SaaSHub helps you find the best software and product alternatives Learn more →
Gosec Alternatives
Similar projects and alternatives to gosec
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
Clippy
A bunch of lints to catch common mistakes and improve your Rust code. Book: https://doc.rust-lang.org/clippy/
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
semgrep
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
-
casbin
An authorization library that supports access control models like ACL, RBAC, ABAC in Golang: https://discord.gg/S5UjpzGZjN
-
docker-bench-security
The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.
-
pre-commit-golang
Pre-commit hooks for Golang with support for monorepos, the ability to pass arguments and environment variables to all hooks, and the ability to invoke custom go tools.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
gosec reviews and mentions
-
Secure Randomness in Go 1.22
For those unaware, gosec (and by extension golangci-lint) will warn about uses of `math/rand`
https://github.com/securego/gosec/blob/d3b2359ae29fe344f4df5...
-
Top 10 Snyk Alternatives for Code Security
6. Gosec
-
Safety in Go
You can (and definitely should!) also use gosec.
-
We have getrandom at home
The crypto source in Go is great, no complaints there. Lints like gosec even recommend using it when generating crypto entropy. Go did a good job here, and I expect Rust will do the same sometime after getrandom reaches 1.0 so the API questions are settled, plus whatever makes sense for the future-proofing the standard library needs.
-
any open source that checks security vulnerabilities in code?
i think there's https://github.com/securego/gosec linter
-
Goast: Generic static analysis for Go Abstract Syntax Tree by OPA/Rego
Various static analysis tools are available for the Go language, and existing static analysis tools can check general best practices. For example, gosec is a tool to check secure Go coding, and I use it myself. However, coding rules in software development are not only based on best practices, but can also be software- or team-specific. For example
-
Vulnerability Management for Go
What's the difference between this a https://github.com/securego/gosec?
-
Github template for Golang services
A github actions workflow is provided to run go fmt, vet, test and gosec. An initial configuration for dependabot is also provided.
- gosec
-
What tools exists, or you recommend, for code review, quality and/or security review
Besides what was mentioned, we use : staticcheck.io and https://github.com/securego/gosec
-
A note from our sponsor - SaaSHub
www.saashub.com | 17 May 2024
Stats
securego/gosec is an open source project licensed under Apache License 2.0 which is an OSI approved license.
The primary programming language of gosec is Go.
Sponsored