Source: medium.com
Shift Left Security with Golang in VS CodeCategory: Software, automation, yaml
Most modern software today has moved aggressively into using third-party open source dependencies to reduce duplication and accelerate development by using pre-existing code. These dependencies are often built and managed by a distributed team of engineers and while this model of building software has often resulted in faster feature improvement (better feedback loops that help functional issues improve early), it also means that the code in your OSS dependencies change quickly and new issues can be introduced. Catching and fixing issues in your dependencies early is one part of a principle called “shift left” or “shift left testing.”
Ensuring the security of dependencies and strong testing in Golang is also important because: But if you’re a Golang developer, how do you know what to test, and what to test for?
While this simple example may not cover the full testing needs of a shift left philosophy, it does demonstrate the power of the JFrog VSCode Extension, and how important it is that Go developers understand how easily vulnerabilities can be introduced in different versions of their module’s dependencies.
Ensuring the security of dependencies and strong testing in Golang is also important because: But if you’re a Golang developer, how do you know what to test, and what to test for?
While this simple example may not cover the full testing needs of a shift left philosophy, it does demonstrate the power of the JFrog VSCode Extension, and how important it is that Go developers understand how easily vulnerabilities can be introduced in different versions of their module’s dependencies.
Related Articles
Community Partners
DevOps Careers