Research
Security News
The Growing Risk of Malicious Browser Extensions
Socket researchers uncover how browser extensions in trusted stores are used to hijack sessions, redirect traffic, and manipulate user behavior.
By Kush Pandya - Jun 13, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
github.com/databricks/databricks-sql-go
90
Supply Chain Security
100
Vulnerability
100
Quality
100
Maintenance
100
License
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Dependencies have 4 high and critical alerts.
Critical CVE and High CVE
Databricks SQL Driver for Go
Description
This repo contains a Databricks SQL Driver for Go's database/sql package. It can be used to connect and query Databricks clusters and SQL Warehouses.
Documentation
See doc.go for full documentation or the Databrick's documentation for SQL Driver for Go.
Usage
import (
"context"
"database/sql"
_ "github.com/databricks/databricks-sql-go"
)
db, err := sql.Open("databricks", "token:********@********.databricks.com:443/sql/1.0/endpoints/********")
if err != nil {
panic(err)
}
defer db.Close()
rows, err := db.QueryContext(context.Background(), "SELECT 1")
defer rows.Close()
Additional usage examples are available here.
Connecting with DSN (Data Source Name)
The DSN format is:
token:[your token]@[Workspace hostname]:[Port number][Endpoint HTTP Path]?param=value
You can set query timeout value by appending a timeout query parameter (in seconds) and you can set max rows to retrieve per network request by setting the maxRows query parameter:
token:[your token]@[Workspace hostname]:[Port number][Endpoint HTTP Path]?timeout=1000&maxRows=1000
You can turn on Cloud Fetch (now enabled by default) to increase the performance of extracting large query results by fetching data in parallel via cloud storage (more info here). You can also set the number of concurrently fetching goroutines by setting the maxDownloadThreads query parameter (default is 10):
token:[your token]@[Workspace hostname]:[Port number][Endpoint HTTP Path]?useCloudFetch=true&maxDownloadThreads=3
To disable Cloud Fetch (e.g., when handling smaller datasets or to avoid additional overhead), append useCloudFetch=false:
token:[your token]@[Workspace hostname]:[Port number][Endpoint HTTP Path]?useCloudFetch=false
Connecting with a new Connector
You can also connect with a new connector object. For example:
import (
"database/sql"
_ "github.com/databricks/databricks-sql-go"
)
connector, err := dbsql.NewConnector(
dbsql.WithServerHostname(<Workspace hostname>),
dbsql.WithPort(<Port number>),
dbsql.WithHTTPPath(<Endpoint HTTP Path>),
dbsql.WithAccessToken(<your token>)
)
if err != nil {
log.Fatal(err)
}
db := sql.OpenDB(connector)
defer db.Close()
View doc.go or connector.go to understand all the functional options available when creating a new connector object.
Develop
Lint
We use golangci-lint as the lint tool. If you use vs code, just add the following settings:
{
"go.lintTool": "golangci-lint",
"go.lintFlags": [
"--fast"
]
}
Unit Tests
go test
Issues
If you find any issues, feel free to create an issue or send a pull request directly.
Contributing
See CONTRIBUTING.md
License
FAQs
Unknown package
Package last updated on 09 Apr 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
2025 Blockchain and Cryptocurrency Threat Report: Malware in the Open Source Supply Chain
An in-depth analysis of credential stealers, crypto drainers, cryptojackers, and clipboard hijackers abusing open source package registries to compromise Web3 development environments.
By Kirill Boychenko - Jun 12, 2025
Security News
pnpm 10.12 Introduces Global Virtual Store and Expanded Version Catalogs
pnpm 10.12.1 introduces a global virtual store for faster installs and new options for managing dependencies with version catalogs.
By Sarah Gooding - Jun 11, 2025