Created attachment 227783 [details]
devel/gokart: Static analysis tool for securing Go code
Straightforward GO_MODULES port.
Tested with Poudriere on armv7 arm64 i386 amd64 FreeBSD 13.0-RELEASE.
GoKart is a static analysis tool for Go that finds vulnerabilities using
the SSA (single static assignment) form of Go source code. It is
capable of tracing the source of variables and function arguments to
determine whether input sources are safe, which reduces the number of
false positives compared to other Go security scanners. For instance, a
SQL query that is concatenated with a variable might traditionally be
flagged as SQL injection; however, GoKart can figure out if the variable
is actually a constant or constant equivalent, in which case there is no
*** This bug has been marked as a duplicate of bug 257942 ***