Open Source Java Source Code Analysis Tools
Sort By:
Java Source Code Analysis Tools
View 5597 business solutionsBrowse free open source Java Source Code Analysis Tools and projects below. Use the toggles on the left to filter open source Java Source Code Analysis Tools by OS, license, language, programming language, and project status.
-
Passwordless Authentication and Passwordless SecurityIt’s no secret — passwords can be a real headache, both for the people who use them and the people who manage them. Over time, we’ve created hundreds of passwords, it’s easy to lose track of them and they’re easily compromised. Fortunately, passwordless authentication is becoming a feasible reality for many businesses. Duo can help you get there.
-
Comprehensive Cybersecurity to Safeguard Your Organization | SOCRadarProtect your organization from cyber threats with SOCRadar’s cutting-edge threat intelligence. Gain 360° visibility into your digital assets, monitor the dark web, and stay ahead of hackers with real-time insights. Start for free and transform your cybersecurity today.
-
1
Doxygen is a JavaDoc like documentation system for C++, C, Java and IDL.
-
2
PMD
A source code analyzer
PMD is a source code analyzer. It finds common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and so forth. It supports Salesforce.com Apex, Java, JavaScript, XML, XSL. Additionally it includes CPD, the copy-paste-detector. CPD finds duplicated code in Java, C, C++, C#, PHP, Ruby, Fortran, JavaScript, Matlab, Swift. You can fork us on https://github.com/pmd -
3
Eclipse Checkstyle Plug-in
Integrates Checkstye into the Eclipse IDE
The Eclipse Checkstyle plug-in integrates the Checkstyle Java code auditor into the Eclipse IDE. The plug-in provides real-time feedback to the user about violations of rules that check for coding style and possible error prone code constructs. -
4
SonarQube
Continuous inspection
SonarQube empowers all developers to write cleaner and safer code. Thousands of automated Static Code Analysis rules, protecting your app on multiple fronts, and guiding your team. Catch tricky bugs to prevent undefined behavior from impacting end-users. Fix vulnerabilities that compromise your app, and learn AppSec along the way with Security Hotspots. Make sure your codebase is clean and maintainable, to increase developer velocity! We embrace progress - whether it's multi-language applications, teams composed of different backgrounds or a workflow that's a mix of modern and legacy, SonarQube has you covered. SonarQube fits with your existing tools and pro-actively raises a hand when the quality or security of your codebase is at risk. SonarQube can analyse branches of your repo, and notify you directly in your Pull Requests! -
Our Free Plans just got better! | Auth0 by OktaYou asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
5
google-java-format
Reformats Java source code to comply with Google Java Style
google-java-format is a program that reformats Java source code to comply with Google Java Style. The formatter can act on whole files, on limited lines, on specific offsets, passing through to standard-out (default) or altered in-place. There is no configurability as to the formatter's algorithm for formatting. This is a deliberate design decision to unify our code formatting on a single format. The formatter can be used in software that generates java to output more legible java code. Just include the library in your maven/gradle/etc. configuration. A google-java-format IntelliJ plugin is available from the plugin repository. To install it, go to your IDE's settings and select the Plugins category. Click the Marketplace tab, search for the google-java-format plugin, and click the Install button. -
6
Joern
Open-source code analysis platform for C/C++/Java/Binary/Javascript
Joern is a platform for analyzing source code, bytecode, and binary executables. It generates code property graphs (CPGs), a graph representation of code for cross-language code analysis. Code property graphs are stored in a custom graph database. This allows code to be mined using search queries formulated in a Scala-based domain-specific query language. Joern is developed with the goal of providing a useful tool for vulnerability discovery and research in static program analysis. -
7
A drop-in replacement for the src.zip shipped with Oracle Java 7, that contains sources to all Java classes that are shipped or generated by the OpenJDK project (the official src.zip only covers public classes), plus tools to generate it.
-
8
Source Navigator NG is a source code analysis tool. With it, you can edit your source code, display relationships between classes and functions and members, and display call trees. You can navigate your source code and easily get to declarations or implementations of functions, variables and macros (commonly called "symbols") which helps you discovering and mapping unknown source code for enhancement or maintenance tasks.
-
9
UCDetector
Eclipse Plugin to find unused Java code
UCDetector (Unnecessary Code Detector) is a Open Source Eclipse Plugin Tool. UCDetector finds unnecessary (dead) public Java code. It suggests to make code final, protected or private. -
Our Free Plans just got better! | Auth0 by OktaYou asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
10
OpenRewrite
Automated mass refactoring of source code
The OpenRewrite project is a mass source code refactoring ecosystem. Reduce 1000s of hours of static code analysis fixes to minutes. Turn a four-month migration project into four hours of work. Patch security vulnerabilities across 100s of repositories at once. OpenRewrite automates code refactoring and remediation tasks for you, enabling developers to deliver more business value. OpenRewrite's refactoring engine and recipes will always be open-source. Build tool plugins like OpenRewrite Gradle Plugin and OpenRewrite Maven Plugin help you run these recipes on one repository at a time. Moderne is a complementary product that executes OpenRewrite recipes at scale on hundreds of millions of lines of code and enables mass-committing of results. Moderne freely runs a public service for the benefit of thousands of open-source projects. -
11
pmd
An extensible multilanguage static code analyzer
PMD is a source code analyzer. It finds common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and so forth. It supports Java, JavaScript, Salesforce.com Apex and Visualforce, PLSQL, Apache Velocity, XML, and XSL. Additionally, it includes CPD, the copy-paste-detector. CPD finds duplicated code in Java, C, C++, C#, Groovy, PHP, Ruby, Fortran, JavaScript, PLSQL, Apache Velocity, Scala, Objective C, Matlab, Python, Go, Swift and Salesforce.com Apex, and Visualforce. It supports Java, JavaScript, Salesforce.com Apex and Visualforce, Modelica, PLSQL, Apache Velocity, XML, XSL, and Scala. Additionally, it includes CPD, the copy-paste-detector. CPD finds duplicated code in C/C++, C#, Dart, Fortran, Go, Groovy, Java, JavaScript, JSP, Kotlin, Lua, Matlab, Modelica, Objective-C, Perl, PHP, PLSQL, Python, Ruby, Salesforce.com Apex, Scala, Swift, Visualforce and XML. -
12
Web Application Protection
Tool to detect and correct vulnerabilities in PHP web applications
WAP automatic detects and corrects input validation vulnerabilities in web applications written in PHP Language (version 4.0 or higher) and with a low rate of false positives. WAP detects the following vulnerabilities: - SQL injection using MySQL, PostgreSQL and DB2 DBMS - Reflected cross-site scripting (XSS) - Stored XSS - Remote file inclusion - Local file inclusion - Directory traversal - Source code disclosure - OS command injection - PHP code injection WAP is a static analysis tool that performs taint analysis to detect vulnerabilities, tracking malicious users inputs and checking if they reach calls of sensitive functions. It has a low rate of false positives because has implemented a data mining module to predict false positives when detects vulnerabilities. The output of the tool is: - shows the vulnerabilities found and how they are corrected - new files with the corrections -
13
Halstead Metrics Tool
Software Metrics Analyzer for C,C++,Java Programs
Some software measures are still not widely used in industry, despite the fact that they were defined many years ago, and some additional insights might be gained by revisiting them today with the benefit of recent lessons learned about how to analyze their design. This project analyzes the design and definitions of Halstead’s metrics, the set of which is commonly referred to as ‘software science’. This analysis is based on a measurement analysis framework defined to structure, compare, analyze and provide an understanding of the various measurement approaches presented in the software engineering measurement literature. -
14
This project has moved to GitHub ! The version here at SourceForge will remain for historic purpose. Koopa is a parser generator, made for COBOL. It can handle source files in isolation (no preprocessing required) and doesn't mind the presence of CICS/SQL fragments. The grammar is easily extensible in a way which minimizes the impact on the overall code.
-
15
Provide metrics calculation and dependency analyzer plugin for the Eclipse platform. Measure metrics with avg and std deviation and detect cycles in package and type dependencies. Continuation of work from http://sourceforge.net/projects/metrics.
-
16
This tool helps you to reverse engineer UML Sequence Diagram for your java program at runtime. It works well with both complex java programs (that have multiple threads) and J2EE applications deployed on Application Servers.
-
17
How good is your software? jmove eases the understanding and valuation of the design and architecture of complex software written in java. It provides dependency analysis, metrics, design rule checking and impact analysis.
-
18
JBVD
Java Bytecode Viewer & Decompiler
A very powerful java bytecode viewer and decompiler which makes use of the javassist open source library. -
19
OovAide
C++, Java IDE with auto class, sequence, zone, dependency, diagrams
The OovAide project used to be named oovcde. Searching the web will bring up more information about oovcde at this time. The OovAide project is a C++ or Java analysis IDE for Windows or Linux with an automated multi-tasking build system, cross compiler support, an analysis tool based on CLang that creates UML class, component, sequence as well as zone and portion diagrams from C++ or Java source, static analysis and test coverage. The diagrams allow navigation through the source code, and can be edited manually and saved as .SVG files. It creates CMake files and can be built using Eclipse or CMake. Export to SQLite is supported. -
20
ParTools
Support for manual parallelization of sequential C programs.
ParTools allows the interactive analysis of a C program execution profile and data dependencies to facilitate the discovery and selection of suitable parallelization candidates in a manual parallelization process. The flow does not assume any specific parallelization technique, thus it can be broadly applied. The original (serial) C source is automatically annotated to trace the execution profile and data dependencies at run-time. The annotated program is then executed using a significant (but small) data set selected by the developer. The data collected is cross-referenced with the original source and can be interactively analyzed graphically to determine the best parallelization candidates and techniques. -
21
Provides tools, supporting quality management or quality assurance for software: Assessment execution (ISO 15504 (SPiCE), AutomotiveSPiCE, CMMi), diff tool calculating sizes (SLoC) of diffs, identification of conditional compilation, and more.
-
22
jUML is a UML diagram application capable of reverse engineering Java source code to create relationship diagrams, source code generation based on a user created UML diagram, and saving/restoring of jUML projects.
-
23
Another Open Source Code Analysis Tool
-
24
Eclipse Plug-In that determines the Minimal Access Modifier of Java types and methods project and computes the software metrics Inappropriate Generosity with Accessibility of Types (IGAT) and Inappropriate Generosity with Accessibility of Methods (IGAM). The Minimal Access Modifier of a Java type or type member is the most restrictive access modifier that is able to allow all actual usages of the particular type or member from inside a given code base (normally the entire source code of the respective Java project). The metric Inappropriate Generosity with Accessibility of Types (IGAT) indicates the proportion of those types which actual access modifier is more generous than the minimal one relative to the total number of types in a given source code subset. Analog the metric Inappropriate Generosity with Accessibility of Method (IGAM) indicates the proportion of those methods which actual access modifier is more generous than the minimal one relative to the total number of me
-
25
Android Scents for Maven
Android Scents for animal-sniffer-maven-plugin
If you want to verify your Maven project (library) can also work in Android, you can use animal-sniffer-maven-plugin to check the API against the desired API level. Android Scents will be pushed to Maven Central in groupid "net.sf.androidscents.signature".
