ShiftLeft supports analyzing Go projects using ShiftLeft Inspect, and investigating your Golang applications using ShiftLeft Ocular.
You can analyze and investigate only Go source code (not compiled applications). And a fully working build environment with Go 1.12 or newer for the target project is required.
After installing the ShiftLeft Command Line Interface (CLI) and authenticating, use the following command to analyze your Golang application with ShiftLeft Inspect
sl analyze --app <name> --go [<path>]
--app <name> analyze the application of
--go identity of the application's language.
<path> location of the
.go file to be analyzed.
After installing the ShiftLeft Command Line Interface (CLI), authenticating and starting ShiftLeft Ocular, create the Code Property Graph (CPG) for your Golang application using
ocular> createCpg(List (<inputPath>), "GOLANG")
<inputPath> is the path of the target application. For Golang, the path is the package or a package specifier that includes all of the subprojects, using the same arguments you would pass in a
go build command. For example