SonarSource provides static code analysis for HTML and JSF/JSP. Based on our own technology, it analyzes HTML code to find Code Smells, Bugs, and Security Vulnerabilities. As with everything we develop at SonarSource, it was built on the principles of depth, accuracy, and speed.

This capability is available in Eclipse, IntelliJ IDEA and VS Code for developers (SonarLint) as well as throughout the development chain for automated code review with self-hosted SonarQube or cloud-based SonarCloud.