{"id":13413453,"url":"https://github.com/muir/nject","last_synced_at":"2026-01-12T12:50:23.688Z","repository":{"id":38204746,"uuid":"406604965","full_name":"muir/nject","owner":"muir","description":"Golang type-safe dependency injection","archived":false,"fork":false,"pushed_at":"2025-11-14T21:41:57.000Z","size":551,"stargazers_count":30,"open_issues_count":1,"forks_count":2,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-11-14T23:37:50.610Z","etag":null,"topics":["dependency-injection","go","golang","golang-library"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/muir.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2021-09-15T03:48:32.000Z","updated_at":"2025-11-14T21:41:59.000Z","dependencies_parsed_at":"2025-05-05T20:28:08.369Z","dependency_job_id":"d4dde031-fce9-423a-a783-b0ee2e6490bb","html_url":"https://github.com/muir/nject","commit_stats":{"total_commits":179,"total_committers":5,"mean_commits":35.8,"dds":0.1899441340782123,"last_synced_commit":"aaae50e3e545a0fa474b01f871c0dd8caa89b6c7"},"previous_names":[],"tags_count":47,"template":false,"template_full_name":null,"purl":"pkg:github/muir/nject","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/muir%2Fnject","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/muir%2Fnject/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/muir%2Fnject/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/muir%2Fnject/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/muir","download_url":"https://codeload.github.com/muir/nject/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/muir%2Fnject/sbom","scorecard":{"id":667635,"data":{"date":"2025-08-20T22:42:45Z","repo":{"name":"github.com/muir/nject","commit":"29907803b46f2d9b45cb32d60a47e607156c9178"},"scorecard":{"version":"v5.2.1","commit":"ab2f6e92482462fe66246d9e32f642855a691dc1"},"score":5.7,"checks":[{"name":"Code-Review","score":3,"reason":"Found 3/10 approved changesets -- score normalized to 3","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#code-review"}},{"name":"Maintained","score":3,"reason":"4 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 3","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#maintained"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#binary-artifacts"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#packaging"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql-analysis.yml:25","Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql-analysis.yml:26","Info: jobLevel 'contents' permission set to 'read': .github/workflows/scorecards.yml:23","Info: jobLevel 'actions' permission set to 'read': .github/workflows/scorecards.yml:24","Info: topLevel 'contents' permission set to 'read': .github/workflows/codecov.yml:6","Warn: no topLevel permission defined: .github/workflows/codeql-analysis.yml:1","Warn: no topLevel permission defined: .github/workflows/go.yml:1","Warn: no topLevel permission defined: .github/workflows/golangci-lint.yml:1","Info: topLevel permissions set to 'read-all': .github/workflows/scorecards.yml:11","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#token-permissions"}},{"name":"Dependency-Update-Tool","score":10,"reason":"update tool detected","details":["Info: detected update tool: Dependabot: .github/dependabot.yml:1"],"documentation":{"short":"Determines if the project uses a dependency update tool.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#dependency-update-tool"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#dangerous-workflow"}},{"name":"Pinned-Dependencies","score":4,"reason":"dependency not pinned by hash detected -- score normalized to 4","details":["Warn: third-party GitHubAction not pinned by hash: .github/workflows/codecov.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/muir/nject/codecov.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/muir/nject/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/muir/nject/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/muir/nject/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/muir/nject/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/muir/nject/go.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/muir/nject/go.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/golangci-lint.yml:8: update your workflow using https://app.stepsecurity.io/secureworkflow/muir/nject/golangci-lint.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/golangci-lint.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/muir/nject/golangci-lint.yml/main?enable=pin","Info:   5 out of  12 GitHub-owned GitHubAction dependencies pinned","Info:   2 out of   4 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#cii-best-practices"}},{"name":"SAST","score":7,"reason":"SAST tool detected but not run on all commits","details":["Info: SAST configuration detected: CodeQL","Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#sast"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#license"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#fuzzing"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#vulnerabilities"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#signed-releases"}},{"name":"Contributors","score":3,"reason":"project has 1 contributing companies or organizations -- score normalized to 3","details":["Info: found contributions from: singlestore"],"documentation":{"short":"Determines if the project has a set of contributors from multiple organizations (e.g., companies).","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#contributors"}},{"name":"CI-Tests","score":10,"reason":"27 out of 27 merged PRs checked by a CI test -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project runs tests before pull requests are merged.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#ci-tests"}}]},"last_synced_at":"2025-08-21T18:39:58.221Z","repository_id":38204746,"created_at":"2025-08-21T18:39:58.221Z","updated_at":"2025-08-21T18:39:58.221Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28338985,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-12T12:22:26.515Z","status":"ssl_error","status_checked_at":"2026-01-12T12:22:10.856Z","response_time":98,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dependency-injection","go","golang","golang-library"],"created_at":"2024-07-30T20:01:40.744Z","updated_at":"2026-01-12T12:50:23.668Z","avatar_url":"https://github.com/muir.png","language":"Go","readme":"# nject - dependency injection \n\n[![Stability: Active](https://masterminds.github.io/stability/active.svg)](https://masterminds.github.io/stability/active.html)\n[![GoDoc](https://godoc.org/github.com/muir/nject?status.png)](https://pkg.go.dev/github.com/muir/nject/v2)\n![unit tests](https://github.com/muir/nject/actions/workflows/go.yml/badge.svg)\n[![report card](https://goreportcard.com/badge/github.com/muir/nject)](https://goreportcard.com/report/github.com/muir/nject)\n[![codecov](https://codecov.io/gh/muir/nject/branch/main/graph/badge.svg)](https://codecov.io/gh/muir/nject)\n\nInstall:\n\n\tgo get github.com/muir/nject/v2\n\n---\n\nThis package provides type-safe dependency injection without requiring\nusers to do type assertions.\n\nDependencies are injected via a call chain: list functions to be called\nthat take and return various parameters.  The functions will be called\nin order using the return values from earlier functions as parameters\nfor later functions.  Only the functions that are needed to be called in\norder to be able to call the last function in the chain are invoked.  Then\nthe last function in the chain is called.\n\nParameters are identified by their types.  To have two different `int`\nparameters, define custom types.\n\nType safety is checked before any functions are called.\n\nFunctions whose outputs are not used are not called.  Functions may\n\"wrap\" the rest of the list so that they can choose to invoke the\nremaining list zero or more times.\n\nChains may be pre-compiled into closures so that they have very little\nruntime penealty.\n\n### example\n\n\tfunc example() {\n\t\t// Sequences can be reused.\n\t\tproviderChain := Sequence(\"example sequence\",\n\t\t\t// Constants can be injected.\n\t\t\t\"a literal string value\",\n\t\t\t// This function will be run if something downstream needs an int\n\t\t\tfunc(s string) int {\n\t\t\t\treturn len(s)\n\t\t\t})\n\t\tRun(\"example\",\n\t\t\tproviderChain,\n\t\t\t// The last function in the list is always run.  This one needs\n\t\t\t// and int and a string.  The string can come from the constant\n\t\t\t// and the int from the function in the provider chain.\n\t\t\tfunc(i int, s string) {\n\t\t\t\tfmt.Println(i, len(s))\n\t\t\t})\n\t}\n\n### Main APIs\n\nNject provides two main APIs: Bind() and Run().\n\nBind() is used when performance matters: given a chain of providers,\nit will write two functions: one to initialize the chain and another to\ninvoke it.  As much as possible, all dependency injection work is done\nat the time of binding and initialization so that the invoke function\noperates with very little overhead.  The chain is initialized when the\ninitialize function is called.  The chain is run when the invoke function\nis called.  Bind() does not run the chain.\n\nRun() is used when ad-hoc injection is desired and performance is not\ncritical.  Run is appropriate when starting servers and running tests.\nIt is not recommended for HTTP endpoint handlers.  Run exectes the\nchain immediately.\n\n### Identified by type\n\nRather than naming values, inputs and outputs are identified by their types.  \nSince Go makes it easy to create new types, this turns out to be quite easy to use.\n\n### Types of providers\n\nMultiple types of providers are supported.\n\n#### Literal values\n\nYou can provide a constant if you have one.\n\n#### Injectors\n\nRegular functions can provide values.  Injectors will be called at\ninitialization time when they're marked as cacheable or at invocation\ntime if they're not.\n\nInjectors can be memoized.\n\nInjectors can return a special error type that stops the chain.\n\nInjectors can use data produced by earlier injectors simply by having\na function parameter that matches the type of a return value of an\nearlier injector.\n\nInjector chains can be collapsed to become a single injector -- this\nallows the chain to branch out in a tree structure so that it can \ngenerate multiple copies of the same type.\n\nInjectors can be automatically reordered so that outputs are generated\nbefore they're required as inputs.\n\n#### Wrappers (aka Middleware)\n\nWrappers are special functions that are responsible for invoking\nthe part of the injection chain that comes after themselves.  They\ndo this by calling an `inner()` function that the nject framework\ndefines for them.\n\nAny arguments to the inner() function are injected as values available\nfurther down the chain.  Any return values from inner() must be returned\nby the final function in the chain or from another wrapper further down\nthe chain.\n\n### Composition\n\nCollections of injectors may be composed by including them in\nother collections.\n\n## Debugging injector chains\n\nIf you chain successfully binds but does not do what you expect, add\nsomething into your chain that receives the `nject.Debugging` type:\n\n\tfunc(d *nject.Debugging) {\n\t\tfmt.Println(\"Injectors included\\n\", d.Included)\n\t}\n\nIf you chain does not bind, then `Debugging` won't help.\nInjection chain errors attempt to be self-explanatory, but sometimes that's not enough.\n\nIf you're building your injection sequence dynamically, it may be useful to print\nthe injection chain.  It has a `String()` method.\n\nIf you think that the issue is with nject, then open an issue with the reproduce information\nthat is available as part of the debugging (`Debugging.Reproduce`) or available by calling\n`nject.DetailedError(err)` on the error returned from `Bind()` or `Run()`.\n\n# Uses\n\nNject has been successfully used for:\n\n- Test frameworks so that test authors specify the test dependencies with the types\n  injected into a function that runs a test.  Using wrappers or `t.Clanup()` in the\n  injection chain allows test writers to skip all or most test cleanup.\n- Endpoint handlers.  Nject makes middleware easier to write.\n- Server startup.\n\n# Related packages\n\nThe following use nject to provide nicer APIs:\n\n- [nape](https://github.com/muir/nape): dependency injection wrappers for binding http endpoint handlers using gorilla/mux\n- [nchi](https://github.com/muir/nchi): http router on top of [httprouter](https://pkg.go.dev/github.com/julienschmidt/httprouter) with a go-chi-like API\n- [nfigure](https://github.com/muir/nfigure): configuration and flag processing\n- [npoint](https://github.com/muir/npoint): dependency injection wrappers for binding http endpoint handlers\n- [nserve](https://github.com/muir/nserve): injection chains for for starting and stopping servers\n- [ntest](https://github.com/memsql/ntest): support functions and hints for using nject to write tests\n- [nvalid](https://github.com/muir/nvalid): enforce that http endpoints conform to Swagger definitions\n- [nvelope](https://github.com/muir/nvelope): injection chains for building endpoints\n\n### Development status\n\nThe core of nject is stable and reliable.  New features have tests, but may not have\nenough production use to be reliable.\n\nThis repo represents continued development of Blue Owl's \n[nject](https://github.com/BlueOwlOpenSource/nject) base.\n\nNject will follow strict semver behavior except (1) things noted as experimental;\nand (2) releases that are less than 10 days old may have corrections applied that\nare not strictly backwards compatible with the recent release (for example, 1.0.0\naccidentally exported a type that should have remained private).\n\nPrior to release 0.2.0, nject was bundled with other packages.  Those\nother packages are now in their own repos: \n[npoint](https://github.com/muir/npoint),\n[nserve](https://github.com/muir/nserve), and\n[nvelope](https://github.com/muir/nvelope).  Additionally, npoint\nwas split apart so that the gorilla dependency is separate and is in\n[nape](https://github.com/muir/nape).\n\nPlease create issues for any suggested features, improvements, or problems you run into.\n\n","funding_links":[],"categories":["Miscellaneous","Microsoft Office","杂项","Dependency Injection"],"sub_categories":["Dependency Injection","依赖注入"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmuir%2Fnject","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmuir%2Fnject","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmuir%2Fnject/lists"}