{"id":13700902,"url":"https://github.com/dearplain/goloader","last_synced_at":"2026-01-14T20:52:17.264Z","repository":{"id":50425061,"uuid":"123308947","full_name":"dearplain/goloader","owner":"dearplain","description":"load and run golang code at runtime. (WARNING: this repo has not been maintained for a long time, please take a look at https://github.com/pkujhd/goloader)","archived":false,"fork":false,"pushed_at":"2019-11-15T08:30:38.000Z","size":51,"stargazers_count":620,"open_issues_count":4,"forks_count":62,"subscribers_count":31,"default_branch":"master","last_synced_at":"2026-01-13T02:28:20.711Z","etag":null,"topics":["dynamic","go","golang","hot-reload","plugin","script"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dearplain.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-02-28T16:07:40.000Z","updated_at":"2025-11-12T02:56:32.000Z","dependencies_parsed_at":"2022-09-21T11:02:41.008Z","dependency_job_id":null,"html_url":"https://github.com/dearplain/goloader","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/dearplain/goloader","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dearplain%2Fgoloader","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dearplain%2Fgoloader/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dearplain%2Fgoloader/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dearplain%2Fgoloader/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dearplain","download_url":"https://codeload.github.com/dearplain/goloader/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dearplain%2Fgoloader/sbom","scorecard":{"id":330913,"data":{"date":"2025-08-11","repo":{"name":"github.com/dearplain/goloader","commit":"2b1e47d74273a972e987d8876f69a63382cb495f"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3,"checks":[{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Code-Review","score":0,"reason":"Found 2/29 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 3 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-18T03:35:41.915Z","repository_id":50425061,"created_at":"2025-08-18T03:35:41.915Z","updated_at":"2025-08-18T03:35:41.915Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28434500,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-14T18:57:19.464Z","status":"ssl_error","status_checked_at":"2026-01-14T18:52:48.501Z","response_time":107,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dynamic","go","golang","hot-reload","plugin","script"],"created_at":"2024-08-02T20:01:06.625Z","updated_at":"2026-01-14T20:52:17.242Z","avatar_url":"https://github.com/dearplain.png","language":"Go","readme":"\n# Goloader\n\n[![Build Status](https://travis-ci.org/dearplain/goloader.svg?branch=master)](https://travis-ci.org/dearplain/goloader)\n\nGoloader can load and run Golang code at runtime.\n\n## How does it work?\n\nGoloader works like a linker: it relocates the address of symbols in an object file, generates runnable code, and then reuses the runtime function and the type pointer of the loader.\n\nGoloader provides some information to the runtime and gc of Go, which allows it to work correctly with them.\n\nPlease note that Goloader is not a scripting engine. It reads the output of Go compiler and makes them runnable. All features of Go are supported, and run just as fast and lightweight as native Go code.\n\n## Comparison with plugin\n\nGoloader reuses the Go runtime, which makes it much smaller. And code loaded by Goloader is unloadable.\n\nGoloader is debuggable, and supports pprof tool(Yes, you can see code loaded by Goloader in pprof).\n\n## Build\n\n**Make sure you're using go \u003e= 1.8.**\n\nFirst, execute the following command, then do build and test. This is because Goloader relies on the internal package, which is forbidden by the Go compiler.\n```\ncp -r $GOROOT/src/cmd/internal $GOROOT/src/cmd/objfile\n```\n\n## Examples\n\n```\ngo build github.com/dearplain/goloader/examples/loader\n\ngo tool compile $GOPATH/src/github.com/dearplain/goloader/examples/schedule/schedule.go\n./loader -o schedule.o -run main.main -times 10\n\ngo tool compile $GOPATH/src/github.com/dearplain/goloader/examples/base/base.go\n./loader -o base.o -run main.main\n\ngo tool compile $GOPATH/src/github.com/dearplain/goloader/examples/http/http.go\n./loader -o http.o -run main.main\n\n#build multiple go files\ngo tool compile -I $GOPATH/pkg/darwin_amd64 1.go 2.go\n\n#build for arm32\nGOOS=linux GOARCH=arm GOARM=5 go install fmt runtime sync net/http time\nGOOS=linux GOARCH=arm GOARM=5 go build github.com/dearplain/goloader/examples/loader\nGOOS=linux GOARCH=arm GOARM=5 go tool compile $GOPATH/src/github.com/dearplain/goloader/examples/base/base.go\n#test on arm32 linux\n./loader -o base.o -run main.main\n```\n\n## Warning\n\nThis has currently only been tested and developed on Golang 1.8, 1.9, and 1.10 (x64/x86, darwin, linux, windows).\nBe aware of Golang's internal structs change, especially the moduledata struct.\n","funding_links":[],"categories":["Go"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdearplain%2Fgoloader","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdearplain%2Fgoloader","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdearplain%2Fgoloader/lists"}