Codety Scanner is a comprehensive code scanner designed to detect code issues for 30+ programming languages and IaC frameworks. It embeds more than 6,000 code analysis rules and can detect code smells, vulnerable code, secrets in the code, performance issues, style violations, and more. Codety Scanner is open source and is free for personal and commercial use, Codety Scanner's source code is contributed and maintained by Codety Inc.(https://codety.io)

Codety Scanner detects your code issues and report results to:

• GitHub pull request comments (check example here)
• GitHub pull request review comments (check example here)
• GitHub check run annotations (check example here)
• Slack
• GitLab merge request review comments(coming...)

Codety Scanner provides out-of-box integrations with pmd, eslint, checkov, cppcheck, checkov, golangci-lint, phpstan, pmd, pylint, rubocop, scalastyle, shellcheck, stylelint, trivy, etc.

Codety Scanner can:

• Detect code issues like:
  • Insecure and vulnerable code
  • Unexpected secrets/tokens/API-keys in the code
  • Code smells and technical debt accumulation
  • Code style violations
  • Some performance issues
  • And more...
• Support 30+ programming languages and IaC frameworks:
  • Terraform code(AWS, GCP, Azure and OCI)
  • Java
  • Python
  • Javascript
  • Typescript
  • C
  • C++
  • Go
  • Ruby
  • Scala
  • Shell(sh, bash, dash, ksh, busybox)
  • Html
  • Css
  • Kotlin
  • Swift
  • JSP
  • Apex
  • Modelica
  • Plsql
  • XML, XSL, WSDL
  • CloudFormation
  • Serverless framework
  • Helm charts
  • Kubernetes
  • Docker
  • and more

How to use:

Check document Codety Scanner Quickstart

License:

https://github.com/codetyio/codety-scanner/blob/main/LICENSE.txt

Welcome new contributors

We greatly value contributions of any kind. Contributions could include, but are not limited to documentation improvements, bug reports, new or improved code! Check more at CONTRIBUTING.md

Note

Codety Scanner detect code issues using default recommended code scanning rules for general use cases, Codety Console is a subscription-based product that helps you manage and custom code standards according to your organization's needs.