code analysis

Analysis Tools Website lists a comprehensive set of analysis tools. You may find additional tools on the website of shields which provide the little badges for markdown files, which are often found on github.

• Code quality
• Quality ands security SonarQube or SonarCloud
• codeclimate
• semgrep
• Security
• lgtm (is joining github)
• Analyse Containers, Filesystem, Git Repos Trivy
• Security for dependecies, code, containers and infrastructure-code Snyk
• check git repos for secrets gitguardian
• security check for used libraries dependabot
• kiks scans IaC code for vulnerabilities
• Test coverage (may need additional client library which produce the reports in ci)
• codecov
• coverall
• Tools may need existing reports which are build in ci pipepline
  • java
  • jacoco
  • cobertura
• License check: fossa
• Uptime check: uptimerobot
• python
• security bandit
• bash
• ShellCheck