You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
It seems that go vet is commonly used by go projects and it claims to statically analysis the code. I'd like to know if it could be considered a SAST tool and perhaps its use be identified by Scorecard tool.
Describe the solution you'd like
Understand whether go vet is indeed a SAST tool and if it can be identified by the Scorecard tool. To run, it seems they just use the go vet command or by running go test with go version >= 1.10.0.
Example:
Describe alternatives you've considered
None.
Additional context
Codeql also covers Go projects, so this go vet would be another option for the maintainers to choose.
The text was updated successfully, but these errors were encountered:
Can you add this to a comment to #2318? I think you can close the issue afterwards, since the other issue consolidates all the SAST tool for every language. Thanks!
Is your feature request related to a problem? Please describe.
It seems that go vet is commonly used by go projects and it claims to statically analysis the code. I'd like to know if it could be considered a SAST tool and perhaps its use be identified by Scorecard tool.
Describe the solution you'd like
Understand whether go vet is indeed a SAST tool and if it can be identified by the Scorecard tool. To run, it seems they just use the
go vet
command or by runninggo test
with go version >= 1.10.0.Example:
Describe alternatives you've considered
None.
Additional context
Codeql also covers Go projects, so this go vet would be another option for the maintainers to choose.
The text was updated successfully, but these errors were encountered: