Most of the non-compliant Go SQL code I see is actually abuse of templates, rather than string joins. We should show non-compliance via templating as well, so that developers do not think that templating can necessarily save them here.

Hi @lojikil,
Can you please provide an example of it?

Cheers,
Paulo A. Silva

By "abuse of templates" do you mean stuff like:

rows, err := db.Query(fmt.Sprintf("SELECT * FROM user WHERE id = %s", id))

@lojikil would you like to open a Pull Request?

Cheers,
Paulo A. Silva