{"id":22059205,"url":"https://github.com/opentable/spur-ioc","last_synced_at":"2025-08-25T00:36:13.125Z","repository":{"id":24080015,"uuid":"27466762","full_name":"opentable/spur-ioc","owner":"opentable","description":"Dependency Injection library for Node.js","archived":false,"fork":false,"pushed_at":"2025-08-08T20:50:10.000Z","size":419,"stargazers_count":26,"open_issues_count":5,"forks_count":7,"subscribers_count":62,"default_branch":"main","last_synced_at":"2025-08-16T06:14:26.503Z","etag":null,"topics":["nodejs","npm-package","renovate","spur","spur-framework"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/opentable.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2014-12-03T03:10:57.000Z","updated_at":"2025-03-06T20:26:25.000Z","dependencies_parsed_at":"2024-03-31T04:24:16.873Z","dependency_job_id":"4349b44d-c809-4ff8-a5b5-97726a161b0c","html_url":"https://github.com/opentable/spur-ioc","commit_stats":{"total_commits":168,"total_committers":9,"mean_commits":"18.666666666666668","dds":"0.40476190476190477","last_synced_commit":"f777d2b420998df05691303536f2ff70c4648a70"},"previous_names":["spurframework/spur-ioc"],"tags_count":28,"template":false,"template_full_name":null,"purl":"pkg:github/opentable/spur-ioc","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opentable%2Fspur-ioc","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opentable%2Fspur-ioc/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opentable%2Fspur-ioc/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opentable%2Fspur-ioc/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/opentable","download_url":"https://codeload.github.com/opentable/spur-ioc/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opentable%2Fspur-ioc/sbom","scorecard":{"id":135945,"data":{"date":"2025-08-04","repo":{"name":"github.com/opentable/spur-ioc","commit":"57c0be5aa1fb908a13b30a189925cb9a9f2a66c8"},"scorecard":{"version":"v5.2.1-28-gc1d103a9","commit":"c1d103a9bb9f635ec7260bf9aa0699466fa4be0e"},"score":3.7,"checks":[{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#maintained"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#binary-artifacts"}},{"name":"Code-Review","score":2,"reason":"Found 4/17 approved changesets -- score normalized to 2","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#dangerous-workflow"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#cii-best-practices"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/npm-publish.yml:1","Warn: no topLevel permission defined: .github/workflows/pull-request.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#token-permissions"}},{"name":"Pinned-Dependencies","score":3,"reason":"dependency not pinned by hash detected -- score normalized to 3","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/opentable/spur-ioc/npm-publish.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/opentable/spur-ioc/npm-publish.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/opentable/spur-ioc/pull-request.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/opentable/spur-ioc/pull-request.yml/main?enable=pin","Info:   0 out of   4 GitHub-owned GitHubAction dependencies pinned","Info:   2 out of   2 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#pinned-dependencies"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#fuzzing"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#packaging"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 27 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":5,"reason":"5 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-16T06:31:56.858Z","repository_id":24080015,"created_at":"2025-08-16T06:31:56.858Z","updated_at":"2025-08-16T06:31:56.858Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":271984522,"owners_count":24853846,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-24T02:00:11.135Z","response_time":111,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["nodejs","npm-package","renovate","spur","spur-framework"],"created_at":"2024-11-30T17:27:32.819Z","updated_at":"2025-08-25T00:36:13.084Z","avatar_url":"https://github.com/opentable.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cimg src=\"https://opentable.github.io/spur/logos/Spur-IoC.png?rand=1\" width=\"100%\" alt=\"Spur: IoC\" /\u003e\n\nDependency Injection library for [Node.js](http://nodejs.org/).\n\n  [![NPM Version][npm-version-image]][npm-url]\n  [![NPM Install Size][npm-install-size-image]][npm-install-size-url]\n  [![NPM Downloads][npm-downloads-image]][npm-downloads-url]\n\n# About the Spur Framework\n\nThe Spur Framework is a collection of commonly used Node.JS libraries used to create common application types with shared libraries.\n\n[Visit NPMJS.org for a full list of Spur Framework libraries](https://www.npmjs.com/browse/keyword/spur-framework) \u003e\u003e\n\n# Topics\n\n- [Features](#features)\n- [What is inversion of control and why you should use it?](#what-is-inversion-of-control-and-why-you-should-use-it)\n- [Quick start](#quick-start)\n    - [Usage](#usage)\n    - [Writing tests](#writing-tests)\n- [API Reference](API.md)\n- [Contributing](#contributing)\n- [License](#license)\n\n# Features\n\n  * Dependency injection (IoC) inspired by AngularJS\n  * Auto injects folders\n  * Ability to merge injectors\n  * Ability to link injectors\n  * Makes testing super easy\n    * Ability to substitute dependencies in tests\n  * Resolution of dependencies by querying via regular expression\n  * Clear error stack trace reporting\n  * Supports active Node versions in the [LTS Schedule](https://github.com/nodejs/LTS#lts-schedule). ([view current versions](.nvmrc))\n\n# What is inversion of control and why you should use it?\n\n[Inversion of Control (IoC)](http://en.wikipedia.org/wiki/Inversion_of_control) is also known as Dependency Injection (DI). IoC is a pattern in which objects define their external dependencies through constructor arguments or the use of a container factory. In short, the dependency is pushed to the class from the outside. All that means is that you shouldn't instantiate dependencies from inside the class.\n\nInversion of control is used to increase modularity of the program and make it extensible, and has applications in object-oriented programming and other programming paradigms.\n\nIt allows for the creation of cleaner and more modular code that is easier to develop, test and maintain:\n\n* Single responsibility classes\n* Easier mocking of objects for test fixtures\n* Easier debugging in Node.js' async environment\n\n# Quick start\n\n## Installation\n\n```bash\n$ npm install spur-ioc --save\n```\n\n## Usage\n\nHere is a quick example that sets up the definition of an injector, some dependencies and a startup script.\n\n#### `src/injector.js`\n\n```javascript\nconst spur = require('spur-ioc');\n\nmodule.exports = function(){\n  // define a  new injector\n  const ioc = spur.create('demo');\n\n\n  //register external dependencies or globals\n  ioc.registerDependencies({\n    '_'           : require('underscore'),\n    'path'        : require('path'),\n    'console'     : console,\n    'nodeProcess' : process\n  });\n\n  // register folders in your project to be auto-injected\n  ioc.registerFolders(__dirname, [\n    'demo'\n  ]);\n\n  return ioc;\n}\n```\n\n#### `src/demo/Tasks.js`\n\nExample of file that depends on an injectable dependency. This example shows the usage of underscore (_).\n\n```javascript\nmodule.exports = function(_){\n    return _.map([1,2,3], function(num) {\n        return 'Task ' + num;\n    });\n}\n```\n\n#### `src/demo/TasksPrinter.js`\n\nThis example injects Tasks and console dependencies, both previously defined in the injector.\n\n```javascript\nmodule.exports = function(Tasks, console){\n    return {\n        print: function(){\n          console.log(Tasks);\n        }\n    };\n}\n```\n\n#### `src/start.js` (top declaration file)\n\nExample of how to create an instance of the injector and start the app by using one of its dependencies.\n\n```javascript\nconst injector = require('./injector');\n\ninjector().inject(function(TasksPrinter){\n  TasksPrinter.print();\n});\n```\n\n##### Usage note for ES6 syntax\n\nWhile it is tempting to utilize the fat arrow syntax in this top declaration file like the example below, it will not be supported by spur-ioc. For more information, read issue [#26](https://github.com/opentable/spur-ioc/issues/26). Instead use the recommended approach above. There isn't a compelling reason to add that additional support. If you use this style, it will break as the report in issue #26.\n\n```javascript\nconst injector = require('./injector');\n\ninjector().inject((TasksPrinter) =\u003e {\n  TasksPrinter.print();\n});\n```\n\n## Writing tests\n\nDependency injection really improves the ease of testing, removes reliance on global constiables and allows you to intercept seams and make dependencies friendly.\n\n#### `test/unit/TasksPrinterSpec.js`\n\n```javascript\nconst injector = require('../../src/Injector');\n\ndescribe('TasksPrinter', () =\u003e {\n  beforeEach(function () {\n    this.mockConsole = {\n      logs:[],\n      log: () =\u003e this.logs.push(arguments)\n    };\n\n    // below we replace the console dependency silently\n    injector()\n      .addDependency('console', this.mockConsole, true)\n      .inject((TasksPrinter) =\u003e {\n        this.TasksPrinter = TasksPrinter;\n      });\n  });\n\n  it('should exist', function () {\n    expect(this.TasksPrinter).to.exist;\n  });\n\n  it('should greet correctly', function () {\n    this.TasksPrinter.print();\n    expect(this.mockConsole.logs[0][0]).to.deep.equal([\n        'Task 1', 'Task 2', 'Task 3'\n    ]);\n  });\n});\n```\n\n## Error reporting\n\nOne of the great things about ioc is that you get real application dependency errors upfront at the start of your application.\n\n#### Missing dependency with typo\n\n```javascript\nmodule.exports = function (TaskZ, console) {\n  //...\n}\n\n// Produces:\n// ERROR Missing Dependency TaskZ in  $$demo -\u003e TasksPrinter -\u003e TaskZ\n```\n\n#### Adding a cyclic dependency back to TasksPrinter in Tasks.js\n\n```javascript\nmodule.exports = function (_, TasksPrinter) {\n  //...\n}\n\n// Produces:\n// ERROR Cyclic Dependency TasksPrinter in  $$demo -\u003e TasksPrinter -\u003e Tasks -\u003e TasksPrinter\n```\n\n# Contributing\n\n## We accept pull requests\n\nPlease send in pull requests and they will be reviewed in a timely manner. Please review this [generic guide to submitting a good pull requests](https://github.com/blog/1943-how-to-write-the-perfect-pull-request). The only things we ask in addition are the following:\n\n * Please submit small pull requests\n * Provide a good description of the changes\n * Code changes must include tests\n * Be nice to each other in comments. :innocent:\n\n## Style guide\n\nThe majority of the settings are controlled using an [EditorConfig](.editorconfig) configuration file. To use it [please download a plugin](http://editorconfig.org/#download) for your editor of choice.\n\nLint source code by running `npm run lint`.\n\n## All tests should pass\n\nTo run the test suite, first install the dependancies, then run `npm test`\n\n```bash\n$ npm install\n$ npm test\n```\n\n# License\n\n[MIT](LICENSE)\n\n\n[npm-downloads-image]: https://badgen.net/npm/dm/spur-ioc\n[npm-downloads-url]: https://npmcharts.com/compare/spur-ioc?minimal=true\n[npm-install-size-image]: https://badgen.net/packagephobia/install/spur-ioc\n[npm-install-size-url]: https://packagephobia.com/result?p=spur-ioc\n[npm-url]: https://npmjs.org/package/spur-ioc\n[npm-version-image]: https://badgen.net/npm/v/spur-ioc\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopentable%2Fspur-ioc","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fopentable%2Fspur-ioc","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopentable%2Fspur-ioc/lists"}