Complex Methods of Static Code Analysis in Go: Combination of Classical Approaches and Modern Tools
Keywords:
Go language, static analysis, linters, aggregators, code quality, CI/CD, security, performance optimizationAbstract
The paper explores comprehensive approaches to static code analysis for Go, highlighting both foundational theory and advanced practical applications. After examining theoretical constructs—such as abstract syntax trees and rule-based detection—this work presents an overview of current trends, including aggregators like GolangCI-Lint. Attention is given to integrating specialized linters (e.g., misspell, unparam, prealloc, bearer) to bolster detection accuracy and address security vulnerabilities. Through detailed practical examples, the article illustrates how automated reports in pull requests facilitate early bug identification and remediation. Configuration strategies for continuous integration and delivery (CI/CD) pipelines are also outlined, focusing on harnessing multi-layered analysis for improved coverage. Concluding remarks emphasize the importance of combined static analysis tools, domain-specific checkers, and regular inspections to achieve high levels of reliability, readability, and security in Go codebases.
References
[1]. Esilevsky S. Programming languages of the “new wave”. Go language // System Administrator. - 2021. - №. 7-8. - С. 65-73.
[2]. Galiev R. M., Evdoshenko O. I. REVIEW OF EXISTING SOLUTIONS FOR STATIC ANALYSIS OF GOLANG CODE //Inzhenerno-stroitel'nyi vestnik Prikaspiya. - 2024. - №. 2 (48). - С. 73-76.[5]
[3]. Hopcroft D. E., Motwani R., Ullman D. Introduction to the theory of automata, languages and computation. - 2008.
[4]. Menshikov M. A. Review of static analyzer service models // Proceedings of the Institute of system programming of the Russian Academy of Sciences. - 2021. - Т. 33. - №. 3. - С. 27-40.
[5]. Koshelev V. K. Formalization of error detection in static symbolic execution // Proceedings of the Institute of System Programming of the Russian Academy of Sciences. - 2016. - Т. 28. - №. 5. - С. 105-118.
[6]. Afanasyev V. O., Dvortsova V. V., Borodin A.. Е. Static analyzer for languages with exception handling // Proceedings of the Institute of System Programming of RAS. - 2022. - Т. 34. - №. 6. - С. 7-28.
[7]. Register of static analyzers //analysis-tools.dev. - Access mode: https://analysis-tools.dev/
[8]. Documentation of the micro project // https://github.com. - Access mode: https://github.com/zyedidia/micro
[9]. Borodin A. E. et al. Search for vulnerabilities of insecure use of labeled data in the Svace static analyzer // Proceedings of the Institute of System Programming of the Russian Academy of Sciences. - 2021. - Т. 33. - №. 1. - С. 7-32.
Downloads
Published
Issue
Section
License
Copyright (c) 2025 American Scientific Research Journal for Engineering, Technology, and Sciences
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Authors who submit papers with this journal agree to the following terms.
