security/gokart: New port: static go code analyzer

GoKart is a static analysis tool for Go that finds vulnerabilities
using the SSA (single static assignment) form of Go source code.

WWW: https://github.com/praetorian-inc/gokart

PR:		257942

4 files changed, 89 insertions, 0 deletions

diff --git a/security/Makefile b/security/Makefile
index 35a14d99f308..a906ee24dc0e 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -189,6 +189,7 @@
     SUBDIR += gnupg1
     SUBDIR += gnutls
     SUBDIR += go-cve-dictionary
+    SUBDIR += gokart
     SUBDIR += gonepass
     SUBDIR += gopass
     SUBDIR += gorilla
diff --git a/security/gokart/Makefile b/security/gokart/Makefile
new file mode 100644
index 000000000000..a1462d0dcce5
--- /dev/null
+++ b/security/gokart/Makefile
@@ -0,0 +1,49 @@
+# Created by: Gabriel M. Dutra <0xdutra@gmail.com>
+
+PORTNAME=	gokart
+DISTVERSIONPREFIX=	v
+DISTVERSION=	0.1.0
+CATEGORIES=	security
+
+MAINTAINER=	0xdutra@gmail.com
+COMMENT=	Go Security Static Analysis
+
+LICENSE=	APACHE20
+LICENSE_FILE=	${WRKSRC}/LICENSE
+
+USES=	go:modules
+
+USE_GITHUB=	yes
+GH_ACCOUNT=	praetorian-inc
+
+GH_TUPLE=	\
+		fatih:color:v1.12.0:fatih_color/vendor/github.com/fatih/color \
+		go-yaml:yaml:496545a6307b:go_yaml_yaml/vendor/gopkg.in/yaml.v3 \
+		golang:mod:v0.4.2:golang_mod/vendor/golang.org/x/mod \
+		golang:sys:977fb7262007:golang_sys/vendor/golang.org/x/sys \
+		golang:text:v0.3.6:golang_text/vendor/golang.org/x/text \
+		golang:tools:v0.1.2:golang_tools/vendor/golang.org/x/tools \
+		golang:xerrors:5ec99f83aff1:golang_xerrors/vendor/golang.org/x/xerrors \
+		inconshreveable:mousetrap:v1.0.0:inconshreveable_mousetrap/vendor/github.com/inconshreveable/mousetrap \
+		lithammer:dedent:v1.1.0:lithammer_dedent/vendor/github.com/lithammer/dedent \
+		mattn:go-colorable:v0.1.8:mattn_go_colorable/vendor/github.com/mattn/go-colorable \
+		mattn:go-isatty:v0.0.12:mattn_go_isatty/vendor/github.com/mattn/go-isatty \
+		owenrumney:go-sarif:v1.0.11:owenrumney_go_sarif/vendor/github.com/owenrumney/go-sarif \
+		segmentio:fasthash:v1.0.3:segmentio_fasthash/vendor/github.com/segmentio/fasthash \
+		spf13:cobra:v1.2.1:spf13_cobra/vendor/github.com/spf13/cobra \
+		spf13:pflag:v1.0.5:spf13_pflag/vendor/github.com/spf13/pflag \
+		zclconf:go-cty:v1.8.4:zclconf_go_cty/vendor/github.com/zclconf/go-cty
+
+GO_TARGET=	gokart
+
+PLIST_FILES=	bin/${PORTNAME}
+
+PORTDOCS=	README.md
+
+OPTIONS_DEFINE=	DOCS
+
+do-install-DOCS-on:
+	@${MKDIR} ${STAGEDIR}${DOCSDIR}
+	${INSTALL_DATA} ${WRKSRC}/${PORTDOCS} ${STAGEDIR}${DOCSDIR}
+
+.include <bsd.port.mk>
diff --git a/security/gokart/distinfo b/security/gokart/distinfo
new file mode 100644
index 000000000000..047a51a8ce5d
--- /dev/null
+++ b/security/gokart/distinfo
@@ -0,0 +1,35 @@
+TIMESTAMP = 1629343546
+SHA256 (praetorian-inc-gokart-v0.1.0_GH0.tar.gz) = 1e8dfdbe0db1473836c05d4fb8754a88c75b61b85a114f40115ec2246f0e17b9
+SIZE (praetorian-inc-gokart-v0.1.0_GH0.tar.gz) = 113760
+SHA256 (fatih-color-v1.12.0_GH0.tar.gz) = 8f4cef62c8aafdf7e7b3097e9f97c236bb31a47f2c939a54da92235c30ae9dcb
+SIZE (fatih-color-v1.12.0_GH0.tar.gz) = 10711
+SHA256 (go-yaml-yaml-496545a6307b_GH0.tar.gz) = ed0e11dc14bbbd4127031d7e8b9e58dad885e2c44a16359d2f64b71d1d1f692a
+SIZE (go-yaml-yaml-496545a6307b_GH0.tar.gz) = 90156
+SHA256 (golang-mod-v0.4.2_GH0.tar.gz) = ce4131eb443ac67ededb139a43bae4fbb2c4b84843936495c6a6de92b8033917
+SIZE (golang-mod-v0.4.2_GH0.tar.gz) = 104584
+SHA256 (golang-sys-977fb7262007_GH0.tar.gz) = 11c4dfe83ceae6376054cc95e8f1b303a29985fc407c87cf9e360fd64d7937ce
+SIZE (golang-sys-977fb7262007_GH0.tar.gz) = 1192386
+SHA256 (golang-text-v0.3.6_GH0.tar.gz) = f66bebcf21985b0a713d67c6c35dfc9800d3b6d00d62b83ed0ce5b2ed4cb9760
+SIZE (golang-text-v0.3.6_GH0.tar.gz) = 8351095
+SHA256 (golang-tools-v0.1.2_GH0.tar.gz) = cfe93e5004deef7c632ff3230e152a988b6c05c962a4c4f49ef30321a3446ae9
+SIZE (golang-tools-v0.1.2_GH0.tar.gz) = 2794345
+SHA256 (golang-xerrors-5ec99f83aff1_GH0.tar.gz) = 71975d658357e170fd6a41f92539cde8b39c9cd8bfe5931b6311bc5f5c0da0d7
+SIZE (golang-xerrors-5ec99f83aff1_GH0.tar.gz) = 13664
+SHA256 (inconshreveable-mousetrap-v1.0.0_GH0.tar.gz) = 5edc7731c819c305623568e317aa253d342be3447def97f1fa9e10eb5ad819f6
+SIZE (inconshreveable-mousetrap-v1.0.0_GH0.tar.gz) = 2290
+SHA256 (lithammer-dedent-v1.1.0_GH0.tar.gz) = aee382778063c582f69f4b8dd7f0e8bcb5ff827c61447108944aa2024954de16
+SIZE (lithammer-dedent-v1.1.0_GH0.tar.gz) = 3195
+SHA256 (mattn-go-colorable-v0.1.8_GH0.tar.gz) = 1027954f9abbe06b6e117e3047af70204dd0eb4f8c27fcd459fb2574b279755f
+SIZE (mattn-go-colorable-v0.1.8_GH0.tar.gz) = 9571
+SHA256 (mattn-go-isatty-v0.0.12_GH0.tar.gz) = addbdc341d7685ed4cc8d2d8a8fd2bd9b784bde00d0ea99fb251039fc10c611c
+SIZE (mattn-go-isatty-v0.0.12_GH0.tar.gz) = 4548
+SHA256 (owenrumney-go-sarif-v1.0.11_GH0.tar.gz) = ed9e208b359423b2cb2fd2f8bdfa0bbc32d94847f217c8d6f012d8695d123a52
+SIZE (owenrumney-go-sarif-v1.0.11_GH0.tar.gz) = 18169
+SHA256 (segmentio-fasthash-v1.0.3_GH0.tar.gz) = daadef14edb8643cddff971bd1ed5202aa1005a53cde1a6b81a3da68ca89eaf4
+SIZE (segmentio-fasthash-v1.0.3_GH0.tar.gz) = 6330
+SHA256 (spf13-cobra-v1.2.1_GH0.tar.gz) = 382d414ff7b8f421ae07d32d5a17161718b45bdd00de86dc107a34e639857794
+SIZE (spf13-cobra-v1.2.1_GH0.tar.gz) = 161312
+SHA256 (spf13-pflag-v1.0.5_GH0.tar.gz) = 9a2cae1f8e8ab0d2cc8ebe468e871af28d9ac0962cf0520999e3ba85f0c7b808
+SIZE (spf13-pflag-v1.0.5_GH0.tar.gz) = 50796
+SHA256 (zclconf-go-cty-v1.8.4_GH0.tar.gz) = 2f8e0b1598284439ddec33fd51858fb1f52771eb71b1fde0c495e93bfa6ff610
+SIZE (zclconf-go-cty-v1.8.4_GH0.tar.gz) = 196165
diff --git a/security/gokart/pkg-descr b/security/gokart/pkg-descr
new file mode 100644
index 000000000000..fb5a0f9993b4
--- /dev/null
+++ b/security/gokart/pkg-descr
@@ -0,0 +1,4 @@
+GoKart is a static analysis tool for Go that finds vulnerabilities
+using the SSA (single static assignment) form of Go source code.
+
+WWW: https://github.com/praetorian-inc/gokart