Add static code and dependency analysis in pipeline · Issue #70 · BBVA/kapow · GitHub

8000 Add static code and dependency analysis in pipeline · Issue #70 · BBVA/kapow · GitHub

More Web Proxy on the site http://driver.im/

Add static code and dependency analysis in pipeline #70

Open

Open

Add static code and dependency analysis in pipeline#70

Labels

Milestone

Several options for each:

Static analysis:
Checkmarx (https://www.checkmarx.com/)
Gosec GAS (http://github.com/GoASTScanner/gas)
Go-staticcheck (https://github.com/dominikh/go-tools/tree/master/cmd/staticcheck)
SonarQube (https://github.com/SonarSource/sonarqube)
SideCi (https://sider.review)

Dependency analysis:
SideCi (https://sider.review)
Nancy (https://github.com/sonatype-nexus-community/nancy)
Snyk (https://snyk.io)

Metadata

Assignees

No 3DD0 one assigned

Labels

Type

No type

Projects

No projects

Milestone

Backlog InboxNo due date

Relationships

None yet

Development

No branches or pull requests

0