Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
github.com/nvx/go-grpc-middleware
- Version published
- Created
Go gRPC Middleware
gRPC Go Middleware: interceptors, helpers, utilities.
Middleware
gRPC Go recently acquired support for Interceptors, i.e. middleware that is executed either on the gRPC Server before the request is passed onto the user's application logic, or on the gRPC client either around the user call. It is a perfect way to implement common patterns: auth, logging, message, validation, retries or monitoring.
These are generic building blocks that make it easy to build multiple microservices easily. The purpose of this repository is to act as a go-to point for such reusable functionality. It contains some of them itself, but also will link to useful external repos.
grpc_middleware itself provides support for chaining interceptors, here's an example:
import "github.com/grpc-ecosystem/go-grpc-middleware"
myServer := grpc.NewServer(
grpc.StreamInterceptor(grpc_middleware.ChainStreamServer(
grpc_ctxtags.StreamServerInterceptor(),
grpc_opentracing.StreamServerInterceptor(),
grpc_prometheus.StreamServerInterceptor,
grpc_zap.StreamServerInterceptor(zapLogger),
grpc_auth.StreamServerInterceptor(myAuthFunction),
grpc_recovery.StreamServerInterceptor(),
)),
grpc.UnaryInterceptor(grpc_middleware.ChainUnaryServer(
grpc_ctxtags.UnaryServerInterceptor(),
grpc_opentracing.UnaryServerInterceptor(),
grpc_prometheus.UnaryServerInterceptor,
grpc_zap.UnaryServerInterceptor(zapLogger),
grpc_auth.UnaryServerInterceptor(myAuthFunction),
grpc_recovery.UnaryServerInterceptor(),
)),
)
Interceptors
Please send a PR to add new interceptors or middleware to this list
Auth
grpc_auth- a customizable (viaAuthFunc) piece of auth middleware
Logging
grpc_ctxtags- a library that adds aTagmap to context, with data populated from request bodygrpc_zap- integration of zap logging library into gRPC handlers.grpc_logrus- integration of logrus logging library into gRPC handlers.
Monitoring
grpc_prometheus⚡ - Prometheus client-side and server-side monitoring middlewareotgrpc⚡ - OpenTracing client-side and server-side interceptorsgrpc_opentracing- OpenTracing client-side and server-side interceptors with support for streaming and handler-returned tags
Client
grpc_retry- a generic gRPC response code retry mechanism, client-side middleware
Server
grpc_validator- codegen inbound message validation from.protooptionsgrpc_recovery- turn panics into gRPC errorsratelimit- grpc rate limiting by your own limiter
Status
This code has been running in production since May 2016 as the basis of the gRPC micro services stack at Improbable.
Additional tooling will be added, and contributions are welcome.
License
go-grpc-middleware is released under the Apache 2.0 license. See the LICENSE file for details.
FAQs
Unknown package
Package last updated on 12 Sep 2019
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024