ineffectual assignment to golang lint

go初学踩坑：ineffectual assignment to 变量 (ineffassign)错误

最近在写一些go的代码，在写到一个一行代码的时候，突然出现了这么一个错误：

其中content是我的一个变量，我的代码如下：

这里使用了 :=赋值，我却出现了这个报错，一直没能去掉，后来发现，这应该是go强制的一个要求，必须我要对这些变量做处理使用，这个奇怪的报错才能去掉，如下：

主要是我go的代码写得太少，才会出现这种google上人家都赖得问的问题。。在这里记录下来也是为了给自己一个提醒，希望下次不要再犯。

“相关推荐”对你有帮助么？

请填写红包祝福语或标题

1.余额是钱包充值的虚拟货币，按照1:1的比例进行支付金额的抵扣。 2.余额无法直接购买下载，可以购买VIP、付费专栏及课程。

Advisory boards aren’t only for executives. Join the LogRocket Content Advisory Board today →

• Product Management
• Solve User-Reported Issues
• Find Issues Faster
• Optimize Conversion and Adoption
• Start Monitoring for Free

Linting Go programs: A guide to improving code quality

Using linters improves readability by highlighting problems before they are executed, and it helps with the standardization of your codebase. A good linter has configuration settings that help to lessen warnings for rules you don’t care about, making code easier to comprehend, modify, and maintain.

In this article, we’ll be learning more about linting through these topics:

Setting up a project with revive

Suppressing linting errors with revive, setting up configurations for linters, setting up linting in code editors, exploring the go vet command, alternative packages for linting in go.

golint has been the most widely used linter for Go over the years. Unfortunately, it is now officially deprecated and archived. The issue with golint is that it doesn’t offer any configuration options and always applies all the rules, which leads to warnings for rules you don’t care about. In this article, we’ll use the revive package as well as exploring alternative go linting packages.

Conversely, revive is a fast, configurable, extensible, adaptable, and beautiful linter for Go. It serves as golint’s drop-in replacement.

Here’s how revive is different from golint:

• Allows us to enable or disable rules using a configuration file
• Allows us to configure the linting rules with a TOML file
• Is two times faster running the same rules as golint
• Provides functionality for disabling a specific rule or the entire linter for a file or a range of lines (golint allows this only for generated files)
• Optional type checking. Most rules in golint do not require type checking. If you disable them in the config file, revive will run over six times faster than golint
• Provides multiple formatters that let us customize the output
• Allows us to customize the return code for the entire linter or based on the failure of only some rules
• Everyone can extend it easily with custom rules or formatters
• revive provides more rules compared to golint

Open a terminal and create a project folder. Navigate to the project folder and run the following command to start a new project:

Navigate to your Go project and run the following command to install the revive linter package:

Create a main.go file and add the following code snippet to the main.go file:

Now, run the revive command on the project terminal and you should get the following report:

In Go, the first letter of an exported function is usually an uppercase. A properly documented codebase requires that exported functions be commented with a brief overview of the function’s purpose, so everyone can understand what it does. Now we can see how the revive package helps us write well-documented code.

Now, let’s add some comments to these functions:

Execute the revive command and you should have the following report:

Revive tells us that our comment should begin with the name of our exported functions for a properly documented codebase.

Let’s change our comments to the following:

With this, execute the revive command and you should have no report.

Sometimes, it’s necessary to disable specific linting issues that appear in a file or package. Both comments and exclusion rules in the configuration file can be used to do this. Let’s examine each strategy in turn.

The comments strategy comes in handy when you want to disable warnings for a certain section of code but still want to apply the rule to other parts of the project.

Here is how to disable specific linting issues using comments:

The syntax for this is revive , followed by a colon, then disable . If desired, add another colon followed by the name of a linter rule.

This is one amazing feature of the revive linter package that address the major challenge with the popular golint linter package.

Let’s see how to configure the revive linter package to disable some linting rules in order to reduce unnecessary warnings.

Add a file named revive.toml to the project folder with the default revive configuration :

Now, remove all comments and run the following command to use the linter with the configuration file:

To disable any of these rules, you can either remove them or add # before the specified rule as follows:

Some code editors support linting code automatically; Visual Studio Code is one of them.

Over 200k developers use LogRocket to create better digital experiences

Let’s see how to set up the revive linter in Visual Studio Code.

Open VS Code and install the go extension for VS Code. Then, select the File tab > Preferences > Settings and add go.lint to the search field and select revive in the Go: Lint Tool section.

The default Go linter for Visual Studio Code is staticcheck .

In contrast to linters, the go vet command identifies code that compiles but probably won’t perform as intended.

Let’s consider a common self assignment bug in our Golang code. Update main.go file as follows:

The above code will compile even with this bug. Executing the revive linter command won’t report any issue concerning this bug. This is where the go vet command comes in handy.

Run the go vet command and you should have the following result instead:

If revive isn’t your preference, here is a list of Go linters that have been built and maintained by the community.

golangci-lint

golangci-lint is a fast Go linters runner. It integrates with every major IDE, employs caching, enables YAML configuration, executes linters in parallel, and comes with a large number of linters.

staticcheck

staticcheck is a cutting-edge Go programming language linter. It employs static analysis to identify bugs and performance problems, provide simplifications, and enforce style guidelines.

Go takes documentation seriously because the easier it is for developers to produce good documentation, the better for everyone.

In this article, we’ve explored linting in Golang, my preferred linting package, and alternative packages for linting in Go. I hope you’ll like working with revive!

More great articles from LogRocket:

• Don't miss a moment with The Replay , a curated newsletter from LogRocket
• Learn how LogRocket's Galileo cuts through the noise to proactively resolve issues in your app
• Use React's useEffect to optimize your application's performance
• Switch between multiple versions of Node
• Discover how to use the React children prop with TypeScript
• Explore creating a custom mouse cursor with CSS
• Advisory boards aren’t just for executives. Join LogRocket’s Content Advisory Board. You’ll help inform the type of content we create and get access to exclusive meetups, social accreditation, and swag.

Get set up with LogRocket's modern error tracking in minutes:

• Visit https://logrocket.com/signup/ to get an app ID

Install LogRocket via npm or script tag. LogRocket.init() must be called client-side, not server-side

Share this:

• Click to share on Twitter (Opens in new window)
• Click to share on Reddit (Opens in new window)
• Click to share on LinkedIn (Opens in new window)
• Click to share on Facebook (Opens in new window)

Stop guessing about your digital experience with LogRocket

Recent posts:.

Getting started with NativeWind: Tailwind for React Native

Explore the integration of Tailwind CSS with React Native through NativeWind for responsive mobile design.

Developing a cross-platform TV app with React Native

The react-tv-space-navigation library offers a comprehensive solution for developing a cross-platform TV app with React Native.

Essential tools for implementing React panel layouts

Explore some of the best tools in the React ecosystem for creating dynamic panel layouts, including react-resizable-layout and react-resizable-panels.

Understanding control flow syntax in Angular 17

Control flow syntax provides a new, more intuitive way of doing things in Angular. Explore how to use control flow syntax in your projects.

Leave a Reply Cancel reply

Two linters I'll always add to new Go projects: errcheck and ineffassign

Jul 17, 2020

The reason for that is that they are the best bang for your buck by far. They are easy to appease, I have yet to see them produce false positives, they very frequently catch outright buggy code and retrofitting them is a pain.

ineffassign

This is the sort of thing that ineffassign prevents:

This is perfectly valid code, and will write garbage sometimes, without any indication whatsoever. Yes, Go does refuse to compile code like this

because data is not used, but declaring a variable and then immediately overwriting its value is perfectly legal and almost never what you want. At best the variable was never needed, in which case a _ is a good way to signal it, or it was meant to be used and ineffassign found a bug.

I’ve seen this pattern frequently enough in tests, where part of the test code accidentally doesn’t check intermediate errors or return values, leading to parts of the test silently breaking over time.

To its credit, gopls does check for this now .

In a similar vein, errcheck enforces checking error return values. In Go, errors are values, and unlike other 1 languages 2 , nothing enforces they are checked.

This is valid:

And so are all these:

The only difference is that the first example carries no indication where this was intentional or not. errcheck enforces that error values are at least assigned to _ , therefore being explicit that a decision was made to ignore the error 3 .

One case where this matters is when writing new code. It’s easy enough to forget about checking all error returns of all functions called. Again, tests passing by accident is a very frequent occasion, and so is production code.

Another also interesting case is functions changing signatures. When adding an error return to a function that previously returned nothing or updating a dependency that does so, you probably want to verify all the call sites, at the very least making the executive choice to explicitly ignore the errors.

Retrofitting using golangci-lint

golangci-lint has positioned itself as the tool everyone uses on CI, and I’d say with good reason. It supports many linters, has improved massively over the past couple of years and has facilities for wiring up into existing codebases by only checking code that changes 4 , allowing for incremental cleanup.

For example:

No one has to fix the unchecked error, until they touch the call in bar() . This works well, until you realise there are transformations where this heuristic falls flat. This is still true according to the latest golangci-lint, 1.28.3.

Here is an example of this in action:

Since the call to foo() is not touched, golangci-lint considers the unchecked error pre-existing and does not report it! The check is completely elided on changes that simply go from zero returns to a single error return. This simply makes the check not as useful as it could be, allowing regressions to merge over time.

The other problem with retrofitting is that the cleanup can be boring and take a long time. Clearing hundreds for errors in bulk is mind-numbing. Merely shifting around existing code might require fixing existing issues, unrelated to the change at hand.

Why go through that, when simply adding these linters from the start does the trick and saves you from bugs?

Addendum - 18th July

I got a bit curious about k8s’ code, and ran ineffassign against it. There is one case where ineffassign could be considered noisy, and that is using foo := true instead of var foo bool :

The code in question:

This nudges towards var exist bool or bool := false . Clearly there is no bug here, the result is the same either way, so it boils down to the style used when declaring variables.

good  ↩

Rust  ↩

Not necessarily a good decision, you can always find yourself staring at git blame wondering why.  ↩

according to git and revgrep, using the new- settings in the config . Nowadays it works, a long time ago I found out the hard way it didn’t   ↩

Golang lint - Different methods with Best Practices

Linting go code.

In this article, I will demonstrate how to use lint tools in Golang. A linter is a tool that checks code files using a set of rules that describe problems that cause confusion, produce unexpected results, or reduce the readability of the code. Furthermore, lint can help us find potential bugs in the code, such as assigning undeclared variables, which can cause runtime errors, or getting the value from a global variable, which makes debugging difficult, and so on.

Some go packages which can be used to perform linting such as:

• go vet detects suspicious constructs that the compile may skip, but it only catches a limited number of potential issues such as calling fmt.Printf with the wrong arguments.
• errcheck , An error checker
• golangCI-lint ,  It’s a linting tool that provides a facade on top of many useful linters and formatters. Also, it allows running the linters in parallel to improve analysis speed, which is quite handy.

We can also use golint which is maintained by the Go developers. It is intended to enforce the coding conventions described in Effective Go . But for now, this project is frozen and deprecated . You can refer to ' freeze and deprecate golint thread ' to read more.

Besides linters, we should also use code formatters to fix code style. Here is a list of some code formatters for you to try:

• gofmt package, which is already present in the installation, so we can run it to automatically indent and format your code. Note that it uses tabs for indentation and blanks for alignment
• goimports , A standard Go imports formatter

Using Golang Vet for linting

go vet : Vet examines Go source code and reports suspicious constructs, such as Printf calls whose arguments do not align with the format string. Vet uses heuristics that do not guarantee all reports are genuine problems, but it can find errors not caught by the compilers.

Let's look at this below example to understand how Golang Vet works:

When we run 'go run main.go', the output will be:

When we run "go vet main.go", the output will be:

Using gofmt to for formatting

The gofmt formatting don’t affect the execution of the code—rather, they improve codebase readability by ensuring that the code is visually consistent. gofmt focuses on things like indentation, whitespace, comments, and general code succinctness. We have written a dedicate chapter on go formatting .

To check files for unnecessary parentheses:

To remove the parentheses:

Consider the below example to see how gofmt format the code:

The program will automatically format to this:

Using GolangCI-Lint to lint go program

Golangci-lint is a Go linters tool that runs linters in parallel, reuses the Go build cache, and caches analysis results for significantly improved performance on subsequent runs, is the preferred way to configure linting in Go projects

For convenience and performance reasons, the golangci-lint project was created to aggregate and run several individual linters in parallel. When you install the program, it will include about 48 linters (at the time of writing), and you can then choose which ones are important for your project.

Set up environment

To install golangci-lint , run the command below:

To see a list of supported linters and which linters are enabled/disabled:

Perform Test Run

You may encounter errors if you run the enabled linters from the root of your project directory. Each problem is reported with all of the context you need to fix it, including a brief description of the problem as well as the file and line number where it occurred.

By passing the path, you can specify which directories and files to analyze.

Configuring GolangCI-Lint

The config file has lower priority than command-line options. If the same bool/string/int option is provided on the command-line and in the config file, the option from command-line will be used. Slice options (e.g. list of enabled/disabled linters) are combined from the command-line and config file.

Config File

GolangCI-Lint looks for config files in the following paths from the current working directory:

• .golangci.yml
• .golangci.yaml
• .golangci.toml
• .golangci.json

Example of  .golangci.yaml config file:

Command-Line Options

Pass -E/--enable to enable linter and -D/--disable to disable:

Suppressing linting errors

Disabling specific linting issues that arise in a file or package is sometimes necessary. This can be accomplished in two ways: via the nolint directive and via exclusion rules in the configuration file.

The nolint  directive

Here is an example of generating a random number:

When we run golangci-lint run -E gosec lint.go  the output will be:

The linter recommends using the Int method from crypto/rand instead because it is more cryptographically secure, but it has a less friendly API and slower performance. You can ignore the error by adding a nolint directive to the relevant line:

This inline use of nolint disables all linting issues detected for that line. You can disable issues from a specific linter by naming it in the directive (recommended).

When a nolint directive is used at the top of a file, it disables all linting issues for that file:

Exclusion rules

Exclude Issue by Text : Exclude issue by text using command-line option -e or config option issues.exclude . It's helpful when you decided to ignore all issues of this type. Also, you can use issues.exclude-rules config option for per-path or per-linter configuration.

Exclude Issues by Path:

Exclude issues in path by run.skip-dirs , run.skip-files or issues.exclude-rules config options. In the following example, all the reports from the linters (linters) that concerns the path (path) are excluded:

The code checking tools mentioned above are mostly the "official" ones (the ones maintained by Golang developers). IDE integrations are a nice benefit of having official tooling. For example, Goland includes gofmt support, and VSCode includes an official Go extension that can check your code whenever you save a file.

There are plenty of great options for keeping your code clean and consistent, whether you use these official code checkers or others provided by the community. This article should have given you a better understanding of how to use go vet , gofmt to benefit your code.

https://pkg.go.dev/cmd/vet https://github.com/golangci/golangci-lint https://pkg.go.dev/cmd/gofmt https://pkg.go.dev/golang.org/x/lint/golint https://go.dev/doc/effective_go

Tuan Nguyen

He is proficient in Golang, Python, Java, MongoDB, Selenium, Spring Boot, Kubernetes, Scrapy, API development, Docker, Data Scraping, PrimeFaces, Linux, Data Structures, and Data Mining. With expertise spanning these technologies, he develops robust solutions and implements efficient data processing and management strategies across various projects and platforms. You can connect with him on LinkedIn .

Can't find what you're searching for? Let us assist you.

Enter your query below, and we'll provide instant results tailored to your needs.

If my articles on GoLinuxCloud has helped you, kindly consider buying me a coffee as a token of appreciation.

For any other feedbacks or questions you can send mail to [email protected]

Thank You for your support!!

Leave a Comment Cancel reply

Save my name and email in this browser for the next time I comment.

Notify me via e-mail if anyone answers my comment.

DEV Community

Posted on Oct 31, 2023

golangci-lint: a powerful and complete Go linter

golangci-lint is a Go linter tool that helps detect and fix style errors, convention errors, and potential vulnerabilities. It is based on a set of predefined rules, but you can also create your own rules.

Installation and configuration

To run golangci-lint on your project, use the following command:

golangci-lint will display the list of errors and warnings found. You can also use the --format option to display the results in a custom format.

Here are some examples of issues that golangci-lint can detect:

• Style errors : golangci-lint can detect the most common Go style errors, such as using uninitialized variables, missing comments, and bad indentation.
• Convention errors : golangci-lint can detect violations of Go coding conventions, such as using non-compliant variable names or missing unit tests.
• Vulnerabilities : golangci-lint can detect known vulnerabilities in Go code, such as the use of outdated encryption primitives or lack of input validation.

Configuration

golangci-lint is a very configurable tool. It supports several formats YAML, JSON, TOML. You can customize linter rules to meet your specific needs.

Enable or disable linters

This configuration activates all linters except those listed.

Apply specific rules

For example, you can add custom rules to detect issues specific to your project.

This configuration prohibits the use of certain packages (this is an example)

Linter included

Golangci-lint includes over 30 linters, which cover a wide range of code quality issues. These linters are divided into several categories:

• A variable declared without initialization.
• A function declared with an inappropriate name.
• A function that does not return a value.
• A function that uses an inappropriate data type for a parameter.
• A function that does not properly isolate errors.
• A function that uses an uninitialized variable.
• A loop that could be replaced by an arithmetic expression.
• A function that could be simplified to improve performance.
• A function that uses an inefficient Go structure.
• A variable that is used only once.
• A function that is too long.
• A function that is not well documented.

To get a list of supported linters and enabled/disabled linters, you can do the following command:

Integration with IDEs

Golangci-lint offers integrations with major Go IDEs, allowing you to run the linter directly from your IDE.

To install the IDE extension for Visual Studio Code, open the VS Code Marketplace and search for "golangci-lint". Click on the extension to install it and add it to your configuration:

You can adjust golangci-lint's behavior to suit your needs by configuring it. You can make sure your code is of the highest caliber by taking the effort to configure golangci-lint.

The following advice will help you configure golangci-lint:

• Start with a simple setup and add options as you need them.
• Learn more about the various configuration choices by reading the golangci-lint manual.
• Take inspiration from the golangci-lint configuration samples.

I hope this piece clarifies the golangci-lint settings for you.

Top comments (0)

Templates let you quickly answer FAQs or store snippets for re-use.

Are you sure you want to hide this comment? It will become hidden in your post, but will still be visible via the comment's permalink .

Hide child comments as well

For further actions, you may consider blocking this person and/or reporting abuse

5 Tips for avoiding mistakes while working with server

cuongnp - Mar 9

Getting Stuff Done: Productivity Tips for Backend and Frontend Devs

The Stoic - Mar 7

Conditional Branching with workflow_dispatch and workflow_call in GitHub Actions

kosei - Mar 8

Understanding Go: part 3 – If

Aurélie Vache - Feb 26

We're a place where coders share, stay up-to-date and grow their careers.

Information

License type, more resources, you can contribute, latest from our blog, a closer look at bugprove.

Sun Nov 19 2023

I have never been a huge fan of IoT devices. Granted, they make our life easier, but they also open the door to a lot of security issues. Most IoT devices are black boxes. I don't know what's inside and I don't know what they connect to.

Welcoming Bearer as Our Sponsor: Simple Ruby and JavaScript App Security

Thu Apr 06 2023

As a developer, I have faced my fair share of security mishaps. I recall times when I accidentally exposed sensitive data in logs or sent a network request over a non-encrypted HTTP channel when HTTPS was available. I'm sure many of you can relate to these situations. We may not be security experts, but that doesn't mean we shouldn't take measures to protect our applications. This is where Bearer, a new security tool for Ruby and JavaScript apps (Java coming soon), comes into play.

Redesigning Analysis Tools

Wed Mar 29 2023

We are happy to announce that we completely rebuilt analysis-tools.dev from scratch with more features and a new design!This is a major milestone for us, as it marks the first time we sat down to reinvision what the project should become in the next few years.

Picking the Right Static Analysis Tool For Your Use-Case

Tue Jan 26 2021

This project started as a way to scratch my own itch:Years later, many people still seem to have the same problem. There are more than 500 static analysis (SAST) tools out there; how can you possibly find the "best" one?

Static Analysis Is Broken - Let’s Fix It!

Wed Aug 19 2020

Static analysis is great! It helps improve code quality by inspecting source code without even running it. There are hundreds of great tools to choose from — many are free or open-source . Unfortunately, many projects still don’t make use of static analysis tools for various reasons.

Our Mission

Thu Jul 16 2020

We found that static code analysis is a topic that is attracting a lot of engineers, which care about code-quality and solid engineering standards. Our goal is to create an open community for developers that want to take their code and skill set to the next level.

Welcome, DeepCode!

Today we welcome DeepCode as our first sponsor.It makes us incredibly happy to see the backing of our community project from such a forward-thinking company. Just like us, DeepCode thinks that the space of analysis tools could be vastly improved to increase code quality and foster best practices within organizations of any size.

Stay Informed

Sign up to our newsletter and always stay up to date with the latest tools and trends in development

ineffassign

Detect ineffectual assignments in Go code.

Tutorials / Guides

47 Alternatives to ineffassign

Find inefficiently packed structs.

Checks whether HTTP response body is closed.

Finds unused code.

dingo-hunter

Static analyser for finding deadlocks in Go.

Finds assignments/declarations with too many blank identifiers.

Reports potentially duplicated code.

Check that error return values are used.

Wrap and fix Go errors with the new %w verb directive. This tool analyzes fmt.Errorf() calls and reports calls that contain a verb directive that is different than the new %w verb directive introduced in Go v1.13. It's also capable of rewriting calls to use the new %w wrap verb directive.

Get info on length of functions in a Go package.

Package ast declares the types used to represent syntax trees for Go packages.

go-consistent

Analyzer that helps you to make your Go programs more consistent.

Go source code linter that maintains checks which are currently not implemented in other linters.

go tool vet --shadow

Reports variables that may have been unintentionally shadowed.

Examines Go source code and reports suspicious.

Go AST (Abstract Syntax Tree) based static analysis tool with Rego.

gochecknoglobals

Checks that no globals are present.

Finds repeated strings that could be replaced by a constant.

Calculate cyclomatic complexities of functions in Go source code.

Checks if the code is properly formatted and could not be further simplified.

Checks missing or unreferenced package imports.

Golang security analysis with a focus on minimizing false positives. It is capable of tracing the source of variables and function arguments to determine whether input sources are safe.

GolangCI-Lint

Alternative to Go Meta Linter : GolangCI-Lint is a linters aggregator.

Prints out coding style mistakes in Go source code.

goroutine-inspect

An interactive tool to analyze Golang goroutine dump.

gosec (gas)

Inspects source code for security problems by scanning the Go AST.

Syntactic and semantic analysis similar to the Go compiler.

govulncheck

Govulncheck reports known vulnerabilities that affect Go code. It uses static analysis of source code or a binary's symbol table to narrow down reports to only those that could affect the application. By default, govulncheck makes requests to the Go vulnerability database at https://vuln.go.dev. Requests to the vulnerability database contain only module paths, not code or other properties of your program.

Suggest narrower interfaces that can be used.

Report long lines.

Detect structs that would take less memory if their fields were sorted.

Finds commonly misspelled English words.

Finds naked returns.

Finds unused arguments in function declarations.

Finds slice declarations that could potentially be preallocated.

A tool for posting review comments from any linter in any code hosting service.

Fast, configurable, extensible, flexible, and beautiful linter for Go. Drop-in replacement of golint.

Static analysis tool for Golang that protects against SQL injections.

A lightweight static code analyzer designed for developers and security teams. It allows you to analyze and transform source code with an intuitive DSL similar to sed, but for code.

staticcheck

Go static analysis that specialises in finding bugs, simplifying code and improving performance.

structcheck

Find unused struct fields.

Static analyzer for Go that recommends struct field rearrangements to provide for maximum space/allocation efficiency

Show location of test failures from the stdlib testing module.

Detect redundant type conversions.

Find unused function parameters.

Find unused global variables and constants.

Enforces empty lines at the right places.

Instant live visualization of your Go application runtime statistics in the browser. It plots heap usage, MSpans/MCaches, Object counts, Goroutines and GC/CPU fraction.

23 Multi-Language Tools

Applicationinspector.

Creates reports of over 400 rule patterns for feature detection (e.g. the use of cryptography or version control in apps).

autocorrect

A linter and formatter to help you to improve copywriting, correct spaces, words, punctuations between CJK (Chinese, Japanese, Korean).

Open-Source static code analysis tool to discover, filter and prioritize security risks and vulnerabilities leading to sensitive data exposures (PII, PHI, PD). Highly configurable and easily extensible, built for security and engineering teams.

Statically generates a call graph image and displays it on screen.

Checkmarx CxSAST

Commercial Static Code Analysis which doesn't require pre-compilation.

Emerge is a source code and dependency visualizer that can be used to gather insights about source code structure, metrics, dependencies and complexity of software projects. After scanning the source code of a project it provides you an interactive web interface to explore and analyze your project by using graph structures.

Finds N+1 queries (SQL calls in a for loop) in go code

Comments on style violations in GitHub pull requests. Supports Coffeescript, Go, HAML, JavaScript, Ruby, SCSS and Swift.

Lizard is an extensible Cyclomatic Complexity Analyzer for many programming languages including C/C++ (doesn't require all the header files or Java imports). It also does copy-paste detection (code clone detection/code duplicate detection) and many other forms of static code analysis. Counts lines of code without comments, CCN (cyclomatic complexity number), token count of functions, parameter count of functions.

Mega-Linter

Mega-Linter can handle any type of project thanks to its 70+ embedded Linters, its advanced reporting, runnable on any CI system or locally, with assisted installation and configuration, able to apply formatting and fixes

A fast, open-source, static analysis tool for finding bugs and enforcing code standards at editor, commit, and CI time. Its rules look like the code you already write; no abstract syntax trees or regex wrestling. Supports 17+ languages.

ShiftLeft Scan

Scan is a free open-source DevSecOps platform for detecting security issues in source code and dependencies. It supports a broad range of languages and CI/CD pipelines.

Sigrid helps you to improve your software by measuring your system's code quality, and then compares the results against a benchmark of thousands of industry systems to give you concrete advice on areas where you can improve.

SonarLint is a free IDE extension available for IntelliJ, VS Code, Visual Studio, and Eclipse, to find and fix coding issues in real-time, flagging issues as you code, just like a spell-checker. More than a linter, it also delivers rich contextual guidance to help developers understand why there is an issue, assess the risk, and educate them on how to fix it.

Performs static analysis on raw SQL queries in your Go code base to surface potential runtime errors. It checks for SQL syntax error, identifies unsafe queries that could potentially lead to SQL injections makes sure column count matches value count in INSERT statements and validates table- and column names.

StaticReviewer

Static Reviewer executes code checks according to the most relevant Secure Coding Standards, OWASP, CWE, CVE, CVSS, MISRA, CERT, for 40+ programming languages, using 1000+ built-in validation rules for Security, Deadcode & Best Practices Available a module for Software Composition Analysis (SCA) to find vulnerabilities in open source and third party libraries.

Super-Linter

Combination of multiple linters to install as a GitHub Action.

Static code analysis tool for Java,C,C++,C#,Go.

TencentCodeAnalysis

Tencent Cloud Code Analysis (TCA for short, code-named CodeDog inside the company early) is a comprehensive platform for code analysis and issue tracking. TCA consist of three components, server, web and client. It integrates of a number of self-developed tools, and also supports dynamic integration of code analysis tools in various programming languages.

Linter for integrating annotated TODOs with your issue trackers

Modern repositories include many technologies, each with its own set of linters. With 30+ linters and counting, Trunk makes it dead-simple to identify, install, configure, and run the right linters, static analyzers, and formatters for all your repos.

Crash Analysis and Severity Report.

Continuous Hybrid Fuzzing and Dynamic Analysis for Security Development Lifecycle.

Help make this list better Suggest Tools

Our Sponsors

This website is completely open source. To fund our work, we fully rely on sponsors. Thanks to them, we can keep the site free for everybody. Please check out their offers below.

ineffassign

This package is not in the latest version of its module.

Detect ineffectual assignments in Go code.

This tool misses some cases because does not consider any type information in its analysis. (For example, assignments to struct fields are never marked as ineffectual.) It should, however, never give any false positives.

Documentation ¶

There is no documentation for this package.

Source Files ¶

• ineffassign.go

Keyboard shortcuts