Flag when go.sum has excessive or insufficient package listings #3
Description
The go.sum file is used to track the crypto hashes of the packages used by a project. This gives confidence to the consumer of a module that they are using the same dependencies the author intended. During the course of development, the go.sum may balloon in size since Go v1.11 adds to the file. Also, it may be possible that the go.sum isn't updated and there are missing package hashes. Two flags should be developed for both cases.