{"id":18532281,"url":"https://github.com/colesico/colesico-framework","last_synced_at":"2025-10-14T00:35:02.741Z","repository":{"id":38455136,"uuid":"142398257","full_name":"colesico/colesico-framework","owner":"colesico","description":"Micro framework for creating server side applications in Java 17+","archived":false,"fork":false,"pushed_at":"2025-04-18T10:08:24.000Z","size":5970,"stargazers_count":15,"open_issues_count":1,"forks_count":4,"subscribers_count":0,"default_branch":"master","last_synced_at":"2025-08-14T05:03:46.231Z","etag":null,"topics":["dependency-injection","full-stack","java","lightweight","micro-framework","microservices","plugin-system","rest-api"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/colesico.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-07-26T06:26:50.000Z","updated_at":"2025-04-09T10:13:08.000Z","dependencies_parsed_at":"2024-11-21T13:23:17.809Z","dependency_job_id":"0152354c-fa66-4db0-a148-d98bab2237ba","html_url":"https://github.com/colesico/colesico-framework","commit_stats":{"total_commits":684,"total_committers":5,"mean_commits":136.8,"dds":"0.33187134502923976","last_synced_commit":"fefb088fb19c807bdc18b1de8c508564e0f9e3ab"},"previous_names":[],"tags_count":68,"template":false,"template_full_name":null,"purl":"pkg:github/colesico/colesico-framework","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/colesico%2Fcolesico-framework","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/colesico%2Fcolesico-framework/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/colesico%2Fcolesico-framework/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/colesico%2Fcolesico-framework/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/colesico","download_url":"https://codeload.github.com/colesico/colesico-framework/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/colesico%2Fcolesico-framework/sbom","scorecard":{"id":299369,"data":{"date":"2025-08-11","repo":{"name":"github.com/colesico/colesico-framework","commit":"d3b256781805f14d45486dddd7bc92d2094edeba"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.3,"checks":[{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/colesico.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/colesico.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/colesico/colesico-framework/colesico.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/colesico.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/colesico/colesico-framework/colesico.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/colesico.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/colesico/colesico-framework/colesico.yml/master?enable=pin","Info:   0 out of   3 GitHub-owned GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Vulnerabilities","score":9,"reason":"1 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-j288-q9x7-2f5v"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-17T20:16:49.656Z","repository_id":38455136,"created_at":"2025-08-17T20:16:49.656Z","updated_at":"2025-08-17T20:16:49.656Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279017355,"owners_count":26086052,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-13T02:00:06.723Z","response_time":61,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dependency-injection","full-stack","java","lightweight","micro-framework","microservices","plugin-system","rest-api"],"created_at":"2024-11-06T19:05:24.007Z","updated_at":"2025-10-14T00:35:02.723Z","avatar_url":"https://github.com/colesico.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Colesico-framework\n\n[![colesico](https://github.com/colesico/colesico-framework/workflows/colesico/badge.svg)](https://github.com/colesico/colesico-framework/actions)\n\n`Colesico-framework` is a lightweight full stack microframework for creating backend and server side web applications with Java 17+.\nIt is inspired by Spring and EJB frameworks but uses more simplified approach to construct an applications. The purpose of this framework is to provide a faster and lightweight alternative. \n\nColesico framework is also  an analog of such frameworks as Quarkus and Micronaut but it is [lighter and faster](https://github.com/colesico/java-frameworks-comparison). It also does not almost use the reflection at runtime. The approach used is the generation of extra auxiliary code at compile time  using the annotation processors.\n\nColesico framework is based on an extendable architecture that makes it easy to integrate third party frameworks. \n\n## Documentation\n\n [Colesico-framework docs/manual](https://github.com/colesico/colesico-framework/blob/master/docs/src/asciidoc/framework.adoc)\n\n## Examples\n\n [Colesico-framework examples](https://github.com/colesico/colesico-framework/tree/master/examples)\n\n## Builds\n\nTo build colesico framework with maven:\n\n```bash\n$ mvn clean install\n```\n\n## Maven dependency\n\n```xml\n\u003cdependency\u003e\n  \u003cgroupId\u003enet.colesico.framework\u003c/groupId\u003e\n  \u003cartifactId\u003ecolesico-[module or bundle]\u003c/artifactId\u003e\n  \u003cversion\u003e${colesico-version}\u003c/version\u003e\n\u003c/dependency\u003e\n```\n\n[${colesico-version}](https://search.maven.org/artifact/net.colesico.framework/colesico-framework)\n\n## License\n\nThis project is licensed under the\n[Apache 2.0 license](https://www.apache.org/licenses/LICENSE-2.0.html).\n\n## Versioning policy\n\nThis project uses modified semver approach.\n\nVersion number: \n\n[major].[moderate].[minor]\n\n* [major] - Massive changes affecting many framework modules or a complete change of architecture.\n            Requires significant client code changes.\n* [moderate] - Minimal loss of backward compatibility that affects a few framework modules. \n            Changes may require a few lines updating in the client code to make it works.\n            This also may not break an application completely, but it may cause partial degradation. \n            Please, pay attention to check your code is working properly on such updates.\n* [minor] - Backward compatible changes that do not require a client code updates to make it work.\n            This may be a bugfixes, new compatible framework features, documentation updates, etc.\n\n\nUpdate 1.2.3 to 1.2.4 - should not require any client code changes.\n\nUpdate 1.2.3 to 1.3.0 - may require some code changes.\n\nUpdate 1.2.3 to 2.0.0 - require significant client code changes.\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcolesico%2Fcolesico-framework","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcolesico%2Fcolesico-framework","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcolesico%2Fcolesico-framework/lists"}