* fix: remove deprecated rand.Seed calls
Go 1.20+ automatically seeds the global random number generator.
These calls are no-ops and generate warnings with newer Go versions.
Removed from:
- selector/strategy.go
- registry/cache/cache.go
- broker/memory.go
- broker/http.go
- cmd/cmd.go
- transport/memory.go
Co-authored-by: Shelley <shelley@exe.dev>
* fix: handle previously ignored errors
- MySQL store: properly handle prepared statement errors in initDB()
- Consul registry: handle client creation errors in Client() method
These silent failures could cause hard-to-debug issues in production.
Co-authored-by: Shelley <shelley@exe.dev>
* feat(genai): improve provider interface with context and streaming
Breaking changes:
- Generate() and Stream() now require context.Context as first parameter
- Stream.Close() added for proper resource cleanup
Improvements:
- Proper context support for cancellation and timeouts
- Real SSE streaming for OpenAI and Gemini text generation
- Better error handling with wrapped errors and API error responses
- Thread-safe provider registry with sync.RWMutex
- New options: WithMaxTokens, WithTemperature, WithTimeout
- Stream has proper Close() method for cleanup
- Results can include Error field for per-chunk errors
Provider updates:
- OpenAI: true streaming with SSE parsing, proper HTTP client with timeout
- Gemini: true streaming with streamGenerateContent endpoint
- Default model updated to gpt-4o-mini (OpenAI) and gemini-2.0-flash (Gemini)
Co-authored-by: Shelley <shelley@exe.dev>
* feat(tls): make TLS secure by default, configurable via environment
BREAKING: TLS now verifies certificates by default. Set MICRO_TLS_INSECURE=true
to restore previous behavior (NOT recommended for production).
Changes:
- Add util/tls.Config(), SecureConfig(), InsecureConfig(), ConfigFromEnv() helpers
- Update all components to use ConfigFromEnv() instead of hardcoded InsecureSkipVerify
- Set MinVersion to TLS 1.2 for all TLS configs
Affected components:
- broker/http
- broker/rabbitmq
- registry/etcd
- registry/consul
- transport/grpc
This improves security posture while allowing opt-out for development environments.
Co-authored-by: Shelley <shelley@exe.dev>
* feat(tls): add TLS helpers with opt-in secure mode
NOT a breaking change - keeps InsecureSkipVerify=true as default for
local development compatibility.
New util/tls helpers:
- Config() - returns config based on MICRO_TLS_SECURE env var
- SecureConfig() - certificate verification enabled
- InsecureConfig() - certificate verification disabled (dev only)
For production security, use one of:
- Set MICRO_TLS_SECURE=true with proper CA-signed certs
- Use a service mesh (Istio, Linkerd) for automatic mTLS
- Configure TLSConfig directly with your certificates
Also: Changed CLI alias from 'g' to 'gen' for clarity
- micro generate handler -> micro gen handler
Co-authored-by: Shelley <shelley@exe.dev>
* refactor(cli): rename generate directory to gen for consistency
Directory name now matches the command alias:
cmd/micro/cli/gen/ -> micro gen handler
Co-authored-by: Shelley <shelley@exe.dev>
---------
Co-authored-by: Shelley <shelley@exe.dev>
* Update http.go
Exit before deregister is executed
* Create http.go
Exit before deregister is executed
* Solve the problem that the resources have not been fully released due to early exit
* Optimize some code
* Optimize some code
asim
Lukasz Raczylo
David Brouwer
Mohamed MHAMDI
JeffreyBool
Vasiliy Tolstov
xinfei.wu
Mikhail Grachev
Asim Aslam
Uffy
wangkechun