gokart
gokart copied to clipboard
praetorian-inc
A static analysis tool for securing Go code
According to https://pkg.go.dev/golang.org/x/tools/go/analysis#Analyzer: ```go type Analyzer struct { // ... // Run applies the analyzer to a package. // It returns an error if the analyzer failed. // // On...
This change declares each of the analyzers in the analyzers package to have a result type of `[]github.com/praetorian-inc/gokart/util.Finding`. A test has also been included that runs a minimal `*analysis.Pass` through...
If you run ```gokart scan``` on go 1.18 projects, you get an error: ```internal error: package "time" without types was imported from "github.com/Omaze/cl-sweeps-api/internal/common"``` We need to have a 1.18 build...
FYI, I have [filed a PR](https://github.com/Homebrew/homebrew-core/pull/102000) to include homebrew support for this project.
When I scan a repo using Go 1.18 generics, gokart panics with the message: `zeroConst: unexpected T`. For reference, the only function in the repo using generics is as follows:...
After reading the readme doc, I'm wondering that how to config a custom taint tracking or data flow analysis. For example, I hope to config some "source pattern" and "sink...
configPath recieved from flag, Am i doing something wrong? ```go clean := filepath.Clean(configPath) file, err := os.Open(clean) ```
Metadata
Owner
Metadata
A static analysis tool for securing Go code