Several options for each: Static analysis: Checkmarx (https://www.checkmarx.com/) Gosec GAS (http://github.com/GoASTScanner/gas) Go-staticcheck (https://github.com/dominikh/go-tools/tree/master/cmd/staticcheck) SonarQube (https://github.com/SonarSource/sonarqube) SideCi (https://sider.review) Dependency analysis: SideCi (https://sider.review) Nancy (https://github.com/sonatype-nexus-community/nancy) Snyk (https://snyk.io)
Several options for each:
Static analysis:
Checkmarx (https://www.checkmarx.com/)
Gosec GAS (http://github.com/GoASTScanner/gas)
Go-staticcheck (https://github.com/dominikh/go-tools/tree/master/cmd/staticcheck)
SonarQube (https://github.com/SonarSource/sonarqube)
SideCi (https://sider.review)
Dependency analysis:
SideCi (https://sider.review)
Nancy (https://github.com/sonatype-nexus-community/nancy)
Snyk (https://snyk.io)