docs(jwt): 补充关于处理大整数ID精度丢失问题的说明及解决方案 #1352
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
docs: 明确多次调用NewOpenTelemetryProvider时的资源管理要求 。强调必须先调用Shutdown才能再次调用NewOpenTelemetryProvider,避免资源泄漏。
docs: 明确多次调用NewOpenTelemetryProvider时的资源管理要求。 强调必须先调用Shutdown才能再次调用NewOpenTelemetryProvider,避免资源泄漏以及网络连接混乱。
docs: 明确在重复调用`NewOpenTelemetryProvider`时,用户需要自行通过`Shutdown`来关闭前一个provider实例维护的trace/metric exporter client实例,否则会导致资源泄露和网络连接混乱问题。
|
感谢你的反馈。这看上去不是该库的问题,这是标准json库的行为,这是预期之内的。 如果需要增加提示,建议反馈到相应仓库,更新其README。 jwt 是第三方的库,而这里的文档主要是介绍基本的使用,而具体的使用以及问题,都建议参考相关仓库的说明。 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
背景
在使用 hertz-contrib/jwt 中间件时,如果
payload中包含大整数(如雪花算法生成的int64类型 ID),中间件在解析该token时,默认会将这个大整数解析为float64类型。由于float64的有效精度限制,可能会导致原始的int64值丢失精度,从而得到一个错误的ID,从而引发用户身份识别错误等严重且难以排查的Bug。这对于用户来说是一个非常隐蔽的陷阱。关联 Issue:
hertz-contrib/jwt#12, hertz-contrib/jwt#25
本次变更
为了帮助开发者提前规避此问题,本次PR在
PayloadFunc函数的文档说明中,增加了一段关于“大整数精度丢失风险”的提示。该提示明确指出了问题原因,并提供了两种建议方案:ParserOption的WithJSONNumber选项。本次PR旨在提醒开发者在使用JWT传递大整数ID时存在精度问题,并直接在文档中给出最佳实践,减少开发者的踩坑和调试时间。