Analysis updated 2026-05-18
Scan a codebase for deadlocks, leaked secrets, and placeholder code before deploying.
Catch low-quality AI-generated code patterns like always-true assertions.
Write custom YAML rules to enforce team-specific coding standards without recompiling.
| friehub/gensense | arpitbhalla/ts-backend | brijeshmarch16/ai-interview | |
|---|---|---|---|
| Stars | 3 | 3 | 3 |
| Language | TypeScript | TypeScript | TypeScript |
| Last pushed | — | 2022-06-09 | — |
| Maintenance | — | Dormant | — |
| Setup difficulty | easy | moderate | moderate |
| Complexity | 3/5 | 3/5 | 3/5 |
| Audience | developer | developer | pm founder |
Figures from each repo's GitHub metadata at analysis time.
Full Rust library usage requires Cargo, the CLI installs easily via npm or npx.
GenSense is a code analysis tool that looks deeper than most linters do. Regular linters mainly check code formatting and type rules. GenSense works at a higher level called the Abstract Syntax Tree, or AST, a structured representation of code that lets tools analyze meaning and logic rather than just spelling and grammar. The problems it catches include async code that could deadlock, where a function locks a resource and then waits on something else, causing the program to freeze, placeholder code left in accidentally such as todo! or unimplemented! calls that will crash in production, hardcoded secrets, API keys, or environment URLs committed to the repository, and patterns typical of AI-generated code that passes tests but fails in real use, such as assertions that are always true or error handlers that silently return a default value instead of reporting the problem. GenSense supports Rust and TypeScript/JavaScript, both stable, and Solidity in beta. You can run it as a command-line tool, use it from a Node.js program, or embed it as a Rust library. Custom rules can be written in YAML files, with no Rust knowledge or recompilation required. Results can be exported as JSON or SARIF, a standard format used by security and CI tools. A strict mode exits with an error code so automated pipelines can block a build when findings are detected. Findings can also be suppressed with an inline comment above a flagged line or through a project-level suppression file, and the tool includes commands for filtering by severity, listing the active rule catalog, and generating documentation for the rules in use. This would be useful to developers and teams who want to catch logic bugs, security oversights, or low-quality AI-generated code before it reaches production. The project is released under the MIT license.
A semantic code analysis tool that reads a project's AST to catch deadlocks, leaked secrets, and low-quality AI-generated code that linters miss.
Mainly TypeScript. The stack also includes Rust, TypeScript, Node.js.
Use freely for any purpose, including commercial use, as long as you keep the copyright notice.
Setup difficulty is rated easy, with roughly 5min to a first successful run.
Mainly developer.
This repo across BitVibe Labs
Verify against the repo before relying on details.