/C++ code to look for undefined behaviour and dangerous constructs. Among the many types of bugs/errors caught by the program are dead pointers, division by zero, integer overflow, invalid bit shift operands, invalid conversions, memory management issues (eg, leaks), null pointer dereferences, out of bounds checking, uninitialized variables, writing const data, invalid use of STL, exception safety, unused functions, checking of conditions (eg, mismatched assignments/conditions, useless conditions), buffer overruns, etc. Precompiled executables are available for Windows, although you can also compile it from source code (which you will need to do if you use other systems, like Linux).

Phan (PHP)

Phan is a static code analyzer for PHP programs. It depends on PHP 7.1 and later, and can analyze the syntax of PHP 7.0 to 7.4 (and presumably later versions when those become available). Among other things, it can check type safety; backward compatibility between PHP 7 and 5; features that aren't supported in various PHP versions; valid return values; unused, dead and unreachable code; unused variables and parameters; redefinition of classes, functions and methods; make sure that methods, functions, classes, traits, interfaces, constants, variables are defined and accessible; sanity with array accesses; redundant, impossible, or pointless casts; sanity with class inheritance; and so on. It works on Windows, Mac OS X, Linux, and probably other Unix-based systems like the BSDs.

Clang Static Analyzer (C, C++, Objective C)

The Clang Static Analyzer scans your C, C++ or Objective C source code looking for potential sources of bugs. Binaries are only provided for Mac OS X, but you can build the program from its sources if you use Windows, Linux or perhaps other Unix-like systems. It can be used as a standalone tool to analyze your code even if you aren't compiling with Clang.

JSLint (JavaScript)

JSLint checks your JavaScript programs for style and structural constructs that may result in bugs. The program itself is written in JavaScript.

Splint / LCLint (C)

Splint (formerly LCLint) is a rewrite of the famous Unix lint utility. It is a static source code analyser, that checks your C program source code for bugs and potential problems. This static source code analysis tool requires a certain amount of configuration before you can use it productively. There are versions for a number of operating systems, including Windows, Linux and other Unix systems.

Ftncheck (Fortran)

ftncheck, a static source code analysis utility, checks your Fortran programs for semantic errors, leaks and potential bugs. For example, you can use ftncheck to scan your program for the use of uninitialized variables and undeclared variables. Source code and binaries for Windows, Mac OS X, Linux and Sun Solaris are available.

Jlint: Java Program Checker (Java)

Like the lint utility which checks C programs, jlint is a static source code analysis tool that scrutinizes your Java source code for "bugs, inconsistencies and synchronization problems". The source code is available under the GNU General Public License. Precompiled binaries for Windows are available.

Related Pages

• Free Encryption / Cryptographic Libraries and Source Code
• Free Game Engines (Game Programming Libraries)
• Free GUI Builders, Application Builders and Rapid Application Development (RAD) Software
• Free Disassemblers, Decompilers, Binary / Hex Editors and Viewers
• Free Hard Disk Backup and Restore, Hard Disk Image and Cloning Utilities
• How to Move Your Website to SSL (ie, Convert from HTTP to HTTPS)
• Is it Possible to Create a Website Without Buying a Domain Name? The High Price of "Free"
• What's the Difference Between a Domain Name Registrar and a Web Host?

Newest Pages

• How to Set the Height of a DIV Relative to a Browser Window (CSS)
• Free EPUB Readers (Ebook Viewing Software)
• How to Generate the Free Let's Encrypt SSL Certificate on Your Own (Windows) Computer
• How to Insert Meta Tags into a Web Page with BlueGriffon
• How to Play a Song (or Some Other Audio Clip) from a List on a Website
• Two Ways to View a Binary File on Windows Without Installing Anything
• How to Draw a Horizontal Line on a Web Page with Expression Web
• How to Create a Website Free of Charge
• Why Can't I Make Up Any Domain I Want? Is There a Way to Do Away with a Registrar Altogether?
• What's the Difference Between a Domain Name Registrar and a Web Host?

Popular Pages

• How to Create/Make Your Own Website: The Beginner's A-Z Guide
• How to Register Your Own Domain Name - how to get your own domain name
• What's the Difference Between a Content Management System (CMS), a Blog, a Web Editor and an Online Site Builder?
• Expression Web Tutorial: How to Design a Website with Microsoft Expression Web
• Dreamweaver Tutorial: How to Design a Website with Dreamweaver CS6
• How to Make a Mobile-Friendly Website: Responsive Design in CSS
• BlueGriffon Tutorial: How to Design a Website with BlueGriffon 3
• How to Create a Blog
• Free CD and DVD Burners and Copying Software
• Free Hard Disk Backup and Restore, Hard Disk Image and Cloning Utilities

How to Link to This Page

To link to this page from your website, simply cut and paste the following code to your web page.

<a href="https://www.thefreecountry.com/programming/static-code-analyzers.shtml" target="_top">Free Static Code Analyzers (Static Source Code Analysis Tools/Lint)</a>

It will appear on your page as:

Free Static Code Analyzers (Static Source Code Analysis Tools/Lint)

 

Copyright © 2018-2020 by Christopher Heng. All rights reserved.
thesitewizard™, thefreecountry™ and HowToHaven™ are trademarks of Christopher Heng.
This page was last updated on 28 August 2020.