Add static code and dependency analysis in pipeline

Several options for each:

Static analysis:
Checkmarx (https://www.checkmarx.com/)
Gosec GAS (http://github.com/GoASTScanner/gas)
Go-staticcheck (https://github.com/dominikh/go-tools/tree/master/cmd/staticcheck)
SonarQube (https://github.com/SonarSource/sonarqube)
SideCi (https://sider.review)

Dependency analysis:
SideCi (https://sider.review)
Nancy (https://github.com/sonatype-nexus-community/nancy)
Snyk (https://snyk.io)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Add static code and dependency analysis in pipeline #70

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Add static code and dependency analysis in pipeline #70

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions