Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
github.com/lightstep/go-grpc-middleware
gRPC Go Middleware: interceptors, helpers, utilities.
Important The repo recently moved to github.com/grpc-ecosystem/go-grpc-middleware
, please update your import paths.
gRPC Go recently acquired support for Interceptors, i.e. middleware that is executed either on the gRPC Server before the request is passed onto the user's application logic, or on the gRPC client either around the user call. It is a perfect way to implement common patterns: auth, logging, message, validation, retries or monitoring.
These are generic building blocks that make it easy to build multiple microservices easily. The purpose of this repository is to act as a go-to point for such reusable functionality. It contains some of them itself, but also will link to useful external repos.
grpc_middleware
itself provides support for chaining interceptors. See Documentation, but here's an example:
import "github.com/grpc-ecosystem/go-grpc-middleware"
myServer := grpc.NewServer(
grpc.StreamInterceptor(grpc_middleware.ChainStreamServer(
grpc_ctxtags.StreamServerInterceptor(),
grpc_opentracing.StreamServerInterceptor(),
grpc_prometheus.StreamServerInterceptor,
grpc_zap.StreamServerInterceptor(zapLogger),
grpc_auth.StreamServerInterceptor(myAuthFunction),
grpc_recovery.StreamServerInterceptor(),
)),
grpc.UnaryInterceptor(grpc_middleware.ChainUnaryServer(
grpc_ctxtags.UnaryServerInterceptor(),
grpc_opentracing.UnaryServerInterceptor(),
grpc_prometheus.UnaryServerInterceptor,
grpc_zap.UnaryServerInterceptor(zapLogger),
grpc_auth.UnaryServerInterceptor(myAuthFunction),
grpc_recovery.UnaryServerInterceptor(),
)),
)
Please send a PR to add new interceptors or middleware to this list
grpc_auth
- a customizable (via AuthFunc
) piece of auth middlewaregrpc_ctxtags
- a library that adds a Tag
map to context, with data populated from request bodygrpc_zap
- integration of zap logging library into gRPC handlers.grpc_logrus
- integration of logrus logging library into gRPC handlers.grpc_prometheus
⚡ - Prometheus client-side and server-side monitoring middlewareotgrpc
⚡ - OpenTracing client-side and server-side interceptorsgrpc_opentracing
- OpenTracing client-side and server-side interceptors with support for streaming and handler-returned tagsgrpc_retry
- a generic gRPC response code retry mechanism, client-side middlewaregrpc_validator
- codegen inbound message validation from .proto
optionsgrpc_recovery
- turn panics into gRPC errorsThis code has been running in production since May 2016 as the basis of the gRPC micro services stack at Improbable.
Additional tooling will be added, and contributions are welcome.
go-grpc-middleware
is released under the Apache 2.0 license. See the LICENSE file for details.
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.