Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
github.com/thegodwinproject/buffalo
A Go web development eco-system, designed to make your project easier.
Buffalo helps you to generate a web project that already has everything from front-end (JavaScript, SCSS, etc.) to the back-end (database, routing, etc.) already hooked up and ready to run. From there it provides easy APIs to build your web application quickly in Go.
Buffalo isn't just a framework; it's a holistic web development environment and project structure that lets developers get straight to the business of, well, building their business.
I :heart: web dev in go again - Brian Ketelsen
The current stable version of Buffalo core is v1 (v1
branch).
Versions (branches):
main
is for the current mainstream development.v1
is the current stable release.Buffalo works only with Go modules. GOPATH
mode is likely to break most of the functionality of the Buffalo eco-system. Please see this blog post for more information.
Also, the Buffalo team actively gives support to the last 2 versions of Go, which at the moment are:
While Buffalo may
work on older versions, we encourage you to upgrade to latest 2 versions of Go for a better development experience.
Please visit http://gobuffalo.io for the latest documentation, examples, and more.
Buffalo would not be possible if not for all of the great projects it depends on. Please see SHOULDERS.md to see a list of them.
github.com/gobuffalo/plush - This templating package was chosen over the standard Go html/template
package for a variety of reasons. The biggest of which is that it is significantly more flexible and easy to work with.
github.com/gorilla/mux - This router was chosen because of its stability and flexibility. There might be faster routers out there, but this one is definitely the most powerful!
github.com/markbates/grift - If you're familiar with Rake tasks from Ruby, you'll be right at home using Grift. This package was chosen to allow for the easy running of simple, and common, tasks that most web applications need. Think things like seeding a database or taking in a CSV file and generating database records. Buffalo ships with an example routes
task that prints of the defined routes and the function that handles those requests.
github.com/gobuffalo/pop - Accessing databases is nothing new in web applications. Pop, and its command line tool, Soda, were chosen because they strike a nice balance between simplifying common tasks, being idiomatic, and giving you the flexibility you need to build your app. Pop and Soda share the same core philosophies as Buffalo, so they were a natural choice.
github.com/gorilla - The Gorilla toolkit is a great set of packages designed to improve upon the standard library for a variety of web-related packages. With these high-quality packages Buffalo can keep its "core" code to a minimum and focus on its goal of gluing them all together to make your life better.
Oh, yeah, everyone wants benchmarks! What would a web framework be without its benchmarks? Well, guess what? I'm not giving you any! That's right. This is Go! I assure you that it is plenty fast enough for you. If you want benchmarks you can either a) check out any benchmarks that the GIANTS Buffalo is built upon having published, or b) run your own. I have no interest in playing the benchmark game, and neither should you.
First, thank you so much for wanting to contribute! It means so much that you care enough to want to contribute. We appreciate every PR from the smallest of typos to the be biggest of features.
Here are the core rules to respect:
main
branch if your PR is for mainstream or version
specific branch e.g. v1
if your PR is for specific version.
Note that the valid branch for a new feature request PR should be main
while a PR against a version specific branch are allowed only for bugfixes.For the full contribution guidelines, please read CONTRIBUTING.
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.