Codiga has joined Datadog!

Read the Blog·

Interested in our Static Analysis?

Sign up
Back to Static code analysis

Static Code Analysis for GitHub

The best static code analysis engine

  • OWASP and CWE25 for GitHub
  • Custom Code Analysis rules
  • Dependency Scanning
  • Secrets and auth key detection
  • Complex and duplicated code detection
Get Codiga for GitHub
static code analysis: github
the simplest static code analysis for GitHub

The simplest static code analysis for GitHub

Install the Codiga GitHub app, connect your repository, and inspect your codebase on GitHub with the Codiga static analysis engine. Configure your rules and get feedback on your code in less than 5 minutes.

Learn more about the Codiga Static Analysis Engine

Code reviews in seconds, not minutes.

Ship code faster and let your developer have real-time feedback at each code review! Codiga highlights vulnerability, coding style, and performance issues directly on GitHub.

code reviews in seconds, not minutes.
team statistics

Team statistics

Get statistics about your team and individual performance

  • Number of code reviews over time
  • Most common code violation in your codebase
  • Most modified files and cause for merge conflicts

Codiga GitHub Action

The Codiga GitHub action allows you to check if your code meets quality criteria. When a commit is triggered, Codiga checks the quality of the source code according to your own metrics threshold.

Get Codiga GitHub Action

code reviews in seconds, not minutes directly in github actions.

Static Code Analysis Features

Automated Code Reviews

Lightning fast feedback on each code reviews that highlights bugs, security and maintainability issues within seconds.

Support for more than 12 languages

Support 1800+ rules across 12 languages with specific analysis for the most popular frameworks (React, Vue, Next).

Multi-branches support

Works with the most popular languages and libraries.

Dependency scanning

Find outdated dependency and alerts when your dependencies need to be updated.

OWASP and CWE support

Detection of OWASP Top 10 bugs and Common Weakness Enumeration (CWE) issues.

Detect leaked credentials

Works with the most popular languages and libraries.

Check good coding practices

Detect long functions, complex functions and duplicated code in seconds.

Code Duplicate detection

Detect when a developer duplicates code and refactor with a function.

Verify design and architecture flaws

Detect any architectural flaws in your code and get feedback in seconds.

Infrastructure security analysis

Check your code quality in CircleCI, Travis-CI, GitHub action, GitLab or any other CI pipeline tool.

CI/CD integration

Using code to deploy your infrastructure with languages such as Terraform? We detect potential security issues.

We support the most popular languages and libraries

Are you interested in Datadog Static Analysis?

Sign up

We use cookies to improve your site experience, including analytics cookies to understand how you use our product and design better experiences. Please read our Cookie Policy.