Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
github.com/aldelo/common
- Version published
- Created
common
Common helper utilities and wrappers for code reuse.
When we code projects, we constantly encounter a similar set of functionality and logic. This package's intent is to wrap those commonly recurring functionalities and access points into a reusable helper package, so that we don't have to keep maintaining separate code bases.
This package will continue to be updated with more reusable code as well.
Usage
- To use the common package:
- in the project folder root:
- go mod init
- go mod tidy
- For example, if project is "HelloWorld":
- /HelloWorld/go mod init
- /HelloWorld/go mod tidy
types of helpers
- string helpers
- number helpers
- io helpers
- converter helpers
- db type helpers
- net helpers
- reflection helpers
- regex helpers
- time and date helpers
- uuid helpers
- crypto helpers (aes, gcm, rsa, sha, etc)
- csv parser helpers
- wrappers for aws related services
- service discovery / cloud map wrapper (using aws sdk)
- dynamodb / dax wrapper (using aws sdk)
- kms wrapper (using aws sdk)
- redis wrapper (using go-redis package)
- s3 wrapper (using aws sdk)
- ses wrapper (using aws sdk)
- sqs wrapper (using aws sdk)
- sns wrapper (using aws sdk)
- gin web server
- xray wrapper (using aws sdk)
- use xray.Init() to config
- use xray.SetXRayServiceOn() to enable xray tracing
- xray tracing is already coded into the following services:
- kms, cloudmap, dynamodb, redis, s3, ses, sns, sqs, mysql, gin
- wrappers for relational database access
- mysql wrapper (using sqlx package)
- sqlite wrapper (using sqlx package)
- sqlserver wrapper (using sqlx package)
- other wrappers
- for running as systemd service
- for logging and config
- for circuit breaker and rate limit
- etc.
build and deploy automation
- Create a file such as 'build.sh' within project
- Edit file content as:
#!/bin/zsh
GOOS=linux GOARCH=amd64 go build
scp -i ~/.ssh/YourKey.pem YourBinary hostUserName@hostIP:/home/hostUserName/targetFolder
- Descriptions:
- YourKey.pem = the Linux Host SSH Certificate Key
- YourBinary = the Binary Build by go build to Upload
- hostUserName = the Linux Host Login Username
- hostIP = the Linux Host IP Address
- hostUserName = the Linux Host Login Username
- targetFolder = the Linux Host Folder Where SCP Will Upload YourBinary To
FAQs
Unknown package
Package last updated on 28 Nov 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024