Alternatives to Codecov
Compare Codecov alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to Codecov in 2026. Compare features, ratings, user reviews, pricing, and more from Codecov competitors and alternatives in order to make an informed decision for your business.
-
1
Aikido Security
Aikido Security
Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks to: - False-positive reduction - AI Autotriage & AI Autofix - Deep integration into the dev workflow (from IDEs and task managers to CI/CD gating) - AI Pentests - Automated Compliance Aikido covers the entire Software Development Lifecycle (SDLC), including: static application security testing (SAST), dynamic application security testing (DAST), infrastructure-as-code (IaC), container scanning, secrets detection, open source license scanning (SCA), cloud posture management (CSPM), runtime protection, AI pentests, and more. -
2
Kiuwan Code Security
Kiuwan
Kiuwan is an end-to-end application security platform that integrates seamlessly into your development process. Our toolset includes Static Application Security Testing (SAST), Software Composition Analysis (SCA), Software Governance and Code Quality, empowering your team to quickly identify and remediate vulnerabilities. Integrating into your CI/CD pipeline, Kiuwan enables early detection and remediation of security issues. Kiuwan supports strict compliance with industry standards including OWASP, CWE, MISRA, NIST, PCI DSS, and CERT, among others. ✅ Large language support: 30+ programming languages. ✅ Detailed action plans: Prioritize remediation with tailored action plans. ✅ Code Security: Seamless Static Application Security Testing (SAST) integration. ✅ Insights: On-demand or continuous scanning Software Composition Analysis (SCA) to help reduce third-party threats. ✅ One-click Software Bill of Materials (SBOM) generation Code Smarter. Secure Faster. Ship Sooner. -
3
SonarQube Cloud
SonarSource
Maximize your throughput and only release clean code SonarQube Cloud (formerly SonarCloud) automatically analyzes branches and decorates pull requests. Catch tricky bugs to prevent undefined behavior from impacting end-users. Fix vulnerabilities that compromise your app, and learn AppSec along the way with Security Hotspots. With just a few clicks you're up and running right where your code lives. Immediate access to the latest features and enhancements. Project dashboards keep teams and stakeholders informed on code quality and releasability. Display project badges and show your communities you're all about awesome. Code Quality and Code Security is a concern for your entire stack, from front-end to back-end. That’s why we cover 24 languages including Python, Java, C++, and many others. Transparency makes sense and that's why the trend is growing. Come join the fun, it's entirely free for open-source projects! -
4
Coco Code Coverage
Qt Group
Coco by Qt is an end-to-end code coverage and test analysis tool built for teams developing desktop, embedded, and safety-critical software. It supports multiple languages—including C, C++, C#, QML, and Tcl—and provides detailed insight into code coverage across unit, integration, and system testing. Coco helps engineering and QA teams identify untested paths, redundant test cases, and hidden logic branches to improve software reliability and performance. Designed for compliance-driven industries, it generates audit-ready reports aligned with international standards like ISO 26262, DO-178C, and IEC 62304. Seamlessly integrating with CI/CD pipelines and IDEs such as Visual Studio, Eclipse, and Qt Creator, Coco streamlines test validation across toolchains and environments. With precision, automation, and compliance at its core, Coco enables faster releases without compromising quality or safety. -
5
Codacy
Codacy
Codacy is an automated code review tool that helps identify issues through static code analysis, allowing engineering teams to save time in code reviews and tackle technical debt. Codacy integrates seamlessly into existing workflows on your Git provider, and also with Slack, JIRA, or using Webhooks. Users receive notifications on security issues, code coverage, code duplication, and code complexity in every commit and pull request along with advanced code metrics on the health of a project and team performance. The Codacy CLI enables running Codacy code analysis locally, so teams can see Codacy results without having to check their Git provider or the Codacy app. Codacy supports more than 30 coding languages and is available in free open-source, and enterprise versions (cloud and self-hosted). For more see https://www.codacy.com/Starting Price: $15.00/month/user -
6
Code Climate
Code Climate
Velocity provides in-depth, contextual analytics that equip engineering leaders to support stuck team members, address team roadblocks, and streamline engineering processes. Actionable metrics for engineering leaders. Velocity turns data from commits and pull requests into the insights you need to make lasting improvements to your team’s productivity. Quality: Automated code review for test coverage, maintainability and more so that you can save time and merge with confidence. Receive automated code review comments on your pull requests. Our 10-point technical debt assessment provides real-time feedback, so you can save time and focus on what matters in your code review discussions. Get test coverage right, every time. See coverage line by line within diffs. Never merge code without sufficient tests again. At a glance, identify frequently changed files that have inadequate coverage and maintainability issues. Track your progress against measurable goals, day-by-day. -
7
Coveralls
Coveralls
We help you deliver code confidently by showing which parts of your code aren’t covered by your test suite. Free for open-source repositories. Pro accounts for private repositories. Instant sign-up through GitHub, Bitbucket, and Gitlab. Maintaining a well-tested codebase is mission-critical. Figuring out where your tests are lacking can be painful. You're already running your tests on a continuous integration server, so shouldn't it be doing the heavy lifting? Coveralls works with your CI server and sifts through your coverage data to find issues you didn't even know you had before they become a problem. If you're just running your code coverage locally, you won't be able to see changes and trends that occur during your entire development cycle. Coveralls lets you inspect every detail of your coverage with unlimited history. Coveralls takes the pain out of tracking your code coverage. Know where you stand with your untested code. Develop with confidence that your code is covered.Starting Price: $10 per month -
8
SimpleCov
SimpleCov
SimpleCov is a code coverage analysis tool for Ruby. It uses Ruby's built-in Coverage library to gather code coverage data, but makes processing its results much easier by providing a clean API to filter, group, merge, format, and display those results, giving you a complete code coverage suite that can be set up with just a couple lines of code. SimpleCov/Coverage track covered ruby code, gathering coverage for common templating solutions like erb, slim, and haml is not supported. In most cases, you'll want overall coverage results for your projects, including all types of tests, Cucumber features, etc. SimpleCov automatically takes care of this by caching and merging results when generating reports, so your report actually includes coverage across your test suites and thereby gives you a better picture of blank spots. SimpleCov must be running in the process that you want the code coverage analysis to happen on.Starting Price: Free -
9
Devel::Cover
metacpan
This module provides code coverage metrics for Perl. Code coverage metrics describe how thoroughly tests exercise code. By using Devel::Cover you can discover areas of code not exercised by your tests and determine which tests to create to increase coverage. Code coverage can be considered an indirect measure of quality. Devel::Cover is now quite stable and provides many of the features to be expected in a useful coverage tool. Statement, branch, condition, subroutine, and pod coverage information is reported. Statement and subroutine coverage data should be accurate. Branch and condition coverage data should be mostly accurate too, although not always what one might initially expect. Pod coverage comes from Pod::Coverage. If Pod::Coverage::CountParents is available it will be used instead.Starting Price: Free -
10
Early
EarlyAI
Early is an AI-driven tool designed to automate the generation and maintenance of unit tests, enhancing code quality and accelerating development processes. By integrating with Visual Studio Code (VSCode), Early enables developers to produce verified and validated unit tests directly from their codebase, covering a wide range of scenarios, including happy paths and edge cases. This approach not only increases code coverage but also helps identify potential issues early in the development cycle. Early supports TypeScript, JavaScript, and Python languages, and is compatible with testing frameworks such as Jest and Mocha. The tool offers a seamless experience by allowing users to quickly access and refine generated tests to meet specific requirements. By automating the testing process, Early aims to reduce the impact of bugs, prevent code regressions, and boost development velocity, ultimately leading to the release of higher-quality software products.Starting Price: $19 per month -
11
Slather
Slather
Generate test coverage reports for Xcode projects & hook it into CI. Enable test coverage by ticking the "Gather coverage data" checkbox when editing a scheme.Starting Price: Free -
12
CodeScan
CodeScan
Code Quality and Security for Salesforce Developers. Made exclusively for the Salesforce platform, CodeScan’s code analysis solutions provide you with total visibility into your code health. The most comprehensive static code analysis solution supporting Salesforce languages and metadata. Self hosted. Check your code for security and quality with the most extensive database for the salesforce platform. Cloud. Get all the benefits of our self hosted service without the need of servers or internal infrastructure. Editor plugins. Plug in codescan to your favorite editor and get real-time feedback while you code. Define code standards. Maintain the quality of your code according to best practices. Control code quality. Enforce your coding standards and minimize code complexity throughout the development process. Reduce technical debt. Track your technical debt to improve your code quality and efficiency. Increase development productivity.Starting Price: $250 per month -
13
NCover
NCover
NCover Desktop is a Windows application that helps you collect code coverage statistics for .NET applications and services. After coverage is collected, Desktop displays charts and coverage metrics in a browser-based GUI that allows you to drill all the way down to your individual lines of source code. Desktop also allows you the option to install a Visual Studio extension called Bolt. Bolt offers built-in code coverage that displays unit test results, timings, branch visualization and source code highlighting right in the Visual Studio IDE. NCover Desktop is a major leap forward in the ease and flexibility of code coverage tools. Code coverage, gathered while testing your .NET code, shows the NCover user what code was exercised during the test and gives a specific measurement of unit test coverage. By tracking these statistics over time, you gain a concrete measurement of code quality during the development cycle.Starting Price: Free -
14
BullseyeCoverage
Bullseye Testing Technology
BullseyeCoverage is an advanced C++ code coverage tool used to improve the quality of software in vital systems such as enterprise applications, industrial control, medical, automotive, communications, aerospace and defense. The function coverage metric gives you a quick overview of testing completeness and indicates areas with no coverage at all. Use this metric to broadly raise coverage across all areas of your project. Condition/decision coverage provides detail at the control structure level. Use this metric to attain high coverage in specific areas, for example during unit testing. C/D coverage provides better detail than statement coverage or branch coverage, and provides much better productivity than more complex coverage metrics.Starting Price: $900 one-time payment -
15
Visual Expert
Novalys
Visual Expert is a static code analyzer for Oracle PL/SQL, SQL Server T-SQL, and PowerBuilder. Identify code dependencies to modify your code without breaking your application. Scan your code to improve the security, performance, and quality. Perform Impact analysis to Identify breaking changes. Automatically scan your code to detect and fix security vulnerabilities, bugs and maintenance Issues. Implement continuous code inspection Understand the inner workings of your code with call graphs, code diagrams, CRUD Matrix and Object Dependency Matrix (ODM). Automatically generate an HTML Source Code documentation. Explore your code exploration with hyperlinks Compare applications, databases or pieces of code. Improve maintainability. Clean up code. Comply with dev standards. Analyze and Improve DB code performance: Find slow objects and SQL queries, Optimize a slow object, a Chain of calls a slow SQL, Get a query Execution Plan. And much more.Starting Price: $495 per year -
16
LDRA Tool Suite
LDRA
The LDRA tool suite is LDRA’s flagship platform that delivers open and extensible solutions for building quality into software from requirements through to deployment. The tool suite provides a continuum of capabilities including requirements traceability, test management, coding standards compliance, code quality review, code coverage analysis, data-flow and control-flow analysis, unit/integration/target testing, and certification and regulatory support. The core components of the tool suite are available in several configurations that align with common software development needs. A comprehensive set of add-on capabilities are available to tailor the solution for any project. LDRA Testbed together with TBvision provide the foundational static and dynamic analysis engine, and a visualization engine to easily understand and navigate standards compliance, quality metrics, and code coverage analyses. -
17
Testwell CTC++
Testwell
Testwell CTC++ is a powerful instrumentation-based code coverage and dynamic analysis tool for C and C++ code. With certain add-on components CTC++ can be used also on C#, Java and Objective-C code. Further, again with certain add-on components, CTC++ can be used to analyse code basically at any embedded target machines, also in very small ones (limited memory, no operating system). CTC++ provides Line Coverage, Statement Coverage, Function Coverage, Decision Coverage, Multicondition Coverage, Modified Condition/Decision Coverage (MC/DC), Condition Coverage. As a dynamic analysis tool, CTC++ shows the execution counters (how many times executed) in the code, i.e. more than a plain executed/not executed information. You can also use CTC++ to measure function execution costs (normally time) and to enable function entry/exit tracing at test time. CTC++ is easy to use.Starting Price: Free -
18
Typemock
Typemock
The easiest way to unit test. Write tests without changing your code! Even legacy code. Static methods, private methods, non-virtual methods, out parameters and even members and fields. Our professional edition is free for developers around the world. We also have paid support package. Improve your code integrity and deliver quality code. Fake entire object models with a single statement. Mock statics, private, constructors, events, linq, ref args, live, future, static constructors. Our suggest feature creates automated test suggestions suitable for your code. Our smart runner will run only your impact tests and get you super fast feedback. Our coverage feature displays your code coverage in your editor while you code.Starting Price: $479 per license per year -
19
UndercoverCI
UndercoverCI
Actionable test coverage for Ruby and GitHub. Checks and insights to help your team ship healthy code while saving time on PR reviews. Stop focusing on getting to 100% test coverage. Reduce pull request defects by telling when the changed code is untested before it's deployed to production. The CI server runs tests and uploads coverage data to UndercoverCI. That's the only required post-install setup step! We scan the PR diff and verify local test coverage for each updated class, method, and block because an absolute percentage check is not enough. Reveal untested methods and blocks, find unused code paths, and improve your test suite. Install UndercoverCI's hosted GitHub App or explore the Ruby gems family. Fully-featured GitHub App code review integration with quick setup for your organization. The UndercoverCI project and related Ruby gems are entirely open-source and free to use locally and in your CI/CD workflows.Starting Price: $49 per month -
20
JaCoCo
EclEmma
JaCoCo is a free code coverage library for Java, which has been created by the EclEmma team based on the lessons learned from using and integrating existing libraries for many years. The master branch of JaCoCo is automatically built and published. Due to the test-driven development approach, every build is considered fully functional. See the change history for the latest features and bug fixes. SonarQube code quality metrics of the current JaCoCo implementation are available on SonarCloud.io. Integrate JaCoCo technology with your tools. Use JaCoCo tools out of the box. Improve the implementation and add new features. There are several open-source coverage technologies for Java available. While implementing the Eclipse plug-in EclEmma the observation was that none of them are really designed for integration. Most of them are specifically fit to a particular tool (Ant tasks, command line, IDE plug-in) and do not offer a documented API that allows embedding in different contexts.Starting Price: Free -
21
CodeScene
CodeScene
CodeScene is a code analysis, visualization, and reporting tool. Cross reference contextual factors such as code quality, team dynamics, and delivery output to get actionable insights to effectively reduce technical debt and deliver better code quality. We enable software development teams to make confident, data-driven decisions that fuel performance and developer productivity. Supporting 28+ programming languages, CodeScene also offers an automated integration with GitHub, BitBucket, Azure DevOps or GitLab pull requests to incorporate the analysis results into existing delivery workflows. Automate your code reviews, get early warnings and recommendations about complex code before merging it to the main branch and set quality gates to trigger in case your code health declines.Starting Price: €18 per active author/month -
22
Matter AI
Matter AI
Matter AI is an AI-powered code reviewer designed to streamline pull request workflows by generating detailed, context-aware summaries in seconds, eliminating the need for manual writing. It enhances code quality by identifying bugs, security risks, and performance issues before they reach production. By integrating with internal tools like Notion, JIRA, Confluence, and Linear, Matter AI provides reliable and trusted summaries and code analysis. Its AI explanations help reviewers understand complex code instantly, making approvals smoother and reducing review cycles. Matter AI operates with a strong emphasis on security, being SOC 2 Type II certified, and ensures data privacy by processing code in isolated environments without storing proprietary code. This tool is ideal for development teams aiming to accelerate their code review process while maintaining high standards of code quality and security.Starting Price: $12 per month -
23
Tarpaulin
Tarpaulin
Tarpaulin is a code coverage reporting tool for the cargo build system, named for a waterproof cloth used to cover cargo on a ship. Currently, tarpaulin provides working line coverage and while fairly reliable may still contain minor inaccuracies in the results. A lot of work has been done to get it working on a wide range of projects, but often unique combinations of packages and build features can cause issues so please report anything you find that's wrong. Also, check out our roadmap for planned features. On Linux Tarpaulin's default tracing backend is still Ptrace and will only work on x86 and x64 processors. This can be changed to the llvm coverage instrumentation with engine llvm, for Mac and Windows this is the default collection method. It can also be run in Docker, which is useful for when you don't use Linux but want to run it locally.Starting Price: Free -
24
Bugbot
Cursor
Bugbot is an AI-powered code review agent that automatically reviews pull requests to identify bugs, security issues, and code quality problems. Built into the Cursor ecosystem, Bugbot analyzes PR diffs and leaves contextual comments with clear explanations and fix suggestions. It runs automatically on every pull request update or can be triggered manually using comments. Bugbot reads existing PR discussions to avoid duplicate feedback and build on prior context. The tool supports customizable rules through configuration files and team-wide policies to enforce coding standards. Bugbot integrates seamlessly with GitHub, GitLab, and enterprise repositories. It helps development teams catch issues early and improve code quality without slowing down workflows. -
25
Propel
Propel Platform, Inc.
Propel is an AI-powered code review platform that acts as your team's AI Tech Lead — giving instant PR feedback, turning comments into suggested fixes, and helping you merge faster with higher quality. Propel learns from your team on every review to improve team velocity, code quality, and developer experience over time. Additionally, Propel has Security Scanning functionality that identifies security vulnerabilities and compliance issues before they reach production. Within Propel, teams are also able to build and maintain a living knowledge base of your team's coding patterns and best practices. Furthermore, Propel provides automated weekly summaries of all GitHub activity sent directly to Slack. Perfect for exec updates, team accountability, and keeping everyone informed.Starting Price: $30/month/user -
26
coverage
pub.dev
Coverage provides coverage data collection, manipulation, and formatting for Dart. Collect_coverage collects coverage JSON from the Dart VM Service. format_coverage formats JSON coverage data into either LCOV or pretty-printed format.Starting Price: Free -
27
Diamond
Diamond
Diamond is an advanced AI code review tool that provides immediate, actionable feedback on every pull request, enhancing code quality and accelerating development cycles. It automatically identifies potential issues such as logic bugs, security vulnerabilities, performance bottlenecks, and documentation inconsistencies, allowing teams to focus more on building and less on manual reviews. With zero setups required, Diamond integrates seamlessly with your repository, offering high-signal, codebase-aware insights without the noise often associated with other AI tools. Users can customize review standards by importing their own style guides, filtering out unwanted comments to maintain a focused review experience, and benefiting from codebase awareness that enhances comment quality. It also provides review insights with analytics on comment metrics, including issue categories, and offers suggested fixes that can be accepted with a single click.Starting Price: $20 per month -
28
Gcov
Oracle
Gcov is an open-source code-coverage tool.Starting Price: Free -
29
OpenCppCoverage
OpenCppCoverage
OpenCppCoverage is an open-source code coverage tool for C++ under Windows. The main usage is for unit testing coverage, but you can also use it to know the executed lines in a program for debugging purposes. Support compiler with a program database file (.pdb). Just run your program with OpenCppCoverage, no need to recompile your application. Exclude a line based on a regular expression. Coverage aggregation, to run several code coverages and merge them into a single report. Requires Microsoft Visual Studio 2008 or higher for all editions including the Express edition. It should also work with the previous version of Visual Studio. You can run the tests with the Test Explorer window.Starting Price: Free -
30
RKTracer
RKVALIDATE
RKTracer is a code-coverage and test-analysis tool that enables teams to assess the quality and completeness of their testing across unit, integration, functional, and system-level testing, without altering a single line of application code or build workflow. It supports instrumentation across host machines, simulators, emulators, embedded devices, and servers, and covers a broad array of programming languages, including C, C++, CUDA, C#, Java, Kotlin, JavaScript/TypeScript, Golang, Python, and Swift. It provides detailed coverage metrics such as function, statement, branch/decision, condition, MC/DC, and multi-condition coverage, and even supports delta-coverage reports to show which newly added or modified portions of code are already covered. Integration is seamless; simply prefix your build or test command with “rktracer”, run your tests, then generate HTML or XML reports (for CI/CD systems or dashboards like SonarQube). -
31
DeepSource
DeepSource
DeepSource is an AI-powered code review platform designed to help development teams maintain high-quality, secure, and reliable code. The platform automates code reviews using a hybrid approach that combines static analysis with advanced AI agents. It integrates directly with development workflows through platforms like GitHub, GitLab, Bitbucket, and Azure DevOps. DeepSource analyzes pull requests in real time, identifying bugs, security vulnerabilities, code complexity issues, and maintainability risks before code reaches production. The system provides structured feedback and inline comments to help developers quickly understand and resolve issues. Additional features such as secrets detection, dependency vulnerability scanning, and infrastructure-as-code review strengthen application security. By automating repetitive review tasks and providing intelligent insights, DeepSource enables teams to ship software faster while maintaining strong code quality standards.Starting Price: $24/user/month -
32
Codegrip
Codegrip
Customize the code review rule sets to align with the standards you want to follow. Automatically avoid bugs that are not important to you so that you can concentrate on what matters. Perform code reviews without worrying about the security of your code. Codegrip does not store any of your code while performing automated code reviews. Always stay updated about the progress of your project. Get code quality reports and pull request notifications automatically in a Slack channel of your choice. Manage multiple projects with a dashboard view that provides all information in one place. Track the improvement in code quality over time with the help of easy-to-understand parameters and graphs. OWASP represents a broad consensus about the most critical security risks to web and mobile applications. It also guides developers and security professionals on the most critical vulnerabilities that are commonly found in web applications, which are also easy to exploit.Starting Price: $12 per user per month -
33
blanket.js
Blanket.js
A seamless JavaScript code coverage library. Blanket.js is a code coverage tool for JavaScript that aims to be easy to install, easy to use, and easy to understand. Blanket.js can be run seamlessly or can be customized for your needs. JavaScript code coverage compliments your existing JavaScript tests by adding code coverage statistics (which lines of your source code are covered by your tests). Parsing the code using Esprima and node-falafel, and instrumenting the file by adding code tracking lines. Connecting to hooks in the test runner to output the coverage details after the tests have been completed. A Grunt plugin has been created to allow you to use Blanket like a "traditional" code coverage tool (creating instrumented copies of physical files, as opposed to live-instrumenting). Runs the QUnit-based Blanket report headlessly using PhantomJS. Results are displayed on the console, and the task will cause Grunt to fail if any of your configured coverage thresholds are not met.Starting Price: Free -
34
Klocwork
Perforce
Klocwork static code analysis and SAST tool for C, C++, C#, Java, and JavaScript identifies software security, quality, and reliability issues helping to enforce compliance with standards. Built for enterprise DevOps and DevSecOps, Klocwork scales to projects of any size, integrates with large complex environments, a wide range of developer tools, and provides control, collaboration, and reporting for the entire enterprise. This has made Klocwork the preferred static analyzer that keeps development velocity high while enforcing continuous compliance for security and quality. Use Klocwork static application security testing (SAST) for DevOps (DevSecOps). Our security standards identify security vulnerabilities, helping to find and fix security issues early and proving compliance to internationally recognized security standards. Klocwork integrates with CI/CD tools, containers, cloud services, and machine provisioning making automated security testing easy. -
35
Crucible
Atlassian
Ship high quality code. Review code, discuss changes, share knowledge, and identify defects across SVN, Git, Mercurial, CVS, and Perforce. Create formal, workflow-based, or quick code reviews and assign reviewers from across your team. Turn any code review into a threaded discussion and comment on specific source lines, files, or an entire changeset. Take action on what's important with unified views into your code activity for commits, reviews, and comments. Improve code quality with data on which parts of your codebase have not been sufficiently reviewed. Get a quick view of review status and who might be holding up reviews. Access a complete audit trail with all code review details, down to the history of a specific review. Customize your Jira Software workflow to stop if there are any open reviews. Upgrade your workflow with Jira Software, Bitbucket Server, Bamboo and hundreds of other developer tools.Starting Price: $10 one-time payment -
36
Sourcery
Sourcery
Sourcery is an AI-powered automated code review and coding assistant designed to help developers and engineering teams improve code quality, catch bugs and security issues early, and maintain consistent standards across projects. It integrates directly into popular development workflows, including GitHub, GitLab, and IDEs like VS Code and JetBrains, providing instant, actionable feedback on pull requests and in-editor code changes rather than relying solely on traditional peer reviews. Sourcery analyzes diffs with a combination of large language model insights and static analysis to deliver clear summaries, line-by-line suggestions, high-level feedback, and visual diagrams that explain proposed changes, with the goal of offering review quality similar to what a colleague would provide. In the IDE, it functions as a real-time pair programmer that underlines potential improvements, enables one-click application of suggested fixes, and offers an AI chat.Starting Price: $12 per month -
37
Coverage.py
Coverage.py
Coverage.py is a tool for measuring code coverage of Python programs. It monitors your program, noting which parts of the code have been executed, then analyzes the source to identify code that could have been executed but was not. Coverage measurement is typically used to gauge the effectiveness of tests. It can show which parts of your code are being exercised by tests, and which are not. Use coverage run to run your test suite and gather data. However you normally run your test suite, and you can run your test runner under coverage. If your test runner command starts with “python”, just replace the initial “python” with “coverage run”. To limit coverage measurement to code in the current directory, and also find files that weren’t executed at all, add the source argument to your coverage command line. By default, it will measure line (statement) coverage. It can also measure branch coverage. It can tell you what tests ran which lines.Starting Price: Free -
38
dotCover
JetBrains
dotCover is a .NET unit testing and code coverage tool that works right in Visual Studio and in JetBrains Rider, helps you know to what extent your code is covered with unit tests, provides great ways to visualize code coverage, and is Continuous Integration ready. dotCover calculates and reports statement-level code coverage in applications targeting .NET Framework, .NET Core, Mono for Unity, etc. dotCover is a plug-in to Visual Studio and JetBrains Rider, giving you the advantage of analyzing and visualizing code coverage without leaving the code editor. This includes running unit tests and analyzing coverage results right in the IDEs, as well as support for different color themes, new icons and menus. dotCover comes bundled with a unit test runner that it shares with another JetBrains tool for .NET developers, ReSharper. dotCover supports continuous testing, a modern unit testing workflow whereby dotCover figures out on-the-fly which unit tests are affected by your code changes.Starting Price: $399 per user per year -
39
beSOURCE
Beyond Security (Fortra)
Integrate security into SDLC via potent code analysis. Security must be an integral part of software development. Historically it hasn’t been. Static application security testing (SAST) used to be divorced from Code quality reviews, resulting in limited impact and value. beSOURCE addresses the code security quality of applications and thus integrates SecOps into DevOps. Other SAST offerings look at security as an isolated function. Beyond Security has turned this model upside-down by assuming the SecOps’ perspective in addressing security from all possible angles. Security Standards. beSOURCE adheres to all pertinent standards, guiding static code analysis engine in providing an actionable reference point. -
40
Codespy
Codespy
Codespy AI Detector is a powerful tool designed to identify AI-generated code within software projects quickly and accurately. It supports popular programming languages such as Java, Python, JavaScript, C++, C#, and PHP. The platform helps developers find AI-written code from models like ChatGPT, Gemini, and Claude, which can introduce bugs or unexpected errors. Codespy integrates seamlessly with common development environments like Visual Studio Code and is available as a ChatGPT plugin. Its technology enables teams to create processes and guardrails around AI code usage to reduce risk and improve code quality. With simple pricing plans and no credit card required for the free tier, Codespy is accessible to individuals and businesses of all sizes.Starting Price: $27.98/month -
41
Agentic StarShip
OpenCSG
Agentic StarShip is a comprehensive AI-powered platform developed by OpenCSG to enhance software development efficiency and code quality. It offers a suite of tools designed to automate and streamline various aspects of the development process. One of its key components is CodeSouler, an intelligent coding assistant that integrates seamlessly with popular IDEs like Visual Studio Code and JetBrains. Agentic StarShip provides features such as automatic code commenting, optimization, refactoring, and test case generation. It also facilitates real-time code explanations and Q&A, enabling developers to quickly understand and improve their codebase. The plugin supports right-click context menus and conversation boxes for easy interaction, and it offers operation commands for efficient code manipulation. Another vital feature is SecScan, an AI-driven security scanning tool that performs deep analysis of source code to identify potential vulnerabilities. -
42
jscoverage
jscoverage
jscoverage tool, both node.js and JavaScript support. Enhance the coverage range. Use mocha to load the jscoverage module, then it works. jscoverage will append coverage info when you select list or spec or tap reporter in mocha. You can use covout to specify the reporter, like HTML, and detail. The detail reporter will print the uncovered code in the console directly. Mocha runs test case with jscoverage module. jscoverage will ignore files while listing in covignore file. jscoverage will output a report in HTML format. jscoverage will inject a group of functions into your module exports. default jscoverage will search covignore in the project root. jscoverage will copy exclude files from the source directory to the destination directory.Starting Price: Free -
43
Panto
Panto
Panto is an AI-powered code review agent designed to enhance code quality and security by integrating seamlessly with development workflows. Its proprietary AI operating system aligns code with business context from tools like Jira and Confluence, enabling efficient and context-aware code reviews. It supports over 30 programming languages and conducts more than 30,000 security checks, ensuring comprehensive analysis of codebases. Panto AI's "Wall of Defense" operates continuously to expose vulnerabilities and suggest fixes, preventing flawed code from reaching production. With features like zero code retention, CERT-IN compliance certification, and on-premise compatibility, it prioritizes data security and compliance. Developers benefit from high signal-to-noise ratio reviews, reducing cognitive overload and allowing focus on critical logic and design issues.Starting Price: $12 per month -
44
Istanbul
Istanbul
JavaScript test coverage made simple. Istanbul instruments your ES5 and ES2015+ JavaScript code with line counters, so that you can track how well your unit-tests exercise your codebase. The nyc command-line-client for Istanbul works well with most JavaScript testing frameworks, tap, mocha, AVA, etc. First-class support of ES6/ES2015+ using babel-plugin-Istanbul. Support for the most popular JavaScript testing frameworks. Support for instrumenting subprocesses, using the nyc command-line interface. Adding coverage to your mocha tests could not be easier. Now, simply place the command nyc in front of your existing test command. nyc's instrument command can be used to instrument source files outside of the context of your unit tests. nyc is able to show you all Node processes that are spawned when running a test script under it. By default, nyc uses Istanbul's text reporter. However, you may specify an alternative reporter.Starting Price: Free -
45
Patched
Patched
Patched is a managed service that leverages the open-source framework Patchwork to automate development tasks such as code reviews, bug fixing, security patching, and documentation. By utilizing large language models, Patched enables developers to build and deploy AI-assisted workflow, referred to as "patch flows", that autonomously handle post-code activities, thereby enhancing code quality and accelerating development cycles. The platform offers a user-friendly graphical interface and a visual workflow builder, allowing for the customization of patch flows without the need to manage infrastructure or LLM endpoints. For those who prefer self-hosting, Patchwork provides a self-hosted command-line interface agent that integrates seamlessly with existing development pipelines. Patched emphasizes privacy and control, enabling deployment within an organization's infrastructure using its own LLM API keys.Starting Price: $99 per month -
46
AppMap
AppMap
Runtime code reviews for every code change in the code editor and in CI. Catch runtime performance, security, and stability problems while you code, before they hit production. Collaborate on a team member’s application behavior problem without having to replicate their environment. Automate AppMap generation in CI, get alerts for performance and security flaws, and compare observability and alerts across branches and teams. Run AppMap in CI to automate observability, create OpenAPI docs, and much more. AppMap code reviews link to rich resources that enable you to uncover the root causes of unexpected behavior. Sequence diagrams diffs vividly showcase behavioral changes in your code.Starting Price: $15 per user per month -
47
HCL OneTest Embedded
HCL Software
Automating the creation and deployment of component test harnesses, test stubs and test drivers is a cinch thanks to OneTest Embedded. With a single click from any development environment, one can profile memory and performance, analyze code coverage and visualize program execution behavior. Additionally, OneTest Embedded helps be more proactive in debugging, while identifying and assisting in fixing code before it breaks. Allows for a virtual cycle of test generation, while executing, reviewing and testing improvement to rapidly achieve full test coverage. One click is all it takes to build, execute on the target, and generate reports. Helps preempt performance issues and program crashes. Additionally, can be adapted to work with custom memory management methods used in embedded software. Provides visibility on thread execution and switching to develop a deep understanding of the behavior of the system under test. -
48
VectorCAST
VECTOR Informatik
VectorCAST is a comprehensive test-automation suite designed to streamline unit, integration, and system testing across the embedded software development lifecycle. It automates test case generation and execution for C, C++, and Ada applications, supports host, target, and continuous-integration environments, and offers structural code coverage metrics to help validate safety- and mission-critical systems. It integrates with simulation workflows such as software-in-the-loop and processor-in-the-loop, links to model-based engineering tools like Simulink/Embedded Coder, supports white-box testing features like dynamic instrumentation, fault injection, and test harness generation, and can combine static-analysis results (e.g., from Polyspace) with dynamic test coverage for full-lifecycle verification. Key capabilities include linking requirements to tests, managing and reporting coverage across configurations. -
49
SonarQube Server
SonarSource
SonarQube Server is a self-managed solution for continuous code quality inspection that helps development teams identify and fix bugs, vulnerabilities, and code smells in real-time. It provides automated static code analysis for a variety of programming languages, ensuring the highest quality and security standards are maintained throughout the development lifecycle. SonarQube Server integrates seamlessly with existing CI/CD pipelines, offering flexibility for on-premise or cloud-based deployment. With advanced reporting features, it helps teams manage technical debt, track improvements, and enforce coding standards. SonarQube Server is ideal for organizations seeking full control over their code quality and security without compromising on performance. -
50
DeepCover
DeepCover
Deep Cover aims to be the best coverage tool for Ruby code. More accurate line coverage, and branch coverage. It can be used as a drop-in replacement for the built-in Coverage library. It reports a more accurate picture of your code usage. In particular, a line is considered covered if and only if it is entirely executed. Optionally, branch coverage will detect if some branches are never taken. MRI considers every method defined, including methods defined on objects or via define_method, class_eval, etc. For Istanbul output, DeepCover has a different approach and covers all def and all blocks. DeepCover doesn't consider loops to be branches, but it's easy to support them if needed. Even after DeepCover is required and configured, only a very minimal amount of code is actually loaded and coverage is not started. To make it easier to transition for projects already using the builtin Coverage library deep-cover can inject itself into those tools.Starting Price: Free
