Muse leverages a broad range of analyzers that can be tailored to your code-base. Below is a list of the analyzers we’ve incorporated and made available within the Muse platform. And if you don’t see your favorite analyzer or language on the list, fill out the form at the bottom to make a suggestion.
Languages: Java, C, C++
Error Patterns: https://fbinfer.com/docs/checkers-bug-types/
Infer was developed at Facebook and uses advanced compositional analysis techniques to provide deep insight into code behavior while keeping analysis times low. Infer checks Java for null pointer exceptions, resource leaks, performance issues, command injection and other information flow vulnerabilities, annotation consistency, and concurrency errors such as race conditions and deadlocks. Infer checks C/C++/ObjectiveC code for null pointer dereferences, memory leaks, coding convention violations, and API misuse errors.
Error Patterns: https://errorprone.info/bugpatterns
Developed by Google, this Java bug detection tool looks for language-specific error patterns and API mis-use errors. It is implemented as a compiler extension, and so has access to type information, class hierarchies, and dependency data. This gives it deeper insight into the code than most linters and allows it to detect more bugs while maintaining a low false positive rate. ErrorProne can also be extended with custom rules.
Error Patterns: https://find-sec-bugs.github.io/bugs.htm
This tool provides static analysis for security audits of Java web applications and Android applications targeting many of the OWASP Top Ten.
Error Patterns: https://eslint.org/docs/rules
Error Patterns: https://pyre-check.org/docs/error-types.html
Pyre is a fast, scalable type checker for large Python 3 codebases, designed to help improve code quality and development speed by flagging type errors, following the typing standards introduced in PEP484 and PEP526.
Languages: Bash, Shell
Error Patterns: https://github.com/koalaman/shellcheck/wiki/Checks
ShellCheck is a code analyzer for your shell scripts.
PMD (Disabled by Default)
Error Patterns: https://pmd.github.io/pmd-6.23.0/pmd_rules_java.html
The tool finds common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and so forth.
PMD is not enabled by default. To add, copy this line into your Muse configuration file.
customTools = [ "https://docs.muse.dev/scripts/pmd.sh rulesets/java/quickstart.xml" ]
Click here to learn how to create a Muse configuration file.
Don’t see your favorite analyzer here, or looking for additional language support? Fill out the form below to give us a suggestion…we’re a new start-up and welcome ideas for how to make Muse work for you!