thmeitz / ksqldb-go Goto Github PK
View Code? Open in Web Editor NEWksqldb-go client
License: Apache License 2.0
ksqldb-go's People
Contributors
Stargazers
Watchers
ksqldb-go's Issues
[gosec:G104] fix unhandled error in heartbeat (pull)
How to access header values with the Push api ?
Hi,
I am very new with go and I don't know how to access the values of the headerChannel from the push api example.
go func() {
for row := range rowChannel {
if row != nil {
for row_col := range row {
fieldn := row[row_col].(string)
//var header ksqldb.Header
header := <- headerChannel
fmt.Printf("%+v\n",header)
fmt.Printf("%d : %s\n", row_col, fieldn)
}
}
}
cancelFunction()
}()
I did something like this in the go routine. The header values are displayed in the console :
{queryId:transient_USER_BEHAVIOR_4058313251310728391 columns:[{Name:EXE Type:STRING}]}
But I cannot access any field of the Header type. I have the following error header.queryId undefined (type ksqldb.Header has no field or method if I call this instruction :
fmt.Printf("%s\n",header.queryId)
Do you know what is the problem ?
I use go 1.18 with ksqldb-go v0.0.4
Add support for context
Currently, there is no way to propagate a context to HTTP requests which means that the client does not respect cancellations and timeouts and tracing is also not possible.
Generally, context support can be added in a backwards compatible way by creating new functions for each request, attaching Context or Ctx as a suffix.
Would you be open to accepting a contribution with this change?
[execute] Add better support for responses to CREATE/DROP/TERMINATE
(e.g. commandID, commandStatus.status, etc).
Possible SQL Injection on ksqldb
Hello,
It looks like SQL injection is still possible on ksqldb package if the parameter has single quotes in it.
k := `SELECT TIMESTAMPTOSTRING(WINDOWSTART,'yyyy-MM-dd HH:mm:ss','Europe/London') AS WINDOW_START,
TIMESTAMPTOSTRING(WINDOWEND,'HH:mm:ss','Europe/London') AS WINDOW_END,
DOG_SIZE, DOGS_CT FROM DOGS_BY_SIZE
WHERE DOG_SIZE=?;`
stmnt, err := ksqldb.QueryBuilder(k, "middle' OR 'a'='a")
if err != nil {
log.Fatal(err)
}
fmt.Println(*stmnt)[go doc] write docs for all public methods
[examples] move examples to ksqldb-go-examples
The Cobra example results in too many dependencies being added to the package. For this reason, the examples are moved to the ksqldb-go-examples repo.
[ksqldb-v0.22.x] update Parser / Antlr4 to support new release
[utils] SanitizeQuery only works when there is a space after \n
We ran into SQL syntax problems with executing queries when the raw string literal doesn't contain spaces after \n.
eg.:
q := `CREATE STREAM IF NOT EXISTS DOGS (ID STRING KEY,
NAME STRING,
DOGSIZE STRING,
AGE STRING)
WITH (KAFKA_TOPIC='dogs',
VALUE_FORMAT='JSON', PARTITIONS=1);
`instead of:
q := `CREATE STREAM IF NOT EXISTS DOGS (ID STRING KEY,
NAME STRING,
DOGSIZE STRING,
AGE STRING)
WITH (KAFKA_TOPIC='dogs',
VALUE_FORMAT='JSON', PARTITIONS=1);
`I think it's very error-prone, and the SanitizeQuery function should replace \t and \n with .
[close-push-query] implement
implement close-push-query
[gosec:G402] Remove InsecureSkipVerify
[gosec:G104] fix SQL string concatenation with QueryBuilder
SQL strings should be built by a QueryBuilder. Otherwise the system is open for SQL injections (see https://github.com/OWASP/Go-SCP/blob/master/dist/go-webapp-scp.pdf).
// it's a kind of Prepared Statement
// its an example from go-webpp-scp.pdf ;)
query := "SELECT number, expireDate, cvv FROM creditcards WHERE customerId = ?"
stmt, err := ksqldb.QueryBuilder(ctx, query).Int(customerId)Types:
- all types ksqldb supports
Errors:
- type errors (can't convert
customerIdto Int, etc) - to few/many parameters
Thoughts:
- do we need Context?
This fixes this bug
DialTLS is deprecated
- use DialTLSContext instead
Lines 157 to 159 in 1690e22
[client] set correct request headers
[ksqldb REST API] implement all endpoints
- Execute a statement (/ksql endpoint)
- Run push and pull queries (/query-stream endpoint)
- Terminate a cluster (/ksql/terminate endpoint)
- Introspect query status (/status endpoint)
- Introspect server status (/info endpoint)
- Introspect cluster status (/clusterStatus endpoint)
- Get the validity of a property (/is_valid_property)
Run a query (/query endpoint) is deprecated and will not be implemented
[BaseAuth] implement / test baseAuth
[refactor] push, pull queries
- write tests for push
- write tests for pull
- refactor duplications
- push - change method signature to support QueryOptions
[execute] Add support for commandSequenceNumber and streamsProperties
[changelog] provide better changelog
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.