code Review自动化工具

原文地址地址https://www.guru99.com/code-review-tools.html

 

vscode插件,Review Assistant 

 

 

 

14 BEST Code Review Tools in 2020 [Static Code Analysis]

A Code Review tool automates the code audit process. They help in static code analysis which is essential to deliever a reliable software application. There are plethora of Code Review Tools in the market and selecting one for your project could be a challenge.

Following is a curated list of Top 14 Code Review tools with popular features and latest download links. The list contains open-source as well as commercial tools.

1) Review Assistant

Review Assistant is an extension to Visual Studio. It supports Visual Studio 2019, 2017, 2015, 2013, 2012, and 2010. Review Assistant helps to create review requests and respond to them without leaving IDE. It supports TFS, Subversion, Git, Mercurial, Perforce. Review Assistant adds the Code Review Board window to an IDE. The window is designed to manage all reviews available to a user.

Key features:

  • Flexible code reviews
  • Discussions in code
  • Iterative review with defect fixing
  • Email notifications
  • Rich integration features
  • Reporting and Statistics
  • Drop-in Replacement for Visual Studio Code Review Feature.

2) Reshift

Reshift is a SaaS-based software platform that helps software development teams identify more vulnerabilities faster in their own code before deploying to production. Reducing the cost and time of finding and fixing vulnerabilities, identifying the potential risk of data breaches, and helping software companies achieve compliance and regulatory requirements.

Features:

  • Integrates with Github and Bitbucket
  • Offers security in the team’s processes through the pull-request workflow and avoids switching to other dashboards
  • Smart triaging that reduces false positives overtime with the labelling of issues
  • Tracks vulnerabilities per developer feature branch
  • Know critical vulnerabilities before merging into your master branch
  • Gating the build if a new vulnerability is introduced

3) Gerrit

This open-source, lightweight tool, built over the "Git version control system,". This tool is useful in project environments where all users are trusted committers as this tool allows them to check overall changes made in the project.

Features:

  • Gerrit stops the users from pushing directly to the Git repository
  • Allows you to find the error in the source code
  • Helps you create a new change or makes an update of an existing one
  • Allows you to intermediate between developers and git repositories

Download link: https://www.gerritcodereview.com/

4) Codestriker

Codestriker is an open-source, online source code reviewing web application. This code review tool helps you to record issues, comments, and decisions in a database. It can also be used for code inspections.

Features:

  • Support for traditional documents review
  • It can be integrated with Bugzilla, ClearCase, CVS, etc.
  • Codestriker tool is licensed under GPL

Download link: http://codestriker.sourceforge.net/

5) Phabricator:

Phabricator is an open-source source code scanner. It also includes light-weight web-based code review, planning, testing, finding bugs, etc.

Features:

  • Pre-Commit Code Review
  • Keeps track of a large number of bugs
  • Helps you to build unique task forms for each department
  • Customizable Task Management
  • Allows you to write helpful comments and anecdotes

Download link: https://www.phacility.com/

6) Crucible:

Crucible is a web-based code quality tool. It is used by developers for code review, finding bugs and defects, discussing the changes and knowledge sharing. The tool helps them to catch major defects and improve their code architecture.

Features:

  • Collaborate right code with inline comments, threaded mentions, and conversations
  • Allows to track project in real time with activity streams showing the latest comments and review updates
  • Ensure all files you are reviewing are current as the code is refactored and changed throughout the review process
  • Automatically update Jira Software problems based on review activity and or turn review comments into issues with a single click

Download link: https://www.atlassian.com/software/crucible

7) Review Board

Review Board is a secure code review tool. It is used for code review and document review by open source projects and companies.

Features:

  • Review Board can be integrated with ClearCase, Perforce, CVS, Plastic, etc
  • The code is syntax highlighted which makes it more readable
  • Support for pre-commit reviews and post-commit reviews

Download link: https://www.reviewboard.org/

8) Barkeep

Barkeep is a friendly code review system tool. It offers the easiest method to review code. It allows you to view commits made to any Git repository, see diffs, write comments.

Features:

  • The tool allows you to emailed to your associate committers
  • Supports post-commit workflows
  • Offers a clean User Interface which is easily navigable

Download link: http://getbarkeep.org/

9) Reviewable

Reviewable is a light-weight and powerful code analysis tool which makes the code review faster and thorough. It helps you to improve the code quality by cleaning the User Interface, finding bugs and highlighting the syntax.

Features:

  • Fully customizable logic helps you to determine when a review is complete
  • Works only with GitHub and GitHub En­ter­prise, making for seamless integration. Minimal admin work
  • Line comments map across file revisions and stays in place until it is resolved
  • Helps you to keep complete track of who reviews which revision of each file to make sure no changes are missed

Download link: https://reviewable.io/

10) Peer Review Plugin

Peer review plugin eliminates the requirement for time-consuming code review meetings as it allows you to review code in a user-friendly web-based environment.

Features:

  • Improved knowledge transfer
  • Helps you to review files from the repository and comment on them
  • Export data in MS Word docx format
  • Better code and fewer defects
  • Support for Git, SVN, and GitHub

Download linkhttps://trac-hacks.org/wiki/PeerReviewPlugin

11) Codacy

Codacy tool automatically identifies issues through static code analysis. Get a quick notification on security issues, code duplication, and code complexity in every pull and commit request.

Features:

  • Helps you to identify new issues early in the process and prevent your product from being affected
  • Get visibility into the quality of your code
  • Seamlessly integrated into your workflow
  • The self-hosted solution, packed with first class security on your servers

Download link: https://www.codacy.com/

12) CodeFactor.io:

Code factor tool allows you to have a glance of code quality for the whole project, recent commits, and the most problematic files. You can track and fixed issues for every commit & pull request.

Feature:

  • Get an overview of your code base
  • Seamless integration into your development process
  • Allows you to control what should be analyzed
  • Helps you to capture every line of code
  • Streamline Code Review process and improves actionable reports
  • It offers analytical data to understand, contribute and communicate with your peers

Download linkhttps://www.codefactor.io/

13) Helix Swarm:

Helix swarm is a code review tool that arranges reviews, shares content and sees code review changes. It allows continuous integration deployment. It helps you to monitor progress, automate design process and improves release quality of the project.

Features:

  • Allows you to do priority filtering
  • Customize notification settings to your profile page
  • Review independent components simultaneously by attaching multiple changelists to a pre-commit review
  • Helps you to keep your code safe by integrating Helix Core with Ping Identity, Okta, and other tools

Download link: https://www.perforce.com/products/helix-swarm

14) Rhodecode:

Rhodecode is an open source, secure enterprise source code management tool. The tool offers as an integrated tool for Git, Subversion, and Mercurial.

Features:

  • Team Collaboration for Better Code Quality
  • Rhodecode offers workflow Automation for Faster Collaboration
  • Permission Management for Secure Software Development
  • Helps you to Integrate an existing code base with new issue tracker tools

Download link: https://rhodecode.com/

15) Veracode:

Veracode is a code review and static analysis tool. It is built on the SaaS model. This tool allows you to analyze the code from a Security point of view. This tool uses binary code/bytecode and ensures 100% test coverage.

Features:

  • Test desktop, web, or desktop apps of any size with consistent, processes and policies even when the source code is not available
  • Test multiple applications without a manual and automate configuration
  • Automate different workflows with streamlined and integrated testing in your SDLC
  • Improve the productivity of your code with the continuous review process

Download link: https://www.veracode.com/products/binary-static-analysis-sast

16) JArchitect

JArchitect is easy to use code review tool for analyzing the Java code. After each review, it sends a report about the development of your project. The tool also helps you to improve code maintainability.

Features:

  • JArchitect code rules are LINQ queries which can be generated within the second
  • JArchitect helps you to find hundreds or even thousands of issues affecting a real-world code base
  • The developer is immediately informed when new issues are found
posted @ 2020-07-27 09:33  齐楚燕韩赵魏秦  阅读(834)  评论(0编辑  收藏  举报