{"library":"snyk-go-plugin","title":"Snyk Golang CLI Plugin","type":"library","description":"The `snyk-go-plugin` package serves as a crucial plugin for the Snyk CLI, enabling it to detect and report known vulnerabilities within Golang projects. It specifically supports projects utilizing `dep` (via `Gopkg.lock`) or `govendor` (via `vendor/vendor.json`) for dependency management, as well as `go.mod` projects. The current stable version is 2.1.1, with releases occurring frequently, often monthly or bi-monthly, and sometimes more often for critical bug fixes. Its primary differentiator is its integration with the broader Snyk security platform, providing automated vulnerability scanning and remediation advice for Go applications, unlike standalone static analysis tools. It ships with TypeScript types, indicating strong support for modern JavaScript and TypeScript development workflows, and requires Node.js version 20 or higher.","language":"javascript","status":"active","last_verified":"Wed Apr 22","install":{"commands":["npm install snyk-go-plugin"],"cli":{"name":"snyk","version":null}},"imports":["import { inspect } from 'snyk-go-plugin';","import type { InspectOptions } from 'snyk-go-plugin';"],"auth":{"required":false,"env_vars":[]},"links":{"homepage":"https://snyk.io","github":"https://github.com/snyk/snyk-go-plugin","docs":null,"changelog":null,"pypi":null,"npm":"https://www.npmjs.com/package/snyk-go-plugin","openapi_spec":null,"status_page":null,"smithery":null},"quickstart":{"code":"import { inspect } from 'snyk-go-plugin';\nimport * as path from 'path';\n\nasync function scanGoProject(projectDir: string) {\n  try {\n    console.log(`Scanning Go project in: ${projectDir}`);\n    // The 'go.mod' file is often used as the manifest file, or Gopkg.lock/vendor/vendor.json\n    const result = await inspect(\n      projectDir,\n      'go.mod',\n      { \n        // Optionally disable PackageURL generation if not needed\n        configuration: { includePackageUrls: true },\n        // Other options can be passed here, e.g., debug: true\n      }\n    );\n    console.log('Snyk Go Plugin inspection result:');\n    console.dir(result, { depth: null });\n    if (result.package.dependencies) {\n        console.log(`Found ${Object.keys(result.package.dependencies).length} direct dependencies.`);\n    }\n  } catch (error) {\n    console.error('Error during Snyk Go Plugin inspection:', error);\n    process.exit(1);\n  }\n}\n\n// Example usage: scan the current directory as a Go project\nscanGoProject(process.cwd());","lang":"typescript","description":"This quickstart demonstrates how to use the `inspect` function to programmatically scan a Go project's dependencies and output the results, including how to configure options like PackageURL generation.","tag":null,"tag_description":null,"last_tested":null,"results":[]},"compatibility":null}