{"id":13836992,"url":"https://github.com/polydawn/refmt","last_synced_at":"2026-02-22T19:33:57.756Z","repository":{"id":55847949,"uuid":"69614328","full_name":"polydawn/refmt","owner":"polydawn","description":"Object mapping for golang.","archived":false,"fork":false,"pushed_at":"2023-11-29T10:50:47.000Z","size":640,"stargazers_count":48,"open_issues_count":18,"forks_count":14,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-07-10T21:23:30.537Z","etag":null,"topics":["cbor","json","objectmapper","polymorphic","serialization","stream","tokenizer"],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/polydawn.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2016-09-29T22:55:40.000Z","updated_at":"2024-07-15T09:27:05.000Z","dependencies_parsed_at":"2023-11-29T11:42:38.350Z","dependency_job_id":"a78d7234-6b94-42ab-98aa-a5be31a053fc","html_url":"https://github.com/polydawn/refmt","commit_stats":null,"previous_names":["polydawn/go-xlate"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/polydawn/refmt","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/polydawn%2Frefmt","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/polydawn%2Frefmt/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/polydawn%2Frefmt/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/polydawn%2Frefmt/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/polydawn","download_url":"https://codeload.github.com/polydawn/refmt/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/polydawn%2Frefmt/sbom","scorecard":{"id":740375,"data":{"date":"2025-08-11","repo":{"name":"github.com/polydawn/refmt","commit":"37766d95467a205aa69a63c96ab2ccac32452a1e"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.9,"checks":[{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Code-Review","score":1,"reason":"Found 2/19 approved changesets -- score normalized to 1","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 17 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":8,"reason":"2 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GO-2021-0061 / GHSA-r88r-gmrh-7j83","Warn: Project is vulnerable to: GO-2020-0036 / GHSA-wxc4-f4m6-wwqv"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-22T17:15:22.825Z","repository_id":55847949,"created_at":"2025-08-22T17:15:22.825Z","updated_at":"2025-08-22T17:15:22.825Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29724523,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-22T19:31:23.314Z","status":"ssl_error","status_checked_at":"2026-02-22T19:31:18.643Z","response_time":110,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cbor","json","objectmapper","polymorphic","serialization","stream","tokenizer"],"created_at":"2024-08-04T15:00:58.786Z","updated_at":"2026-02-22T19:33:57.725Z","avatar_url":"https://github.com/polydawn.png","language":"Go","funding_links":[],"categories":["Go"],"sub_categories":[],"readme":"refmt\n=====\n\n\n`refmt` is a serialization and object-mapping library.\n\n\n\nWhy?\n----\n\nMostly because I have some types which I need to encode in two different ways, and that needs to not suck,\nand that totally sucks with most serialization libraries I've used.\nAlso, I need to serialize things in different formats, e.g. sometimes JSON and other times CBOR,\nand that needs to work without me wrestling two different object-serial libraries and configs.\n\nMore broadly, I want a single library that can handle my serialization -- with the possibility of different setups on the same types -- and if it can do general object traversals, e.g. a deepcopy, that also seems like... just something that should be natural.\n\nSo it seems like there should be some way to define token streams... and a way to define converting objects to and from token streams... and a way to covert token streams to and from serialized bytes... and all of these should be pretty separate!\n\nThusly was this library thrust into the world:\n`refmt/tok` to define the token stream,\nand `refmt/obj` to define how to map objects to tokens and back,\nand `refmt/json` and `refmt/cbor` as ways to exchange tokens with serialized formats.\n\nAll of these formats can mix-n-match freely, because they communicate values as the standard token stream. Voilà:\n\n- pair `obj.Marshaller` with `json.Encoder` to get a json serializer.\n- pair `cbor.Decoder` with `obj.Unmarshaller` to get a cbor deserializer.\n- pair `cbor.Decoder` with `json.Encoder` to get a cbor-\u003ejson streaming transcoder!\n- pair `obj.Marshaller` with `obj.Unmarshaller` to get a deep-copy system!  (Try it with two different types: marshalling a struct and unmarshalling into a freeform map!)\n\nAlong the way, we've added a powerful system for defining **how** exactly the `refmt/obj` tools should treat your structures:\nthe Atlas system (defined in the `refmt/obj/atlas` package).\nAtlases can be used to customize how struct fields are handled, how map keys are sorted, and even\ndefine conversions between completely different *kinds* of objects: serialize arrays as strings, or turn stringy enums into bitfields, no problem.\nBy default, `refmt` will generate atlases automatically for your structs and types, just like the standard library json marshallers do;\nif you want more control, atlases give you the power.\n\nAn Atlas can be given to each `obj.Marshaller` and `obj.Unmarshaller` when it is constructed.\nThis allows great variation in how you wish to handle types -- more than one mapping can be defined for the same concrete type!\n(This is a killer feature if you need to support multiple versions of an API, for example:\nyou can define 'v1' and 'v2' types, each with their own structs to unmarshal user requests into;\nthen in the backend implement another Marshal/Unmarshal with different atlases which translates the 'v1' requests to 'v2' types,\nand you only have to implement business logic against the latest types!)\n\nAtlases are significantly more convenient to use than defining custom `JSONMarshal()` methods.\nAtlases attach to the type they concern.\nThis means you can use atlases to define custom serialization even for types in packages you can't modify!\nAtlases also behave better in complex situations: for example,\nif you have a `TypeFoo` struct and you wish to serialize it as a string,\n*you don't have to write a custom marshaller for every type that **contains** a `TypeFoo` field*.\nLeaking details of custom serialization into the types that contain the interesting objects is\na common pitfall when getting into advanced usage of other marshalling libraries; `refmt` has no such issue.\n\n## tl;dr:\n\n- you can swap out atlases for custom serialization on any type;\n- and that works for serialization modes even deep in other structures;\n- and even on types you don't own!!\n- at the same time, you can swap out a cbor encoder for a json encoder, or anything else you want;\n- and the mapper part *doesn't care* -- no complex interactions between the layers.\n\nCome to `refmt`.  It's nicer here.\n\n\nWhere do I start?\n-----------------\n\n**If you're already using `json.Marshal`:** switch to `json.Marshal` (yes, I'm not kidding; just switch your imports!).\n\n**If you're already using `json.NewEncoder().Encode()`:** switch to `json.NewMarshaller().Marshal()`.\n\n**If you want to get more serial-flexible:** try using `refmt.Marshal(json.EncodeOptions{}, obj)`... then switch to `cbor.EncodeOptions{}` and see what happens!\n\n**If you want to use Atlas to get fancy:** go take a peek at the `example*.go` files in this repo! :)\n\nHappy hacking!\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpolydawn%2Frefmt","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpolydawn%2Frefmt","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpolydawn%2Frefmt/lists"}