{"id":20103001,"url":"https://github.com/stackrox/go-grpc-http1","last_synced_at":"2025-08-21T02:31:32.115Z","repository":{"id":37877317,"uuid":"245667297","full_name":"stackrox/go-grpc-http1","owner":"stackrox","description":"A gRPC via HTTP/1 Enabling Library for Go","archived":false,"fork":false,"pushed_at":"2025-08-20T08:35:22.000Z","size":445,"stargazers_count":121,"open_issues_count":4,"forks_count":30,"subscribers_count":6,"default_branch":"main","last_synced_at":"2025-08-20T10:29:28.658Z","etag":null,"topics":["golang","grpc"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/stackrox.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2020-03-07T16:30:16.000Z","updated_at":"2025-08-20T08:35:25.000Z","dependencies_parsed_at":"2023-02-17T09:16:04.959Z","dependency_job_id":"cfb860f1-65f0-4bcb-8565-ebd5a021b13b","html_url":"https://github.com/stackrox/go-grpc-http1","commit_stats":{"total_commits":74,"total_committers":8,"mean_commits":9.25,"dds":0.2567567567567568,"last_synced_commit":"b8ce71695cd89d1b15da22d38b6b49a75357023c"},"previous_names":[],"tags_count":30,"template":false,"template_full_name":null,"purl":"pkg:github/stackrox/go-grpc-http1","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stackrox%2Fgo-grpc-http1","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stackrox%2Fgo-grpc-http1/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stackrox%2Fgo-grpc-http1/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stackrox%2Fgo-grpc-http1/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/stackrox","download_url":"https://codeload.github.com/stackrox/go-grpc-http1/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stackrox%2Fgo-grpc-http1/sbom","scorecard":{"id":549829,"data":{"date":"2025-08-11","repo":{"name":"github.com/stackrox/go-grpc-http1","commit":"3f1727e954c6983ebd843260cc09f629e346587a"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":5.9,"checks":[{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":10,"reason":"18 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: third-party GitHubAction not pinned by hash: .github/workflows/auto-merge.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/stackrox/go-grpc-http1/auto-merge.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/stackrox/go-grpc-http1/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/stackrox/go-grpc-http1/ci.yml/main?enable=pin","Info:   0 out of   2 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   1 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/auto-merge.yml:1","Warn: no topLevel permission defined: .github/workflows/ci.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-20T10:29:39.551Z","repository_id":37877317,"created_at":"2025-08-20T10:29:39.551Z","updated_at":"2025-08-20T10:29:39.551Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":271306189,"owners_count":24736757,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-20T02:00:09.606Z","response_time":69,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["golang","grpc"],"created_at":"2024-11-13T17:33:59.146Z","updated_at":"2025-08-21T02:31:31.849Z","avatar_url":"https://github.com/stackrox.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"grpc-http1: A gRPC via HTTP/1 Enabling Library for Go\n====================================================\n\nThis library enables using all the functionality of a gRPC server even if it is exposed behind\na reverse proxy which does not support HTTP/2, or only supports it for clients (such as Amazon's ALB).\nThis is accomplished via either adaptive downgrading to the gRPC-Web response format or utilizing WebSockets.\n\nFor a high-level overview, see [this Medium post](https://medium.com/stackrox-engineering/how-to-expose-grpc-services-behind-almost-any-load-balancer-e9ebf8e6d12a)\nabout the gRPC-Web downgrade option and [this Medium post](https://medium.com/stackrox-engineering/grpc-anywhere-f29616087d54) about the gRPC-WebSocket option.\n\nConnection Compatibility Overview\n---------------------------------\n\nThe following table shows what can be expected when a client/server instrumented with the capability\noffered by this library compared to an unmodified gRPC client/server, both when accessing it directly and\nwhen accessing it via a reverse proxy not supporting HTTP/2.\n\n\u003ctable\u003e\n\u003ctr\u003e\u003cth\u003e\u003c/th\u003e\u003cth colspan=\"2\"\u003ePlain Old gRPC Server\u003c/th\u003e\u003cth colspan=\"2\"\u003eHTTP/1 Downgrading gRPC Server\u003c/th\u003e\u003c/tr\u003e\n\u003ctr\u003e\u003cth\u003e\u003c/th\u003e\u003cth\u003edirect\u003c/th\u003e\u003cth\u003ebehind reverse proxy\u003c/th\u003e\u003cth\u003edirect\u003c/th\u003e\u003cth\u003ebehind reverse proxy\u003c/th\u003e\u003c/tr\u003e\n\u003ctr\u003e\u003ctd\u003ePlain Old gRPC Client\u003c/td\u003e\u003ctd\u003e:white_check_mark:\u003c/td\u003e\u003ctd\u003e:x:\u003c/td\u003e\u003ctd\u003e:white_check_mark:\u003c/td\u003e\u003ctd\u003e:x:\u003c/td\u003e\u003c/tr\u003e\n\u003ctr\u003e\u003ctd\u003egRPC-Web downgrade client mode\u003c/td\u003e\u003ctd\u003e:white_check_mark:\u003c/td\u003e\u003ctd\u003e:x:\u003c/td\u003e\u003ctd\u003e:white_check_mark:\u003c/td\u003e\u003ctd\u003e(:white_check_mark:)\u003c/td\u003e\u003c/tr\u003e\n\u003ctr\u003e\u003ctd\u003egRPC-WebSocket client mode\u003c/td\u003e\u003ctd\u003e:x:\u003c/td\u003e\u003ctd\u003e:x:\u003c/td\u003e\u003ctd\u003e:white_check_mark:\u003c/td\u003e\u003ctd\u003e:white_check_mark:\u003c/td\u003e\u003c/tr\u003e\n\u003c/table\u003e\n\nThe (:white_check_mark:) for the gRPC-Web downgrading client indicates a subset of gRPC calls will be possible, but not\nall. These include all calls that do not rely on client-side streaming (i.e., all unary and server-streaming calls).\n\nAs you can see, when using the client in gRPC-Web downgrade mode, it is possible to instrument the client **or** the server without any (functional) regressions - there\nmay be a small but fairly negligible performance penalty. This means rolling this feature out to your clients and\nservers does not need to happen in a strictly synchronous fashion. However, you will only be able to work with a server\nbehind an HTTP/2-incompatible reverse proxy if both the client **and** the server have been instrumented via\nthis library. To use the client in gRPC-WebSocket mode, both the client **and** server must be instrumented via this library.\n\n\nUsage\n-------------\n\nThis library has the canonical import path `golang.stackrox.io/grpc-http1`. It fully supports Go modules\nand requires Go version 1.13+ to be built and used. To add it as a dependency in your current project,\nrun `go get golang.stackrox.io/grpc-http1`.\n\n\n### Server-side\n\nFor using this library on the server-side, you'll need to bypass the regular `(*grpc.Server).Serve` method\nand instead use the `ServeHTTP` method of the `*grpc.Server` object -- it is experimental, but we found it\nto be fairly stable and reliable.\n\nThe only exported function in the `golang.grpc.io/grpc-http1/server` package is `CreateDowngradingHandler`,\nwhich returns a `http.Handler` that can be served by a Go HTTP server. It is crucial this server is\nconfigured to support HTTP/2; otherwise, your clients using the vanilla gRPC client will no longer be able\nto talk to it. You can find an example of how to do so in the `_integration-tests/` directory.\n\n### Client-Side\n\nFor connecting to a gRPC server via a client-side proxy, use the `ConnectViaProxy` function exported from the\n`golang.grpc.io/grpc-http1/client` package. This function has the following signature:\n```go\nfunc ConnectViaProxy(ctx context.Context, endpoint string, tlsClientConf *tls.Config, opts ...ConnectOption) (*grpc.ClientConn, error)\n```\nThe first two arguments are the same as for `grpc.DialContext`. The third argument specifies the TLS client\nconfig to be used for connecting to the target address. Note that this is different from the usual gRPC API,\nwhich specifies client TLS config via the `grpc.WithTransportCredentials`. For a plaintext (unencrypted)\nconnection to the server, pass a `nil` TLS config; however, this does *not* free you from passing the\n`grpc.WithInsecure()` (nor `grpc.WithTransportCredentials(insecure.NewCredentials())`) gRPC dial option.\n\nThe last (variadic) parameter specifies options that modify the dialing behavior. You can pass any gRPC dial\noptions via `client.DialOpts(...)`; however, the `grpc.WithTransportCredentials` option will not be needed.\nBy default, adaptive gRPC-Web downgrading is used. To use WebSockets, pass `true` to the `client.UseWebSocket` option.\n\nAnother important option is `client.ForceHTTP2()`, which needs to be used for\na plaintext connection to a server that is *not* HTTP/1.1 capable (e.g., the vanilla gRPC server).\nThis option is ignored when WebSockets are used. Again, check out the\ncode in the `_integration-tests` directory.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstackrox%2Fgo-grpc-http1","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fstackrox%2Fgo-grpc-http1","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstackrox%2Fgo-grpc-http1/lists"}