gosec
Inspecting source code for security problems by scanning the Go AST. Rules can be found on the tool’s Github page. Unfortunately, the recursive scan is not yet available on this platform, but it’s going to be implemented in the future.
Details
Category: Static Code Analysis
Publisher: trickest
Created Date: 6/23/2021
Container: quay.io/trickest/gosec:v2.7.0
Source URL: https://github.com/securego/gosec
Parameters
Command:
-tags - Comma separated list of build tags.Command:
-nosec - Ignores #nosec comments when set.Command:
-quiet - Only show output when errors are found.Command:
-tests - Scan tests files.Command:
Command:
-exclude - Comma separated list of rules IDs to exclude (rule list can be viewed on tool's Github page).Command:
-include - Comma separated list of rules IDs to include (rule list can be viewed on tool's Github page).Command:
-no-fail - Do not fail the scanning, even if issues were found.Command:
-severity - Filter out the issues with a lower severity than the given value. Valid options are: low, medium, high (default: low).Command:
-nosec-tag - Set an alternative string for #nosec. Some examples: #dontanalyze, #falsepositive.Command:
-confidence - Filter out the issues with a lower confidence than the given value. Valid options are: low, medium, high (default: low).Command:
-conf - Optional config file.Command:
-exclude-dir - Exclude folder from scan (can be specified multiple times).Command:
-fmt - Set output format. Valid options are: json, yaml, csv, junit-xml, html, sonarqube, golint, sarif or text (default: text).