Go Scans

Open-source Go projects categorized as Scans
Edit details
Topics: #Security #DevOps #Infrastructure #Kubernetes #AWS
Clean code begins in your IDE with SonarLint
Up your coding game and discover issues early. SonarLint is a free plugin that helps you find & fix bugs and security issues from the moment you start writing code. Install from your favorite IDE marketplace today.
www.sonarlint.org
Sponsored

Top 3 Go Scan Projects

  • terrascan

    Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

    Project mention: How are you securing your Azure DevOps IaC pipelines? | /r/AZURE | 2023-05-26

    Terrascan could also be useful : https://github.com/tenable/terrascan

  • talisman

    Using a pre-commit hook, Talisman validates the outgoing changeset for things that look suspicious — such as tokens, passwords, and private keys.

    Project mention: Detecting Secrets in Git Repositories | /r/kubernetes | 2023-07-07

    It's been a while since I looked, but pre-commit hooks (like talisman) would be the only way to prevent secrets from being committed/pushed. Server-side hooks are generally not supported on hosted repos (e.g. github, azure devops) since it's basically arbitrary code execution from the host's perspective.

  • SonarLint

    Clean code begins in your IDE with SonarLint. Up your coding game and discover issues early. SonarLint is a free plugin that helps you find & fix bugs and security issues from the moment you start writing code. Install from your favorite IDE marketplace today.

  • go-agent

    Sqreen's Application Security Management for the Go language

    Project mention: Aspect-Oriented Programming | news.ycombinator.com | 2023-06-14

    As with all things, it is a tool to be used wisely, and refrain from seeing everything as a nail when you have this hammer.

    It is notably extremely useful as a concept for instrumenting software, which is exactly what e.g APMs are doing.

    (disclaimer: I used to work at Sqreen, now work at Datadog)

    Short of having first class support for AOP we're left implementing our own solutions to hook and instrument on various languages.

    Some examples:

    https://github.com/DataDog/datadog-instrumentation-gateway-r...

    https://github.com/sqreen/go-agent/blob/master/doc/instrumen...

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2023-07-07.

Go Scans related posts

Index

What are some of the best open-source Scan projects in Go? This list will help you:

Project Stars
1 terrascan 4,218
2 talisman 1,756
3 go-agent 185

Sponsored
Updating dependencies is time-consuming.
Solutions like Dependabot or Renovate update but don't merge dependencies. You need to do it manually while it could be fully automated! Add a Merge Queue to your workflow and stop caring about PR management & merging. Try Mergify for free.
blog.mergify.com