Added sqlz support

.gitignore

@@ -0,0 +1,9 @@
+# Ignore bin folder
+bin/
+
+vendor/
+
+# Ignore IDEs
+.vscode/
+.idea/
+*.iml

.golangci.yaml

@@ -0,0 +1,64 @@
+# More info on config here: https://github.com/golangci/golangci-lint#config-file
+run:
+  deadline: 10m
+  issues-exit-code: 1
+  tests: true
+  skip-dirs:
+    - bin
+    - vendor
+    - node_modules
+    - var
+    - gen
+    - tmp
+  skip-files:
+    - \.pb\.go$
+    - \.pb\.goclay\.go$
+
+output:
+  format: colored-line-number
+  print-issued-lines: true
+  print-linter-name: true
+
+linters-settings:
+  govet:
+    check-shadowing: true
+  golint:
+    min-confidence: 0
+  dupl:
+    threshold: 100
+  goconst:
+    min-len:         2
+    min-occurrences: 2
+
+linters:
+  disable-all: true
+  enable:
+    - golint
+    - govet
+    - errcheck
+    - deadcode
+    - structcheck
+    - varcheck
+    - ineffassign
+    - typecheck
+    - goconst
+    - goimports
+    - megacheck # (staticcheck + gosimple + unused in one linter)
+    - gosec
+    #- dupl
+
+issues:
+  exclude-use-default: false
+  exclude:
+    # _ instead of err checks
+    - G104
+    # for "public interface + private struct implementation" cases only!
+    - exported func * returns unexported type *, which can be annoying to use
+    # can be removed in the development phase
+    # - (comment on exported (method|function|type|const)|should have( a package)? comment|comment should be of the form)
+    # not for the active development - can be removed in the stable phase
+    - should have a package comment, unless it's in another file for this package
+    - don't use an underscore in package name
+    # errcheck: Almost all programs ignore errors on these functions and in most cases it's ok
+    - Error return value of .((os\.)?std(out|err)\..*|.*Close|.*Flush|os\.Remove(All)?|.*printf?|os\.(Un)?Setenv|.*Rollback). is not checked
+    - should check returned error before deferring

Gopkg.toml

@@ -0,0 +1,34 @@
+# Gopkg.toml example
+#
+# Refer to https://golang.github.io/dep/docs/Gopkg.toml.html
+# for detailed Gopkg.toml documentation.
+#
+# required = ["github.com/user/thing/cmd/thing"]
+# ignored = ["github.com/user/project/pkgX", "bitbucket.org/user/project/pkgA/pkgY"]
+#
+# [[constraint]]
+#   name = "github.com/user/project"
+#   version = "1.0.0"
+#
+# [[constraint]]
+#   name = "github.com/user/project2"
+#   branch = "dev"
+#   source = "github.com/myfork/project2"
+#
+# [[override]]
+#   name = "github.com/x/y"
+#   version = "2.4.0"
+#
+# [prune]
+#   non-go = false
+#   go-tests = true
+#   unused-packages = true
+
+
+[[constraint]]
+  branch = "master"
+  name = "golang.org/x/tools"
+
+[prune]
+  go-tests = true
+  unused-packages = true

Makefile

@@ -0,0 +1,51 @@
+BUILD_TIME=`date +%FT%T%z`
+VERSION := $(shell sh -c 'git describe --always --tags')
+BRANCH := $(shell sh -c 'git rev-parse --abbrev-ref HEAD')
+COMMIT := $(shell sh -c 'git rev-parse --short HEAD')
+LDFLAGS=-ldflags "-s -w -X main.version=$(VERSION) -X main.commit=$(COMMIT) -X main.branch=$(BRANCH) -X main.buildDate=$(BUILD_TIME)"
+LINT_TOOL=$(shell go env GOPATH)/bin/golangci-lint
+BUILD_TAGS=-tags go1.6
+GO_PKGS=$(shell go list ./... | grep -v /vendor/ | grep -v /node_modules/)
+GO_FILES=$(shell find . -type f -name '*.go' -not -path './vendor/*')
+
+.PHONY: setup_dev build build-mac swagger fmt clean test lint qc deploy
+
+setup: $(LINT_TOOL) setup_dev
+
+setup_dev:
+	go get -u golang.org/x/tools/cmd/goimports
+	go get -u github.com/golang/dep/cmd/dep	
+	go get golang.org/x/tools/cmd/cover
+	go get -u github.com/stripe/safesql
+
+deps:
+	dep ensure
+
+build: deps
+	env GOOS=linux GOARCH=amd64 go build $(BUILD_TAGS) $(LDFLAGS) -o bin/safesql safesql.go package16.go
+	chmod +x bin/safesql
+
+build-mac: deps
+	env GOOS=darwin GOARCH=amd64 go build $(LDFLAGS) -o bin/safesql safesql.go package16.go
+	chmod +x bin/safesql
+
+fmt:
+	@go fmt $(GO_PKGS)
+	@goimports -w -l $(GO_FILES)
+
+test:
+	@go test -v $(shell go list ./... | grep -v /vendor/ | grep -v /node_modules/) -coverprofile=cover.out
+
+clean:
+	rm -rf ./bin ./vendor Gopkg.lock
+
+$(LINT_TOOL):
+	curl -sfL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | sh -s -- -b $(shell go env GOPATH)/bin v1.16.0
+
+qc: $(LINT_TOOL)
+	$(LINT_TOOL) run --config=.golangci.yaml ./...
+
+lint: qc
+
+run:
+	./bin/safesql

safesql.go

@@ -39,6 +39,10 @@ var sqlPackages = []sqlPackage{
 		packageName: "github.com/jmoiron/sqlx",
 		paramNames:  []string{"query"},
 	},
+	{
+		packageName: "github.com/ido50/sqlz",
+		paramNames:  []string{"sql", "query"},
+	},
 }
 
 func main() {
@@ -86,7 +90,7 @@ func main() {
 		os.Exit(2)
 	}
 
-	s := ssautil.CreateProgram(p, 0)
+	s := ssautil.CreateProgram(p, 0) // nolint
 	s.Build()
 
 	qms := make([]*QueryMethod, 0)
@@ -285,7 +289,7 @@ func FindNonConstCalls(cg *callgraph.Graph, qms []*QueryMethod) []ssa.CallInstru
 	return bad
 }
 
-// Deal with GO15VENDOREXPERIMENT
+// FindPackage - Deal with GO15VENDOREXPERIMENT
 func FindPackage(ctxt *build.Context, path, dir string, mode build.ImportMode) (*build.Package, error) {
 	if !useVendor {
 		return ctxt.Import(path, dir, mode)
@@ -295,7 +299,7 @@ func FindPackage(ctxt *build.Context, path, dir string, mode build.ImportMode) (
 	var vendorDir string
 	for tmp := dir; vendorDir == "" && tmp != "/"; tmp = filepath.Dir(tmp) {
 		dname := filepath.Join(tmp, "vendor", filepath.FromSlash(path))
-		fd, err := os.Open(dname)
+		fd, err := os.Open(filepath.Clean(dname))
 		if err != nil {
 			continue
 		}