C Resources

Static Analysis and Source Code Analysis Tools

There’s a long list by Matthias Endler at https://github.com/analysis-tools-dev/static-analysis#c

Linters

A linter’s job is to tell you about potential problems in your source code. These are not as essential as they once were, since turning on all the warning messages in your compiler (example) will do much of the same job.

Security Scanners and Software Supply-Chain Analysis

This section needs some contributions from people with expertise and preferences in this area.

Other Static Analysis Tools

Tools listed here often do “lint-type” checks but in addition have significant other capabilities too.