{"id":42670018,"url":"https://github.com/omaskery/optimistic-gorm","last_synced_at":"2026-01-29T10:28:32.754Z","repository":{"id":38051479,"uuid":"384815448","full_name":"omaskery/optimistic-gorm","owner":"omaskery","description":"Experimental little library implementing an optimistic locking primitive for GORM, a Go ORM library.","archived":false,"fork":false,"pushed_at":"2023-01-24T20:03:29.000Z","size":45,"stargazers_count":1,"open_issues_count":5,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2023-07-27T22:25:51.427Z","etag":null,"topics":["concurrency","go","golang","gorm","gorm-orm","optimistic-locking"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/omaskery.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-07-10T23:12:35.000Z","updated_at":"2022-03-07T09:52:37.000Z","dependencies_parsed_at":"2023-02-01T04:00:35.438Z","dependency_job_id":null,"html_url":"https://github.com/omaskery/optimistic-gorm","commit_stats":null,"previous_names":[],"tags_count":5,"template":null,"template_full_name":null,"purl":"pkg:github/omaskery/optimistic-gorm","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/omaskery%2Foptimistic-gorm","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/omaskery%2Foptimistic-gorm/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/omaskery%2Foptimistic-gorm/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/omaskery%2Foptimistic-gorm/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/omaskery","download_url":"https://codeload.github.com/omaskery/optimistic-gorm/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/omaskery%2Foptimistic-gorm/sbom","scorecard":{"id":705968,"data":{"date":"2025-08-11","repo":{"name":"github.com/omaskery/optimistic-gorm","commit":"5da3b8a8248fdfa4bb598bffebc027f336a4925a"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.5,"checks":[{"name":"Code-Review","score":0,"reason":"Found 0/14 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/omaskery/optimistic-gorm/go.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/omaskery/optimistic-gorm/go.yml/main?enable=pin","Warn: goCommand not pinned by hash: .github/workflows/go.yml:29","Info:   0 out of   2 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   1 goCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/go.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 10 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"12 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GO-2022-0288","Warn: Project is vulnerable to: GO-2022-0969 / GHSA-69cg-p879-7622","Warn: Project is vulnerable to: GO-2022-1144 / GHSA-xrjj-mj9h-534m","Warn: Project is vulnerable to: GO-2023-1571 / GHSA-vvpx-j8f3-3w6h","Warn: Project is vulnerable to: GO-2023-1988 / GHSA-2wrh-6pvc-2jm9","Warn: Project is vulnerable to: GO-2023-2102 / GHSA-4374-p667-p6c8","Warn: Project is vulnerable to: GHSA-qppj-fm5r-hxr3","Warn: Project is vulnerable to: GO-2024-2687 / GHSA-4v7x-pqxf-cx7m","Warn: Project is vulnerable to: GO-2024-3333","Warn: Project is vulnerable to: GO-2025-3503 / GHSA-qxp5-gwg8-xv66","Warn: Project is vulnerable to: GO-2025-3595 / GHSA-vvgc-356p-c3xw","Warn: Project is vulnerable to: GO-2022-1059 / GHSA-69ch-w2m2-3vjp"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-22T06:35:12.140Z","repository_id":38051479,"created_at":"2025-08-22T06:35:12.140Z","updated_at":"2025-08-22T06:35:12.140Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28875452,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-29T09:47:23.353Z","status":"ssl_error","status_checked_at":"2026-01-29T09:47:19.357Z","response_time":59,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["concurrency","go","golang","gorm","gorm-orm","optimistic-locking"],"created_at":"2026-01-29T10:28:29.318Z","updated_at":"2026-01-29T10:28:32.741Z","avatar_url":"https://github.com/omaskery.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Optimistic GORM [![Go Reference][docs-badge]][docs] [![Build \u0026 Test Status][workflows-badge]][workflows]\n\nThis little library provides a basic building block for doing optimistic locking when using [GORM][gorm].\n\n# Quickstart\n\nEmbed the `optimistic.Versioned` struct into your model struct, and you're done!\n\n```go\ntype Person struct {\n    gorm.Model\n    optimistic.Versioned // \u003c-- the magic!\n\n    Name string\n    Age  int\n}\n```\n\n# How it works\n\n## Gist\n\nThis library applies optimistic locking by adding a version number to your models.\n\n* Your model starts at version 1 when created, and every subsequent change to that model increments its version number\n  by 1.\n* As a result, you can tell if a model has changed \"since you read it into memory\" by seeing if its version has changed\n  since you read it.\n* You can built this check into update/delete operations by having them only apply if the version number of the row\n  matches the version you expect it to be. If it doesn't match, the operation will affect fewer rows than you expect,\n  which you can detect and assume (in most cases) to be a concurrent modification error.\n\n## GORM Details\n\nThis library works using GORM hooks on the embedded `optimistic.Versioned` struct. When embedded into your model it\nmeans:\n\n1. Created instances of your model will have a default `Version` value of 1\n2. Using `BeforeUpdate`/`BeforeDelete` GORM hooks: updates/deletions automatically:\n    * Gain a `SET` clause, updating the `Version` previous version + 1.\n    * Gain a `WHERE` clause, checking that the row in the database being modified is still the version we originally\n      read into memory.\n3. Using `AfterUpdate`/`AfterDelete` GORM hooks: updates/deletions check whether the number of rows affected is 0. If\n   so, a `optimistic.ErrConcurrentModification` error is returned.\n\n[gorm]: https://gorm.io\n[docs]: https://pkg.go.dev/github.com/omaskery/optimistic-gorm\n[docs-badge]: https://pkg.go.dev/badge/github.com/omaskery/optimistic-gorm.svg\n[workflows]: https://github.com/omaskery/optimistic-gorm/actions/workflows/go.yml\n[workflows-badge]: https://github.com/omaskery/optimistic-gorm/actions/workflows/go.yml/badge.svg\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fomaskery%2Foptimistic-gorm","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fomaskery%2Foptimistic-gorm","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fomaskery%2Foptimistic-gorm/lists"}