{"id":34265612,"url":"https://github.com/ctdk/goiardi","last_synced_at":"2026-04-02T03:50:56.549Z","repository":{"id":12088521,"uuid":"14676507","full_name":"ctdk/goiardi","owner":"ctdk","description":"A Chef server written in Go, able to run entirely in memory, with optional persistence with saving the in-memory data to disk or using MySQL or Postgres as the data storage backend. Docs: http://goiardi.readthedocs.io/en/latest/index.html","archived":false,"fork":false,"pushed_at":"2026-02-28T22:51:41.000Z","size":14644,"stargazers_count":282,"open_issues_count":17,"forks_count":37,"subscribers_count":16,"default_branch":"master","last_synced_at":"2026-03-01T01:45:26.357Z","etag":null,"topics":["chef","chef-server","goiardi","golang"],"latest_commit_sha":null,"homepage":"http://goiardi.gl","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ctdk.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":"NOTICE","maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2013-11-25T04:53:17.000Z","updated_at":"2026-02-28T21:59:40.000Z","dependencies_parsed_at":"2024-06-18T13:39:28.324Z","dependency_job_id":"7d5423c2-bb81-497d-b51a-4f15b7a90c28","html_url":"https://github.com/ctdk/goiardi","commit_stats":null,"previous_names":[],"tags_count":109,"template":false,"template_full_name":null,"purl":"pkg:github/ctdk/goiardi","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ctdk%2Fgoiardi","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ctdk%2Fgoiardi/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ctdk%2Fgoiardi/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ctdk%2Fgoiardi/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ctdk","download_url":"https://codeload.github.com/ctdk/goiardi/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ctdk%2Fgoiardi/sbom","scorecard":{"id":311654,"data":{"date":"2025-08-11","repo":{"name":"github.com/ctdk/goiardi","commit":"14dd4236885f17951d5945e1263091506b4e1f38"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.2,"checks":[{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":3,"reason":"Found 7/23 approved changesets -- score normalized to 3","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Security-Policy","score":4,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Warn: no linked content found","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact v0.11.10 not signed: https://api.github.com/repos/ctdk/goiardi/releases/17495004","Warn: release artifact v0.11.8 not signed: https://api.github.com/repos/ctdk/goiardi/releases/11282963","Warn: release artifact v0.11.7 not signed: https://api.github.com/repos/ctdk/goiardi/releases/9414391","Warn: release artifact v0.11.5 not signed: https://api.github.com/repos/ctdk/goiardi/releases/6740720","Warn: release artifact v0.11.4 not signed: https://api.github.com/repos/ctdk/goiardi/releases/6345554","Warn: release artifact v0.11.10 does not have provenance: https://api.github.com/repos/ctdk/goiardi/releases/17495004","Warn: release artifact v0.11.8 does not have provenance: https://api.github.com/repos/ctdk/goiardi/releases/11282963","Warn: release artifact v0.11.7 does not have provenance: https://api.github.com/repos/ctdk/goiardi/releases/9414391","Warn: release artifact v0.11.5 does not have provenance: https://api.github.com/repos/ctdk/goiardi/releases/6740720","Warn: release artifact v0.11.4 does not have provenance: https://api.github.com/repos/ctdk/goiardi/releases/6345554"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Pinned-Dependencies","score":2,"reason":"dependency not pinned by hash detected -- score normalized to 2","details":["Warn: containerImage not pinned by hash: .circleci/Dockerfile:1: pin your Docker image by updating circleci/golang:1.10 to circleci/golang:1.10@sha256:75983d7d418a9436186a1a33d33fbfbc4a56715ee50c8189d0c9259d9df945fd","Warn: containerImage not pinned by hash: Dockerfile:1: pin your Docker image by updating golang:1.12 to golang:1.12@sha256:d0e79a9c39cdb3d71cc45fec929d1308d50420b79201467ec602b1b80cc314a8","Warn: goCommand not pinned by hash: .circleci/Dockerfile:5-9","Warn: goCommand not pinned by hash: Dockerfile:21","Info:   0 out of   2 containerImage dependencies pinned","Info:   1 out of   3 goCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 14 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"32 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GO-2022-0391 / GHSA-6jvc-q2x7-pchv / GHSA-76wf-9vgp-pj7w","Warn: Project is vulnerable to: GO-2022-0635 / GHSA-7f33-f4f5-xwgw","Warn: Project is vulnerable to: GO-2022-0646 / GHSA-f5pg-7wfw-84q9","Warn: Project is vulnerable to: GO-2024-2947 / GHSA-v6v8-xj6m-xwqh","Warn: Project is vulnerable to: GO-2022-0536 / GHSA-39qc-96h7-956f / GHSA-hgr8-6h9x-f7q9","Warn: Project is vulnerable to: GO-2022-0236 / GHSA-h86h-8ppg-mxmh","Warn: Project is vulnerable to: GO-2021-0238 / GHSA-83g2-8m93-v3w7","Warn: Project is vulnerable to: GO-2022-0288","Warn: Project is vulnerable to: GO-2022-0969 / GHSA-69cg-p879-7622","Warn: Project is vulnerable to: GO-2022-1144 / GHSA-xrjj-mj9h-534m","Warn: Project is vulnerable to: GO-2023-1571 / GHSA-vvpx-j8f3-3w6h","Warn: Project is vulnerable to: GO-2023-1988 / GHSA-2wrh-6pvc-2jm9","Warn: Project is vulnerable to: GO-2023-2102 / GHSA-4374-p667-p6c8","Warn: Project is vulnerable to: GHSA-qppj-fm5r-hxr3","Warn: Project is vulnerable to: GO-2024-2687 / GHSA-4v7x-pqxf-cx7m","Warn: Project is vulnerable to: GO-2024-3333","Warn: Project is vulnerable to: GO-2025-3503 / GHSA-qxp5-gwg8-xv66","Warn: Project is vulnerable to: GO-2025-3595 / GHSA-vvgc-356p-c3xw","Warn: Project is vulnerable to: GO-2024-2631 / GHSA-c5q2-7r4c-mv6g","Warn: Project is vulnerable to: GO-2022-0229 / GHSA-cjjc-xp8v-855w","Warn: Project is vulnerable to: GO-2020-0012 / GHSA-ffhg-7mh4-33c4","Warn: Project is vulnerable to: GO-2021-0227 / GHSA-3vm4-22fp-5rfm","Warn: Project is vulnerable to: GO-2022-0968 / GHSA-gwc9-m7rh-j2ww","Warn: Project is vulnerable to: GO-2021-0356 / GHSA-8c26-wmh5-6g9v","Warn: Project is vulnerable to: GO-2024-2961","Warn: Project is vulnerable to: GO-2023-2402 / GHSA-45x7-px36-x8w8","Warn: Project is vulnerable to: GO-2024-3321 / GHSA-v778-237x-gjrc","Warn: Project is vulnerable to: GO-2025-3487 / GHSA-hcg3-q754-cr77","Warn: Project is vulnerable to: GO-2022-0493 / GHSA-p782-xgp4-8hr8","Warn: Project is vulnerable to: GO-2020-0015 / GHSA-5rcv-m4m3-hfh7","Warn: Project is vulnerable to: GO-2021-0113 / GHSA-ppp9-7jff-5vj2","Warn: Project is vulnerable to: GO-2022-1059 / GHSA-69ch-w2m2-3vjp"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-17T23:16:23.207Z","repository_id":12088521,"created_at":"2025-08-17T23:16:23.207Z","updated_at":"2025-08-17T23:16:23.207Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31294527,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-02T01:43:37.129Z","status":"online","status_checked_at":"2026-04-02T02:00:08.535Z","response_time":89,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["chef","chef-server","goiardi","golang"],"created_at":"2025-12-16T17:25:02.294Z","updated_at":"2026-04-02T03:50:56.542Z","avatar_url":"https://github.com/ctdk.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"Goiardi\n=======\n\n[![Circle CI](https://circleci.com/gh/ctdk/goiardi/tree/master.svg?style=svg\u0026circle-token=849db1a2f08048be1253cfb876483949b4dc7d7e)](https://circleci.com/gh/ctdk/goiardi/tree/master) [![Documentation Status](https://readthedocs.org/projects/goiardi/badge/?version=latest)](http://goiardi.readthedocs.io/en/latest/?badge=latest) [![GoDoc](https://godoc.org/github.com/ctdk/goiardi?status.svg)](https://pkg.go.dev/github.com/ctdk/goiardi)\n\nGoiardi is an implementation of the Chef server (http://www.chef.io) written\nin Go. It can either run entirely in memory with the option to save and load the\nin-memory data and search indexes to and from disk, drawing inspiration from\nchef-zero, or it can use MySQL or PostgreSQL as its storage backend.\n\nDOCUMENTATION\n-------------\nThe full goiardi documentation has been moved out of this README because it was\ngetting too big to be easily manageable. It now uses sphinx to manage and format\nthe documentation, which can be found under the `docs/` directory. To learn\nabout sphinx-doc, see http://sphinx-doc.org/. The documentation can also be\nfound online at http://goiardi.readthedocs.io/en/latest/.\n\nIn addition to the aforementioned Chef documentation at http://docs.chef.io,\nmore documentation specific to goiardi can be viewed with godoc. See\n[here](https://godoc.org/golang.org/x/tools/cmd/godoc) for an explanation of how\ngodoc works. The goiardi godocs can also be viewed online at\nhttps://pkg.go.dev/github.com/ctdk/goiardi.\n\nTODO\n----\n\nSee the TODO file for an up-to-date list of what needs to be done. There's a\nlot.\n\nBUGS\n----\n\nThere's going to be a lot of these for a while, so we'll just keep those in a\nBUGS file, won't we?\n\nWHY?\n----\n\nThis started as a project to learn Go, and because I thought that an in memory\nchef server would be handy. Then I found out about chef-zero, but I still wanted\na project to learn Go, so I kept it up. Chef 11 Server also only runs under\nLinux at this time, while Goiardi is developed under Mac OS X and ought to run\nunder any platform Go supports (only partially tested at this time though).\n\nCONTRIBUTING\n------------\n\nIf you feel like contributing, great! Just fork the repo, make your\nimprovements, and submit a pull request. Tests would, of course, be appreciated.\nAdding tests where there are no tests currently would be even more appreciated.\nAt least, though, try and not break anything worse than it is. Test coverage has\nimproved, but is still an ongoing concern.\n\nAUTHOR\n------\n\nJeremy Bingham (\u003cjeremy@goiardi.gl\u003e)\n\nCOPYRIGHT\n---------\n\nCopyright (c) 2013-2020, Jeremy Bingham\n\nThe `depgraph` and `digraph` packages are vendored from terraform and are\ncopyrighted by Hashicorp.\n\nCODE OF CONDUCT\n---------------\n\nThis project adheres to the [Open Code of Conduct][code-of-conduct]. By participating, you are expected to honor this code.\n[code-of-conduct]: http://todogroup.org/opencodeofconduct/#Goiardi/abuse-coc@goiardi.gl\n\nThis code of conduct can also be found in CONDUCT.md in this repository.\n\nLICENSE\n-------\n\nLike many Chef ecosystem programs, goairdi is licensed under the Apache 2.0\nLicense. See the LICENSE file for details.\n\nThe goiardi documentation in the `docs` directory is licensed under a Creative\nCommons Attribution 4.0 International (CC-BY 4.0) License.\n\nChef is copyright (c) 2008-2020 Chef Software (formerly Opscode, Inc.) and its\nvarious contributors.\n\nThe `depgraph` and `digraph` packages are vendored from Hashicorp's terraform\npackage, and is under the Mozilla Public License version 2.0. The MPL is\nincluded in those directories and applies only to those files.\n\nA small part of `go-chef/chef` is included under the `authentication` directory\nto remove a circular dependency with tests between goiardi and go-chef, only\nenough to make a minimal client sufficient to test authenticating headers. It is\ncopyright 2013-2019, Jesse Nelson under the terms of the Apache 2.0 license.\n\nThanks go out to the fine folks of Chef Software and the Chef community for all \ntheir hard work.\n\nAlso, if you were wondering, Ettore Boiardi was the man behind Chef Boyardee.\nWakka wakka.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fctdk%2Fgoiardi","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fctdk%2Fgoiardi","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fctdk%2Fgoiardi/lists"}