mirror of
https://github.com/gin-gonic/gin.git
synced 2026-07-12 05:51:12 +08:00
Compare commits
7 Commits
8dd7872443
...
7bc94fa65c
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
7bc94fa65c | ||
|
|
c3d5a28ed6 | ||
|
|
acc55e049e | ||
|
|
0c0e99d253 | ||
|
|
dceb61e6e7 | ||
|
|
5e5ff3ace4 | ||
|
|
a5d4feb098 |
16
.github/workflows/gin.yml
vendored
16
.github/workflows/gin.yml
vendored
@ -81,19 +81,3 @@ jobs:
|
||||
uses: codecov/codecov-action@v5
|
||||
with:
|
||||
flags: ${{ matrix.os }},go-${{ matrix.go }},${{ matrix.test-tags }}
|
||||
|
||||
vulnerability-scanning:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v5
|
||||
with:
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Run Trivy vulnerability scanner in repo mode
|
||||
uses: aquasecurity/trivy-action@0.33.1
|
||||
with:
|
||||
scan-type: "fs"
|
||||
ignore-unfixed: true
|
||||
format: "table"
|
||||
exit-code: "1"
|
||||
severity: "CRITICAL,HIGH,MEDIUM"
|
||||
|
||||
57
.github/workflows/trivy-scan.yml
vendored
Normal file
57
.github/workflows/trivy-scan.yml
vendored
Normal file
@ -0,0 +1,57 @@
|
||||
name: Trivy Security Scan
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
pull_request:
|
||||
branches:
|
||||
- master
|
||||
schedule:
|
||||
# Run every 3 months (quarterly) on the 1st day at 00:00 UTC
|
||||
# Months: January (1), April (4), July (7), October (10)
|
||||
- cron: '0 0 1 1,4,7,10 *'
|
||||
workflow_dispatch: # Allow manual trigger
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
security-events: write # Required for uploading SARIF results
|
||||
|
||||
jobs:
|
||||
trivy-scan:
|
||||
name: Trivy Security Scan
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v5
|
||||
with:
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Run Trivy vulnerability scanner (source code)
|
||||
uses: aquasecurity/trivy-action@0.33.1
|
||||
with:
|
||||
scan-type: 'fs'
|
||||
scan-ref: '.'
|
||||
scanners: 'vuln,secret,misconfig'
|
||||
format: 'sarif'
|
||||
output: 'trivy-results.sarif'
|
||||
severity: 'CRITICAL,HIGH,MEDIUM'
|
||||
ignore-unfixed: true
|
||||
|
||||
- name: Upload Trivy results to GitHub Security tab
|
||||
uses: github/codeql-action/upload-sarif@v4
|
||||
if: always()
|
||||
with:
|
||||
sarif_file: 'trivy-results.sarif'
|
||||
|
||||
- name: Run Trivy scanner (table output for logs)
|
||||
uses: aquasecurity/trivy-action@0.33.1
|
||||
if: always()
|
||||
with:
|
||||
scan-type: 'fs'
|
||||
scan-ref: '.'
|
||||
scanners: 'vuln,secret,misconfig'
|
||||
format: 'table'
|
||||
severity: 'CRITICAL,HIGH,MEDIUM'
|
||||
ignore-unfixed: true
|
||||
exit-code: '1'
|
||||
11
README.md
11
README.md
@ -3,6 +3,7 @@
|
||||
<img align="right" width="159px" src="https://raw.githubusercontent.com/gin-gonic/logo/master/color.png">
|
||||
|
||||
[](https://github.com/gin-gonic/gin/actions/workflows/gin.yml)
|
||||
[](https://github.com/gin-gonic/gin/actions/workflows/trivy-scan.yml)
|
||||
[](https://codecov.io/gh/gin-gonic/gin)
|
||||
[](https://goreportcard.com/report/github.com/gin-gonic/gin)
|
||||
[](https://pkg.go.dev/github.com/gin-gonic/gin?tab=doc)
|
||||
@ -62,6 +63,7 @@ Here's a complete example that demonstrates Gin's simplicity:
|
||||
package main
|
||||
|
||||
import (
|
||||
"log"
|
||||
"net/http"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
@ -70,7 +72,7 @@ import (
|
||||
func main() {
|
||||
// Create a Gin router with default middleware (logger and recovery)
|
||||
r := gin.Default()
|
||||
|
||||
|
||||
// Define a simple GET endpoint
|
||||
r.GET("/ping", func(c *gin.Context) {
|
||||
// Return JSON response
|
||||
@ -78,10 +80,12 @@ func main() {
|
||||
"message": "pong",
|
||||
})
|
||||
})
|
||||
|
||||
|
||||
// Start server on port 8080 (default)
|
||||
// Server will listen on 0.0.0.0:8080 (localhost:8080 on Windows)
|
||||
r.Run()
|
||||
if err := r.Run(); err != nil {
|
||||
log.Fatalf("failed to run server: %v", err)
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
@ -190,7 +194,6 @@ Gin has a rich ecosystem of middleware for common web development needs. Explore
|
||||
- CORS, Rate limiting, Compression
|
||||
- Logging, Metrics, Tracing
|
||||
- Static file serving, Template engines
|
||||
|
||||
- **[gin-gonic/contrib](https://github.com/gin-gonic/contrib)** - Additional community middleware
|
||||
|
||||
## 🏢 Production Usage
|
||||
|
||||
@ -154,7 +154,7 @@ func runRequest(B *testing.B, r *Engine, method, path string) {
|
||||
w := newMockWriter()
|
||||
B.ReportAllocs()
|
||||
B.ResetTimer()
|
||||
for i := 0; i < B.N; i++ {
|
||||
for B.Loop() {
|
||||
r.ServeHTTP(w, req)
|
||||
}
|
||||
}
|
||||
|
||||
@ -27,7 +27,7 @@ func (err SliceValidationError) Error() string {
|
||||
}
|
||||
|
||||
var b strings.Builder
|
||||
for i := 0; i < len(err); i++ {
|
||||
for i := range len(err) {
|
||||
if err[i] != nil {
|
||||
if b.Len() > 0 {
|
||||
b.WriteString("\n")
|
||||
@ -58,7 +58,7 @@ func (v *defaultValidator) ValidateStruct(obj any) error {
|
||||
case reflect.Slice, reflect.Array:
|
||||
count := value.Len()
|
||||
validateRet := make(SliceValidationError, 0)
|
||||
for i := 0; i < count; i++ {
|
||||
for i := range count {
|
||||
if err := v.ValidateStruct(value.Index(i).Interface()); err != nil {
|
||||
validateRet = append(validateRet, err)
|
||||
}
|
||||
|
||||
@ -20,7 +20,7 @@ func BenchmarkSliceValidationError(b *testing.B) {
|
||||
b.ReportAllocs()
|
||||
b.ResetTimer()
|
||||
|
||||
for i := 0; i < b.N; i++ {
|
||||
for b.Loop() {
|
||||
if len(e.Error()) == 0 {
|
||||
b.Errorf("error")
|
||||
}
|
||||
|
||||
@ -118,7 +118,7 @@ func mapping(value reflect.Value, field reflect.StructField, setter setter, tag
|
||||
tValue := value.Type()
|
||||
|
||||
var isSet bool
|
||||
for i := 0; i < value.NumField(); i++ {
|
||||
for i := range value.NumField() {
|
||||
sf := tValue.Field(i)
|
||||
if sf.PkgPath != "" && !sf.Anonymous { // unexported
|
||||
continue
|
||||
|
||||
@ -31,7 +31,7 @@ type structFull struct {
|
||||
|
||||
func BenchmarkMapFormFull(b *testing.B) {
|
||||
var s structFull
|
||||
for i := 0; i < b.N; i++ {
|
||||
for b.Loop() {
|
||||
err := mapForm(&s, form)
|
||||
if err != nil {
|
||||
b.Fatalf("Error on a form mapping")
|
||||
@ -54,7 +54,7 @@ type structName struct {
|
||||
|
||||
func BenchmarkMapFormName(b *testing.B) {
|
||||
var s structName
|
||||
for i := 0; i < b.N; i++ {
|
||||
for b.Loop() {
|
||||
err := mapForm(&s, form)
|
||||
if err != nil {
|
||||
b.Fatalf("Error on a form mapping")
|
||||
|
||||
22
context.go
22
context.go
@ -39,6 +39,7 @@ const (
|
||||
MIMEYAML = binding.MIMEYAML
|
||||
MIMEYAML2 = binding.MIMEYAML2
|
||||
MIMETOML = binding.MIMETOML
|
||||
MIMEPROTOBUF = binding.MIMEPROTOBUF
|
||||
)
|
||||
|
||||
// BodyBytesKey indicates a default body bytes key.
|
||||
@ -1280,14 +1281,15 @@ func (c *Context) Stream(step func(w io.Writer) bool) bool {
|
||||
|
||||
// Negotiate contains all negotiations data.
|
||||
type Negotiate struct {
|
||||
Offered []string
|
||||
HTMLName string
|
||||
HTMLData any
|
||||
JSONData any
|
||||
XMLData any
|
||||
YAMLData any
|
||||
Data any
|
||||
TOMLData any
|
||||
Offered []string
|
||||
HTMLName string
|
||||
HTMLData any
|
||||
JSONData any
|
||||
XMLData any
|
||||
YAMLData any
|
||||
Data any
|
||||
TOMLData any
|
||||
PROTOBUFData any
|
||||
}
|
||||
|
||||
// Negotiate calls different Render according to acceptable Accept format.
|
||||
@ -1313,6 +1315,10 @@ func (c *Context) Negotiate(code int, config Negotiate) {
|
||||
data := chooseData(config.TOMLData, config.Data)
|
||||
c.TOML(code, data)
|
||||
|
||||
case binding.MIMEPROTOBUF:
|
||||
data := chooseData(config.PROTOBUFData, config.Data)
|
||||
c.ProtoBuf(code, data)
|
||||
|
||||
default:
|
||||
c.AbortWithError(http.StatusNotAcceptable, errors.New("the accepted formats are not offered by the server")) //nolint: errcheck
|
||||
}
|
||||
|
||||
@ -1628,6 +1628,32 @@ func TestContextNegotiationWithHTML(t *testing.T) {
|
||||
assert.Equal(t, "text/html; charset=utf-8", w.Header().Get("Content-Type"))
|
||||
}
|
||||
|
||||
func TestContextNegotiationWithPROTOBUF(t *testing.T) {
|
||||
w := httptest.NewRecorder()
|
||||
c, _ := CreateTestContext(w)
|
||||
c.Request = httptest.NewRequest(http.MethodPost, "/", nil)
|
||||
|
||||
reps := []int64{int64(1), int64(2)}
|
||||
label := "test"
|
||||
data := &testdata.Test{
|
||||
Label: &label,
|
||||
Reps: reps,
|
||||
}
|
||||
|
||||
c.Negotiate(http.StatusCreated, Negotiate{
|
||||
Offered: []string{MIMEPROTOBUF, MIMEJSON, MIMEXML},
|
||||
Data: data,
|
||||
})
|
||||
|
||||
// Marshal original data for comparison
|
||||
protoData, err := proto.Marshal(data)
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.Equal(t, http.StatusCreated, w.Code)
|
||||
assert.Equal(t, string(protoData), w.Body.String())
|
||||
assert.Equal(t, "application/x-protobuf", w.Header().Get("Content-Type"))
|
||||
}
|
||||
|
||||
func TestContextNegotiationNotSupport(t *testing.T) {
|
||||
w := httptest.NewRecorder()
|
||||
c, _ := CreateTestContext(w)
|
||||
@ -3594,22 +3620,22 @@ func BenchmarkGetMapFromFormData(b *testing.B) {
|
||||
|
||||
// Test case 3: Large dataset with many bracket keys
|
||||
largeData := make(map[string][]string)
|
||||
for i := 0; i < 100; i++ {
|
||||
for i := range 100 {
|
||||
key := fmt.Sprintf("ids[%d]", i)
|
||||
largeData[key] = []string{fmt.Sprintf("value%d", i)}
|
||||
}
|
||||
for i := 0; i < 50; i++ {
|
||||
for i := range 50 {
|
||||
key := fmt.Sprintf("names[%d]", i)
|
||||
largeData[key] = []string{fmt.Sprintf("name%d", i)}
|
||||
}
|
||||
for i := 0; i < 25; i++ {
|
||||
for i := range 25 {
|
||||
key := fmt.Sprintf("other[key%d]", i)
|
||||
largeData[key] = []string{fmt.Sprintf("other%d", i)}
|
||||
}
|
||||
|
||||
// Test case 4: Dataset with many non-matching keys (worst case)
|
||||
worstCaseData := make(map[string][]string)
|
||||
for i := 0; i < 100; i++ {
|
||||
for i := range 100 {
|
||||
key := fmt.Sprintf("nonmatching%d", i)
|
||||
worstCaseData[key] = []string{fmt.Sprintf("value%d", i)}
|
||||
}
|
||||
@ -3645,7 +3671,7 @@ func BenchmarkGetMapFromFormData(b *testing.B) {
|
||||
for _, bm := range benchmarks {
|
||||
b.Run(bm.name, func(b *testing.B) {
|
||||
b.ReportAllocs()
|
||||
for i := 0; i < b.N; i++ {
|
||||
for b.Loop() {
|
||||
_, _ = getMapFromFormData(bm.data, bm.key)
|
||||
}
|
||||
})
|
||||
|
||||
1
gin.go
1
gin.go
@ -593,6 +593,7 @@ func (engine *Engine) RunFd(fd int) (err error) {
|
||||
}
|
||||
|
||||
f := os.NewFile(uintptr(fd), fmt.Sprintf("fd@%d", fd))
|
||||
defer f.Close()
|
||||
listener, err := net.FileListener(f)
|
||||
if err != nil {
|
||||
return
|
||||
|
||||
@ -393,7 +393,7 @@ func TestConcurrentHandleContext(t *testing.T) {
|
||||
var wg sync.WaitGroup
|
||||
iterations := 200
|
||||
wg.Add(iterations)
|
||||
for i := 0; i < iterations; i++ {
|
||||
for range iterations {
|
||||
go func() {
|
||||
req, err := http.NewRequest(http.MethodGet, "/", nil)
|
||||
assert.NoError(t, err)
|
||||
|
||||
@ -30,7 +30,7 @@ func rawStrToBytes(s string) []byte {
|
||||
|
||||
func TestBytesToString(t *testing.T) {
|
||||
data := make([]byte, 1024)
|
||||
for i := 0; i < 100; i++ {
|
||||
for range 100 {
|
||||
_, err := cRand.Read(data)
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
@ -70,7 +70,7 @@ func RandStringBytesMaskImprSrcSB(n int) string {
|
||||
}
|
||||
|
||||
func TestStringToBytes(t *testing.T) {
|
||||
for i := 0; i < 100; i++ {
|
||||
for range 100 {
|
||||
s := RandStringBytesMaskImprSrcSB(64)
|
||||
if !bytes.Equal(rawStrToBytes(s), StringToBytes(s)) {
|
||||
t.Fatal("don't match")
|
||||
|
||||
@ -94,7 +94,7 @@ func TestPathCleanMallocs(t *testing.T) {
|
||||
func BenchmarkPathClean(b *testing.B) {
|
||||
b.ReportAllocs()
|
||||
|
||||
for i := 0; i < b.N; i++ {
|
||||
for b.Loop() {
|
||||
for _, test := range cleanTests {
|
||||
cleanPath(test.path)
|
||||
}
|
||||
@ -137,7 +137,7 @@ func BenchmarkPathCleanLong(b *testing.B) {
|
||||
b.ResetTimer()
|
||||
b.ReportAllocs()
|
||||
|
||||
for i := 0; i < b.N; i++ {
|
||||
for b.Loop() {
|
||||
for _, test := range cleanTests {
|
||||
cleanPath(test.path)
|
||||
}
|
||||
|
||||
2
utils.go
2
utils.go
@ -155,7 +155,7 @@ func resolveAddress(addr []string) string {
|
||||
|
||||
// https://stackoverflow.com/questions/53069040/checking-a-string-contains-only-ascii-characters
|
||||
func isASCII(s string) bool {
|
||||
for i := 0; i < len(s); i++ {
|
||||
for i := range len(s) {
|
||||
if s[i] > unicode.MaxASCII {
|
||||
return false
|
||||
}
|
||||
|
||||
@ -19,7 +19,7 @@ func init() {
|
||||
}
|
||||
|
||||
func BenchmarkParseAccept(b *testing.B) {
|
||||
for i := 0; i < b.N; i++ {
|
||||
for b.Loop() {
|
||||
parseAccept("text/html , application/xhtml+xml,application/xml;q=0.9, */* ;q=0.8")
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user