{"id":36417025,"url":"https://github.com/cschanck/single-file-java","last_synced_at":"2026-01-11T17:00:08.431Z","repository":{"id":54498987,"uuid":"247379467","full_name":"cschanck/single-file-java","owner":"cschanck","description":"One file, one piece of functionality. No dependencies.","archived":false,"fork":false,"pushed_at":"2020-10-13T20:56:41.000Z","size":11647,"stargazers_count":52,"open_issues_count":2,"forks_count":8,"subscribers_count":9,"default_branch":"master","last_synced_at":"2025-07-07T05:19:04.580Z","etag":null,"topics":["csv-parser","dotty","java-utils","kvstore","minimalist","parser","paxos"],"latest_commit_sha":null,"homepage":"http://www.singlefilejava.org","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cschanck.png","metadata":{"files":{"readme":"README.adoc","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-03-15T01:10:29.000Z","updated_at":"2024-11-17T03:57:24.000Z","dependencies_parsed_at":"2022-08-13T17:50:44.124Z","dependency_job_id":null,"html_url":"https://github.com/cschanck/single-file-java","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"purl":"pkg:github/cschanck/single-file-java","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cschanck%2Fsingle-file-java","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cschanck%2Fsingle-file-java/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cschanck%2Fsingle-file-java/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cschanck%2Fsingle-file-java/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cschanck","download_url":"https://codeload.github.com/cschanck/single-file-java/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cschanck%2Fsingle-file-java/sbom","scorecard":{"id":310707,"data":{"date":"2025-08-11","repo":{"name":"github.com/cschanck/single-file-java","commit":"577cbb5a2d9edc01dcdac5f2df42851667e9fb2f"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.4,"checks":[{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/maven.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Code-Review","score":0,"reason":"Found 1/16 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/cschanck/single-file-java/maven.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/cschanck/single-file-java/maven.yml/master?enable=pin","Info:   0 out of   2 GitHub-owned GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 28 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-17T23:08:14.539Z","repository_id":54498987,"created_at":"2025-08-17T23:08:14.540Z","updated_at":"2025-08-17T23:08:14.540Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28314253,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-11T14:58:17.114Z","status":"ssl_error","status_checked_at":"2026-01-11T14:55:53.580Z","response_time":60,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["csv-parser","dotty","java-utils","kvstore","minimalist","parser","paxos"],"created_at":"2026-01-11T17:00:07.802Z","updated_at":"2026-01-11T17:00:08.414Z","avatar_url":"https://github.com/cschanck.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"= Single File Java\n:author: cschanck\n\nWhat can you do in one file, no dependencies?\n\nModern Java development is often a joy *because* of the extensive ecosystem.\nLots of the time, you can easily rely on lots of third-party libraries to help\nbuild your masterpiece.\n\nThis is one of the great strengths of Java, no question, and in no way would\nI want to do professional Java without the ecosystem.\n\nHowever, it can be instructive to look backwards, back to a time before build\nsystems with automatic dependencies, back before frameworks upon frameworks,\nback when if you wanted something to work -- you built it yourself. The whole thing.\nNo libraries from kind strangers.\n\nSoftware minimalism is alive!\n\n== Ground Rules\n\n* 1000 lines in a file, no more than 132 chars on a line, commented enough\nto be useful.\n** This led to minor formatting tricks in the case of PegLegParser, which is\njuuuust barely under 1000 lines.\n** But stick to the included IntelliJ code style definition in the repo\n* *No dependencies* beyond test code deps for your single test file.\n* *Apache 2.0 License*. Thank you.\n* 1 piece of functionality; i.e., collections of random misc utils don't count.\n* Not production pretty, necessarily. These classes are best regarded as erector\nset pieces for rapid prototyping, not production deployment. This means you are free\nto:\n** use deprecated/risky things like Serialization\n** forgo getters and setters in favor of direct field access\n** be slightly unconcerned with visibility of fields and methods\n** use Unsafe, etc.\n** do evil reflection tricks\n** ignore casting warnings and such. (Linting not a priority)\n** don't feel compelled to do argument/bounds checking if there is no room\n* Should still have useful comments, and yes those lines count.\n* Learn to lean on internal Java things. Inner classes/interfaces help a lot,\nas can thread pools and such.\n* One JUnit4 test file, which also functions as a good place to show how to use\nthe file; you can have test scoped dependencies.\n* For the moment, language level of Java 8, though I am wondering about Java 11.\nBut still, lots of folks are working in 8. Something to revisit.\n\nYou are allowed (encouraged) one Asciidoc doc file per file, in src/docs. This\ncan be used if the unit test file plus comments is insufficient to describe\nhow to use the file.\n\nThe priority is on working, reliable code, suitable for prototyping something\nlarger. Performance is not a top priority.\n\nFeel free to think about building \"mini-frameworks\". For example, the\nLittleCASPaxos implementation delegates all of the network and storage\nfunctionality to some interfaces a user would have to provide; network transport\nand key-value persistence are not actually part of the LittleCASPaxos remit.\n\n== How Did We Get Here?\n\nSo, the way I started this was because I needed quick and dirty\npersistence, and some recent annoyances with third-party deps made me decide to\nsee how fast I could build a thing. It was a short hop from \"how fast\" to \"how\nsmall\"; in the old days, when I started coding (long before humans invented the\nwheel :-) ), small, tight code was _everything_.\n\n\"How small can I make it\" somehow morphed into \"let's see if I can do it in one\nfile\", and then -- I ended up with ChiseledMap, a useful single file persistent\nmap. What I found was that it was wonderfully concentrating and freeing to\nrestrict myself to no outside libraries, and only one file. It was also nice to\nignore the \"production quality\" ogre a bit, since we all deal with that beast at\nour day jobs all the time. Being free to use things like serialization, not be\nhyper concerned with security, and not totally worry about perf can be very\nnice.\n\nIt's also easier to be restricted this way than you might think. The Java\nstandard library is really rich, with a ton of adequate things built in. You'll\nbe surprised what it is like to code something this way; I would not have bet\nthat I could do a Single-Decree Paxos impl in under 300 SLOCS, for example, but\nthe bounded nature of the project helped me stay focused.\n\nAnother, very minor motivation was to refute the constant whining about\nhow verbose Java is. Java can be verbose, but that is also part of its strength.\nBut even with the verbosity, you can write a lot with a little code.\n\nAnd yes, this can end up looking like a hodgepodge of random utilities. Duly noted.\n\n== Usage \u0026 Docs\nSee the Overview doc for a description of current files. See specific docs in \nsrc/docs for more info. \n\n== Maven!\n\nWe're on Maven Central!\n\n```\n    \u003cdependency\u003e\n      \u003cgroupId\u003eorg.singlefilejava\u003c/groupId\u003e\n      \u003cartifactId\u003esingle-file-java\u003c/artifactId\u003e\n      \u003cversion\u003e1.2.0\u003c/version\u003e\n    \u003c/dependency\u003e\n```\n\nBut really, you can just download the file you need if you like, and modify to\nsuit.\n \n== Contributing\n\nFeel free! Push a PR, or just file an Issue as an idea. Try and keep the\nguidelines in mind, obvs, but aim high.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcschanck%2Fsingle-file-java","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcschanck%2Fsingle-file-java","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcschanck%2Fsingle-file-java/lists"}