Skip to content

AumSahayata/goguard

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

25 Commits
.github/workflows
.github/workflows
Β 
Β 
cmd
cmd
Β 
Β 
internal
internal
Β 
Β 
.gitignore
.gitignore
Β 
Β 
LICENSE
LICENSE
Β 
Β 
README.md
README.md
Β 
Β 
go.mod
go.mod
Β 
Β 
go.sum
go.sum
Β 
Β 
main.go
main.go
Β 
Β 

Repository files navigation

goguard

πŸ” Keep your Go dependencies secure, up-to-date, and compliant.

Go Guard is a CLI tool + GitHub Action for scanning Go projects to detect: Vulnerabilities, Outdated dependencies, Unmaintained packages, License risks. It helps developers keep Go projects secure, up-to-date, and compliant with minimal effort.

πŸš€ Current version: v0.3.0

✨ Features

  • πŸ” Scan go.mod / go.sum dependencies
  • πŸ›‘οΈ Detect vulnerable dependencies using Go vulnerability database
  • πŸ“¦ Check for outdated dependencies via the Go proxy
  • 🏚️ Detect unmaintained repos (archived or stale >2 years)
  • βš–οΈ Identify licenses (via GitHub LICENSE file)
  • πŸ“Š Output as table or JSON or HTML
  • πŸšͺ Exit codes for CI pipelines (see below)
  • ⏲ Each module gets a RiskScore (numeric) and RiskLevel (Low / Medium / High).

πŸšͺ Exit Codes

  • 0 β†’ All checks passed (OK)
  • 1 β†’ Warnings detected (e.g. outdated or risky license or stale repo)
  • 2 β†’ Failures detected (vulnerabilities, archived repos)

Use these exit codes in CI/CD pipelines to fail builds on security issues.

πŸ“¦ Installation

go install github.com/AumSahayata/goguard@latest

πŸš€ Usage

Basic scan

goguard scan

Outputs a table of all modules, their versions, and issues on the console.

JSON output to console

goguard scan --json

JSON output to file

goguard scan --json-file result.json

HTML output to file

goguard scan --html-file result.html

Verbose exit reasons

goguard scan --verbose

Strict check

goguard scan --strict

Fails even for warnings

GitHub Actions Workflow Example

name: GoGuard Scan

on:
  pull_request:
    branches: [main]

jobs:
  goguard:
    name: GoGuard
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Set up Go
        uses: actions/setup-go@v5
        with:
          go-version: '1.24'

      - name: Install goguard
        run: go install github.com/AumSahayata/goguard@latest
      
      - name: Run gogurad
        run: goguard scan --json-file report.json --verbose

πŸ“Š Example Output

Table Output

Package Version Latest Status Issues
github.com/gin-gonic/gin v1.7.0 v1.9.1 [WARN] Outdated CVE-2023-1234 (High)
github.com/pkg/errors v0.9.1 v0.9.1 [OK] Up-to-date -
github.com/old/lib v1.0.0 Unknown [FAIL] Unmaint. Repo archived

JSON Output

[
  {
    "Name": "golang.org/x/mod",
    "Version": "v0.28.0",
    "Latest": "v0.28.0",
    "Vulnerable": false,
    "CVEs": [],
    "Status": "[WARN] License",
    "Issues": "License: Unknown",
    "RiskScore": 2,
    "RiskLevel": "Low"
  },
]

πŸ“œ License

MIT License. See LICENSE for details.

🀝 Contributing

PRs and issues are welcome and feel free to suggest features.

About

Go Guard is a CLI tool + GitHub Action for scanning Go projects to detect: Vulnerabilities, Outdated dependencies, Unmaintained packages, License risks. It helps developers keep Go projects secure, up-to-date, and compliant with minimal effort.

Topics

go cli golang security vulnerability-scanners cli-tool

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases 3

Go Guard - v0.3.0 Latest
Sep 28, 2025
+ 2 releases

Packages

 
 
 

Contributors

Languages