Update broken links; remove unreachable tools

analysis-tools-dev · Jan 6, 2025 · fa22158 · fa22158
1 parent 3b438f1
commit fa22158
Show file tree

Hide file tree

Showing 15 changed files with 43 additions and 198 deletions.
diff --git a/.lycheeignore b/.lycheeignore
@@ -1,11 +1,6 @@
-https://www.castsoftware.com/highlight
-ptsecurity.com
-https://rome.tools
-https://marketplace.visualstudio.com/items?itemName=rome.rome
-# DeepCode is now part of Snyk
-deepcode.ai
-# https://github.com/amperser/proselint/issues/1357
+# Proselint is down. See https://github.com/amperser/proselint/issues/1357
 proselint.com
-# unable to get local issuer certificate
-# https://github.com/analysis-tools-dev/static-analysis/issues/1474
-https://checkerframework.org/
+# Seems to be a bot detection issue
+https://www.mathworks.com/products/polyspace-bug-finder.html
+# Forbidden
+https://www.freepik.com/
diff --git a/README.md b/README.md
@@ -845,8 +845,6 @@ A ktfmt IntelliJ plugin is available from the plugin repository. To install it,
 
 - [Mondrian](https://trismegiste.github.io/Mondrian) :warning: — A set of static analysis and refactoring tools which use graph theory.
 
-- [Nitpick CI](https://nitpick-ci.com) :copyright: — Automated PHP code review.
-
 - [parallel-lint](https://github.com/php-parallel-lint/PHP-Parallel-Lint) — This tool checks syntax of PHP files faster than serial check with a fancier output.
 
 - [Parse](https://github.com/psecio/parse) — A Static Security Scanner.
@@ -861,7 +859,7 @@ A ktfmt IntelliJ plugin is available from the plugin repository. To install it,
 
 - [PHP Coding Standards Fixer](https://cs.symfony.com) — Fixes your code according to standards like PSR-1, PSR-2, and the Symfony standard.
 
-- [PHP Insights](https://phpinsights.com) — Instant PHP quality checks from your console. Analysis of code quality and coding style as well as overview of code architecture and its complexity.
+- [PHP Insights](https://github.com/nunomaduro/phpinsights) — Instant PHP quality checks from your console. Analysis of code quality and coding style as well as overview of code architecture and its complexity.
 
 - [Php Inspections (EA Extended)](https://plugins.jetbrains.com/plugin/7622-php-inspections-ea-extended-) — A Static Code Analyzer for PHP.
 
@@ -1011,8 +1009,6 @@ It uses the pycodestyle utility to determine what parts of the code needs to be
 
 - [pyanalyze](https://pyanalyze.readthedocs.io/en/latest/) — A tool for programmatically detecting common mistakes in Python code, such as references to undefined variables and type errors. It can be extended to add additional rules and perform checks specific to particular functions.
 
-- [PyCodeQual](https://pycodequ.al) :copyright: — PyCodeQual gives you insights into complexity and bug risks. It adds automatic reviews to your pull requests.
-
 - [pycodestyle](https://pycodestyle.pycqa.org/en/latest) — (Formerly `pep8`) Check Python code against some of the style conventions in PEP 8.
 
 - [pydocstyle](http://www.pydocstyle.org) :warning: — Check compliance with Python docstring conventions.
@@ -1067,7 +1063,7 @@ YAPF follows a distinctive methodology, originating from the 'clang-format' tool
 
 - [cyclocomp](https://github.com/MangoTheCat/cyclocomp) — Quantifies the cyclomatic complexity of R functions / expressions.
 
-- [goodpractice](https://mangothecat.github.io/goodpractice) — Analyses the source code for R packages and provides best-practice recommendations.
+- [goodpractice](https://docs.ropensci.org/goodpractice/) — Analyses the source code for R packages and provides best-practice recommendations.
 
 - [lintr](https://github.com/jimhester/lintr) — Static Code Analysis for R.
 
@@ -1131,7 +1127,7 @@ YAPF follows a distinctive methodology, originating from the 'clang-format' tool
 
 - [Rubrowser](https://github.com/blazeeboy/rubrowser) — Ruby classes interactive dependency graph generator.
 
-- [ruby-lint](http://code.yorickpeterse.com/ruby-lint/latest) :warning: — Static code analysis for Ruby.
+- [ruby-lint](https://gitlab.com/yorickpeterse/ruby-lint) :warning: — Static code analysis for Ruby.
 
 - [rubycritic](https://github.com/whitesmith/rubycritic) — A Ruby code quality reporter.
 
@@ -1399,7 +1395,7 @@ TSLint is an extensible static analysis tool that checks TypeScript code for rea
 
 - [Clayton](https://www.getclayton.com/) :copyright: — AI-powered code reviews for Salesforce. Secure your developments, enforce best practice and control your technical debt in real-time.
 
-- [coala](https://coala.io) :warning: — Language independent framework for creating code analysis - supports [over 60 languages](https://coala.io/languages) by default.
+- [coala](https://github.com/coala/coala) :warning: — Language independent framework for creating code analysis - supports [over 60 languages](https://coala.io/languages) by default.
 
 - [Cobra](https://spinroot.com/cobra) :copyright: — Structural source code analyzer by NASA's Jet Propulsion Laboratory.
 
@@ -1421,8 +1417,6 @@ TSLint is an extensible static analysis tool that checks TypeScript code for rea
 
 - [Codemodder](https://codemodder.io/) — Codemodder is a pluggable framework for building expressive codemods. Use Codemodder when you need more than a linter or code formatting tool. Use it to fix non-trivial security issues and other code quality problems.
 
-- [CodePatrol](https://cyber-security.claranet.fr/en/codepatrol) :copyright: — Automated SAST code reviews driven by security, supports 15+ languages and includes security training.
-
 - [codeql](https://github.com/github/codeql) — Deep code analysis - semantic queries and dataflow for several languages with VSCode plugin support.
 
 - [CodeQue](https://codeque.co) — Ecosystem for structural matching JavaScript and TypeScript code. Offers search tool that understands code structure. Available as CLI tool and Visual Studio Code extension. It helps to search code faster and more accurately making you workflow more effective. Soon it will offer ESLint plugin to create your own rules in minutes to help with assuring codebase quality.
@@ -1449,7 +1443,7 @@ TSLint is an extensible static analysis tool that checks TypeScript code for rea
 
 - [cqc](https://github.com/xcatliu/cqc) :warning: — Check your code quality for js, jsx, vue, css, less, scss, sass and styl files.
 
-- [DeepCode](https://www.deepcode.ai) :warning: :copyright: — DeepCode was acquired by Snyk is now Snyk Code.
+- [DeepCode](https://snyk.io/platform/deepcode-ai/) :warning: :copyright: — DeepCode was acquired by Snyk is now Snyk Code.
 
 - [DeepSource](https://deepsource.com) :copyright: — In-depth static analysis to find issues in verticals of bug risks, security, anti-patterns, performance, documentation and style. Native integrations with GitHub, GitLab and Bitbucket. Less than 5% false positives.
 
@@ -1631,7 +1625,7 @@ TSLint is an extensible static analysis tool that checks TypeScript code for rea
 
 - [weggli](https://github.com/googleprojectzero/weggli) — A fast and robust semantic search tool for C and C++ codebases. It is designed to help security researchers identify interesting functionality in large codebases.
 
-- [WhiteHat Application Security Platform](https://www.whitehatsec.com/platform/static-application-security-testing) :copyright: — WhiteHat Scout (for Developers) combined with WhiteHat Sentinel Source (for Operations) supporting WhiteHat Top 40 and OWASP Top 10.
+- [WhiteHat Application Security Platform](https://source.whitehatsec.com/help/sentinel/sast-service-detail.html) :copyright: — WhiteHat Scout (for Developers) combined with WhiteHat Sentinel Source (for Operations) supporting WhiteHat Top 40 and OWASP Top 10.
 
 - [Wotan](https://github.com/fimbullinter/wotan) :warning: — Pluggable TypeScript and JavaScript linter.
 
@@ -1665,7 +1659,7 @@ TSLint is an extensible static analysis tool that checks TypeScript code for rea
 - [alquitran](https://github.com/ferivoz/alquitran) — Inspects tar archives and tries to spot portability issues in regard  to POSIX 2017 pax specification and common tar implementations.
 This project is intended to be used by maintainers of projects who want to offer portable source code archives for as many systems as possible. Checking tar archives with alquitran before publishing them should help spotting issues before they reach distributors and users.
 
-- [packj](https://packj.dev) — Packj (pronounced package) is a command line (CLI) tool to vet open-source software packages for "risky" attributes that make them vulnerable to supply chain attacks. This is the tool behind our large-scale security analysis platform Packj.dev that continuously vets packages and provides free reports.
+- [packj](https://github.com/ossillate-inc/packj) — Packj (pronounced package) is a command line (CLI) tool to vet open-source software packages for "risky" attributes that make them vulnerable to supply chain attacks. This is the tool behind our large-scale security analysis platform Packj.dev that continuously vets packages and provides free reports.
 
 - [pure](https://github.com/ronomon/pure) :warning: — Pure is a static analysis file format checker that checks ZIP files for dangerous compression ratios, spec deviations, malicious archive signatures, mismatching local and central directory headers, ambiguous UTF-8 filenames, directory and symlink traversals, invalid MS-DOS dates, overlapping headers, overflow, underflow,  sparseness, accidental buffer bleeds etc.
 
@@ -1875,8 +1869,6 @@ Its technology helps developers automate testing, find bugs, and reduce manual l
 
 - [Goblint](https://goblint.in.tum.de) — A static analyzer for the analysis of multi-threaded C programs. Its primary focus is the  detection of data races, but it also reports other runtime errors, such as buffer overflows and null-pointer dereferences.
 
-- [Nitpick CI](https://nitpick-ci.com) :copyright: — Automated PHP code review.
-
 - [PullRequest](https://www.pullrequest.com) :copyright: — Code review as a service with built-in static analysis.  Increase velocity and reduce technical debt through quality code review by expert engineers backed by best-in-class automation.
 
 - [quality](https://github.com/apiology/quality) :warning: — Runs quality checks on your code using community tools, and makes sure your numbers don't get any worse over time.
@@ -2068,7 +2060,7 @@ but with the following improvements:
 <h2>Mobile</h2>
 
 
-- [Android Lint](http://tools.android.com/tips/lint) — Run static analysis on Android projects.
+- [Android Lint](https://developer.android.com/studio/write/lint) — Run static analysis on Android projects.
 
 - [android-lint-summary](https://passy.github.io/android-lint-summary) :warning: — Combines lint errors of multiple projects into one output, check lint results of multiple sub-projects at once.
 
@@ -2206,7 +2198,7 @@ Kani verifies:
 
 - [lockfile-lint](https://github.com/lirantal/lockfile-lint) — Lint an npm or yarn lockfile to analyze and detect security issues
 
-- [LunaSec](https://www.lunasec.io) — Open Source AppSec platform that automatically notifies you the next time vulnerabilities like Log4Shell or node-ipc happen. Track your dependencies and builds in a centralized service.
+- [LunaSec](https://github.com/marketplace/lunatrace-by-lunasec/) — Open Source AppSec platform that automatically notifies you the next time vulnerabilities like Log4Shell or node-ipc happen. Track your dependencies and builds in a centralized service.
 
 - [njsscan](https://opensecurity.in) — A static application testing (SAST) tool that can find insecure code patterns in your node.js applications using simple pattern matcher from libsast and syntax-aware semantic code pattern search tool semgrep.
 

diff --git a/data/api/tools.json b/data/api/tools.json
@@ -319,7 +319,7 @@
     "types": [
       "cli"
     ],
-    "homepage": "http://tools.android.com/tips/lint",
+    "homepage": "https://developer.android.com/studio/write/lint",
     "source": "https://android.googlesource.com",
     "pricing": null,
     "plans": null,
@@ -2881,7 +2881,7 @@
     "types": [
       "cli"
     ],
-    "homepage": "https://coala.io",
+    "homepage": "https://github.com/coala/coala",
     "source": "https://github.com/coala/coala",
     "pricing": null,
     "plans": null,
@@ -3457,39 +3457,6 @@
     "demos": null,
     "wrapper": null
   },
-  "codepatrol": {
-    "name": "CodePatrol",
-    "categories": [
-      "linter"
-    ],
-    "languages": [
-      "csharp",
-      "java",
-      "javascript",
-      "php"
-    ],
-    "other": [
-      "ci",
-      "security"
-    ],
-    "licenses": [
-      "proprietary"
-    ],
-    "types": [
-      "service"
-    ],
-    "homepage": "https://cyber-security.claranet.fr/en/codepatrol",
-    "source": null,
-    "pricing": null,
-    "plans": null,
-    "description": "Automated SAST code reviews driven by security, supports 15+ languages and includes security training.",
-    "discussion": null,
-    "deprecated": null,
-    "resources": null,
-    "reviews": null,
-    "demos": null,
-    "wrapper": null
-  },
   "codepeer": {
     "name": "Codepeer",
     "categories": [
@@ -5059,7 +5026,7 @@
     "types": [
       "service"
     ],
-    "homepage": "https://www.deepcode.ai",
+    "homepage": "https://snyk.io/platform/deepcode-ai/",
     "source": null,
     "pricing": null,
     "plans": null,
@@ -8340,7 +8307,7 @@
     "types": [
       "cli"
     ],
-    "homepage": "https://mangothecat.github.io/goodpractice",
+    "homepage": "https://docs.ropensci.org/goodpractice/",
     "source": "https://github.com/mangothecat/goodpractice",
     "pricing": null,
     "plans": null,
@@ -11126,7 +11093,7 @@
     "types": [
       "service"
     ],
-    "homepage": "https://www.lunasec.io",
+    "homepage": "https://github.com/marketplace/lunatrace-by-lunasec/",
     "source": "https://github.com/lunasec-io/lunasec",
     "pricing": null,
     "plans": null,
@@ -12151,38 +12118,6 @@
     "demos": null,
     "wrapper": null
   },
-  "nitpick-ci": {
-    "name": "Nitpick CI",
-    "categories": [
-      "linter"
-    ],
-    "languages": [
-      "php"
-    ],
-    "other": [
-      "ci"
-    ],
-    "licenses": [
-      "proprietary"
-    ],
-    "types": [
-      "service"
-    ],
-    "homepage": "https://nitpick-ci.com",
-    "source": null,
-    "pricing": "https://nitpick-ci.com/#pricing",
-    "plans": {
-      "free": false,
-      "oss": true
-    },
-    "description": "Automated PHP code review.",
-    "discussion": null,
-    "deprecated": null,
-    "resources": null,
-    "reviews": null,
-    "demos": null,
-    "wrapper": null
-  },
   "njsscan": {
     "name": "njsscan",
     "categories": [
@@ -12598,7 +12533,7 @@
     "types": [
       "cli"
     ],
-    "homepage": "https://packj.dev",
+    "homepage": "https://github.com/ossillate-inc/packj",
     "source": "https://github.com/ossillate-inc/packj",
     "pricing": null,
     "plans": null,
@@ -13211,7 +13146,7 @@
     "types": [
       "cli"
     ],
-    "homepage": "https://phpinsights.com",
+    "homepage": "https://github.com/nunomaduro/phpinsights",
     "source": "https://github.com/nunomaduro/phpinsights",
     "pricing": null,
     "plans": null,
@@ -14957,36 +14892,6 @@
     "demos": null,
     "wrapper": null
   },
-  "pycodequal": {
-    "name": "PyCodeQual",
-    "categories": [
-      "linter"
-    ],
-    "languages": [
-      "python"
-    ],
-    "other": [],
-    "licenses": [
-      "proprietary"
-    ],
-    "types": [
-      "service"
-    ],
-    "homepage": "https://pycodequ.al",
-    "source": null,
-    "pricing": "https://pycodequ.al/pricing",
-    "plans": {
-      "free": true,
-      "oss": false
-    },
-    "description": "PyCodeQual gives you insights into complexity and bug risks. It adds automatic reviews to your pull requests.",
-    "discussion": null,
-    "deprecated": null,
-    "resources": null,
-    "reviews": null,
-    "demos": null,
-    "wrapper": null
-  },
   "pycodestyle": {
     "name": "pycodestyle",
     "categories": [
@@ -16429,7 +16334,7 @@
     "types": [
       "cli"
     ],
-    "homepage": "http://code.yorickpeterse.com/ruby-lint/latest",
+    "homepage": "https://gitlab.com/yorickpeterse/ruby-lint",
     "source": "https://gitlab.com/yorickpeterse/ruby-lint",
     "pricing": null,
     "plans": null,
@@ -21169,7 +21074,7 @@
     "types": [
       "cli"
     ],
-    "homepage": "https://www.whitehatsec.com/platform/static-application-security-testing",
+    "homepage": "https://source.whitehatsec.com/help/sentinel/sast-service-detail.html",
     "source": null,
     "pricing": null,
     "plans": null,

diff --git a/data/tools/android-lint.yml b/data/tools/android-lint.yml
@@ -6,6 +6,6 @@ tags:
 license: Android Software Development Kit License Agreement
 types:
   - cli
-source: 'https://android.googlesource.com'
-homepage: 'http://tools.android.com/tips/lint'
+source: "https://android.googlesource.com"
+homepage: "https://developer.android.com/studio/write/lint"
 description: Run static analysis on Android projects.
diff --git a/data/tools/coala.yml b/data/tools/coala.yml
@@ -8,10 +8,11 @@ tags:
   - java
   - javascript
 license: AGPL-3.0-only
+deprecated: true
 types:
   - cli
-source: 'https://github.com/coala/coala'
-homepage: 'https://coala.io'
+source: "https://github.com/coala/coala"
+homepage: "https://github.com/coala/coala"
 description: >-
   Language independent framework for creating code analysis - supports [over 60
   languages](https://coala.io/languages) by default.
diff --git a/data/tools/codepatrol.yml b/data/tools/codepatrol.yml
diff --git a/data/tools/deepcode.yml b/data/tools/deepcode.yml
@@ -11,7 +11,7 @@ tags:
 license: proprietary
 types:
   - service
-homepage: https://www.deepcode.ai
+homepage: https://snyk.io/platform/deepcode-ai/
 deprecated: true
 description: >-
   DeepCode was acquired by Snyk is now Snyk Code.

diff --git a/data/tools/goodpractice.yml b/data/tools/goodpractice.yml
@@ -6,8 +6,8 @@ tags:
 license: Other
 types:
   - cli
-source: 'https://github.com/mangothecat/goodpractice'
-homepage: 'https://mangothecat.github.io/goodpractice'
+source: "https://github.com/mangothecat/goodpractice"
+homepage: "https://docs.ropensci.org/goodpractice/"
 description: >-
   Analyses the source code for R packages and provides best-practice
   recommendations.