Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
github.com/oracle/oci-go-sdk/v31
This is the Go SDK for Oracle Cloud Infrastructure. This project is open source and maintained by Oracle Corp. The home page for the project is here.
WARNING:: To avoid automatically consuming breaking changes if we have to rev the major version of the Go SDK, please consider using the Go dependency management tool, or vendoring the SDK. This will allow you to pin to a specific version of the Go SDK in your project, letting you control how and when you move to the next major version.
Use the following command to install this SDK:
go get -u github.com/oracle/oci-go-sdk
Alternatively you can git clone this repo.
We've applied Go Module after v25.0.0, for legacy user not using Go Module, you can still clone the repo under Go Path and use same import as before.
If you're using Go Module to import OCI Go SDK and you want to use the latest or specific Go SDK version, you need to update your require in go.mod
:
require github.com/oracle/oci-go-sdk/{major-version} {version}
And in the code, you also need to update the import following this pattern:
import (
"github.com/oracle/oci-go-sdk/{major-version}/common"
)
If you don't update your import and use your import like this github.com/oracle/oci-go-sdk/common
, your Go SDK version will remain at version: v24.3.0
Everytime after a major version release (which means it will include some breaking changes), you'll need to update the version in require and import to get the latest changes.
import (
"github.com/oracle/oci-go-sdk/v25"
)
in go.mod
or run go mod tidy
/ go build
after updating the import
require (
github.com/oracle/oci-go-sdk/{updated-major-version} {version}
)
The version will not be impacted without updating the import
To start working with the Go SDK, you import the service package, create a client, and then use that client to make calls.
Before using the SDK, set up a config file with the required credentials. See SDK and Tool Configuration for instructions.
Note that the Go SDK does not support profile inheritance or defining custom values in the configuration file.
Once a config file has been setup, call common.DefaultConfigProvider()
function as follows:
// Import necessary packages
import (
"github.com/oracle/oci-go-sdk/common"
"github.com/oracle/oci-go-sdk/identity" // Identity or any other service you wish to make requests to
)
//...
configProvider := common.DefaultConfigProvider()
Or, to configure the SDK programmatically instead, implement the ConfigurationProvider
interface shown below:
// ConfigurationProvider wraps information about the account owner
type ConfigurationProvider interface {
KeyProvider
TenancyOCID() (string, error)
UserOCID() (string, error)
KeyFingerprint() (string, error)
Region() (string, error)
}
Or simply use one of structs exposed by the oci-go-sdk
that already implement the above interface
To make a request to an Oracle Cloud Infrastructure service, create a client for the service and then use the client to call a function from the service.
New<ServiceName>ClientWithConfigurationProvider
,
such as NewVirtualNetworkClientWithConfigurationProvider
or NewIdentityClientWithConfigurationProvider
. To create a new client,
pass a struct that conforms to the ConfigurationProvider
interface, or use the DefaultConfigProvider()
function in the common package.For example:
config := common.DefaultConfigProvider()
client, err := identity.NewIdentityClientWithConfigurationProvider(config)
if err != nil {
panic(err)
}
context.Context
and a struct that wraps all input parameters. The functions then return a response struct
that contains the desired data, and an error struct that describes the error if an error occurs.For example:
id := "your_group_id"
response, err := client.GetGroup(context.Background(), identity.GetGroupRequest{GroupId:&id})
if err != nil {
//Something happened
panic(err)
}
//Process the data in response struct
fmt.Println("Group's name is:", response.Name)
The oci-go-sdk
contains the following:
Service packages: All packages except common
and any other package found inside cmd
. These packages represent
the Oracle Cloud Infrastructure services supported by the Go SDK. Each package represents a service.
These packages include methods to interact with the service, structs that model
input and output parameters, and a client struct that acts as receiver for the above methods.
Common package: Found in the common
directory. The common package provides supporting functions and structs used by service packages.
Includes HTTP request/response (de)serialization, request signing, JSON parsing, pointer to reference and other helper functions. Most of the functions
in this package are meant to be used by the service packages.
cmd: Internal tools used by the oci-go-sdk
.
Examples can be found here
Full documentation can be found on the godocs site.
oci-go-sdk
is an open source project. See CONTRIBUTING for details.
Oracle gratefully acknowledges the contributions to oci-go-sdk that have been made by the community.
Copyright (c) 2016, 2018, 2020, Oracle and/or its affiliates. All rights reserved. This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license.
See LICENSE for more details.
See CHANGELOG.
You can find information on any known issues with the SDK here and under the Issues tab of this project's GitHub repository.
go get github.com/stretchr/testify
go get -u github.com/golang/lint/golint
Building is provided by the make file at the root of the project. To build the project execute.
make build
To run the tests:
make test
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.