Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
google.golang.org/api
$ go get google.golang.org/api/tasks/v1
$ go get google.golang.org/api/moderator/v1
$ go get google.golang.org/api/urlshortener/v1
... etc ...
and using:
package main
import (
"context"
"net/http"
"google.golang.org/api/urlshortener/v1"
)
func main() {
ctx := context.Background()
svc, err := urlshortener.NewService(ctx)
// ...
}
These are auto-generated Go libraries from the Google Discovery Service's JSON description files.
Due to the auto-generated nature of this collection of libraries they may contain breaking changes from one release to the next. The generator itself and the code it produces are considered beta for this reason.
These client libraries are officially supported by Google. However, the libraries are considered complete and are in maintenance mode. This means that we will address critical bugs and security issues but will not add any new features.
If you're working with Google Cloud Platform APIs such as Datastore or Pub/Sub, please use the Cloud Client Libraries for Go instead. These are the new and idiomatic Go libraries targeted specifically at Google Cloud Platform Services.
By default, each API will use Google Application Default Credentials for authorization credentials used in calling the API endpoints. This will allow your application to run in many environments without requiring explicit configuration.
// import "google.golang.org/api/sheets/v4"
client, err := sheets.NewService(ctx)
To authorize using a JSON key file, pass
option.WithCredentialsFile
to the NewService
function of the desired package. For example:
client, err := sheets.NewService(ctx, option.WithCredentialsFile("path/to/keyfile.json"))
You can exert more control over authorization by using the golang.org/x/oauth2
package to create an oauth2.TokenSource
. Then pass option.WithTokenSource
to the NewService
function:
tokenSource := ...
svc, err := sheets.NewService(ctx, option.WithTokenSource(tokenSource))
For some more information related to all of the generated clients please read through our package documentation.
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.