This repo is holding Semgrep patterns for finding possibly problematic code.
To run individual semgrep rule on the current Go project:
semgrep -f rule.yml .
To run all included semgrep rules on the current Go project:
semgrep -f path/to/semgrep-go/ .
To make Semgrep skip over some files (ie. go-swagger or some other auto-generated files), use either .semgrepignore
or .gitignore
.
json-without-jsoniter
: check for stdlib jsonMarshal()
orUnmarshal()
use without jsonitererr-overwrite.yml
: check if err is being overwritten in Go routines without shadow declarations