You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 4-6.RSVP
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

github.com/upamune/goimmutablelint

Package Overview
Dependencies
Alerts
File Explorer
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

github.com/upamune/goimmutablelint

v0.0.0-20240711135153-9025ec30b3e2
Source
Go
Version published
Created
Source

goimmutablelint

goimmutablelint is a static analysis tool for Go that helps enforce immutability in function parameters. It detects and reports instances where function parameters are modified, which can lead to unexpected behavior and make code harder to reason about.

Features

  • Detects modifications of function parameters
  • Supports whitelist mode to only check specified functions
  • Concurrent analysis for improved performance
  • Outputs results in JSON format for easy integration with other tools

Installation

To install goimmutablelint, use the following command:

go get -u github.com/upamune/goimmutablelint

Usage

Run goimmutablelint on your Go packages:

goimmutablelint [flags] <package patterns...>

Flags

  • -v: Enable verbose output
  • -j <n>: Set the number of concurrent workers (default is the number of CPUs)
  • -w: Enable whitelist mode (only check functions with goimmutablelint:check comment)
  • -h: Show help message

Examples

Check all packages in the current directory and subdirectories:

goimmutablelint ./...

Check specific packages with verbose output:

goimmutablelint -v github.com/upamune/project/pkg1 github.com/upamune/project/pkg2

Use whitelist mode with 4 workers:

goimmutablelint -w -j 4 ./...

Whitelist Mode

In whitelist mode, only functions with the goimmutablelint:check comment will be checked. To mark a function for checking in whitelist mode, add the following comment above the function:

// goimmutablelint:check
func myFunction(param *int) {
    // This function will be checked in whitelist mode
}

Output

goimmutablelint outputs results in JSON format. Each issue includes the following information:

  • File name
  • Line and column numbers
  • Function name
  • Description of the issue

Contributing

Contributions to goimmutablelint are welcome! Please follow these steps:

  • Fork the repository
  • Create a new branch for your feature or bug fix
  • Write tests for your changes
  • Implement your changes
  • Run tests and ensure they pass
  • Submit a pull request

Please make sure to update tests as appropriate and adhere to the existing coding style.

License

MIT License

Contact

If you have any questions or feedback, please open an issue on the GitHub repository.

FAQs

Package last updated on 11 Jul 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

TC39 Advances 11 Proposals for Math Precision, Binary APIs, and More

Security News

TC39 Advances 11 Proposals for Math Precision, Binary APIs, and More

TC39 advances 11 JavaScript proposals, with two moving to Stage 4, bringing better math, binary APIs, and more features one step closer to the ECMAScript spec.

By Sarah Gooding  -  Aug 06, 2025
Critical Vulnerability in NestJS Devtools: Localhost RCE via Sandbox Escape

Research

/

Security News

Critical Vulnerability in NestJS Devtools: Localhost RCE via Sandbox Escape

A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).

By Jonathan Leitschuh  -  Aug 01, 2025