Top 11 Open-Source Alternatives to SpotBugs

Product categories

Clean Code Code Analysis Code Collaboration Code Coverage Code Quality Code Review Open Source Security Security & Privacy Text Editors Vulnerability Scanner Web Application Security

Summary

The top open-source alternatives to SpotBugs are Dependency-Check, SonarQube, and Error Prone. One of the criteria for ordering this list is the number of mentions that products have on reliable external sources. You can suggest additional sources through the form here.

Dependency-Check Landing Page
1

DC

Dependency-Check

Dependency-Check is a utility that identifies project dependencies and checks if there are any...
Pricing:
- Open Source
#Security #Code Analysis #Web Application Security 16 social mentions
SonarQube Landing Page
2

SonarQube

SonarQube, a core component of the Sonar solution, is an open source, self-managed tool that systematically helps developers and organizations deliver Clean Code.
Pricing:
- Open Source
- Freemium
- Free Trial
- $150.0 / Annually
#Code Analysis #Code Review #Code Coverage 1 social mentions
Error Prone Landing Page
3

Error Prone

Error Prone is a bug detection tool for Java code, integrated into the Java compiler.
Pricing:
- Open Source
#Code Analysis #Code Review #Code Coverage 4 social mentions
Cppcheck Landing Page
4

Cppcheck

Cppcheck is an analysis tool for C/C++ code. It detects the types of bugs that the compilers normally fail to detect. The goal is no false positives. CppCheckDownload cppcheck for free.
Pricing:
- Open Source
#Code Analysis #Code Coverage #Development 10 social mentions
mypy Landing Page
5

mypy

Mypy is an experimental optional static type checker for Python that aims to combine the benefits of dynamic (or "duck") typing and static typing.
Pricing:
- Open Source
#Code Coverage #Code Analysis #Code Quality 49 social mentions
Sqlmap Landing Page
6

Sqlmap

sqlmap is an open source penetration testing tool that automates the process of detecting and...
Pricing:
- Open Source
#Web Application Security #Security #Security & Privacy 17 social mentions
Vorlon.JS Landing Page
7

Vorlon.JS

Vorlon.JS is an open source, extensible, platform-agnostic tool for remotely debugging and testing JavaScript.
Pricing:
- Open Source
#Code Analysis #Code Review #Code Coverage
CodeClimate Landing Page
8

CodeClimate

Code Climate provides automated code review for your apps, letting you fix quality and security issues before they hit production. We check every commit, branch and pull request for changes in quality and potential vulnerabilities.
Pricing:
- Open Source
#Code Coverage #Code Quality #Code Analysis 11 social mentions
Sentinel Landing Page
9

Sentinel

An framework agnostic authentication & authorization library for ≥PHP 5.4.
Pricing:
- Open Source
#Web Application Security #Security & Privacy #Code Collaboration 1 social mentions
Snyk Landing Page
10

Snyk

Snyk helps you use open source and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and much more.
Pricing:
- Open Source
#Security #Security Monitoring #Security CI 85 social mentions
JaCoCo Landing Page
11

JaCoCo

JaCoCo is a free Java code coverage library.
Pricing:
- Open Source
#Code Coverage #Code Analysis #Code Quality