Feature: Consider go vet a SAST tool #3128

joycebrum · 2023-06-06T16:15:42Z

Is your feature request related to a problem? Please describe.
It seems that go vet is commonly used by go projects and it claims to statically analysis the code. I'd like to know if it could be considered a SAST tool and perhaps its use be identified by Scorecard tool.

Describe the solution you'd like
Understand whether go vet is indeed a SAST tool and if it can be identified by the Scorecard tool. To run, it seems they just use the go vet command or by running go test with go version >= 1.10.0.

Example:

Describe alternatives you've considered
None.

Additional context
Codeql also covers Go projects, so this go vet would be another option for the maintainers to choose.

The text was updated successfully, but these errors were encountered:

laurentsimon · 2023-06-30T20:27:23Z

Can you add this to a comment to #2318? I think you can close the issue afterwards, since the other issue consolidates all the SAST tool for every language. Thanks!

joycebrum added the kind/enhancement New feature or request label Jun 6, 2023

joycebrum changed the title ~~✨ Consider go vet a SAST tool~~ Consider go vet a SAST tool Jun 6, 2023

joycebrum changed the title ~~Consider go vet a SAST tool~~ Feature: Consider go vet a SAST tool Jun 6, 2023

naveensrinivasan added the check/SAST label Jun 14, 2023

joycebrum mentioned this issue Jul 7, 2023

Add more options for SAST tools #2318

Open

joycebrum closed this as completed Jul 7, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Feature: Consider go vet a SAST tool #3128

Feature: Consider go vet a SAST tool #3128

joycebrum commented Jun 6, 2023

laurentsimon commented Jun 30, 2023

Feature: Consider go vet a SAST tool #3128

Feature: Consider go vet a SAST tool #3128

Comments

joycebrum commented Jun 6, 2023

laurentsimon commented Jun 30, 2023