Shisho – Lightweight Static Analyzer For Several Programming Languages
Shisho is a lightweight static analyzer for developers.
Please see the usage documentation for further information.
Try at Playground
You can try Shisho at our playground.
Try with Docker
You can try shisho in your machine as follows:
echo "func test(v []string) int { return len(v) + 1; }" | docker run -i ghcr.io/flatt-security/shisho-cli:latest find "len(:[...])" --lang=go
echo "func test(v []string) int { return len(v) + 1; }" > file.go
docker run -i -v $(PWD):/workspace ghcr.io/flatt-security/shisho-cli:latest find "len(:[...])" --lang=go /workspace/file.go
Install with pre-built binaries
When you’d like to run shisho outside docker containers, please follow the instructions below:
Linux / macOS
Run the following command(s):
# Linux
wget https://github.com/flatt-security/shisho/releases/latest/download/build-x86_64-unknown-linux-gnu.zip -O shisho.zip
unzip shisho.zip
chmod +x ./shisho
mv ./shisho /usr/local/bin/shisho
# macOS
wget https://github.com/flatt-security/shisho/releases/latest/download/build-x86_64-apple-darwin.zip -O shisho.zip
unzip shisho.zip
chmod +x ./shisho
mv ./shisho /usr/local/bin/shisho
Then you’ll see a shisho’s executable in /usr/local/bin
.
Windows
Download the prebuild binary from releases and put it into your %PATH%
directory.
If you’re using Windows Subsystem for Linux, you can install shisho with the above instructions.
More
- We’re also building Shisho as a Service to make Security-as-Code more accessible.
- If you need direct support, you can contact us at
contact@flatt.tech
.