{"id":43034815,"url":"https://github.com/maratori/testpackage","last_synced_at":"2026-01-31T08:14:30.485Z","repository":{"id":38342224,"uuid":"219530973","full_name":"maratori/testpackage","owner":"maratori","description":"Golang linter that encourages you to use a separate _test package","archived":false,"fork":false,"pushed_at":"2026-01-20T09:21:17.000Z","size":750,"stargazers_count":51,"open_issues_count":3,"forks_count":3,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-01-20T18:59:36.686Z","etag":null,"topics":["go","golang","linter","testing"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/maratori.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2019-11-04T15:15:39.000Z","updated_at":"2026-01-20T09:21:21.000Z","dependencies_parsed_at":"2023-12-28T10:27:52.601Z","dependency_job_id":"81353b79-3120-43fa-9638-5125f0db32ad","html_url":"https://github.com/maratori/testpackage","commit_stats":{"total_commits":82,"total_committers":6,"mean_commits":"13.666666666666666","dds":"0.41463414634146345","last_synced_commit":"dba55294ff9ccb413151f94636b6d9cc100b74d0"},"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"purl":"pkg:github/maratori/testpackage","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/maratori%2Ftestpackage","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/maratori%2Ftestpackage/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/maratori%2Ftestpackage/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/maratori%2Ftestpackage/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/maratori","download_url":"https://codeload.github.com/maratori/testpackage/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/maratori%2Ftestpackage/sbom","scorecard":{"id":32146,"data":{"date":"2025-08-04","repo":{"name":"github.com/maratori/testpackage","commit":"65847644e0df58b4a4cc7fcd93fe0c57c18d8a67"},"scorecard":{"version":"v5.2.1-28-gc1d103a9","commit":"c1d103a9bb9f635ec7260bf9aa0699466fa4be0e"},"score":6,"checks":[{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#dangerous-workflow"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#binary-artifacts"}},{"name":"Code-Review","score":-1,"reason":"Found no human activity in the last 12 changesets","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#code-review"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/ci.yaml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":2,"reason":"badge detected: InProgress","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#signed-releases"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/maratori/testpackage/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/maratori/testpackage/ci.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yaml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/maratori/testpackage/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/maratori/testpackage/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/maratori/testpackage/ci.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yaml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/maratori/testpackage/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/maratori/testpackage/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/maratori/testpackage/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/maratori/testpackage/ci.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yaml:83: update your workflow using https://app.stepsecurity.io/secureworkflow/maratori/testpackage/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/maratori/testpackage/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/maratori/testpackage/ci.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yaml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/maratori/testpackage/ci.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yaml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/maratori/testpackage/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/maratori/testpackage/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/maratori/testpackage/ci.yaml/main?enable=pin","Warn: containerImage not pinned by hash: dev.dockerfile:2","Warn: containerImage not pinned by hash: dev.dockerfile:5","Warn: containerImage not pinned by hash: dev.dockerfile:7","Info:   0 out of  11 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   5 third-party GitHubAction dependencies pinned","Info:   0 out of   3 containerImage dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#pinned-dependencies"}},{"name":"Branch-Protection","score":4,"reason":"branch protection is not maximal on development and all release branches","details":["Info: 'allow deletion' disabled on branch 'main'","Info: 'force pushes' disabled on branch 'main'","Info: 'branch protection settings apply to administrators' is required to merge on branch 'main'","Info: 'stale review dismissal' is required to merge on branch 'main'","Warn: branch 'main' does not require approvers","Warn: codeowners review is not required on branch 'main'","Warn: 'last push approval' is disabled on branch 'main'","Info: 'up-to-date branches' is required to merge on branch 'main'","Info: status check found to merge onto on branch 'main'","Info: PRs are required in order to make changes on branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":10,"reason":"SAST tool is run on all commits","details":["Info: all commits (30) are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-14T19:23:10.651Z","repository_id":38342224,"created_at":"2025-08-14T19:23:10.651Z","updated_at":"2025-08-14T19:23:10.651Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28934822,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-31T07:49:44.436Z","status":"ssl_error","status_checked_at":"2026-01-31T07:49:34.274Z","response_time":128,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["go","golang","linter","testing"],"created_at":"2026-01-31T08:14:29.616Z","updated_at":"2026-01-31T08:14:30.478Z","avatar_url":"https://github.com/maratori.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# testpackage \u003cbr\u003e [![go minimal version][go-img]][go-url] [![go tested version][go-latest-img]][go-latest-url] [![CI][ci-img]][ci-url] [![Codecov][codecov-img]][codecov-url] [![Maintainability][codeclimate-img]][codeclimate-url] [![Go Report Card][goreportcard-img]][goreportcard-url] [![License][license-img]][license-url] [![Go Reference][godoc-img]][godoc-url]\n\n**testpackage** is a golang linter that makes you use a separate `_test` package.\n\n## Motivation\n\nAccording to blackbox testing approach, you should not use unexported functions and methods from source code in tests.\n\nGo allows to place tests in a separate package with suffix `_test`.\nFor example, tests for `store` package can be in the same package or in the package `store_test`.\nIn the second case, you have to import the source code into tests so only exported things are available.\n\nThe linter reports if a test is in a package without suffix `_test`.\nIf you really need to test unexported function, then put the test into file `XXX_internal_test.go`.\nThe linter skips such files by default.\nIt also skips the file `export_test.go` by default (see the last article below).\n\nMore detailed articles on this topic:\n * [Next level Go testing](https://scene-si.org/2019/04/15/next-level-go-testing#public-vs-private-tests-apis) by Tit Petric\n * [5 simple tips and tricks for writing unit tests in #golang](https://medium.com/@matryer/5-simple-tips-and-tricks-for-writing-unit-tests-in-golang-619653f90742) by Mat Ryer\n * [5 advanced testing techniques in Go](https://segment.com/blog/5-advanced-testing-techniques-in-go/#use-a-separate-test-package) by Alan Braithwaite\n * [Golang Trick: Export unexport method for test](https://medium.com/@robiplus/golang-trick-export-for-test-aa16cbd7b8cd) by lysu\n\n## Usage\n\nThe best way is to use [golangci-lint](https://golangci-lint.run/). It includes [testpackage](https://golangci-lint.run/usage/linters/#list-item-testpackage) and a lot of other great linters.\n\n### Install\nSee [official site](https://golangci-lint.run/usage/install/).\n\n### Configuration\n**testpackage** is disabled by default. To enable it, add the following to your `.golangci.yml`:\n```yaml\nlinters:\n  enable:\n    testpackage\n```\n\nYou can also change the regexp that is used to ignore files by the linter,\nand the list of packages that are allowed by default.\n\nHere are the default values:\n```yaml\nlinters-settings:\n  testpackage:\n    skip-regexp: (export|internal)_test\\.go\n    allow-packages:\n      - main\n```\n\n### Run\n```shell script\ngolangci-lint run\n```\n\n## Usage as standalone linter\n\n### Install\n```shell script\ngo install github.com/maratori/testpackage\n```\n\n### Run\n```shell script\ntestpackage ./...\n```\nor\n```shell script\ntestpackage -skip-regexp=\"^$\" ./...\n```\n\n### Command line arguments\n```shell script\ntestpackage -help\n```\n```\ntestpackage: linter that makes you use a separate _test package\n\nUsage: testpackage [-flag] [package]\n\n\nFlags:\n  -skip-regexp string\n        regexp pattern to skip file by name. To not skip files use -skip-regexp=\"^$\" (default \"(export|internal)_test\\\\.go\")\n  -allow-packages string\n        comma separated list of packages that don't end with _test that tests are allowed to be in (default \"main\")\n  -V    print version and exit\n  -c int\n        display offending line with this many lines of context (default -1)\n  -cpuprofile string\n        write CPU profile to this file\n  -debug string\n        debug flags, any subset of \"fpstv\"\n  -fix\n        apply all suggested fixes\n  -flags\n        print analyzer flags in JSON\n  -json\n        emit JSON output\n  -memprofile string\n        write memory profile to this file\n  -test\n        indicates whether test files should be analyzed, too (default true)\n  -trace string\n        write trace log to this file\n```\n\n## Contributors\n* [maratori](https://github.com/maratori)\n* [G-Rath](https://github.com/G-Rath)\n\n## Changelog\n\n### [v1.1.2] - 2025-11-07\n\n#### Changed\n* Update Go to 1.22\n* Update dependencies\n* Update golangci-lint\n* Update Makefile\n* Test the latest Go version on CI\n* Test the latest dependencies from [.github/latest-deps/go.mod](.github/latest-deps/go.mod) on CI\n\n### [v1.1.1] - 2023-03-07\n\n#### Changed\n* No changes in linter behavior\n* Update Go to 1.20\n* Update dependencies\n* Update golangci-lint\n* Update Makefile\n\n### [v1.1.0] - 2022-06-22\n\n#### Changed\n* Allow tests in `main` package by default and add flag `-allow-packages` to allow tests without `_test` suffix (thanks [G-Rath](https://github.com/G-Rath))\n* Update Go to 1.18\n* Migrate to [github actions](https://github.com/maratori/testpackage/actions/workflows/ci.yaml) from travis-ci\n* Update golangci-lint\n\n### [v1.0.1] - 2020-04-22\n\n#### Changed\n* No changes in linter behavior\n* Use latest go version on CI\n* Update Makefile\n* Update golangci-lint\n\n### [v1.0.0] - 2019-11-10\n\n#### Added\n* Go Analyzer to check the name of test package\n* `main.go` to run the analyzer\n* MIT [license](LICENSE)\n\n\n[go-img]: https://img.shields.io/github/go-mod/go-version/maratori/testpackage\n[go-url]: /go.mod\n[go-latest-img]: https://img.shields.io/github/go-mod/go-version/maratori/testpackage?filename=.github%2Flatest-deps%2Fgo.mod\u0026label=tested\n[go-latest-url]: /.github/latest-deps/go.mod\n[ci-img]: https://github.com/maratori/testpackage/actions/workflows/ci.yaml/badge.svg\n[ci-url]: https://github.com/maratori/testpackage/actions/workflows/ci.yaml\n[codecov-img]: https://codecov.io/gh/maratori/testpackage/branch/main/graph/badge.svg?token=Pa334H8xEh\n[codecov-url]: https://codecov.io/gh/maratori/testpackage\n[codeclimate-img]: https://api.codeclimate.com/v1/badges/bf753d7560c8e4aa5cf0/maintainability\n[codeclimate-url]: https://codeclimate.com/github/maratori/testpackage/maintainability\n[goreportcard-img]: https://goreportcard.com/badge/github.com/maratori/testpackage\n[goreportcard-url]: https://goreportcard.com/report/github.com/maratori/testpackage\n[license-img]: https://img.shields.io/github/license/maratori/testpackage.svg\n[license-url]: /LICENSE\n[godoc-img]: https://pkg.go.dev/badge/github.com/maratori/testpackage.svg\n[godoc-url]: https://pkg.go.dev/github.com/maratori/testpackage\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmaratori%2Ftestpackage","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmaratori%2Ftestpackage","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmaratori%2Ftestpackage/lists"}