SonarQube is an open-source platform for continuous inspection of code quality. Using static code analysis, it tries to detect bugs, code smells and security vulnerabilities. Many plugins are available to use it as part of continuous integration pipelines, including for Maven, Jenkins and GitHub. https://www.sonarqube.org/