sqlvet VS gosec

Compare sqlvet vs gosec and see what are their differences.


Go fearless SQL. Sqlvet performs static analysis on raw SQL queries in your Go code base. (by houqp)
Our great sponsors
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • WorkOS - The modern identity platform for B2B SaaS
  • SaaSHub - Software Alternatives and Reviews
sqlvet gosec
1 19
485 7,441
- 1.4%
3.6 8.8
15 days ago 16 days ago
Go Go
MIT License Apache License 2.0
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.


Posts with mentions or reviews of sqlvet. We have used some of these posts to build our list of alternatives and similar projects.
  • Enabling static analysis of SQL queries at Meta
    1 project | /r/programming | 6 Feb 2023
    I found a linter in go for sql https://github.com/houqp/sqlvet that uses the postgres front end to evaluate queries for syntactic errors and potential sql injection a while back and I now find even more confidence in my opinion that ORM is a waste of time.


Posts with mentions or reviews of gosec. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-08-31.

What are some alternatives?

When comparing sqlvet and gosec you can also consider the following projects:

go-ssaviz - Visualize Go SSA function using Graphviz

golangci-lint - Fast linters Runner for Go

gokart - A static analysis tool for securing Go code

go-tools - Staticcheck - The advanced Go linter

pre-commit-golang - Pre-commit hooks for Golang with support for monorepos, the ability to pass arguments and environment variables to all hooks, and the ability to invoke custom go tools.

docker-bench-security - The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.

rustsec - RustSec API & Tooling

gokart-action - Integrate GoKart security static analysis to GitHub Actions

golang-standards/project-layout - Standard Go Project Layout

envchain - Environment variables meet macOS Keychain and gnome-keyring <3

linters - a community wiki for improving code quality

flake8-bandit - Automated security testing using bandit and flake8.