{"id":37021549,"url":"https://github.com/steinarb/beans","last_synced_at":"2026-01-14T02:33:09.802Z","repository":{"id":57738144,"uuid":"230771931","full_name":"steinarb/beans","owner":"steinarb","description":"Common code for Java beans","archived":false,"fork":false,"pushed_at":"2024-06-13T20:14:58.000Z","size":73,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-07-04T04:08:55.386Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/steinarb.png","metadata":{"files":{"readme":"README.org","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-12-29T15:56:29.000Z","updated_at":"2024-06-13T20:15:01.000Z","dependencies_parsed_at":"2023-02-16T00:31:32.598Z","dependency_job_id":"6f80961d-936c-4590-8201-2fb090fd1827","html_url":"https://github.com/steinarb/beans","commit_stats":null,"previous_names":[],"tags_count":6,"template":false,"template_full_name":null,"purl":"pkg:github/steinarb/beans","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/steinarb%2Fbeans","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/steinarb%2Fbeans/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/steinarb%2Fbeans/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/steinarb%2Fbeans/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/steinarb","download_url":"https://codeload.github.com/steinarb/beans/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/steinarb%2Fbeans/sbom","scorecard":{"id":850906,"data":{"date":"2025-08-11","repo":{"name":"github.com/steinarb/beans","commit":"1ce971ba2349741c3ccd764f141e07664a884ae6"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.3,"checks":[{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/beans-maven-ci-build.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/steinarb/beans/beans-maven-ci-build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/beans-maven-ci-build.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/steinarb/beans/beans-maven-ci-build.yml/master?enable=pin","Info:   0 out of   2 GitHub-owned GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/beans-maven-ci-build.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":9,"reason":"1 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-j288-q9x7-2f5v"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-23T22:30:38.038Z","repository_id":57738144,"created_at":"2025-08-23T22:30:38.039Z","updated_at":"2025-08-23T22:30:38.039Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28408711,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-14T01:52:23.358Z","status":"online","status_checked_at":"2026-01-14T02:00:06.678Z","response_time":107,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-01-14T02:33:09.095Z","updated_at":"2026-01-14T02:33:09.790Z","avatar_url":"https://github.com/steinarb.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"* Java bean support code\n\nCommon code for Java beans, used in my other projects. Having this code in a library cuts down on boilerplate.\n\n** Status of the project\n\n[[https://github.com/steinarb/beans/actions/workflows/beans-maven-ci-build.yml][file:https://github.com/steinarb/beans/actions/workflows/beans-maven-ci-build.yml/badge.svg]]\n[[https://coveralls.io/github/steinarb/beans][file:https://coveralls.io/repos/github/steinarb/beans/badge.svg]]\n[[https://sonarcloud.io/summary/new_code?id=steinarb_beans][file:https://sonarcloud.io/api/project_badges/measure?project=steinarb_beans\u0026metric=alert_status#.svg]]\n[[https://maven-badges.herokuapp.com/maven-central/no.priv.bang.beans/beans][file:https://maven-badges.herokuapp.com/maven-central/no.priv.bang.beans/beans/badge.svg]]\n[[https://www.javadoc.io/doc/no.priv.bang.beans/beans][file:https://www.javadoc.io/badge/no.priv.bang.beans/beans.svg]]\n\n[[https://sonarcloud.io/summary/new_code?id=steinarb_beans][file:https://sonarcloud.io/images/project_badges/sonarcloud-white.svg]]\n\n[[https://sonarcloud.io/summary/new_code?id=steinarb_beans][file:https://sonarcloud.io/api/project_badges/measure?project=steinarb_beans\u0026metric=sqale_index#.svg]]\n[[https://sonarcloud.io/summary/new_code?id=steinarb_beans][file:https://sonarcloud.io/api/project_badges/measure?project=steinarb_beans\u0026metric=coverage#.svg]]\n[[https://sonarcloud.io/summary/new_code?id=steinarb_beans][file:https://sonarcloud.io/api/project_badges/measure?project=steinarb_beans\u0026metric=ncloc#.svg]]\n[[https://sonarcloud.io/summary/new_code?id=steinarb_beans][file:https://sonarcloud.io/api/project_badges/measure?project=steinarb_beans\u0026metric=code_smells#.svg]]\n[[https://sonarcloud.io/summary/new_code?id=steinarb_beans][file:https://sonarcloud.io/api/project_badges/measure?project=steinarb_beans\u0026metric=sqale_rating#.svg]]\n[[https://sonarcloud.io/summary/new_code?id=steinarb_beans][file:https://sonarcloud.io/api/project_badges/measure?project=steinarb_beans\u0026metric=security_rating#.svg]]\n[[https://sonarcloud.io/summary/new_code?id=steinarb_beans][file:https://sonarcloud.io/api/project_badges/measure?project=steinarb_beans\u0026metric=bugs#.svg]]\n[[https://sonarcloud.io/summary/new_code?id=steinarb_beans][file:https://sonarcloud.io/api/project_badges/measure?project=steinarb_beans\u0026metric=vulnerabilities#.svg]]\n[[https://sonarcloud.io/summary/new_code?id=steinarb_beans][file:https://sonarcloud.io/api/project_badges/measure?project=steinarb_beans\u0026metric=duplicated_lines_density#.svg]]\n[[https://sonarcloud.io/summary/new_code?id=steinarb_beans][file:https://sonarcloud.io/api/project_badges/measure?project=steinarb_beans\u0026metric=reliability_rating#.svg]]\n\n** Release history\n\n| Date                   | Version | Comment                                                             |\n|------------------------+---------+---------------------------------------------------------------------|\n| \u003c2022-05-29 Sun 08:26\u003e |   1.2.0 | Use karaf 4.4.0 and OSGi 8                                          |\n| \u003c2021-06-09 Wed 21:46\u003e |   1.1.4 | Avoid dependencyManagement version \"leakage\" in the BoM             |\n| \u003c2021-04-18 Sun 22:47\u003e |   1.1.2 | Add a \"Bill of Materials\" (BoM)                                     |\n| \u003c2021-04-15 Thu 00:43\u003e |   1.1.1 | Get common maven dependencies and maven plugin config from parent   |\n| \u003c2021-04-11 Sun 21:43\u003e |   1.1.0 | Built with karaf 4.3.0 and OSGi 7                                   |\n| \u003c2019-12-31 Tue 00:47\u003e |   1.0.0 | Adds bean base class Immutable implementing hashCode() and equals() |\n\n** Overview of the project\n\n*** Immutable\n\nThis is an OSGi bundle that contains the class Immutable which serves as a base class for immutable Java beans and provides the beans with implementations of hashCode() and equals().\n\nThe Object.hashCode() and Object.equals() methods must be overriden from their default Object implmentations in data objects, if those data objects are to work properly in maps and sets. However, writing hashCode() and equals() methods manually is boring. It consists of creating a lot of boilerplate code, and that boilerplate needs to have tests written if I don't wish to have sonar complain about test coverage, increasing the code that has to be modified when the bean changes.\n\nIDEs like eclipse and IntelliJ can create hashCode() and equals() methods, but the auto-generated code may need a little tinkering, and the tests needs to be handwritten, or your code coverage will become low enough for sonar to complain. And if the beans change the IDE can recreate the methods, but the tests still needs to be changed manually\n\nThe apache [[https://commons.apache.org/proper/commons-lang/apidocs/org/apache/commons/lang3/builder/HashCodeBuilder.html][commons-lang3 HashCodeBuilder]] has methods to create hashCode() using reflection, but using reflections means there is a performance cost. However, since the beans used in my jackson/jersey REST APIs are invariably immutable, it is possible to create the hashCode() lazily and then cache it.  And that's what the Immutable bean base class found in this library does.\n\nThe equals() method also depends on the hashCode(), so it may not be entirely comparison proof, but for the first version I'm trying it out.\n\nTo use the latest version of the OSGi bundle in a maven project, or just use it as a plain JAR file, add the following dependencies (commons-lang3 is a provided dependency in the beans.immutable pom, so won't become a transitive dependency and must be added explicitly to a project using beans.immutable, even if the project is just using beans.immutable as a plain JAR file):\n#+begin_src xml\n  \u003cdependencies\u003e\n      \u003cdependency\u003e\n          \u003cgroupId\u003eno.priv.bang.beans\u003c/groupId\u003e\n          \u003cartifactId\u003ebeans.immutable\u003c/artifactId\u003e\n          \u003cversion\u003e1.2.0\u003c/version\u003e\n      \u003c/dependency\u003e\n      \u003cdependency\u003e\n          \u003cgroupId\u003eorg.apache.commons\u003c/groupId\u003e\n          \u003cartifactId\u003ecommons-lang3\u003c/artifactId\u003e\n          \u003cversion\u003e3.9\u003c/version\u003e\n      \u003c/dependency\u003e\n  \u003c/dependencies\u003e\n#+end_src\n\nTo use the latest version of the OSGi bundle in a maven project, building an OSGi bundle intended for use in [[https://karaf.apache.org][apache karaf]]:\n 1. Add a provided dependency to beans.immutable (to make things compile) and a test dependency to commons-lang3 (to prevent tests from failing in startup. If you already have a dependency to commons-lang3 you don't need this test dependency):\n    #+begin_src xml\n      \u003cdependencies\u003e\n          \u003cdependency\u003e\n              \u003cgroupId\u003eno.priv.bang.beans\u003c/groupId\u003e\n              \u003cartifactId\u003ebeans.immutable\u003c/artifactId\u003e\n              \u003cversion\u003e1.2.0\u003c/version\u003e\n              \u003cscope\u003eprovided\u003c/scope\u003e\n          \u003c/dependency\u003e\n          \u003cdependency\u003e\n              \u003cgroupId\u003eorg.apache.commons\u003c/groupId\u003e\n              \u003cartifactId\u003ecommons-lang3\u003c/artifactId\u003e\n              \u003cversion\u003e3.9\u003c/version\u003e\n              \u003cscope\u003etest\u003c/scope\u003e\n          \u003c/dependency\u003e\n      \u003c/dependencies\u003e\n    #+end_src\n 2. Add a load of the feature repository containing beans.immutable and depend on the beans-immutable feature from your projects template feature.xml (src/main/feature/feature.xml):\n    #+begin_src xml\n      \u003cfeatures\u003e\n          \u003crepository\u003emvn:no.priv.bang.beans/beans/1.2.0/xml/features\u003c/repository\u003e\n          \u003cfeature name=\"my-feature\"\u003e\n              \u003cfeature\u003ebeans-immutable\u003c/feature\u003e\n          \u003c/feature\u003e\n      \u003c/features\u003e\n    #+end_src\n\n** License\n\nThis code is licensed under the Apache license v. 2.  See the LICENSE file for details.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsteinarb%2Fbeans","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsteinarb%2Fbeans","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsteinarb%2Fbeans/lists"}