Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
grpc-code-gen
Advanced tools
Code generator for grpc, for typescript and javascript.
grpc-code-gen gen -u git@git.myscrm.cn:2c/panther-statistics-proto.git,git@git.myscrm.cn:2c/panther-third-proto.git -b test -t ${token} -d test/code-gen-cli
//grpc-code-gen.config.js
module.exports = {
gitUrls: [
{
url: 'git@git.myscrm.cn:ykcommon/ykproto.git',
branch: 'master',
},
// 服务依赖proto
{
url: 'git@git.myscrm.cn:ykcommon/common-proto.git',
branch: 'master',
type:'lib'
},
{
url: 'git@git.myscrm.cn:2c/panther-statistics-proto.git',
// panther-statistics 服务proto依赖于 common-proto
deps:['git@git.myscrm.cn:ykcommon/common.git']
},
'git@git.myscrm.cn:2c/panther-third-proto.git',
],
branch: 'test',
accessToken: '${token}',
baseDir: `${__dirname}/code-gen`,
resolvePath: (origin, target, rootDir) => {
if (/^git\.myscrm\.cn\/golang\/common\/proto\/(google|common)\//.test(target)) {
return `${rootDir}/git.myscrm.cn/ykcommon/ykproto/${target.replace(/^git\.myscrm\.cn\/golang\/common\/proto\//, '')}`;
} else if (/^proto\/(common|google)\//.test(target)) {
return `${rootDir}/git.myscrm.cn/ykcommon/ykproto/${target.replace(/^proto\//, '')}`;
} else if (/^proto\//.test(target)) {
return target.replace(/^proto\/([^\/]+)(.+)/, (_target, $1, $2) => {
return `${rootDir}/git.myscrm.cn/2c/${$1.replace(/_/g, '-')}${$2}`;
});
} else if (/^(common|google\/api)\//.test(target)) {
return `${rootDir}/git.myscrm.cn/ykcommon/ykproto/${target}`;
}
return null;
},
};
then
grpc-code-gen gen
参数 | 类型 | 说明 | 默认值 |
---|---|---|---|
gitUrls | Array<string | {url: string, branch?: string, accessToken?: string}> | 仓库地址数组 | null |
branch | string | 分支,如参数没有,会去读取环境变量参数branch | null |
accessToken | string | git access token | null |
baseDir? | string | 生成目录 | null |
target? | javascript typescript | 目标语言 | null |
grpcNpmName? | string | grpc npm name, 可取值:grpc , @grpc/grpc-js | grpc |
jsonSemanticTypes? | boolean | 生成json semantic types | false |
loaderOptions? | LoaderOptions | loader生成配置 | { defaults: true } |
callOptions? | callOptions | 方法调用配置 | null |
logOptions? | logOptions | 日志配置 | null |
filterError? | (err: Error) => Error | 错误过滤 | (err) => err |
参数 | 类型 | 说明 | 默认值 |
---|---|---|---|
timeout? | number | 超时时间,单位:ms | undefined |
参数 | 类型 | 说明 | 默认值 |
---|---|---|---|
disable? | boolean | 是否启用 | false |
attributes? | string[] | 记录字段,request, response | ['request'] |
const base = require('grpc-code-gen/build/base');
base.gen({
gitUrls: [
{
url: 'git@git.myscrm.cn:ykcommon/ykproto.git',
branch: 'master',
},
'git@git.myscrm.cn:2c/panther-statistics-proto.git',
'git@git.myscrm.cn:2c/panther-third-proto.git',
],
branch: 'test',
accessToken: process.env.token,
baseDir: `${__dirname}/code-gen`,
resolvePath: (origin, target, rootDir) => {
if (/^git\.myscrm\.cn\/golang\/common\/proto\/(google|common)\//.test(target)) {
return `${rootDir}/git.myscrm.cn/ykcommon/ykproto/${target.replace(/^git\.myscrm\.cn\/golang\/common\/proto\//, '')}`;
} else if (/^proto\/(common|google)\//.test(target)) {
return `${rootDir}/git.myscrm.cn/ykcommon/ykproto/${target.replace(/^proto\//, '')}`;
} else if (/^proto\//.test(target)) {
return target.replace(/^proto\/([^\/]+)(.+)/, (_target, $1, $2) => {
return `${rootDir}/git.myscrm.cn/2c/${$1.replace(/_/g, '-')}${$2}`;
});
} else if (/^(common|google\/api)\//.test(target)) {
return `${rootDir}/git.myscrm.cn/ykcommon/ykproto/${target}`;
}
return null;
},
})
.catch((err)=>{
console.error(err.stack)
});
v6.1.0 版本 gitUrls配置新增依赖项
v6.0.6 版本 新增 access 日志链路
v6.0.4 版本 新增 grpc-service.dev.config.js 本地配置,去掉繁琐的本地host配置
v6.0.3 版本 解决编译go proto枚举报错问题
v6.0.0 版本 解决grpc-code-gen编译时,后端相同package下有相同service的冲突问题
v5.4.4 版本 解决javascript精度文档,js在超过16位的number数字会有精度丢失问题,因此统一把('double', 'float', 'int64', 'uint64', 'sint64', 'fixed64', 'sfixed64')类型转换为string类型
v5.3.0 版本 bff grpc 新增热重启功能
FAQs
Code generator for grpc, for typescript and javascript.
The npm package grpc-code-gen receives a total of 5 weekly downloads. As such, grpc-code-gen popularity was classified as not popular.
We found that grpc-code-gen demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.