5 个仓库
Tools that perform static analysis across Go source files, including interfile analysis, to detect security vulnerabilities.
Distinct from Source Code Vulnerability Scanning: Distinct from Source Code Vulnerability Scanning: focuses specifically on the Go ecosystem.
Explore 5 awesome GitHub repositories matching security & cryptography · Go Source Code Analyzers. Refine with filters or upvote what's useful.
Revive is a configurable static analysis linter and code quality tool for Go. It analyzes source code to detect common coding mistakes, identify style violations, and enforce language standards without executing the program. The project functions as both a command line tool and an embeddable analysis engine. This allows the core linting logic to be integrated as a library into other Go applications for programmatic code inspection. The tool supports custom rule sets and severity levels managed through a structured configuration file. It provides capabilities for suppressing specific warnings
Performs static analysis on Go source files to detect mistakes and enforce style standards.
The Snyk CLI is a command-line security scanner that detects known vulnerabilities across open-source dependencies, proprietary application code, container images, and infrastructure-as-code configuration files. It also serves as a platform management tool, allowing users to configure organizations, users, SSO, and reporting from the terminal rather than the web dashboard. The CLI integrates directly into development workflows, enabling scanning within IDEs, build pipelines, and version control systems. It implements static analysis with interfile data flow analysis to find complex security f
Performs static analysis across Go source files, including interfile analysis, to detect security vulnerabilities.
gocode 是一个用于 Go 语言的语言服务器后端和自动补全守护进程。它作为一个静态代码分析器和符号索引器,为文本编辑器提供实时的标识符和符号建议。 该项目利用客户端-服务器守护进程架构来维护一个持久的后台进程,避免了为每个请求重新加载包元数据的开销。它采用两级元数据缓存系统,并解析已编译的包二进制文件,以实现快速的符号查找和声明检索。 该系统涵盖了广泛的功能领域,包括针对成员字段、函数签名和变量的上下文敏感自动补全,以及自动代码格式化。它管理词法作用域跟踪和递归符号解析,以确保准确的类型和变量补全。 管理工具允许进行守护进程配置管理、状态控制以及带有详细日志记录的调试模式,以监控后台进程。
Operates as a background process analyzing Go source and binaries to provide real-time symbol suggestions.
This is a static analysis linter and code quality tool for Go. It analyzes source code to identify common coding errors, style mistakes, and inconsistencies with language conventions. The tool is designed for integration with text editors and integrated development environments, exporting linting results in formats that support quickfix menus. Its capabilities include Go static analysis and source code quality assurance across files and packages. The system utilizes a static analysis pipeline and rule-based pattern matching to identify structural patterns that violate predefined coding stand
Analyzes Go source code to identify style mistakes and ensure adherence to language conventions.
Nilaway is a static analysis tool and linter plugin for Go designed to identify potential nil pointer dereferences in source code to prevent runtime panics. It functions as an inter-procedural pointer analyzer that tracks data flow across functions and packages to detect memory safety issues. The tool differentiates itself by tracking pointer states through anonymous functions, closures, and struct initializations. It employs a pointer analysis framework that monitors how values flow through a program to determine if a variable is safe to dereference at a specific point. The analyzer can be
Analyzes Go source code to detect potential nil pointer dereferences.