Sonar Java alternatives for AI agents.

Continuous Inspection

SonarSource Static Analyzer for JavaScript and TypeScript

Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.

Phan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.

The modern Java bytecode editor

Catch common Java mistakes as compile-time errors

A tool to help eliminate NullPointerExceptions (NPEs) in your Java code with low build-time overhead

SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.

Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.

An extensible multilanguage static code analyzer.

The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)

Soot - A Java optimization framework

An easy-to-learn/use static analysis framework for Java and Android

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

An artifact of fully-specified annotations to power static-analysis checks, beginning with nullness analysis.

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.