The OWASP SonarQube project aims to provide open source SAST using the existing open source solutions. SonarQube is one of the world’s most popular continuous code quality tools and it's actively used by many developers and companies.
How to use:
docker pull owasp/sonarqube docker run -d -p 9000:9000 -p 9092:9092 owasp/sonarqube
Open your favorite browser, navigate to http://localhost:9000