Research
2025 Report: Destructive Malware in Open Source Packages
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
By Kush Pandya - Dec 24, 2025
github.com/creidef/gorest
- Version
- v1.6.8
- Version published
- Created
gorest | RESTful API Starter kit
gorest is a starter kit, written in Golang with Gin framework, for rapid prototyping and developing a RESTful API. The source code is released under the MIT license and is free for any personal or commercial project.
Versioning
1.x.y
1: production-ready
x: breaking changes
y: new functionality or bug fixes in a backwards compatible manner
Important
Version 1.6.x contains breaking changes!
Note: For version 1.4.5: v1.4.5
Requirement
Go 1.19+
Supported databases
- MySQL
- PostgreSQL
- SQLite3
- Redis
- MongoDB
Note: gorest uses GORM as its ORM
Features
- built on top of Gin
- use the supported databases without writing any extra configuration files
- environment variables using GoDotEnv
- CORS policy
- basic auth
- two-factor authentication
- JWT using golang-jwt/jwt
- password hashing with
Argon2id - JSON protection from hijacking
- simple firewall (whitelist/blacklist IP)
- email validation (pattern + MX lookup)
- email verification (sending verification code)
- forgotten password recovery
- render
HTMLtemplates - forward error logs and crash reports to sentry.io
- super easy to learn and use - lots of example codes
Start building
Please study the .env.sample file. It is one of the most crucial files required
to properly set up a new project. Please rename the .env.sample file to .env,
and set the environment variables according to your own instance setup.
Tutorials:
For version 1.6.x, please check the project in example
For version 1.4.x and 1.5.x, Wiki
- convention over configuration
import (
"github.com/gin-gonic/gin"
gconfig "github.com/pilinux/gorest/config"
gcontroller "github.com/pilinux/gorest/controller"
gdatabase "github.com/pilinux/gorest/database"
gmiddleware "github.com/pilinux/gorest/lib/middleware"
)
- install a relational (SQLite3, MySQL or PostgreSQL), Redis, or Mongo database
- for 2FA, a relational + a redis database is required
- set up an environment to compile the Go codes (a quick tutorial for any Debian based OS)
- install
git - check the Wiki and example for tutorials and implementations
Note: For MySQL driver, please check issue: 7
Note For SQLite3:
DBUSER,DBPASS,DBHOSTandDBPORTenvironment variables should be left unchanged.DBNAMEmust contain the full path and the database file name; i.e,
/user/location/database.db
Contributing
Please see CONTRIBUTING to join this amazing project.
Code of conduct
Please see this document.
License
© Mahir Hasan 2019 - 2023
Released under the MIT license
FAQs
Unknown package
Package last updated on 21 Feb 2023
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Engineering with AI Podcast: The Promise of AI-First Development
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.
By Sarah Gooding - Dec 24, 2025
Research
/Security News
Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations
A five-month operation turned 27 npm packages into durable hosting for browser-run lures that mimic document-sharing portals and Microsoft sign-in, targeting 25 organizations across manufacturing, industrial automation, plastics, and healthcare for credential theft.
By Nicholas Anderson, Kirill Boychenko - Dec 23, 2025