G103
Security
High
Use of unsafe calls should be audited.
BACK TO LIST
Go rules
Go is a very powerful language that makes you write performant code while having a lot of verification. Still, developers can make issues. Thankfully, the Codiga Static Code Analysis engine checks your Go code and flags the most important issues.
G304
Best practice
High
Potential file inclusion via variable
G306
Security
High
Expect WriteFile permissions to be 0600 or less
G307
Security
Medium
Deferring unsafe method "Close" on type "*os.File"
G401
Security
High
Use of weak cryptographic primitive
G402
Best practice
Critical
TLS InsecureSkipVerify set true.
G501
Security
High
Blocklisted import crypto/md5: weak cryptographic primitive
G204
Security
High
Subprocess launched with variable
G302
Security
High
Expect file permissions to be 0600 or less
SA1019
Best practice
High
strings.Title has been deprecated since Go 1.18. Use golang.org/x/text/cases instead.
SA4006
Error prone
Minor
Value never used
SA9008
Error prone
Medium
Value refers to the result of a failed type assertion and is a zero value, not the value that was being type-asserted.
ST1005
Best practice
Medium
Error string should not be capitalized
U1000
Design
Medium
Unused field.
S1005
Best practice
Medium
Unnecessary assignment to the blank identifier
G101
Security
Critical
Hardcoded credentials
G102
Security
High
Bind to all interfaces
G104
Security
High
Audit errors not checked
G107
Security
High
Url provided to HTTP request as taint input
G201
Security
Critical
SQL query construction using format string/string concatenation
G202
Security
Critical
SQL query construction using format string/string concatenation
G108
Security
Medium
Profiling endpoint is automatically exposed on /debug/pprof
G301
Security
High
Expect directory permissions to be 0750 or less
G505
Best practice
High
Weak crypto primitive
revive/exported
Design
Minor
exported function should have comment or be unexported
revive/var-declaration
Best practice
Medium
should omit type string from declaration of var
G502
Security
High
Blocklisted import crypto/des: weak cryptographic primitive
G305
Security
Medium
File traversal when extracting zip/tar archive