You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I was thinking about making tool to check if package makes any syscalls. There are many simple util libraries for parsing, collections helpers etc. Such libraries should not make any syscalls for network or file access.
What do you think about adding this optional check to gosec for static syscalls analysis.
gosec -include=Gxxx github.com/badoux/checkmail
Example output
syscall.SOCK_STREAM made by net.DialTimeout in checkmail.go:106
The text was updated successfully, but these errors were encountered:
I was thinking about making tool to check if package makes any syscalls. There are many simple util libraries for parsing, collections helpers etc. Such libraries should not make any syscalls for network or file access.
What do you think about adding this optional check to gosec for static syscalls analysis.
Example output
The text was updated successfully, but these errors were encountered: