The Roslyn .NET compiler provides C# and Visual Basic languages with rich code analysis APIs.

A small, yet powerful framework, designed for building applications across all XAML platforms. Its strong support for MV* patterns will enable you to build your solution quickly, without the need to sacrifice code quality or testability.

An analyzer library for C# and VB that uses Roslyn to produce refactorings, code analysis, and other niceties.

An analyzer library for C# and VB that uses Roslyn to produce refactorings, code analysis, and other niceties. Check the official project site on code-cracker.github.io. There you will find information on how to contribute, our task board, definition of done, definition of ready, etc. You can find this document in the following languages. This is a community project, free and open source. Everyone is invited to contribute, fork, share and use the code. No money shall be charged by this software, nor it will be. Ever. The list of features is documented here: http://code-cracker.github.io/diagnostics.html. 

Vulnerability Patterns Detector for C# and VB.NET

Vulnerability Patterns Detector for C# and VB.NET - Website. 

Code analyzer for C# and VB.NET projects https://redirect.sonarsource.com/plugins/vbnet.html

Code analyzer for C# and VB.NET projects https://redirect.sonarsource.com/plugins/vbnet.html380+ C# rules and 130+ VB.​NET rules Metrics (cognitive complexity, duplications, number of lines etc.) Import of test coverage reports from Visual Studio Code Coverage, dotCover, OpenCover, Coverlet. Import of third party Roslyn Analyzers results Support for custom rules 

Puma Scan is a software security Visual Studio extension that provides real time, continuous source code analysis as development teams write code. Vulnerabilities are immediately displayed in the development environment as spell check and compiler warnings, preventing security bugs from entering your applications.

Puma Scan is a .NET software secure code analysis tool providing real time, continuous source code analysis as development teams write code. In Visual Studio, vulnerabilities are immediately displayed in the development environment as spell check and compiler warnings, preventing security bugs from entering your applications. Puma Scan also integrates into the build to provide security analysis at compile time. 

Visual Studio extension that intelligently introduces new C# features into your existing codebase

Sharpen is a Visual Studio extension that intelligently modernizes your existing C# codebase. It makes your code more expressive, more readable, more robust, and more performant, in one word - sharper. 

Roslyn analyzers that aim to help security audit on .NET applications.

:warning: This project is no longer active. The project Security Code Scan is a more recent version which include all the analyzers from this project. It has many important bug fixes. Roslyn analyzers that aim to help security audits on .NET applications. Website | Visual Studio Gallery | NuGet. 

NsDepCop is a static code analysis tool that helps to enforce namespace dependency rules in C# projects. No more unplanned or unnoticed dependencies in your system.

NsDepCop is a static code analysis tool that helps you to enforce namespace dependency rules in C# projects. What is this dependency control anyway?. Runs as part of the build process and reports dependency problems. No more unplanned or unnoticed dependencies in your system. 

F# analyzer that provides embedded SQL syntax analysis, type-checking for parameters and result sets and nullable column detection when writing queries using Npgsql.FSharp.

Analyzer that provides embedded SQL syntax analysis when writing queries using Npgsql.FSharp. It verifies query syntax, checks the parameters in the query match with the provided parameters and performs type-checking on the functions that read columns from the result sets. Static query syntax analysis and type-checking against development database Detecting missing or redundant parameters Detecting parameters with type-mismatch Verifying the columns being read from the result set and their types Detecting nullable columns Built-in code fixes and nice error messages Ability to write multi-line queries in [&lt;Literal&gt;] text and referencing it Ability to suppress the warnings when you know better than the analyzer ;) Free (MIT licensed) Supports VS Code with Ionide via F# Analyzers SDK Supports Visual Studio Supports CLI (via Ubik) 

Echo is an experimental generic, static analysis, symbolic execution and emulation framework, that aims to help out with binary code analysis for a variety of platforms. Echo is released under the LGPLv3 license. Control flow analysis  Create static and symbolic flow graphs Dominator analysis Serialize into scoped flow blocks or a list of instructions Data flow analysis  Create data flow graphs Inspect stack and variable dependencies of instructions. Unified generic API.  Serialize any kind of graph to the dot file format. Adding a new platform for flow analysis requires minimal effort 

A set of code analyzers & code fix providers to help developers use the proper .NET Collection & API in their algorithms

This repository is dedicated to common performance and code quality analyzers to follow the best practices surrounding the use of data structures and their APIs located under System.Collections &amp; System.Linq. This project was developed as an internal hackathon project as a proof of concept and depicts the idea. It’s still a prototype and using it could give you false positives. Moreover, the ruleset in the library hasn't been finalized and is subject to change. We're still working on these ideas to make sure they are accurate and reflect the best development practices in .NET. We welcome and encourage contributions on those ideas. For those interested in helping us that way, please read the contribution guidelines for the project. Nonetheless, it could provide useful insights to the developers. You can either consult the project’s roadmap or subscribe to the project’s notifications to know when the project will move outside of its prototype phase. 