gosec
Inspecting source code for security problems by scanning the Go AST. Rules can be found on the tool’s Github page. Unfortunately, the recursive scan is not yet available on this platform, but it’s going to be implemented in the future.
Details
Category: Static Code Analysis
Publisher: trickest
Created Date: 6/23/2021
Container: quay.io/trickest/gosec:v2.7.0
Source URL: https://github.com/securego/gosec
Parameters
tags
string
Command:
-tags - Comma separated list of build tags.nosec
boolean
Command:
-nosec - Ignores #nosec comments when set.quiet
boolean
Command:
-quiet - Only show output when errors are found.tests
boolean
Command:
-tests - Scan tests files.target
folder
requiredCommand:
exclude
string
Command:
-exclude - Comma separated list of rules IDs to exclude (rule list can be viewed on tool's Github page).include
string
Command:
-include - Comma separated list of rules IDs to include (rule list can be viewed on tool's Github page).no-fail
boolean
Command:
-no-fail - Do not fail the scanning, even if issues were found.severity
string
Command:
-severity - Filter out the issues with a lower severity than the given value. Valid options are: low, medium, high (default: low).nosec-tag
string
Command:
-nosec-tag - Set an alternative string for #nosec. Some examples: #dontanalyze, #falsepositive.confidence
string
Command:
-confidence - Filter out the issues with a lower confidence than the given value. Valid options are: low, medium, high (default: low).config-file
file
Command:
-conf - Optional config file.exclude-dir
string
Command:
-exclude-dir - Exclude folder from scan (can be specified multiple times).output-format
string
Command:
-fmt - Set output format. Valid options are: json, yaml, csv, junit-xml, html, sonarqube, golint, sarif or text (default: text).