Best Code Quality Tools in Australia

Ship quality code, faster. Aikido built AI-native code quality, with instant feedback, smart detection, and clear auto-generated PR comments, so you can focus on building.

Kiuwan is an end-to-end application security platform that integrates seamlessly into your development process. Our toolset includes Static Application Security Testing (SAST), Software Composition Analysis (SCA), Software Governance and Code Quality, empowering your team to quickly identify and remediate vulnerabilities. Integrating into your CI/CD pipeline, Kiuwan enables early detection and remediation of security issues. Kiuwan supports strict compliance with industry standards including OWASP, CWE, MISRA, NIST, PCI DSS, and CERT, among others. ✅ Large language support: 30+ programming languages. ✅ Detailed action plans: Prioritize remediation with tailored action plans. ✅ Code Security: Seamless Static Application Security Testing (SAST) integration. ✅ Insights: On-demand or continuous scanning Software Composition Analysis (SCA) to help reduce third-party threats. ✅ One-click Software Bill of Materials (SBOM) generation Code Smarter. Secure Faster. Ship Sooner.

Amazon CodeGuru is a developer tool powered by machine learning that provides intelligent recommendations for improving code quality and identifying an application’s most expensive lines of code. Integrate Amazon CodeGuru into your existing software development workflow where you will experience built-in code reviews to detect and optimize the expensive lines of code to reduce costs. Amazon CodeGuru Profiler helps developers find an application’s most expensive lines of code along with specific visualizations and recommendations on how to improve code to save money. Amazon CodeGuru Reviewer uses machine learning to identify critical issues and hard-to-find bugs during application development to improve code quality.

Ship high quality code. Review code, discuss changes, share knowledge, and identify defects across SVN, Git, Mercurial, CVS, and Perforce. Create formal, workflow-based, or quick code reviews and assign reviewers from across your team. Turn any code review into a threaded discussion and comment on specific source lines, files, or an entire changeset. Take action on what's important with unified views into your code activity for commits, reviews, and comments. Improve code quality with data on which parts of your codebase have not been sufficiently reviewed. Get a quick view of review status and who might be holding up reviews. Access a complete audit trail with all code review details, down to the history of a specific review. Customize your Jira Software workflow to stop if there are any open reviews. Upgrade your workflow with Jira Software, Bitbucket Server, Bamboo and hundreds of other developer tools.

Discover, predict, and resolve errors in real-time. Go beyond crash reporting, error tracking, logging and error monitoring. Get instant and accurate alerts — plus a real-time feed — of all errors, including unhandled exceptions. Our automation-grade grouping uses machine learning to reduce noise and gives you error signals you can trust.

Develop healthier code. Improve your code review workflow and quality. Codecov provides highly integrated tools to group, merge, archive, and compare coverage reports. Free for open source. Plans starting at $10/user per month. Ruby, Python, C++, Javascript, and more. Plug and play into any CI product and workflow. No setup required. Automatic report merging for all CI and languages into a single report. Get custom statuses on any group of coverage metrics. Review coverage reports by project, folder and type test (unit tests vs integration tests). Detailed report commented directly into your pull request. Codecov is SOC 2 Type II certified, which means a third-party audits and attests to our practices to secure our systems and your data.

The easiest way to unit test. Write tests without changing your code! Even legacy code. Static methods, private methods, non-virtual methods, out parameters and even members and fields. Our professional edition is free for developers around the world. We also have paid support package. Improve your code integrity and deliver quality code. Fake entire object models with a single statement. Mock statics, private, constructors, events, linq, ref args, live, future, static constructors. Our suggest feature creates automated test suggestions suitable for your code. Our smart runner will run only your impact tests and get you super fast feedback. Our coverage feature displays your code coverage in your editor while you code.

This module provides code coverage metrics for Perl. Code coverage metrics describe how thoroughly tests exercise code. By using Devel::Cover you can discover areas of code not exercised by your tests and determine which tests to create to increase coverage. Code coverage can be considered an indirect measure of quality. Devel::Cover is now quite stable and provides many of the features to be expected in a useful coverage tool. Statement, branch, condition, subroutine, and pod coverage information is reported. Statement and subroutine coverage data should be accurate. Branch and condition coverage data should be mostly accurate too, although not always what one might initially expect. Pod coverage comes from Pod::Coverage. If Pod::Coverage::CountParents is available it will be used instead.

Coverage provides coverage data collection, manipulation, and formatting for Dart. Collect_coverage collects coverage JSON from the Dart VM Service. format_coverage formats JSON coverage data into either LCOV or pretty-printed format.

JaCoCo is a free code coverage library for Java, which has been created by the EclEmma team based on the lessons learned from using and integrating existing libraries for many years. The master branch of JaCoCo is automatically built and published. Due to the test-driven development approach, every build is considered fully functional. See the change history for the latest features and bug fixes. SonarQube code quality metrics of the current JaCoCo implementation are available on SonarCloud.io. Integrate JaCoCo technology with your tools. Use JaCoCo tools out of the box. Improve the implementation and add new features. There are several open-source coverage technologies for Java available. While implementing the Eclipse plug-in EclEmma the observation was that none of them are really designed for integration. Most of them are specifically fit to a particular tool (Ant tasks, command line, IDE plug-in) and do not offer a documented API that allows embedding in different contexts.

Patched is a managed service that leverages the open-source framework Patchwork to automate development tasks such as code reviews, bug fixing, security patching, and documentation. By utilizing large language models, Patched enables developers to build and deploy AI-assisted workflow, referred to as "patch flows", that autonomously handle post-code activities, thereby enhancing code quality and accelerating development cycles. The platform offers a user-friendly graphical interface and a visual workflow builder, allowing for the customization of patch flows without the need to manage infrastructure or LLM endpoints. For those who prefer self-hosting, Patchwork provides a self-hosted command-line interface agent that integrates seamlessly with existing development pipelines. Patched emphasizes privacy and control, enabling deployment within an organization's infrastructure using its own LLM API keys.

Matter AI is an AI-powered code reviewer designed to streamline pull request workflows by generating detailed, context-aware summaries in seconds, eliminating the need for manual writing. It enhances code quality by identifying bugs, security risks, and performance issues before they reach production. By integrating with internal tools like Notion, JIRA, Confluence, and Linear, Matter AI provides reliable and trusted summaries and code analysis. Its AI explanations help reviewers understand complex code instantly, making approvals smoother and reducing review cycles. Matter AI operates with a strong emphasis on security, being SOC 2 Type II certified, and ensures data privacy by processing code in isolated environments without storing proprietary code. This tool is ideal for development teams aiming to accelerate their code review process while maintaining high standards of code quality and security.

Rencore Code (SPCAF) is the only solution on the market that analyzes and assures code quality for SharePoint, Microsoft 365 and Teams development by checking violations against over 1100 policies and checks regarding security, performance, best practices, maintainability, and supportability. Rencore Code (SPCAF) client both works as standalone desktop application or SaaS service. Dev teams run Rencore Code Server, allowing multiple developers to use it as a quality gate and seamlessly integrate it into any provisioning solution. Rencore Code (SPCAF) covers all developer and dev team needs from inventorizing code to troubleshooting and monitoring the performance of code. You can try Rencore Code (SPCAF) for free for 30 days. For more information, please visit our product page and follow Rencore on Twitter and LinkedIn.

Code Quality and Security for Salesforce Developers. Made exclusively for the Salesforce platform, CodeScan’s code analysis solutions provide you with total visibility into your code health. The most comprehensive static code analysis solution supporting Salesforce languages and metadata. Self hosted. Check your code for security and quality with the most extensive database for the salesforce platform. Cloud. Get all the benefits of our self hosted service without the need of servers or internal infrastructure. Editor plugins. Plug in codescan to your favorite editor and get real-time feedback while you code. Define code standards. Maintain the quality of your code according to best practices. Control code quality. Enforce your coding standards and minimize code complexity throughout the development process. Reduce technical debt. Track your technical debt to improve your code quality and efficiency. Increase development productivity.

Klocwork static code analysis and SAST tool for C, C++, C#, Java, and JavaScript identifies software security, quality, and reliability issues helping to enforce compliance with standards. Built for enterprise DevOps and DevSecOps, Klocwork scales to projects of any size, integrates with large complex environments, a wide range of developer tools, and provides control, collaboration, and reporting for the entire enterprise. This has made Klocwork the preferred static analyzer that keeps development velocity high while enforcing continuous compliance for security and quality. Use Klocwork static application security testing (SAST) for DevOps (DevSecOps). Our security standards identify security vulnerabilities, helping to find and fix security issues early and proving compliance to internationally recognized security standards. Klocwork integrates with CI/CD tools, containers, cloud services, and machine provisioning making automated security testing easy.

Summarize pull request changes concisely to help the team quickly understand their impact. Detect and auto-fix code quality issues and anti-patterns for 30+ languages. Scan every code change for OWASP, CWE, SANS, and NIST vulnerabilities, and fix them. Scan every PR against over 10,000 policies to detect infrastructure as code issues and understand their impact. Identifies and protects sensitive information in your codebase, including API keys, tokens, and other secrets. Identify potential issues in code logic, and data structures, and understand their impact. Get a Code Health Dashboard and gain instant visibility into your code and infrastructure's health. Identify high-severity issues, understand their impact, and fix them. Receive weekly executive reports on new issues found, fixed, and pending resolution. Your pair programmer that will help you find and auto-fix over 5000+ code quality issues and security vulnerabilities without leaving the IDE.

Panto is an AI-powered code review agent designed to enhance code quality and security by integrating seamlessly with development workflows. Its proprietary AI operating system aligns code with business context from tools like Jira and Confluence, enabling efficient and context-aware code reviews. It supports over 30 programming languages and conducts more than 30,000 security checks, ensuring comprehensive analysis of codebases. Panto AI's "Wall of Defense" operates continuously to expose vulnerabilities and suggest fixes, preventing flawed code from reaching production. With features like zero code retention, CERT-IN compliance certification, and on-premise compatibility, it prioritizes data security and compliance. Developers benefit from high signal-to-noise ratio reviews, reducing cognitive overload and allowing focus on critical logic and design issues.

Static analysis helps you to find potential issues in your code by doing an analysis on the source code level. C-STAT includes almost 700 checks in total, some comply with rules as defined by MISRA C:2012, MISRA C++:2008 and MISRA C:2004 and more than 250 checks mapping to issues covered by CWE. In addition, it checks compliance with the coding standard CERT C for secure coding. C-STAT executes fast and provides you with comprehensive and detailed error information. You don't need to worry about complex tool setup and struggle with language support and general build issues. C-STAT is completely integrated in the IAR Embedded Workbench IDE and enables you to easy ensure code quality in your daily development flow. It's available for most IAR Embedded Workbench products. Static analysis finds potential issues in code by doing an analysis on the source code level. In addition to raising the code quality, the analysis also aids alignment with industry coding standards.

Tessl’s AI native development platform delivers secure, high-quality, and auto-maintained code, all built to your specs. Tessl’s approach to spec-driven development, grounded in rigorous, deterministic conformance tests, lets you define the requirements, while AI generates the code. Tessl’s platform is a new approach to building software. One built from the ground up with AI in mind. Software built with Tessl is composed using small, modular units that combine to form complex systems. Tessl is created to work with today’s LLMs while anticipating tomorrow’s AI innovations. With Tessl, quality control is built in, via spec conformance tests and platform-wide code quality evaluations. Push the boundaries of generative AI in an environment designed to let you tinker and explore. Experiment with workflows, models, prompts, and more. Tessl enables easier collaboration based on specs, and our high-quality, auto-generated documentation makes code easier than ever to consume.

Bugbot is an AI-powered code review agent that automatically reviews pull requests to identify bugs, security issues, and code quality problems. Built into the Cursor ecosystem, Bugbot analyzes PR diffs and leaves contextual comments with clear explanations and fix suggestions. It runs automatically on every pull request update or can be triggered manually using comments. Bugbot reads existing PR discussions to avoid duplicate feedback and build on prior context. The tool supports customizable rules through configuration files and team-wide policies to enforce coding standards. Bugbot integrates seamlessly with GitHub, GitLab, and enterprise repositories. It helps development teams catch issues early and improve code quality without slowing down workflows.