{"id":46351536,"url":"https://github.com/soracom/orbit-sdk-tinygo","last_synced_at":"2026-03-04T23:09:17.461Z","repository":{"id":51345050,"uuid":"270604846","full_name":"soracom/orbit-sdk-tinygo","owner":"soracom","description":"A SDK for Soracom Orbit that is written in TinyGo.","archived":false,"fork":false,"pushed_at":"2025-03-25T01:21:08.000Z","size":36,"stargazers_count":3,"open_issues_count":1,"forks_count":0,"subscribers_count":27,"default_branch":"master","last_synced_at":"2025-03-25T02:26:48.237Z","etag":null,"topics":["tinygo","wasm"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/soracom.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-06-08T09:18:13.000Z","updated_at":"2025-01-24T07:34:44.000Z","dependencies_parsed_at":"2025-01-22T10:23:10.340Z","dependency_job_id":"a39409ab-2499-4ff7-8ff5-85e773656dc6","html_url":"https://github.com/soracom/orbit-sdk-tinygo","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/soracom/orbit-sdk-tinygo","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/soracom%2Forbit-sdk-tinygo","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/soracom%2Forbit-sdk-tinygo/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/soracom%2Forbit-sdk-tinygo/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/soracom%2Forbit-sdk-tinygo/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/soracom","download_url":"https://codeload.github.com/soracom/orbit-sdk-tinygo/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/soracom%2Forbit-sdk-tinygo/sbom","scorecard":{"id":838395,"data":{"date":"2025-08-11","repo":{"name":"github.com/soracom/orbit-sdk-tinygo","commit":"4d73751425d1ad3de708dfc45f6922dadd439aa7"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4.3,"checks":[{"name":"Code-Review","score":5,"reason":"Found 5/10 approved changesets -- score normalized to 5","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: BSD 3-Clause \"New\" or \"Revised\" License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":5,"reason":"branch protection is not maximal on development and all release branches","details":["Info: 'allow deletion' disabled on branch 'master'","Info: 'force pushes' disabled on branch 'master'","Info: 'branch protection settings apply to administrators' is required to merge on branch 'master'","Warn: 'stale review dismissal' is disabled on branch 'master'","Warn: required approving review count is 1 on branch 'master'","Info: codeowner review is required on branch 'master'","Warn: 'last push approval' is disabled on branch 'master'","Warn: no status checks found to merge onto branch 'master'","Info: PRs are required in order to make changes on branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 17 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-23T19:48:02.441Z","repository_id":51345050,"created_at":"2025-08-23T19:48:02.441Z","updated_at":"2025-08-23T19:48:02.441Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30098262,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-04T22:49:54.894Z","status":"ssl_error","status_checked_at":"2026-03-04T22:49:48.883Z","response_time":59,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["tinygo","wasm"],"created_at":"2026-03-04T23:09:16.837Z","updated_at":"2026-03-04T23:09:17.448Z","avatar_url":"https://github.com/soracom.png","language":"Go","readme":"# orbit-sdk-tinygo [![PkgGoDev](https://pkg.go.dev/badge/github.com/soracom/orbit-sdk-tinygo)](https://pkg.go.dev/github.com/soracom/orbit-sdk-tinygo) [![Go Report Card](https://goreportcard.com/badge/github.com/soracom/orbit-sdk-tinygo)](https://goreportcard.com/report/github.com/soracom/orbit-sdk-tinygo)\n\nA SORACOM Orbit SDK is for [TinyGo](https://tinygo.org/) to generate wasm modules.\n\n## Notice\n\nPlease use the latest **tagged** release that supports the features currently available on the Soracom platform. The `main` branch may contain unreleased features and could break your code.\n\n## Synopsis\n\n### Hello world\n\n```go\nimport sdk github.com/soracom/orbit-sdk-tinygo\n\n// For processing uplink (UE to SORACOM)\n//export uplink\nfunc uplink() sdk.ErrorCode {\n\tsdk.Log(\"hello world, uplink\")\n\treturn 0\n}\n\n// For processing downlink (SORACOM to UE)\n//export downlink\nfunc downlink() sdk.ErrorCode {\n\tsdk.Log(\"hello world, downlink\")\n\treturn 0\n}\n```\n\nAnd more pragmatic examples are in [examples/](./examples/).\n\n## Description\n\nPlease see [godoc](https://pkg.go.dev/github.com/soracom/orbit-sdk-tinygo) for detailed instructions on how to use this SDK.\n\n## Known issues\n\n### Running wasm on the SORACOM Orbit \"sandbox\" runtime\n\nThere are some heavily restricted rules to execute your wasm module on the SORACOM Orbit runtime. For example:\n\n- It doesn't allow to execute a wasm module that depends on `syscall/js.*`\n  - Basically, wasm that is generated by TinyGo depends on `js` runtime (see also: https://tinygo.org/webassembly/webassembly/).\n  - However, the Orbit runtime doesn't support the `js` runtime. So __it is necessary to avoid such dependencies carefully__.\n    - For example, `fmt` package is not allowed because the package requires `syscall/js.*` modules.\n- `json` package is not supported by TinyGo.\n  - see also: https://tinygo.org/lang-support/stdlib/\n  - This SDK uses the following libraries for workaround.\n    - [moznion/go-json-ice](https://github.com/moznion/go-json-ice)\n    - [moznion/jsonparser#without_js_runtime_tinygo](https://github.com/moznion/jsonparser/tree/without_js_runtime_tinygo)\n\n## License\n\n```\nCopyright 2020 SORACOM, Inc. https://soracom.io/\n\nRedistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:\n\n1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.\n\n2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.\n\n3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.\n\nTHIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS \"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n\n```\n\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsoracom%2Forbit-sdk-tinygo","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsoracom%2Forbit-sdk-tinygo","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsoracom%2Forbit-sdk-tinygo/lists"}