Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
github.com/GoogleCloudPlatform/govanityurls
- Version published
- Created
Go Vanity URLs
Go Vanity URLs is a simple App Engine Go app that allows you to set custom import paths for your Go packages.
Quickstart
Install gcloud and install Go App Engine component:
$ gcloud components install app-engine-go
Setup a custom domain for your app.
Get the application:
git clone https://github.com/GoogleCloudPlatform/govanityurls
cd govanityurls
Edit vanity.yaml to add any number of git repos. E.g., customdomain.com/portmidi will
serve the https://github.com/rakyll/portmidi repo.
paths:
/portmidi:
repo: https://github.com/rakyll/portmidi
You can add as many rules as you wish.
Deploy the app:
$ gcloud app deploy
That's it! You can use go get to get the package from your custom domain.
$ go get customdomain.com/portmidi
Running in other environments
You can also deploy this as an App Engine Flexible app by changing the
app.yaml file:
runtime: go
env: flex
This project is a normal Go HTTP server, so you can also incorporate the handler into larger Go servers.
Configuration File
host: example.com
cache_max_age: 3600
paths:
/foo:
repo: https://github.com/example/foo
display: "https://github.com/example/foo https://github.com/example/foo/tree/master{/dir} https://github.com/example/foo/blob/master{/dir}/{file}#L{line}"
vcs: git
| Key | Required | Description |
|---|---|---|
cache_max_age | optional | The amount of time to cache package pages in seconds. Controls the max-age directive sent in the Cache-Control HTTP header. |
host | optional | Host name to use in meta tags. If omitted, uses the App Engine default version host or the Host header on non-App Engine Standard environments. You can use this option to fix the host when using this service behind a reverse proxy or a custom dispatch file. |
paths | required | Map of paths to path configurations. Each key is a path that will point to the root of a repository hosted elsewhere. The fields are documented in the Path Configuration section below. |
Path Configuration
| Key | Required | Description |
|---|---|---|
display | optional | The last three fields of the go-source meta tag. If omitted, it is inferred from the code hosting service if possible. |
repo | required | Root URL of the repository as it would appear in go-import meta tag. |
vcs | required if ambiguous | If the version control system cannot be inferred (e.g. for Bitbucket or a custom domain), then this specifies the version control system as it would appear in go-import meta tag. This can be one of git, hg, svn, or bzr. |
FAQs
Unknown package
Package last updated on 06 Feb 2020
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024