1 gosec - Golang Security Checker
Inspects source code for security problems by scanning the Go AST.
Selecting rules
By default, gosec will run all rules against the supplied file paths. It is however possible to select a subset of rules to run via the-include=flag, or to specify a set of rules to explicitly exclude using the -exclude=flag.
#Run a specific set of rules
$ gosec -include=G101,G203,G401 ./...
#Run everything except for rule G303
$ gosec -exclude=G303 ./...
Excluding test files and folders 排除测试文件和文件夹
使用
我们可以将Gosec配置为仅运行某个规则子集,如排除某些文件路径,生成不同格式的报告等。在默认情况下,Gosec将对提供的输入文件运行所有规则。要从当前目录递归扫描,你可以提供’./…’ 作为输入参数。
选择规则
默认情况下,gosec将针对提供的文件路径运行所有规则。但如果你要指定运行某个规则,则可以使用 ‘-include=’ 参数,或者你也可以使用 ‘-exclude=’来排除那些你不想运行的规则。
注释代码
与所有自动检测工具一样,gosec也会出现误报的情况