At Microsoft SharePoint Online, as a part of the validation and verification process, a tool is used: MSOCAF.
“MSOCAF analysis executes a set of rules against the custom solutions, prior to submission for deployment approval into the pre-production and production environments. The MSOCAF application is built using an extensible framework so that the SharePoint Online engineering team can add new rules and/or plug-ins in the future. Code analysis within MSOCAF focuses on areas like memory management, security vulnerabilities, exception management, object model usage, quality gates for unsupported features and reporting. The framework leverages existing tools like FxCop, CAT.Net, and SPDisposeCheck to analyze custom solutions. “
Now you can use it yourself too!