blob: c398132e8104e8473b8a6d8cb5e1f000fcb8bb62 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
# Tool to find dangerous imports in go code
The tool checks for imports for a given `go.mod` file that
- uses `unsafe`
- uses cgo
- import `/net/http/pprof`
The checks are performed transitively, following dependencies.
# Parameters
```
Usage of ./goosebumps:
-cc
check for imports of cgo
-ci
check for implementations of init()
-cp
check for imports of net/http/pprof
-cu
check for imports of unsafe
-exempt string
domains exempt from the search, seperated by space (default "golang.org")
-mod string
go.mod file (default "go.mod")
-modcache string
location of go mod cache (default "$GOROOT/pkg/mod")
```
|
