A project devoted to secure programming in the Go language. Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with the License. You can integrate third-party code analysis tools with GitHub code scanning by uploading data as SARIF files. The workflow shows an example of running the gosec as a step in a GitHub action workflow that outputs the results.sarif file. The workflow then uploads the results.sarif file to GitHub using the upload-serif action. Gosec can be configured to only run a subset of rules, to exclude certain file paths, and produce reports in different formats. By default, all rules will be run against the supplied input files.

Features

  • CI Installation
  • You can run gosec as a GitHub action
  • Integrate with code scanning
  • Gosec can be configured to only run a subset of rules
  • Exclude certain file paths
  • Produce reports in different formats

Project Samples

gosec Screenshot 1

Project Activity

See All Activity >

Categories

Static Code Analysis

License

Apache License V2.0

Follow gosec

gosec Web Site

You Might Also Like
Intelligent network automation for businesses and organizations Icon
Intelligent network automation for businesses and organizations

Network automation for the hybrid multi-cloud era

BackBox seamlessly integrates with network monitoring and NetOps platforms and automates configuration backups, restores, and change detection. BackBox also provides before and after config diffs for change management, and automated remediation of discovered network security issues.
Get a Free Trial
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of gosec!

Additional Project Details

Programming Language

Go

Related Categories

Go Static Code Analysis Tool

Registered

2023-03-30
Report inappropriate content