GitHub Trends

#rust#dataflow#rust#static_analysis#vscode Flowistry is a tool for Rust programming that helps you focus on the parts of code relevant to your current task by analyzing how data flows within functions. When you select a variable or expression, it fades out unrelated code, making it easier to understand complex functions and see what affects or is affected by that code. It works as a VSCode plugin and uses Rust’s ownership system to provide precise analysis. This helps you read, debug, and modify Rust code more efficiently by reducing distractions and highlighting important dependencies. However, it has some limitations with certain Rust features like interior mutability and nested functions. https://github.com/willcrichton/flowistry

#rust#code_analyzer#code_style#coding_standards#formatter#lexer#linter#parser#php#static_analysis#type_checker Mago is a very fast tool for PHP that checks your code for errors, fixes many problems automatically, and formats it neatly. It is built using Rust, which makes it much faster and more reliable than many other PHP tools. Mago helps you find bugs, improve code quality, and keep your code clean and consistent with less effort. It also offers deep analysis to catch tricky issues and lets you see your code’s structure visually. This means you can write better PHP code faster and with more confidence. Installation is easy on macOS and Linux using a simple script or other methods like Homebrew or Composer. https://github.com/carthage-software/mago

#ocaml#c#go#java#javascript#python#r2c#ruby#sast#semgrep#static_analysis#static_code_analysis#typescript Semgrep is a fast, open-source tool that scans your code to find bugs and security issues in over 30 programming languages. It works locally on your computer or in your build system, so your code stays private. Semgrep’s rules are easy to write and understand, helping you catch problems early in development, whether in your IDE, pre-commit checks, or CI/CD pipelines. For stronger security, the Semgrep AppSec Platform offers advanced analysis, AI-powered triage, and detailed fix guidance, reducing false alarms and helping developers fix issues quickly without slowing down. This improves code quality and security efficiently. https://github.com/semgrep/semgrep

#go#containers#cyclonedx#docker#go#golang#hacktoberfest#oci#sbom#spdx#static_analysis#tool Syft is a tool that helps create a list of all the software components used in your applications, known as a Software Bill of Materials (SBOM). This list is important for finding vulnerabilities and ensuring that your software complies with licensing rules. By using Syft, you can better manage your software's security and compliance. It works with many types of software and can be used with other tools like Grype to check for vulnerabilities. This helps keep your software safe and up-to-date. https://github.com/anchore/syft