Research
2025 Report: Destructive Malware in Open Source Packages
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
By Kush Pandya - Dec 24, 2025
github.com/googleapis/google-cloud-go
Advanced tools
github.com/googleapis/google-cloud-go
- Version
- v0.123.0
- Version published
- Created
Google Cloud Client Libraries for Go
Go packages for Google Cloud Platform services.
Installation
go get cloud.google.com/go/firestore@latest # Replace firestore with the package you want to use.
NOTE: Some of these packages are under development, and may occasionally make backwards-incompatible changes.
Supported APIs
For an updated list of all of our released APIs please see our reference docs.
Go Versions Supported
Our libraries are compatible with the two most recent major Go releases, the same policy the Go programming language follows. This means the currently supported versions are:
- Go 1.24
- Go 1.25
Authentication
By default, each client library will use Application Default Credentials (ADC) to automatically configure the credentials used in calling the API endpoint. When using the libraries in a Google Cloud Platform environment such as Compute Engine, Kubernetes Engine, or App Engine, no additional authentication steps are necessary. See Authentication methods at Google and Authenticate for using client libraries for more information.
client, err := storage.NewClient(ctx)
For applications running elsewhere, such as your local development environment,
you can use the gcloud auth application-default login command from the
Google Cloud CLI to set user credentials in
your local filesystem. Application Default Credentials will automatically detect
these credentials. See Set up ADC for a local development
environment
for more information.
Alternately, you may need to provide an explicit path to your credentials. To authenticate
using a service account
key file, either set the GOOGLE_APPLICATION_CREDENTIALS environment variable to the path
to your key file, or programmatically pass
option.WithCredentialsFile
to the NewClient function of the desired package. For example:
client, err := storage.NewClient(ctx, option.WithCredentialsFile("path/to/keyfile.json"))
You can exert even more control over authentication by using the
credentials package to
create an auth.Credentials.
Then pass option.WithAuthCredentials
to the NewClient function:
creds, err := credentials.DetectDefault(&credentials.DetectOptions{...})
...
client, err := storage.NewClient(ctx, option.WithAuthCredentials(creds))
Contributing
Contributions are welcome. Please, see the CONTRIBUTING document for details.
Please note that this project is released with a Contributor Code of Conduct. By participating in this project you agree to abide by its terms. See Contributor Code of Conduct for more information.
Links
FAQs
Unknown package
Package last updated on 22 Sep 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Engineering with AI Podcast: The Promise of AI-First Development
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.
By Sarah Gooding - Dec 24, 2025
Research
/Security News
Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations
A five-month operation turned 27 npm packages into durable hosting for browser-run lures that mimic document-sharing portals and Microsoft sign-in, targeting 25 organizations across manufacturing, industrial automation, plastics, and healthcare for credential theft.
By Nicholas Anderson, Kirill Boychenko - Dec 23, 2025