7 tools tagged
Showing 7 of 7 tools
Enterprise software composition analysis for supply chain security
Sonatype Lifecycle is an enterprise software composition analysis platform that identifies vulnerabilities, license risks, and quality issues in open-source dependencies throughout the development lifecycle. It integrates with IDEs, CI/CD pipelines, and artifact repositories to block risky components before they enter the codebase. Backed by the largest vulnerability database with proprietary research beyond public CVE data.
Blazing-fast PHP linter, formatter, and static analyzer in Rust
Mago is a comprehensive PHP toolchain written in Rust that unifies linting, formatting, and static analysis into a single binary. It enforces PER-CS formatting standards, catches code smells with 100+ lint rules, and performs deep type inference for semantic analysis. Inspired by Clippy and OXC from the Rust ecosystem, it delivers performance orders of magnitude faster than PHPStan and Psalm while requiring no PHP runtime to execute.
Find unused files, dependencies, and exports in JavaScript and TypeScript projects
Knip is an open-source CLI tool that detects unused files, dependencies, devDependencies, and exports in JavaScript and TypeScript codebases. It analyzes the full dependency graph to identify dead code that accumulates over time — especially relevant for AI-generated codebases where unused artifacts pile up faster than manual cleanup can handle. With over 10,800 GitHub stars, it has become a standard code hygiene tool in the JS/TS ecosystem.
Rust-powered JavaScript linter that is 50-100x faster than ESLint
Oxlint is an extremely fast JavaScript and TypeScript linter built as part of the OXC (Oxidation Compiler) toolchain written in Rust. It runs 50-100x faster than ESLint by parsing and analyzing code in a single optimized pass without requiring any plugins or configurations. Oxlint ships with 520+ built-in rules covering correctness, performance, and style checks, and is designed to run alongside ESLint during migration. Part of Evan You's VoidZero initiative, OXC has over 20,000 GitHub stars.
Extremely fast Python linter and formatter written in Rust
Ruff is a Python linter and code formatter written in Rust by Astral that runs 10-100x faster than existing tools like flake8, isort, and Black. It implements over 800 lint rules from dozens of popular plugins in a single binary, handles auto-fixing for most violations, and includes a built-in formatter compatible with Black. Adopted by FastAPI, Hugging Face, Pandas, and Apache Airflow, Ruff has over 38,000 GitHub stars and processes entire codebases in milliseconds.
Unified AI code review and application security platform
Panto AI is a unified AI-driven code review and application security platform that combines static analysis, secrets detection, dependency scanning, and infrastructure-as-code security into a single PR workflow. It contextualizes issues based on repository structure and code history to deliver actionable insights directly within pull requests on GitHub, GitLab, and Bitbucket with zero-configuration onboarding and compliance-ready reporting for SOC 2, ISO, and PCI-DSS.
AI code review with full codebase context
Greptile is a Y Combinator-backed AI code review tool that indexes your entire codebase to build a semantic code graph of functions, classes, and dependencies. Unlike diff-only reviewers, it catches cross-file issues, architectural drift, and convention violations with an 82% bug catch rate. Supports GitHub, GitLab, Jira, Slack, and VS Code. Offers cloud and self-hosted VPC deployment with SOC2 Type II compliance. Used by 250+ companies including Stripe and Amazon.
