Ruby/Python: Static analysis tools
iSpeech
Static program analysis is the analysis of computer software that is performed without actually executing programs (analysis performed on executing programs is known as dynamic analysis).[1] In most cases the analysis is performed on some version of the source code, and in the other cases, some form of the object code.
The term is usually applied to the analysis performed by an automated tool, with human analysis being called program understanding, program comprehension, or code review. Software inspections and software walkthroughs are also used in the latter case. __Wiki
Ruby
brakeman A static analysis security vulnerability scanner for Ruby on Rails applications.
cane Code quality threshold checking as part of your build
dawnscanner a static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby on Rails frameworks.
flay Flay analyzes code for structural similarities. Differences in literal values, variable, class, method names, whitespace, programming style, braces vs do/end, etc are all ignored. Making this totally rad.
flog Flog reports the most tortured code in an easy to read pain report. The higher the score, the more pain the code is in.
laser Static analysis and style linter for Ruby code.
Mondrian It is a set of CLI tools to help you to analyse and refactor highly coupled classes. As you know Law of Demeter and S.O.L.I.D guidances, you need your classes loosely coupled. And for this, there is one only rule : ABSTRACTION. This app provides some helpers to add abstraction into concrete classes with minimum pain.
pelusa Static analysis Lint-type tool to improve your OO Ruby code
quality a tool that runs quality checks on your code using community tools, and makes sure your numbers don’t get any worse over time. Just add ‘rake quality’ as part of your Continuous Integration.
reek Code smell detector for Ruby
rubocop A Ruby static code analyzer, based on the community Ruby style guide.
rubycritic A Ruby code quality reporter.
ruby-lint Static code analysis for Ruby
SandyMeter Static analysis tool for checking Ruby code for Sandi Metz’ rules.
Python
bandit Python AST-based static analyzer from OpenStack Security Group
jedi Awesome autocompletion and static analysis library for python.
mccabe McCabe complexity checker for Python
mypy Optional static typing for Python 2 and 3 (PEP484)
py-find-injection Look for SQL injection attacks in python source code
pycodestyle Simple Python style checker in one Python file
pyflakes docstring style checker
pylint A Python source code analyzer which looks for programming errors, helps enforcing a coding standard and sniffs for some code smells.
pyroma Rate your Python packages package friendliness
vulture Find dead Python code
xenon Monitoring tool based on radon
Gloss