gokart
« Back to VersTracker
Description:
Static code analysis for securing Go code
Type: Formula  |  Tracked Since: Dec 28, 2025
Links: Homepage  |  formulae.brew.sh
Category: Security
Tags: golang security static-analysis devsecops sast
Install: brew install gokart
About:
Gokart is a static analysis tool specifically designed for Go to identify security vulnerabilities. It scans code to find issues like SQL injection, command injection, and improper error handling by tracking tainted data flow. The tool provides actionable remediation advice to help developers secure their Go applications early in the development cycle.
Key Features:
  • Taint analysis for tracking untrusted data
  • Detection of common Go vulnerabilities (SQLi, RCE, etc.)
  • Actionable remediation guidance
  • Low false-positive rate
  • Fast scanning performance
Use Cases:
  • CI/CD pipeline integration for security checks
  • Auditing legacy Go codebases for vulnerabilities
  • Developer pre-commit security validation
Alternatives:
  • gosec – Gokart focuses on taint analysis for deeper context, whereas gosec uses general heuristics
  • SonarQube – Gokart is Go-specific and lightweight compared to the comprehensive but heavier SonarQube platform
Version History
Detected Version Rev Change Commit
Sep 14, 2024 8:34pm 0 VERSION_BUMP 05f608c5
« Back to VersTracker  |  Browse Packages  |  About