temporalio / samples-go Goto Github PK
View Code? Open in Web Editor NEWTemporal Go SDK samples
Home Page: https://docs.temporal.io/docs/go
License: Other
Temporal Go SDK samples
Home Page: https://docs.temporal.io/docs/go
License: Other
In the mutex tests *internal.TestWorkflowEnvironment
doesn't satisfy the client.Client
interface and if SignalWithStartMutexWorkflowActivity
was called instead of mocked it will panic with panic: interface conversion: *internal.TestWorkflowEnvironment is not client.Client: missing method CancelWorkflow
.
I don't see a way to get a client.Client
from the test workflow environment so the actual activity can be called but the code in the tests is written like the test environment should satisfy the interface.
s.env
is passed in here:
https://github.com/temporalio/samples-go/blob/master/mutex/mutex_workflow_test.go#L30
And cast to client.Client
here:
https://github.com/temporalio/samples-go/blob/master/mutex/mutex_workflow.go#L138
Perhaps this is why only the mock is called instead of the real activity to avoid the panic?
I was attempting to write a unit test that uses the actual lock and mutex workflow code rather than the mocking the activity but I need some way to get a client.Client
pointer from the test environment. For example writing a unit test for the sample workflow which calls the real mutex and activity code.
Have the TestWorkflowEnvironment satisfy the client.Client
interface or provide a way to fetch a pointer that does satisfy the interface when writing test suites or update the mutex test to explain why the actual activity can't be called.
I wasn't sure if I should report this as a test bug or an SDK bug. Possibly both? Temporal is awesome BTW.
Separate directory like test
should contains integration tests for every sample and #15 should run them.
In order to catch SDK-server incompatibilities ASAP, we should test integration of the latest version of these components.
YAML support for the Go language.
CVE | Severity | CVSS | Dependency | Type | Fixed in | Remediation Available |
---|---|---|---|---|---|---|
CVE-2022-28948 | High | 7.5 | github.com/go-yaml/yaml-496545a6307b2a7d7a710fd516e5e16e8ab62dbc | Direct | 3.0.0 | ❌ |
YAML support for the Go language.
Dependency Hierarchy:
Found in base branch: main
An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.
Publish Date: 2022-05-19
URL: CVE-2022-28948
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-hp87-p4gw-j4gq
Release Date: 2022-05-19
Fix Resolution: 3.0.0
Right now we call this uuid library directly in a workflow. We should do this in a side effect.
Line 68 in 14980b3
When I try to run the fileprocessing
demo, the workflow fails with the worker logging:
2020-04-27T18:38:21.028-0600 INFO internal/internal_worker_base.go:308 Task processing failed with error {"Namespace": "default", "TaskList": "fileprocessing-task-list", "WorkerID": "[email protected]@", "WorkerType": "ActivityWorker", "error": "unable to find activityType=downloadFileActivity. Supported types: [internalSessionCompletionActivity, internalSessionCreationActivity]"}
2020-04-27T18:39:27.153-0600 INFO internal/internal_worker_base.go:306 Task processing failed with client side error {"Namespace": "default", "TaskList": "fileprocessing-task-list", "WorkerID": "[email protected]@", "WorkerType": "ActivityWorker", "error": "context deadline exceeded"}
fileprocessing_811af268 0f36 4b70 8d75 dfd59ef4f519 - 457ab4e5-86a3-4563-8d49-f40f0299ceba.json.zip
I want to be able to selectively decide if my workflow is to have its payloads encrypted. I am using the following sample project as a starter to prove I can do it.
samples-go/cryptconverter at master · temporalio/samples-go (github.com)
The following code is where I am focusing in on.
ctx := context.Background()
//ctx = context.WithValue(ctx, cryptconverter.PropagateKey, cryptconverter.CryptContext{KeyId: "test"})
// The workflow input "My Secret Friend" will be encrypted by the DataConverter before being sent to Temporal
we, err := c.ExecuteWorkflow(
ctx,
workflowOptions,
cryptconverter.Workflow,
"My Secret Friend",
)
It should be easy as not putting in the the following;
ctx = context.WithValue(ctx, cryptconverter.PropagateKey, cryptconverter.CryptContext{KeyId: "test"})
The code in the sample does account for it not being there but I am running into a json.Unmarshal error when I remove it.
{
"message": "unable to decode the workflow function input payload with error: args[0]: unable to decode: json: cannot unmarshal array into Go value of type string, function name: Workflow",
"source": "GoSDK",
"stackTrace": "",
"cause": {
"message": "args[0]: unable to decode: json: cannot unmarshal array into Go value of type string",
"source": "GoSDK",
"stackTrace": "",
"cause": {
"message": "unable to decode: json: cannot unmarshal array into Go value of type string",
"source": "GoSDK",
"stackTrace": "",
"cause": {
"message": "unable to decode",
"source": "GoSDK",
"stackTrace": "",
"cause": null,
"applicationFailureInfo": {
"type": "",
"nonRetryable": false,
"details": null
},
"failureInfo": "applicationFailureInfo"
},
"applicationFailureInfo": {
"type": "wrapError",
"nonRetryable": false,
"details": null
},
"failureInfo": "applicationFailureInfo"
},
"applicationFailureInfo": {
"type": "wrapError",
"nonRetryable": false,
"details": null
},
"failureInfo": "applicationFailureInfo"
},
"applicationFailureInfo": {
"type": "wrapError",
"nonRetryable": false,
"details": null
},
"failureInfo": "applicationFailureInfo"
}
In summary, I simply commented out the line that puts the cryptconverter.PropagateKey into the ExecuteWorkflow context.
samples-go/update/starter/main.go
Line 41 in b566001
this confused me as I thought update has gone through but it didn’t. Because update feature wasn’t enabled
I don’t think there is any value to omit the errors
cryptconverter is outdated and encrypted-payloads is a full data converter instead of payload encoder.
Remove cryptconverter sample and migrate encrypted-payloads sample to a payload encoder
Currently expense sample uses async activity. Per @mfateev, change to use signal/cancel instead.
No example showing suite.NewTestActivityEnvironment
Take any existing example and add an activity test to it
I was not able to find a sample on how to set up client options with TSL enabled.
Does not have to be running, could be just a config example that users can cut/paste, similar to what we have in java samples: https://github.com/temporalio/samples-java/blob/main/src/main/java/io/temporal/samples/ssl/SslEnabledWorker.java
Related user forum thread: https://community.temporal.io/t/help-how-to-create-a-client-with-tls/4287
Found in HEAD commit: b566001c1eb2f914a4ebb092aea4defaedb393cb
CVE | Severity | CVSS | Dependency | Type | Fixed in (go.temporal.io/sdk/contrib/tools/workflowcheck-v0.0.0 version) | Remediation Available |
---|---|---|---|---|---|---|
CVE-2020-11022 | Medium | 6.1 | golang.org/x/tools-v0.7.0 | Transitive | N/A* | ❌ |
CVE-2015-9251 | Medium | 6.1 | golang.org/x/tools-v0.7.0 | Transitive | N/A* | ❌ |
CVE-2012-6708 | Medium | 6.1 | golang.org/x/tools-v0.7.0 | Transitive | N/A* | ❌ |
*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.
Library home page: https://proxy.golang.org/golang.org/x/tools/@v/v0.7.0.zip
Dependency Hierarchy:
Found in HEAD commit: b566001c1eb2f914a4ebb092aea4defaedb393cb
Found in base branch: main
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
Publish Date: 2020-04-29
URL: CVE-2020-11022
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022
Release Date: 2020-04-29
Fix Resolution: jQuery - 3.5.0
Library home page: https://proxy.golang.org/golang.org/x/tools/@v/v0.7.0.zip
Dependency Hierarchy:
Found in HEAD commit: b566001c1eb2f914a4ebb092aea4defaedb393cb
Found in base branch: main
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
Publish Date: 2018-01-18
URL: CVE-2015-9251
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2015-9251
Release Date: 2018-01-18
Fix Resolution: jQuery - 3.0.0
Library home page: https://proxy.golang.org/golang.org/x/tools/@v/v0.7.0.zip
Dependency Hierarchy:
Found in HEAD commit: b566001c1eb2f914a4ebb092aea4defaedb393cb
Found in base branch: main
jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.
Publish Date: 2018-01-18
URL: CVE-2012-6708
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2012-6708
Release Date: 2018-01-18
Fix Resolution: jQuery - v1.9.0
VScode has a cool feature called Remote Containers. It would be nice to leverage this so developers can spin up a temporal service right on their local machines for easy development.
I'd like to take the same gitpod docker-compose.yml file and modify it to work with VScode remote containers.
I will submit a pull request for this very soon.
Describe the bug
Not sure if it's a bug. In the pickfirst sample, when the activity with short duration (1s) completes, the workflow cancels but the activity with longer duration (2s) fails to exit.
To Reproduce
Steps to reproduce the behavior:
f1 := workflow.ExecuteActivity(childCtx, SampleActivity, 0, 5*time.Second)
select {
case <-ctx.Done():
// We have been cancelled.
msg := fmt.Sprintf("Branch %d is cancelled.", currentBranchID)
logger.Info(msg)
return msg, ctx.Err()
default:
logger.Info("not cancelled yet")
// We are not cancelled yet.
}
2021/06/06 09:03:06 INFO No logger configured for temporal client. Created default one.
2021/06/06 09:03:06 INFO Started Worker Namespace default TaskQueue pick-first WorkerID 66831@bogon@
2021/06/06 09:03:17 DEBUG ExecuteActivity Namespace default TaskQueue pick-first WorkerID 66831@bogon@ WorkflowType SamplePickFirstWorkflow WorkflowID pick-first_0c62bebb-bada-4110-ba32-26cdd942257b RunID 9663ba53-c621-46aa-b418-4598e1050874 Attempt 1 ActivityID 5 ActivityType SampleActivity
2021/06/06 09:03:17 DEBUG ExecuteActivity Namespace default TaskQueue pick-first WorkerID 66831@bogon@ WorkflowType SamplePickFirstWorkflow WorkflowID pick-first_0c62bebb-bada-4110-ba32-26cdd942257b RunID 9663ba53-c621-46aa-b418-4598e1050874 Attempt 1 ActivityID 6 ActivityType SampleActivity
2021/06/06 09:03:18 INFO not cancelled yet Namespace default TaskQueue pick-first WorkerID 66831@bogon@ ActivityID 6 ActivityType SampleActivity Attempt 1 WorkflowType SamplePickFirstWorkflow WorkflowID pick-first_0c62bebb-bada-4110-ba32-26cdd942257b RunID 9663ba53-c621-46aa-b418-4598e1050874
2021/06/06 09:03:18 INFO not cancelled yet Namespace default TaskQueue pick-first WorkerID 66831@bogon@ ActivityID 5 ActivityType SampleActivity Attempt 1 WorkflowType SamplePickFirstWorkflow WorkflowID pick-first_0c62bebb-bada-4110-ba32-26cdd942257b RunID 9663ba53-c621-46aa-b418-4598e1050874
2021/06/06 09:03:18 DEBUG RequestCancelActivity Namespace default TaskQueue pick-first WorkerID 66831@bogon@ WorkflowType SamplePickFirstWorkflow WorkflowID pick-first_0c62bebb-bada-4110-ba32-26cdd942257b RunID 9663ba53-c621-46aa-b418-4598e1050874 Attempt 1 ActivityID 5
2021/06/06 09:03:19 INFO not cancelled yet Namespace default TaskQueue pick-first WorkerID 66831@bogon@ ActivityID 5 ActivityType SampleActivity Attempt 1 WorkflowType SamplePickFirstWorkflow WorkflowID pick-first_0c62bebb-bada-4110-ba32-26cdd942257b RunID 9663ba53-c621-46aa-b418-4598e1050874
2021/06/06 09:03:20 INFO not cancelled yet Namespace default TaskQueue pick-first WorkerID 66831@bogon@ ActivityID 5 ActivityType SampleActivity Attempt 1 WorkflowType SamplePickFirstWorkflow WorkflowID pick-first_0c62bebb-bada-4110-ba32-26cdd942257b RunID 9663ba53-c621-46aa-b418-4598e1050874
2021/06/06 09:03:21 INFO not cancelled yet Namespace default TaskQueue pick-first WorkerID 66831@bogon@ ActivityID 5 ActivityType SampleActivity Attempt 1 WorkflowType SamplePickFirstWorkflow WorkflowID pick-first_0c62bebb-bada-4110-ba32-26cdd942257b RunID 9663ba53-c621-46aa-b418-4598e1050874
2021/06/06 09:03:22 INFO not cancelled yet Namespace default TaskQueue pick-first WorkerID 66831@bogon@ ActivityID 5 ActivityType SampleActivity Attempt 1 WorkflowType SamplePickFirstWorkflow WorkflowID pick-first_0c62bebb-bada-4110-ba32-26cdd942257b RunID 9663ba53-c621-46aa-b418-4598e1050874
2021/06/06 09:03:22 INFO Workflow completed. Namespace default TaskQueue pick-first WorkerID 66831@bogon@ WorkflowType SamplePickFirstWorkflow WorkflowID pick-first_0c62bebb-bada-4110-ba32-26cdd942257b RunID 9663ba53-c621-46aa-b418-4598e1050874 Attempt 1
Expected behavior
As far as I understand, when workflow calls cancelHandler func, all activities executed with childCtx should be cancelled, and select on ctx.Done() should hit.
Not sure if I understand correctly.
Screenshots/Terminal ouput
If applicable, add screenshots or code blocks to help explain your problem. You can also use Loom to do short, free video bug reports.
Versions (please complete the following information where relevant):
Additional context
Add any other context about the problem here.
Path to dependency file: /go.mod
Path to vulnerable library: /go.mod
Found in HEAD commit: d54b5f7bd51ab2c52ba1eb744b6f87ab9bc5596f
CVE | Severity | CVSS | Dependency | Type | Fixed in (go.temporal.io/server-v1.15.2 version) | Remediation Possible** |
---|---|---|---|---|---|---|
CVE-2023-39325 | High | 7.5 | golang.org/x/net-v0.14.0 | Transitive | N/A* | ❌ |
*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Library home page: https://proxy.golang.org/golang.org/x/net/@v/v0.14.0.zip
Path to dependency file: /go.mod
Path to vulnerable library: /go.mod
Dependency Hierarchy:
Found in HEAD commit: d54b5f7bd51ab2c52ba1eb744b6f87ab9bc5596f
Found in base branch: main
A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new request while the existing one is still executing. With the fix applied, HTTP/2 servers now bound the number of simultaneously executing handler goroutines to the stream concurrency limit (MaxConcurrentStreams). New requests arriving when at the limit (which can only happen after the client has reset an existing, in-flight request) will be queued until a handler exits. If the request queue grows too large, the server will terminate the connection. This issue is also fixed in golang.org/x/net/http2 for users manually configuring HTTP/2. The default stream concurrency limit is 250 streams (requests) per HTTP/2 connection. This value may be adjusted using the golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams setting and the ConfigureServer function.
Publish Date: 2023-10-11
URL: CVE-2023-39325
Base Score Metrics:
Type: Upgrade version
Origin: https://pkg.go.dev/vuln/GO-2023-2102
Release Date: 2023-10-11
Fix Resolution: go1.20.10, go1.21.3, golang.org/x/net - v0.17.0
Using new encoding converter, show an example of snappy compression
I am just trying to run the cron workflow in GoLang by following the steps mentioned in the Readme.md.
In worker, main.go when I am trying to register activity as cron.DoSomething , the error is that DoSomething is not declared by package cron.
Need a sample showing how to connect with TLS
Java examples of SDK usage contain an useful example of how to implement polling activities:
The samples are based on this
community forum thread.
It would be very useful to bring them to Go examples as well.
I'm learning how to use workflow.Go
.
Reading the goroutine sample code I thought there was a race condition, as multiple concurrent goroutines are calling append on the same slice in the outer scope.
See: https://github.com/temporalio/samples-go/blob/main/goroutine/goroutine_workflow.go
i.e.
var results []string
...
workflow.Go(ctx, func(gCtx workflow.Context) {
...
results = append(results, result2)
})
It turns out that this isn't a race condition, as workflow.Go
is different than a goroutine, so it's probably worth explaining this difference in the sample.
Samples have few static checks and unit tests. We should run all of them to validate build the same way as we do for other repos. Just simple make
call will be good enough.
Not sure if we want to setup coverage also.
Hello!
I hope you are doing well!
We are a security research team. Our tool automatically detected a vulnerability in this repository. We want to disclose it responsibly. GitHub has a feature called Private vulnerability reporting, which enables security research to privately disclose a vulnerability. Unfortunately, it is not enabled for this repository.
Can you enable it, so that we can report it?
Thanks in advance!
PS: you can read about how to enable private vulnerability reporting here: https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository
CVE | Severity | CVSS | Dependency | Type | Fixed in | Remediation Available |
---|---|---|---|---|---|---|
CVE-2020-11022 | Medium | 6.1 | github.com/golang/tools-v0.1.8 | Transitive | N/A | ❌ |
CVE-2012-6708 | Medium | 6.1 | github.com/golang/tools-v0.1.8 | Transitive | N/A | ❌ |
CVE-2015-9251 | Low | 3.7 | github.com/golang/tools-v0.1.8 | Transitive | N/A | ❌ |
[mirror] Go Tools
Dependency Hierarchy:
Found in base branch: main
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
Publish Date: 2020-04-29
URL: CVE-2020-11022
Base Score Metrics:
Type: Upgrade version
Origin: https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/
Release Date: 2020-04-29
Fix Resolution: jQuery - 3.5.0
[mirror] Go Tools
Dependency Hierarchy:
Found in base branch: main
jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.
Publish Date: 2018-01-18
URL: CVE-2012-6708
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2012-6708
Release Date: 2018-01-18
Fix Resolution: jQuery - v1.9.0
[mirror] Go Tools
Dependency Hierarchy:
Found in base branch: main
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
Publish Date: 2018-01-18
URL: CVE-2015-9251
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2015-9251
Release Date: 2018-01-18
Fix Resolution: jQuery - v3.0.0
Update server dependency to latest fails because some packages have been moved/removed from the server
go: finding module for package go.temporal.io/server/tools/cli/plugin
github.com/temporalio/samples-go/snappycompress/plugin imports
go.temporal.io/server/tools/cli/plugin: module go.temporal.io/server@latest found (v1.20.1), but does not contain package go.temporal.io/server/tools/cli/plugin
Add examples showing how to use the new schedules feature
The docs currently say:
// The sending message to the channel is expected to be done by the callback function
But this is unclear.
A Go metrics interface with fast buffered metrics and third party reporters
Library home page: https://proxy.golang.org/github.com/uber-go/tally/v4/@v/v4.1.1.zip
Found in HEAD commit: f334c489674c9ad224a791ced3eeec047e64e4ce
CVE | Severity | CVSS | Dependency | Type | Fixed in (github.com/uber-go/tally/v4-v4.1.1 version) | Remediation Available |
---|---|---|---|---|---|---|
CVE-2019-0205 | High | 7.5 | github.com/uber-go/tally/v4-v4.1.1 | Direct | org.apache.thrift:libthrift:0.13.0 | ❌ |
CVE-2019-0210 | High | 7.5 | github.com/uber-go/tally/v4-v4.1.1 | Direct | 0.13.0 | ❌ |
A Go metrics interface with fast buffered metrics and third party reporters
Library home page: https://proxy.golang.org/github.com/uber-go/tally/v4/@v/v4.1.1.zip
Dependency Hierarchy:
Found in HEAD commit: f334c489674c9ad224a791ced3eeec047e64e4ce
Found in base branch: main
In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0, depending on the installed version it affects only certain language bindings.
Publish Date: 2019-10-29
URL: CVE-2019-0205
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0205
Release Date: 2019-10-29
Fix Resolution: org.apache.thrift:libthrift:0.13.0
A Go metrics interface with fast buffered metrics and third party reporters
Library home page: https://proxy.golang.org/github.com/uber-go/tally/v4/@v/v4.1.1.zip
Dependency Hierarchy:
Found in HEAD commit: f334c489674c9ad224a791ced3eeec047e64e4ce
Found in base branch: main
In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data.
Publish Date: 2019-10-29
URL: CVE-2019-0210
Base Score Metrics:
Type: Upgrade version
Release Date: 2019-10-29
Fix Resolution: 0.13.0
Non-critical UX improvement:
I find myself often looking for a quick example that uses signals. Since there is no sample named signals, I have to click around to find one that uses it.
Need to demonstrate how to drain signals before running continue as new
Found in HEAD commit: d54b5f7bd51ab2c52ba1eb744b6f87ab9bc5596f
CVE | Severity | CVSS | Dependency | Type | Fixed in (go.temporal.io/sdk/contrib/tools/workflowcheck-v0.0.0 version) | Remediation Available |
---|---|---|---|---|---|---|
CVE-2020-11022 | Medium | 6.1 | golang.org/x/tools-v0.1.12 | Transitive | N/A* | ❌ |
CVE-2015-9251 | Medium | 6.1 | golang.org/x/tools-v0.1.12 | Transitive | N/A* | ❌ |
CVE-2012-6708 | Medium | 6.1 | golang.org/x/tools-v0.1.12 | Transitive | N/A* | ❌ |
*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.
Library home page: https://proxy.golang.org/golang.org/x/tools/@v/v0.1.12.zip
Dependency Hierarchy:
Found in HEAD commit: d54b5f7bd51ab2c52ba1eb744b6f87ab9bc5596f
Found in base branch: main
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
Publish Date: 2020-04-29
URL: CVE-2020-11022
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022
Release Date: 2020-04-29
Fix Resolution: jQuery - 3.5.0
Library home page: https://proxy.golang.org/golang.org/x/tools/@v/v0.1.12.zip
Dependency Hierarchy:
Found in HEAD commit: d54b5f7bd51ab2c52ba1eb744b6f87ab9bc5596f
Found in base branch: main
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
Publish Date: 2018-01-18
URL: CVE-2015-9251
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2015-9251
Release Date: 2018-01-18
Fix Resolution: jQuery - 3.0.0
Library home page: https://proxy.golang.org/golang.org/x/tools/@v/v0.1.12.zip
Dependency Hierarchy:
Found in HEAD commit: d54b5f7bd51ab2c52ba1eb744b6f87ab9bc5596f
Found in base branch: main
jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.
Publish Date: 2018-01-18
URL: CVE-2012-6708
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2012-6708
Release Date: 2018-01-18
Fix Resolution: jQuery - v1.9.0
Found in HEAD commit: f334c489674c9ad224a791ced3eeec047e64e4ce
CVE | Severity | CVSS | Dependency | Type | Fixed in (github.com/temporalio/sdk-go/contrib/tools/workflowcheck-b06c84ab2608fae617fe4d6d128d1018c828ae13 version) | Remediation Available |
---|---|---|---|---|---|---|
CVE-2020-11022 | Medium | 6.1 | golang.org/x/tools-v0.1.12 | Transitive | N/A* | ❌ |
CVE-2015-9251 | Low | 3.7 | golang.org/x/tools-v0.1.12 | Transitive | N/A* | ❌ |
CVE-2012-6708 | Low | 3.7 | golang.org/x/tools-v0.1.12 | Transitive | N/A* | ❌ |
*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the section "Details" below to see if there is a version of transitive dependency where vulnerability is fixed.
Library home page: https://proxy.golang.org/golang.org/x/tools/@v/v0.1.12.zip
Dependency Hierarchy:
Found in HEAD commit: f334c489674c9ad224a791ced3eeec047e64e4ce
Found in base branch: main
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
Publish Date: 2020-04-29
URL: CVE-2020-11022
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022
Release Date: 2020-04-29
Fix Resolution: jQuery - 3.5.0
Library home page: https://proxy.golang.org/golang.org/x/tools/@v/v0.1.12.zip
Dependency Hierarchy:
Found in HEAD commit: f334c489674c9ad224a791ced3eeec047e64e4ce
Found in base branch: main
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
Publish Date: 2018-01-18
URL: CVE-2015-9251
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2015-9251
Release Date: 2018-01-18
Fix Resolution: jQuery - 3.0.0
Library home page: https://proxy.golang.org/golang.org/x/tools/@v/v0.1.12.zip
Dependency Hierarchy:
Found in HEAD commit: f334c489674c9ad224a791ced3eeec047e64e4ce
Found in base branch: main
jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.
Publish Date: 2018-01-18
URL: CVE-2012-6708
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2012-6708
Release Date: 2018-01-18
Fix Resolution: jQuery - v1.9.0
Found in HEAD commit: 453091d983b854b70edd8e47fcab17c535d8f116
CVE | Severity | CVSS | Dependency | Type | Fixed in | Remediation Available |
---|---|---|---|---|---|---|
CVE-2020-11022 | Medium | 6.1 | github.com/golang/tools-v0.1.8 | Transitive | N/A | ❌ |
CVE-2015-9251 | Medium | 6.1 | github.com/golang/tools-v0.1.8 | Transitive | N/A | ❌ |
CVE-2012-6708 | Medium | 6.1 | github.com/golang/tools-v0.1.8 | Transitive | N/A | ❌ |
[mirror] Go Tools
Dependency Hierarchy:
Found in HEAD commit: 453091d983b854b70edd8e47fcab17c535d8f116
Found in base branch: main
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
Publish Date: 2020-04-29
URL: CVE-2020-11022
Base Score Metrics:
Type: Upgrade version
Origin: https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/
Release Date: 2020-04-29
Fix Resolution: jQuery - 3.5.0
[mirror] Go Tools
Dependency Hierarchy:
Found in HEAD commit: 453091d983b854b70edd8e47fcab17c535d8f116
Found in base branch: main
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
Publish Date: 2018-01-18
URL: CVE-2015-9251
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2015-9251
Release Date: 2018-01-18
Fix Resolution: jQuery - v3.0.0
[mirror] Go Tools
Dependency Hierarchy:
Found in HEAD commit: 453091d983b854b70edd8e47fcab17c535d8f116
Found in base branch: main
jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.
Publish Date: 2018-01-18
URL: CVE-2012-6708
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2012-6708
Release Date: 2018-01-18
Fix Resolution: jQuery - v1.9.0
While running the file processing
sample, I encounter lookup failed for scheduledID to activityID: scheduleID: 30, activity: 29
, and No cached result found for side effectID=6. KnownSideEffects=[5]
error messages. These errors are reported by all fileprocessing
workers:
Stack trace:
2020-06-16T11:10:51.513-0400 ERROR internal/internal_task_handlers.go:1468 Workflow panic. {"Namespace": "default", "TaskList": "fileprocessing", "WorkerID": "3221@OCTOTHUMP@", "WorkflowID": "fileprocessing_be9e7506-293a-4168-a85d-b405d7004446", "RunID": "e1597d5a-f66f-40d3-b33e-367055890c9f", "PanicError": "lookup failed for scheduledID to activityID: scheduleID: 30, activity: 29", "PanicStack": "process event for fileprocessing [panic]:\ngo.temporal.io/temporal/internal.panicIllegalState(...)\n\t/home/steve/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_decision_state_machine.go:345\ngo.temporal.io/temporal/internal.(*decisionsHelper).handleActivityTaskScheduled(0xc00011e2c0, 0x1e, 0xc000482950, 0x2)\n\t/home/steve/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_decision_state_machine.go:776 +0x175\ngo.temporal.io/temporal/internal.(*workflowExecutionEventHandlerImpl).ProcessEvent(0xc000490500, 0xc00049b600, 0x1, 0x0, 0x0)\n\t/home/steve/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_event_handlers.go:802 +0x579\ngo.temporal.io/temporal/internal.(*workflowExecutionContextImpl).ProcessWorkflowTask(0xc00001e000, 0xc000155290, 0x1436b00, 0xc00048fc80,
0xc00001e000, 0x0)\n\t/home/steve/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_task_handlers.go:871 +0xee0\ngo.temporal.io/temporal/internal.(*workflowTaskHandlerImpl).ProcessWorkflowTask(0xc000248be0, 0xc000155290, 0xc000509e90, 0x0, 0x0, 0x0, 0x0)\n\t/home/steve/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_task_handlers.go:770 +0x4b0\ngo.temporal.io/temporal/internal.(*workflowTaskPoller).processWorkflowTask(0xc00022e240, 0xc000155290, 0x0, 0x0)\n\t/home/steve/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_task_pollers.go:285 +0x430\ngo.temporal.io/temporal/internal.(*workflowTaskPoller).ProcessTask(0xc00022e240, 0xbd50c0, 0xc000155290, 0x0, 0x0)\n\t/home/steve/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_task_pollers.go:258 +0x7f\ngo.temporal.io/temporal/internal.(*baseWorker).processTask(0xc000416000, 0xbd4bc0, 0xc0000b4610)\n\t/home/steve/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_worker_base.go:307 +0xe0\ncreated by go.temporal.io/temporal/internal.(*baseWorker).runTaskDispatcher\n\t/home/steve/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_worker_base.go:254 +0xff"}
go.temporal.io/temporal/internal.(*workflowTaskHandlerImpl).completeWorkflow
/home/steve/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_task_handlers.go:1468
go.temporal.io/temporal/internal.(*workflowExecutionContextImpl).CompleteDecisionTask
/home/steve/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_task_handlers.go:1088
go.temporal.io/temporal/internal.(*workflowExecutionContextImpl).ProcessWorkflowTask
/home/steve/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_task_handlers.go:946
go.temporal.io/temporal/internal.(*workflowTaskHandlerImpl).ProcessWorkflowTask
/home/steve/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_task_handlers.go:770
go.temporal.io/temporal/internal.(*workflowTaskPoller).processWorkflowTask
/home/steve/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_task_pollers.go:285
go.temporal.io/temporal/internal.(*workflowTaskPoller).ProcessTask
/home/steve/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_task_pollers.go:258
go.temporal.io/temporal/internal.(*baseWorker).processTask
/home/steve/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_worker_base.go:307
2020-06-16T11:11:01.546-0400 ERROR internal/internal_task_handlers.go:1468 Workflow panic. {"Namespace": "default", "TaskList": "fileprocessing", "WorkerID": "3221@OCTOTHUMP@", "WorkflowID": "fileprocessing_be9e7506-293a-4168-a85d-b405d7004446", "RunID": "e1597d5a-f66f-40d3-b33e-367055890c9f", "PanicError": "No cached result found for side effectID=6. KnownSideEffects=[5]", "PanicStack": "coroutine 1 [panic]:\ngo.temporal.io/temporal/internal.(*workflowEnvironmentImpl).SideEffect(0xc000246000, 0xc000238bd0, 0xc000238c00)\n\t/home/steve/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_event_handlers.go:636 +0x816\ngo.temporal.io/temporal/internal.(*workflowEnvironmentInterceptor).SideEffect(0xc0002387b0, 0xe651a0, 0xc000238ae0, 0xd7b050, 0xc0002387b0, 0xc000116750)\n\t/home/steve/go/pkg/mod/go.temporal.io/[email protected]/internal/workflow.go:1131 +0x1e4\ngo.temporal.io/temporal/internal.SideEffect(0xe651a0, 0xc000238ae0, 0xd7b050, 0xe3ec70,
0x0)\n\t/home/steve/go/pkg/mod/go.temporal.io/[email protected]/internal/workflow.go:1118 +0xab\ngo.temporal.io/temporal/internal.generateSessionID(0xe651a0, 0xc000238ae0, 0xe3ec70, 0x0, 0x0, 0x0)\n\t/home/steve/go/pkg/mod/go.temporal.io/[email protected]/internal/session.go:376 +0x5f\ngo.temporal.io/temporal/internal.createSession(0xe651a0, 0xc000238ae0, 0xc00007ec60, 0x29, 0xc00046f790, 0xc00007ec01, 0x29, 0x0, 0xe4e8e0, 0xc0002568a0)\n\t/home/steve/go/pkg/mod/go.temporal.io/[email protected]/internal/session.go:285 +0x10f\ngo.temporal.io/temporal/internal.CreateSession(0xe651a0, 0xc000238ae0, 0xc00046f790, 0x0, 0x0, 0xe4e8e0, 0xc0002568a0)\n\t/home/steve/go/pkg/mod/go.temporal.io/[email protected]/internal/session.go:189 +0xf0\ngo.temporal.io/temporal/workflow.CreateSession(...)\n\t/home/steve/go/pkg/mod/go.temporal.io/[email protected]/workflow/session.go:103\ngithub.com/temporalio/temporal-go-samples/fileprocessing.processFile(0xe651a0, 0xc000238ae0, 0xc00007ec00, 0x24, 0x0, 0x0)\n\t/mnt/c/Users/Steve/projects/src/github.com/temporalio/temporal-go-samples/fileprocessing/workflow.go:52 +0xa5\ngithub.com/temporalio/temporal-go-samples/fileprocessing.SampleFileProcessingWorkflow(0xe64fa0, 0xc00051c500, 0xc00007ec00, 0x24, 0x0, 0x0)\n\t/mnt/c/Users/Steve/projects/src/github.com/temporalio/temporal-go-samples/fileprocessing/workflow.go:32 +0x1e7\nreflect.Value.call(0xc21940, 0xd7af50, 0x13, 0xd3eb0a, 0x4, 0xc000238a80, 0x2, 0x2, 0x2, 0x18, ...)\n\t/usr/local/go/src/reflect/value.go:460 +0x8ab\nreflect.Value.Call(0xc21940, 0xd7af50, 0x13, 0xc000238a80, 0x2, 0x2, 0x1, 0x2, 0xc0002387b0)\n\t/usr/local/go/src/reflect/value.go:321 +0xb4\ngo.temporal.io/temporal/internal.(*workflowEnvironmentInterceptor).ExecuteWorkflow(0xc0002387b0, 0xe64fa0, 0xc00051c500, 0xc0000d62e0, 0x1c, 0xc0001166f0, 0x1, 0x1, 0x0, 0x0, ...)\n\t/home/steve/go/pkg/mod/go.temporal.io/[email protected]/internal/workflow.go:369 +0x2b2\ngo.temporal.io/temporal/internal.(*workflowExecutor).Execute(0xc00051c400, 0xe64fa0, 0xc00051c500, 0xc000491440, 0xc000066f38, 0xb5b306, 0x0)\n\t/home/steve/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_worker.go:854 +0x334\ngo.temporal.io/temporal/internal.(*syncWorkflowDefinition).Execute.func1(0xe651a0, 0xc000238a50)\n\t/home/steve/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_workflow.go:467 +0xf3"}
go.temporal.io/temporal/internal.(*workflowTaskHandlerImpl).completeWorkflow
/home/steve/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_task_handlers.go:1468
go.temporal.io/temporal/internal.(*workflowExecutionContextImpl).CompleteDecisionTask
/home/steve/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_task_handlers.go:1088
go.temporal.io/temporal/internal.(*workflowExecutionContextImpl).ProcessWorkflowTask
/home/steve/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_task_handlers.go:946
go.temporal.io/temporal/internal.(*workflowTaskHandlerImpl).ProcessWorkflowTask
/home/steve/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_task_handlers.go:770
go.temporal.io/temporal/internal.(*workflowTaskPoller).processWorkflowTask
/home/steve/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_task_pollers.go:285
go.temporal.io/temporal/internal.(*workflowTaskPoller).ProcessTask
/home/steve/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_task_pollers.go:258
go.temporal.io/temporal/internal.(*baseWorker).processTask
/home/steve/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_worker_base.go:307
When I try to view the workflow from the web_ui, I see a red error banner across the top of the page with String contains an invalid character
.
I've deployed temporal from the latest docker-compose-mysql file (0.23.1
), and I've tried updating go.temporal.io/temporal to newer versions in go.mod, but I continue to get the same error messages.
All non session API samples are working properly.
Once temporalio/proposals#45 and temporalio/sdk-go#529 are complete, there should be a sample for interceptors.
Show how to add auth tokens via header providers and/or gRPC dial options
As of today there are no integration level tests for NewNonRetryableApplicationError
. This is a problem because we reference the feature in our docs and its a bit hard to find any info on it. '
We do have a test which specifies non-retryable errors: https://github.com/temporalio/sdk-go/blob/06e1ca56f3a286e072a048576b5e372ea0a497d6/internal/internal_workflow_testsuite_test.go#L2456
But seems to do so incorrectly:
Zinc is a golang implementation of elastic. It uses the Bluge golang packages.
https://github.com/zinclabs/zinc
It’s not yet api compatible but much faster than elastic.
it would be cool if we can make the same example demo in this repo have the option to use zinc.
zinc has no other run time dependency like a db etc so it should be easy to embed zinc if we want to go that far
It would be awesome to have an example of using opentelemetry tracing with the go sdk.
Thank you!
There are no samples that can demonstrate how to write tests when using the synchronous-proxy pattern.
Found in HEAD commit: d54b5f7bd51ab2c52ba1eb744b6f87ab9bc5596f
CVE | Severity | CVSS | Dependency | Type | Fixed in (gopkg.in/square/go-jose.v2-v2.6.0 version) | Remediation Available |
---|---|---|---|---|---|---|
CVE-2022-27191 | High | 7.5 | golang.org/x/crypto-v0.0.0-20211108221036-ceb1ce70b4fa | Transitive | N/A* | ❌ |
CVE-2021-43565 | High | 7.5 | golang.org/x/crypto-v0.0.0-20211108221036-ceb1ce70b4fa | Transitive | N/A* | ❌ |
*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.
Library home page: https://proxy.golang.org/golang.org/x/crypto/@v/v0.0.0-20211108221036-ceb1ce70b4fa.zip
Dependency Hierarchy:
Found in HEAD commit: d54b5f7bd51ab2c52ba1eb744b6f87ab9bc5596f
Found in base branch: main
The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.
Publish Date: 2022-03-18
URL: CVE-2022-27191
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2022-27191
Release Date: 2022-03-18
Fix Resolution: golang-golang-x-crypto-dev - 1:0.0~git20220315.3147a52-1;golang-go.crypto-dev - 1:0.0~git20220315.3147a52-1
Library home page: https://proxy.golang.org/golang.org/x/crypto/@v/v0.0.0-20211108221036-ceb1ce70b4fa.zip
Dependency Hierarchy:
Found in HEAD commit: d54b5f7bd51ab2c52ba1eb744b6f87ab9bc5596f
Found in base branch: main
The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.
Publish Date: 2022-09-06
URL: CVE-2021-43565
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2021-43565
Release Date: 2021-11-10
Fix Resolution: golang-golang-x-crypto-dev - 1:0.0~git20211202.5770296-1;golang-go.crypto-dev - 1:0.0~git20211202.5770296-1
Create make
target to run all the samples, given a frontend endpoint (e. g. FRONTEND_ADDRESS=127.0.0.1:7233 make run
). Integrate it with #15.
This will enable two use cases:
(copying template from sdk-go)
I expected the workflow to cancel without error.
The worker outputs this panic to its log:
2020/11/27 16:45:15 ERROR ProcessEvent panic. Namespace default TaskQueue cancel-activity WorkerID [email protected]@ WorkflowType Workflow WorkflowID workflowID-to-cancel RunID 8ac27f54-2837-4ed9-95bf-6a316b84b58a PanicError unknown command CommandType: Activity, ID: 16, possible causes are nondeterministic workflow definition code or incompatible change in the workflow definition PanicStack process event for cancel-activity [panic]:
go.temporal.io/sdk/internal.panicIllegalState(...)
/Users/alfred/src/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_decision_state_machine.go:354
go.temporal.io/sdk/internal.(*commandsHelper).getCommand(0xc0004005c0, 0xc000000000, 0xc000038110, 0x2, 0x1842c91, 0x10)
/Users/alfred/src/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_decision_state_machine.go:742 +0x265
go.temporal.io/sdk/internal.(*commandsHelper).handleActivityTaskClosed(0xc0004005c0, 0xc000038110, 0x2, 0x10, 0x10, 0x10697bb)
/Users/alfred/src/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_decision_state_machine.go:780 +0x4b
go.temporal.io/sdk/internal.(*workflowExecutionEventHandlerImpl).handleActivityTaskCompleted(0xc00040aa80, 0xc000187280, 0xc0004902f0, 0x2)
/Users/alfred/src/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_event_handlers.go:968 +0x78
go.temporal.io/sdk/internal.(*workflowExecutionEventHandlerImpl).ProcessEvent(0xc00040aa80, 0xc000187280, 0x3bc4e0000, 0x0, 0x0)
/Users/alfred/src/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_event_handlers.go:811 +0x4a5
go.temporal.io/sdk/internal.(*workflowExecutionContextImpl).ProcessWorkflowTask(0xc00043a2d0, 0xc000614210, 0x2032f80, 0xc0003ac5b0, 0xc00043a2d0, 0x0)
/Users/alfred/src/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_task_handlers.go:888 +0xc1c
go.temporal.io/sdk/internal.(*workflowTaskHandlerImpl).ProcessWorkflowTask(0xc000167600, 0xc000614210, 0xc0000a34d0, 0x0, 0x0, 0x0, 0x0)
/Users/alfred/src/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_task_handlers.go:778 +0x4b6
go.temporal.io/sdk/internal.(*workflowTaskPoller).processWorkflowTask(0xc0001a7860, 0xc000614210, 0x0, 0x0)
/Users/alfred/src/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_task_pollers.go:286 +0x464
go.temporal.io/sdk/internal.(*workflowTaskPoller).ProcessTask(0xc0001a7860, 0x18deb40, 0xc000614210, 0x1b32720, 0xc000046780)
/Users/alfred/src/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_task_pollers.go:259 +0x85
go.temporal.io/sdk/internal.(*baseWorker).processTask(0xc0003c8000, 0x18de740, 0xc0001f2930)
/Users/alfred/src/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_worker_base.go:343 +0xba
created by go.temporal.io/sdk/internal.(*baseWorker).runTaskDispatcher
/Users/alfred/src/go/pkg/mod/go.temporal.io/[email protected]/internal/internal_worker_base.go:270 +0xff
temporalio/auto-setup:1.3.2
.go run cancelactivity/worker/main.go
, go run cancelactivity/starter/main.go
, go run cancelactivity/cancel/main.go -wid workflowID-to-cancel
.I'm using MacOS (Big Sur), docker-compose version 1.27.4.
When temporalio/sdk-go#756 is released, apply this:
diff --git a/metrics/worker/main.go b/metrics/worker/main.go
index c1dc254..e3dde80 100644
--- a/metrics/worker/main.go
+++ b/metrics/worker/main.go
@@ -53,35 +53,12 @@ func newPrometheusScope(c prometheus.Configuration) tally.Scope {
scopeOpts := tally.ScopeOptions{
CachedReporter: reporter,
Separator: prometheus.DefaultSeparator,
- SanitizeOptions: &sanitizeOptions,
+ SanitizeOptions: &sdktally.PrometheusSanitizeOptions,
Prefix: "temporal_samples",
}
scope, _ := tally.NewRootScope(scopeOpts, time.Second)
+ scope = sdktally.NewPrometheusNamingScope(scope)
log.Println("prometheus metrics scope created")
return scope
}
-
-// tally sanitizer options that satisfy Prometheus restrictions.
-// This will rename metrics at the tally emission level, so metrics name we
-// use maybe different from what gets emitted. In the current implementation
-// it will replace - and . with _
-var (
- safeCharacters = []rune{'_'}
-
- sanitizeOptions = tally.SanitizeOptions{
- NameCharacters: tally.ValidCharacters{
- Ranges: tally.AlphanumericRange,
- Characters: safeCharacters,
- },
- KeyCharacters: tally.ValidCharacters{
- Ranges: tally.AlphanumericRange,
- Characters: safeCharacters,
- },
- ValueCharacters: tally.ValidCharacters{
- Ranges: tally.AlphanumericRange,
- Characters: safeCharacters,
- },
- ReplacementCharacter: tally.DefaultReplacementCharacter,
- }
-)
make
currently failed at staticcheck
step:
Line 3 in b49280d
If remove staticcheck
by changing to
install: clean errcheck workflowcheck bins test
It will pass.
Here is the error log:
> make && ./bin/helloworld -m worker
rm -rf bin
Run static check...
# honnef.co/go/tools/go/types/typeutil
../../../go/src/honnef.co/go/tools/go/types/typeutil/upstream.go:26:12: syntax error: unexpected any, expecting ]
../../../go/src/honnef.co/go/tools/go/types/typeutil/upstream.go:30:13: syntax error: unexpected [, expecting comma or )
../../../go/src/honnef.co/go/tools/go/types/typeutil/upstream.go:31:13: syntax error: unexpected [, expecting comma or )
../../../go/src/honnef.co/go/tools/go/types/typeutil/upstream.go:35:3: syntax error: non-declaration statement outside function body
../../../go/src/honnef.co/go/tools/go/types/typeutil/upstream.go:40:13: syntax error: unexpected [, expecting comma or )
../../../go/src/honnef.co/go/tools/go/types/typeutil/upstream.go:41:13: syntax error: unexpected [, expecting comma or )
../../../go/src/honnef.co/go/tools/go/types/typeutil/upstream.go:42:13: syntax error: unexpected [, expecting comma or )
../../../go/src/honnef.co/go/tools/go/types/typeutil/upstream.go:43:48: method has multiple receivers
../../../go/src/honnef.co/go/tools/go/types/typeutil/upstream.go:43:48: syntax error: unexpected {, expecting name or (
../../../go/src/honnef.co/go/tools/go/types/typeutil/upstream.go:49:13: syntax error: unexpected [, expecting comma or )
../../../go/src/honnef.co/go/tools/go/types/typeutil/upstream.go:49:13: too many errors
# honnef.co/go/tools/knowledge
../../../go/src/honnef.co/go/tools/knowledge/signatures.go:9:22: undefined: types.NewSignatureType
../../../go/src/honnef.co/go/tools/knowledge/signatures.go:21:23: undefined: types.NewSignatureType
../../../go/src/honnef.co/go/tools/knowledge/signatures.go:32:35: undefined: types.NewSignatureType
../../../go/src/honnef.co/go/tools/knowledge/signatures.go:43:42: undefined: types.NewSignatureType
../../../go/src/honnef.co/go/tools/knowledge/signatures.go:52:43: undefined: types.NewSignatureType
../../../go/src/honnef.co/go/tools/knowledge/signatures.go:61:27: undefined: types.NewSignatureType
# honnef.co/go/tools/go/ast/astutil
../../../go/src/honnef.co/go/tools/go/ast/astutil/util.go:133:8: undefined: ast.IndexListExpr
../../../go/src/honnef.co/go/tools/go/ast/astutil/util.go:136:12: cannot assign ast.Expr to cp.X in multiple assignment
../../../go/src/honnef.co/go/tools/go/ast/astutil/util.go:141:22: cannot assign ast.Expr to cp.Indices[i] in multiple assignment
../../../go/src/honnef.co/go/tools/go/ast/astutil/util.go:281:8: undefined: ast.IndexListExpr
../../../go/src/honnef.co/go/tools/go/ast/astutil/util.go:282:12: undefined: ast.IndexListExpr
# honnef.co/go/tools/pattern
../../../go/src/honnef.co/go/tools/pattern/convert.go:16:35: undefined: ast.IndexListExpr
../../../go/src/honnef.co/go/tools/pattern/convert.go:138:9: assignment mismatch: 2 variables but 1 value
../../../go/src/honnef.co/go/tools/pattern/match.go:88:25: undefined: any
# honnef.co/go/tools/go/loader
../../../go/src/honnef.co/go/tools/go/loader/loader.go:233:4: unknown field 'Instances' in struct literal of type types.Info
make: *** [staticcheck] Error 2
Add a sample that shows the following methods of bidirectional communication:
Activities can be implemented in a few different ways. The most robust and useful way is to implement them as structs (See temporalio/sdk-go#4). Samples still use legacy way and implement activities as single funcs.
All samples should be rewritten with structs.
Everywhere it's used, go.temporal.io/server
should be able to be replaced, and where it can't be replaced, we should consider making a separate go.mod
in that sample. It's a large, moving dependency and an SDK sample demonstrating that a user needs the server as a library indicates a more fundamental problem we should address.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.