New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
Socket
Book a DemoSign in
Socket
Book a DemoSign in

github.com/NpoolPlatform/third-manager

Package Overview
Dependencies
Versions
30
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

github.com/NpoolPlatform/third-manager

Source
Go Modules
Version
v0.0.0-20230221094129-8fa0fe827cc5
Version published
Created
Source

Npool third manager

Test

目录

功能

  • 支持third manager

命令

  • make init 初始化仓库,创建go.mod
  • make verify 验证开发环境与构建环境,检查code conduct
  • make verify-build 编译目标
  • make test 单元测试
  • make generate-docker-images 生成docker镜像
  • make third-manager 单独编译服务
  • make third-manager-image 单独生成服务镜像
  • make deploy-to-k8s-cluster 部署到k8s集群

最佳实践

  • 每个服务只提供单一可执行文件,有利于docker镜像打包与k8s部署管理
  • 每个服务提供http调试接口,通过curl获取调试信息
  • 集群内服务间direct call调用通过服务发现获取目标地址进行调用
  • 集群内服务间event call调用通过rabbitmq解耦

关于mysql

  • 创建app后,从app.Mysql()获取本地mysql client
  • 文档参考

API规范(假设目标对象为Object)

前端接口或App管理员接口

  • 创建 CreateObject
  • 批量创建 CreateObjects
  • 更新 UpdateObject
  • 更新指定域 UpdateObjectFields
  • 原子加指定域 AddObjectFields
  • 用ID查询 GetObject
  • 条件查询单条 GetObjectOnly
  • 条件查询多条 GetObjects
  • 条件计数 CountObjects
  • 查询ID是否存在 ExistObject
  • 查询条件是否存在 ExistObjectConds
  • ID删除 DeleteObject

大后台管理员接口

  • 为其他App创建 CreateAppObject
  • 批量为其他App创建 CreateAppObjects
  • 查询其他App多条 GetAppObjects

注意事项

  • 网关对请求的http header字段做如下转换(request为http请求body)

    • X-App-ID -> request.AppID,
    • X-App-ID -> request.Info.AppID, 如果request携带Info字段
    • X-User-ID -> request.UserID,
    • X-User-ID -> request.Info.UserID, 如果request携带Info字段
    • X-Lang-ID -> request.LangID,
    • X-Lang-ID -> request.Info.LangID, 如果request携带Info字段
    • X-App-User-Token -> request.Token,
    • X-App-User-Token -> request.Info.Token, 如果request携带Info字段

  • 对于通过条件查询的前端API或App管理员API,其request中应总是包含AppID字段,实现时应该总是将该AppID字段添加到查询条件

  • 对于批量创建的前端或App管理员API,其request中应总是包含AppID字段,实现时应该总是将该AppID字段覆盖request.Info或request.Infos中的AppID

  • 更新API的实现不应更新AppID域

  • 对于通过条件查询或创建其他App数据的大后台管理员API,其request中应总是包含TargetAppID,实现时应该总是将TargetAppID字段覆盖request.Info或request.Infos中的AppID

FAQs

Package last updated on 21 Feb 2023

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Attackers Are Hunting High-Impact Node.js Maintainers in a Coordinated Social Engineering Campaign

Security News

Attackers Are Hunting High-Impact Node.js Maintainers in a Coordinated Social Engineering Campaign

Multiple high-impact npm maintainers confirm they have been targeted in the same social engineering campaign that compromised Axios.

By Sarah Gooding  -  Apr 03, 2026