shisho
Shisho is a lightweight static analyzer for developers.
the usage documentation for further information.
Please seeTry with Docker
You can try shisho in your machine as follows:
echo "func test(v []string) int { return len(v) + 1; }" | docker run -i ghcr.io/flatt-security/shisho-cli:latest find "len(:[...])" --lang=go
echo "func test(v []string) int { return len(v) + 1; }" > file.go
docker run -i -v $(PWD):/workspace ghcr.io/flatt-security/shisho-cli:latest find "len(:[...])" --lang=go /workspace/file.go
Install with pre-built binaries
When you'd like to run shisho outside docker containers, please follow the instructions below:
Linux / macOS
Run the following command(s):
# Linux
wget https://github.com/flatt-security/shisho/releases/latest/download/build-x86_64-unknown-linux-gnu.zip -O shisho.zip
unzip shisho.zip
chmod +x ./shisho
mv ./shisho /usr/local/bin/shisho
# macOS
wget https://github.com/flatt-security/shisho/releases/latest/download/build-x86_64-apple-darwin.zip -O shisho.zip
unzip shisho.zip
chmod +x ./shisho
mv ./shisho /usr/local/bin/shisho
Then you'll see a shisho's executable in /usr/local/bin
.
Windows
Download the prebuild binary from releases and put it into your %PATH%
directory. If you're using Windows Subsystem for Linux, you can install shisho by bash <(curl -sL get.shisho.dev/linux)
.
More
- We're also building Shisho as a Service to make Security-as-Code more accessible.
- If you need direct support, you can contact us at
[email protected]
.