GO analysis for security


The security rules for GO language are two only. Would there be more or can rules be added?


Hello @Chew_Thiam_Soon,

We’re about to close a 18-24 months LTS cycle, meaning that a new (8.x) LTS will be elected soon.
It’s pretty certain that there will be no additional security rules for Go before this LTS (ie before end of this Q1’2021).
Once the LTS is released will go through a large planning of the objectives of the next LTS cycle (9.x) and at this stage we’ll revisit for which languages we intend to strengthen our security ruleset.

So I think your question comes a bit early. Nothing will happen before Q2 this year. It would be good to ask again in may or june.

In the mean time, be aware that you can complement SonarGo rules with 3rd party linters such as GoLint, GoVet, Golang-CI-lint and gometalinter. See https://docs.sonarqube.org/latest/analysis/external-issues/


Thanks for the reply. I will look to your suggestions on complementing SonarGo Rules. Thanks.