Open Source Source Code Analysis Tools

CSSLint is an open-source CSS code quality tool originally written by Nicholas C. Zakas and Nicole Sullivan. A lint tool performs static analysis of source code and flags patterns that might be errors or otherwise cause problems for the developer. CSSLint is a tool to help point out problems with your CSS code. It does basic syntax checking as well as applying a set of rules to the code that look for problematic patterns or signs of inefficiency. The rules are all pluggable, so you can easily write your own or omit ones you don't want. You can integrate CSSLint into your favorite IDE to make checking your CSS code quality easy. In fact, some IDEs already have CSSLint built-in. Once you're familiar with the CSSLint command-line interface, the next step is to integrate it into your build system.

Unused identifies unused code in Rails, Phoenix, and other types of applications, improving developer productivity. By default, unused leverages a different memory allocator called mimalloc. For my local benchmarks, it speeds up execution by a significant amount (which is documented in the commit introducing mimalloc), but currently runs into sporadic issues on Apple M1 devices. If you run into issues with segmentation faults, consider reinstalling unused with the stock Rust allocator. It is strongly recommended you install Universal Ctags to generate tags files. Universal Ctags supports more languages and has native parsers for a good number of them, resulting in faster tags generation time.

I’d like to introduce reviewdog! An automated code review tool working with any lint tools and supports local run as well. “reviewdog” provides a way to post review comments to code hosting services, such as GitHub, automatically by integrating with any linter tools with ease. It uses any output of lint tools, with translation if required, and posts them as a comment if the file and line are in diff of patches to review. reviewdog also supports running in a local environment to filter the output of lint tools by diff. We can use various linters and static code analysis tools to detect such problems in local machines, editors, CI services. However, here is the problem. Static analysis tools may report false-positive results. Reporting false-positive results itself is ok, but due to the false-positive results we cannot make build fail and it becomes difficult for us to find true positive results from messed up analysis results.