Source Code Analysis Tools - Java, JavaScript, .NET, PHP, Python, Ruby


Javascript Source Code Analysis Tools



Crawljax is an open source Java tool for automatically crawling and testing modern web applications. Crawljax can explore any JavaScript-based Ajax web application through an even-driven dynamic crawling engine. It automatically creates a state-flow graph of the dynamic DOM states and the event-based transitions between them. This inferred state-flow graph forms a very powerful vehicle for automating many types of web analysis and testing techniques.


ESLint is an open source tool static anaylsis tool for identifying and reporting on patterns found in ECMAScript/JavaScript code. In many ways, it is similar to JSLint and JSHint with a few exceptions.

JSCS JavaScript Code Style

JSCS (JavaScript Code Style) is an open source code style linter/formatter for programmatically enforcing your style guide. You can configure JSCS for your project/company using over 150 validation rules. It includes presets from popular JavaScript style guides like jQuery, Airbnb or Google.

JavaScript Lint

JavaScript Lint is an open source tool to check all your JavaScript source code for common mistakes without actually running the script or opening the web page. JavaScript Lint is based on JSLint. JavaScript Lint holds an advantage over competing lints because it is based on the JavaScript engine for the Firefox browser. This provides a robust framework that can not only check JavaScript syntax but also examine the coding techniques used in the script and warn against questionable practices.


JSHint provides static code analysis for JavaScript. JSHint is a community-driven tool to detect errors and potential problems in JavaScript code and to enforce your team's coding conventions.


JSLint is a JavaScript program that looks for problems in JavaScript programs. It is a code quality tool.


Flow is an open source static type checker developed by Facebook, designed to find type errors in JavaScript program. Flow adds static typing to JavaScript to improve developer productivity and code quality. In particular, static typing offers benefits like early error checking, which helps you avoid certain kinds of runtime failures, and code intelligence, which aids code maintenance, navigation, transformation, and optimization.


Iroh is an open source dynamic code analysis tool for JavaScript. Iroh allows to record your code flow in realtime, intercept runtime information and manipulate program behavior on the fly. In contrast to static analysis (e.g. used in Babel and ESlint), dynamic analysis allows to collect data which is only available at runtime.

PHP CodeSniffer

PHP_CodeSniffer is a PHP5 script that tokenises and "sniffs" PHP, JavaScript and CSS files to detect violations of a defined coding standard. It is an essential development tool that ensures your code remains clean and consistent. It can also help prevent some common semantic errors made by developers.


Plato is an open source tool that allows JavaScript source code visualization, static and complexity analysis.

SonarLint (SonarJS)

SonarLint, also known as SonarJS, is an IDE extension produced by SonarQube that helps you detect and fix quality issues as you write JavaScript code. Like a spell checker, SonarLint squiggles flaws so that they can be fixed before committing code.


Tern is a stand-alone open source code-analysis engine for JavaScript. It is intended to be used with a code editor plugin to enhance the editor's support for intelligent JavaScript editing.


Yasca consists of two components: a framework for conducting source code analyses, and an implementation of that framework, leveraging custom plugins, FindBugs, PMD, and Jlint