Nil Safety
Mathematical lattice-based forward dataflow analysis to guarantee you never hit a nil-pointer dereference in production.
We brought Rust's compilation rigor to the Go ecosystem. GoGuard mathematically proves your data flow is secure, catching nil dereferences, race conditions, and ignoring errors before runtime. Designed via MCP to give your AI Agents absolute certainty.
What's Inside
Powered by pure Go dataflow extraction natively integrated with a blazingly fast Rust engine.
Mathematical lattice-based forward dataflow analysis to guarantee you never hit a nil-pointer dereference in production.
Strictly validates that any returned error is not silently swallowed or ignored with blank identifiers.
Detects shared mutable access running without synchronization, goroutine leaks, and dead channel sends.
Finite state machine tracking for critical resources. Guarantees files and sockets move safely from Opened to Closed.
Validates interface implementations and enum switches to ensure every path is properly managed.
Forward taint propagation tracking inputs from unverified sources to dangerous sinks, preventing SQLi and XSS.
Architecture
GoGuard utilizes a hybrid architecture: go/types parses your code safely, Rust analyzes it with extreme speed via FlatBuffers IPC.
goguard-go-bridge parses the AST and builds a fully typed SSA Control Flow Graph.
Zero-copy serialization transfers the AST to Rust in sub-milliseconds over Unix Sockets.
Salsa-backed incremental graph analysis produces machine-readable diagnostics for your favorite AI Agent.
# Check your project for safety $ goguard check ./... # Output (142ms): [CRITICAL] NIL001: nil pointer dereference --> handler.go:18:22 | 15 | if err != nil { 16 | log.Printf("error: %v", err) 17 | // missing return | 18 | fmt.Println(user.Name) // user may be nil here