{"id":13410862,"url":"https://github.com/the4thamigo-uk/conflate","last_synced_at":"2026-02-18T21:10:54.020Z","repository":{"id":57488912,"uuid":"119880400","full_name":"the4thamigo-uk/conflate","owner":"the4thamigo-uk","description":"Library providing routines to merge and validate JSON, YAML and/or TOML files","archived":false,"fork":false,"pushed_at":"2023-07-26T09:37:48.000Z","size":406,"stargazers_count":36,"open_issues_count":0,"forks_count":5,"subscribers_count":0,"default_branch":"master","last_synced_at":"2025-08-13T23:20:00.062Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/the4thamigo-uk.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2018-02-01T19:06:15.000Z","updated_at":"2025-04-24T13:17:12.000Z","dependencies_parsed_at":"2024-01-08T14:30:54.701Z","dependency_job_id":"b2d9f0b9-8c2b-4ea0-80fa-caa94eab3f61","html_url":"https://github.com/the4thamigo-uk/conflate","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/the4thamigo-uk/conflate","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/the4thamigo-uk%2Fconflate","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/the4thamigo-uk%2Fconflate/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/the4thamigo-uk%2Fconflate/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/the4thamigo-uk%2Fconflate/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/the4thamigo-uk","download_url":"https://codeload.github.com/the4thamigo-uk/conflate/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/the4thamigo-uk%2Fconflate/sbom","scorecard":{"id":877391,"data":{"date":"2025-08-11","repo":{"name":"github.com/the4thamigo-uk/conflate","commit":"ae7f5c181442c9f5210a75269b5ee869369358d7"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":1.5,"checks":[{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":0,"reason":"Found 0/27 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact v1.0.1 not signed: https://api.github.com/repos/the4thamigo-uk/conflate/releases/15462655","Warn: release artifact v1.0.1 does not have provenance: https://api.github.com/repos/the4thamigo-uk/conflate/releases/15462655"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 6 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"22 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GO-2021-0078 / GHSA-5p4h-3377-7w67","Warn: Project is vulnerable to: GO-2022-0193 / GHSA-fcf9-6fv2-fc5v","Warn: Project is vulnerable to: GO-2022-0192 / GHSA-2wp2-chmh-r934","Warn: Project is vulnerable to: GO-2022-0197 / GHSA-4r78-hx75-jjj2 / GHSA-mv93-wvcp-7m7r","Warn: Project is vulnerable to: GO-2020-0014 / GHSA-vfw5-hrgq-h5wf","Warn: Project is vulnerable to: GO-2022-0536 / GHSA-39qc-96h7-956f / GHSA-hgr8-6h9x-f7q9","Warn: Project is vulnerable to: GO-2022-0236 / GHSA-h86h-8ppg-mxmh","Warn: Project is vulnerable to: GO-2021-0238 / GHSA-83g2-8m93-v3w7","Warn: Project is vulnerable to: GO-2022-0288","Warn: Project is vulnerable to: GO-2022-0969 / GHSA-69cg-p879-7622","Warn: Project is vulnerable to: GO-2022-1144 / GHSA-xrjj-mj9h-534m","Warn: Project is vulnerable to: GO-2023-1571 / GHSA-vvpx-j8f3-3w6h","Warn: Project is vulnerable to: GO-2023-1988 / GHSA-2wrh-6pvc-2jm9","Warn: Project is vulnerable to: GO-2023-2102 / GHSA-4374-p667-p6c8","Warn: Project is vulnerable to: GHSA-qppj-fm5r-hxr3","Warn: Project is vulnerable to: GO-2024-2687 / GHSA-4v7x-pqxf-cx7m","Warn: Project is vulnerable to: GO-2024-3333","Warn: Project is vulnerable to: GO-2025-3503 / GHSA-qxp5-gwg8-xv66","Warn: Project is vulnerable to: GO-2025-3595 / GHSA-vvgc-356p-c3xw","Warn: Project is vulnerable to: GO-2021-0061 / GHSA-r88r-gmrh-7j83","Warn: Project is vulnerable to: GO-2022-0956 / GHSA-6q6q-88xp-6f2r","Warn: Project is vulnerable to: GO-2020-0036 / GHSA-wxc4-f4m6-wwqv"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-24T06:34:40.727Z","repository_id":57488912,"created_at":"2025-08-24T06:34:40.727Z","updated_at":"2025-08-24T06:34:40.727Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29596186,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-18T20:59:56.587Z","status":"ssl_error","status_checked_at":"2026-02-18T20:58:41.434Z","response_time":162,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-07-30T20:01:09.843Z","updated_at":"2026-02-18T21:10:54.004Z","avatar_url":"https://github.com/the4thamigo-uk.png","language":"Go","funding_links":[],"categories":["Configuration","配置","others","配置管理 `配置解析库`","配置管理","Uncategorized"],"sub_categories":["Standard CLI","标准CLI","Advanced Console UIs","标准 CLI"],"readme":"\u003cp align=\"center\"\u003e\u003cimg src=\"gophers.png\" alt=\"gophers\" style=\"width: 50%; height: 50%\"\u003e\u003c/p\u003e\n\n# CONFLATE\n\n_Library providing routines to merge and validate JSON, YAML, TOML files and/or structs ([godoc](https://godoc.org/github.com/the4thamigo-uk/conflate))_\n\n_Typical use case: Make your application configuration files **multi-format**, **modular**, **templated**, **sparse**, **location-independent** and **validated**_\n\n[![Build Status](https://secure.travis-ci.org/the4thamigo-uk/conflate.png?branch=master)](https://travis-ci.org/the4thamigo-uk/conflate?branch=master)\n[![Coverage Status](https://coveralls.io/repos/the4thamigo-uk/conflate/badge.svg?branch=master\u0026service=github)](https://coveralls.io/github/the4thamigo-uk/conflate?branch=master)\n[![Go Report Card](https://goreportcard.com/badge/github.com/the4thamigo-uk/conflate)](https://goreportcard.com/report/github.com/the4thamigo-uk/conflate)\n\n## Description\n\nConflate is a library and cli-tool, that provides the following features :\n\n* merge data from multiple formats (JSON/YAML/TOML/go structs) and multiple locations (filesystem paths and urls)\n* validate the merged data against a JSON schema\n* apply any default values defined in a JSON schema to the merged data\n* expand environment variables inside the data\n* marshal merged data to multiple formats (JSON/YAML/TOML/go structs)\n\nImprovements, ideas and bug fixes are welcomed.\n\n## Background\n\nThis project is a hard fork of the original that I developed at https://github.com/miracl/conflate.\nHowever, I will be actively supporting and extending this project independently here.\n\n## Getting started\n\nRun the following command, which will build and install the latest binary in $GOPATH/bin\n\n```\ngo install  github.com/the4thamigo-uk/conflate/conflate@latest\n```\nAlternatively, you can install one of the pre-built release binaries from https://github.com/the4thamigo-uk/conflate/releases\n\n## Usage of Library\n\nPlease refer to the [godoc](https://godoc.org/github.com/the4thamigo-uk/conflate) and the [example code](./example/main.go)\n\n## Usage of CLI Tool\n\nHelp can be obtained in the usual way :\n\n```bash\n$conflate --help\nUsage of conflate:\n  -data value\n    \tThe path/url of JSON/YAML/TOML data, or 'stdin' to read from standard input\n  -defaults\n    \tApply defaults from schema to data\n  -expand\n    \tExpand environment variables in files\n  -format string\n    \tOutput format of the data JSON/YAML/TOML\n  -includes string\n    \tName of includes array. Blank string suppresses expansion of includes arrays (default \"includes\")\n  -noincludes\n    \tSwitches off conflation of includes. Overrides any --includes setting.\n  -schema string\n    \tThe path/url of a JSON v4 schema file\n  -validate\n    \tValidate the data against the schema\n  -version\n    \tDisplay the version number\n```\n\n### Basic Merging of Files by Inclusion\n\nTo conflate the following file :\n\n```bash\n$cat ./testdata/valid_parent.json\n{\n  \"includes\": [\n    \"valid_child.json\",\n    \"valid_sibling.json\"\n  ],\n  \"parent_only\" : \"parent\", \n  \"parent_child\" : \"parent\", \n  \"parent_sibling\" : \"parent\", \n  \"all\": \"parent\"\n}\n```\n\n...run the following command, which will merge [valid_parent.json](https://raw.githubusercontent.com/the4thamigo-uk/conflate/master/testdata/valid_parent.json), \n[valid_child.json](https://raw.githubusercontent.com/the4thamigo-uk/conflate/master/testdata/valid_child.json), [valid_sibling.json](https://raw.githubusercontent.com/the4thamigo-uk/conflate/master/testdata/valid_sibling.json),\nresulting in the file :\n\n```bash\n$conflate -data ./testdata/valid_parent.json -format JSON\n{\n  \"all\": \"parent\",\n  \"child_only\": \"child\",\n  \"parent_child\": \"parent\",\n  \"parent_only\": \"parent\",\n  \"parent_sibling\": \"parent\",\n  \"sibling_child\": \"sibling\",\n  \"sibling_only\": \"sibling\"\n}\n```\n\nNote how the `includes`, are loaded as paths relative to the _including_ file.\n\nAlso, note that where the same named value occurs in multiple files, the resulting value follows the following priority rules :\n- the values defined in a file, override the values that are imported from the included file(s)\n- the values defined in an _included_ file, override the values imported from any included file(s) occurring before it, in the `includes` list\n\nFurthermore, included files can include other files to any depth.\n\n### Choosing an Output Format\n\nTo output in a different format use the `-format` option, e.g. TOML :\n\n```bash\n$conflate -data ./testdata/valid_parent.json -format TOML\nall = \"parent\"\nchild_only = \"child\"\nparent_child = \"parent\"\nparent_only = \"parent\"\nparent_sibling = \"parent\"\nsibling_child = \"sibling\"\nsibling_only = \"sibling\"\n```\n\n### Basic Merging of Files Without Inclusion\n\nIf you don't want to intrusively embed an `\"includes\"` array inside your JSON, you can instead provide multiple files on the command line, which are prioritised\nfrom left-to-right, with the right taking highest priority :\n\n```bash\n$conflate -data ./testdata/valid_child.json -data ./testdata/valid_sibling.json -format JSON\n{\n  \"all\": \"sibling\",\n  \"child_only\": \"child\",\n  \"parent_child\": \"child\",\n  \"parent_sibling\": \"sibling\",\n  \"sibling_child\": \"sibling\",\n  \"sibling_only\": \"sibling\"\n}\n```\n\nOr alternatively, you can create a top-level file containing only the `includes` array. For fun, lets choose to use YAML for the top-level file, and output TOML :\n\n```bash\n$cat toplevel.yaml \nincludes:\n  - testdata/valid_child.json\n  - testdata/valid_sibling.json\n\n$conflate -data toplevel.yaml -format TOML\nall = \"sibling\"\nchild_only = \"child\"\nparent_child = \"child\"\nparent_sibling = \"sibling\"\nsibling_child = \"sibling\"\nsibling_only = \"sibling\"\n```\n\n### Merging Data from STDIN\n\nIf you want to read a file from stdin you use `-data stdin`. For example, here we pipe in some TOML to override a single value in a JSON file :\n\n```bash\n$echo 'all=\"MY OVERRIDDEN VALUE\"' |  conflate -data ./testdata/valid_parent.json -data stdin -format JSON\n{\n  \"all\": \"MY OVERRIDDEN VALUE\",\n  \"child_only\": \"child\",\n  \"parent_child\": \"parent\",\n  \"parent_only\": \"parent\",\n  \"parent_sibling\": \"parent\",\n  \"sibling_child\": \"sibling\",\n  \"sibling_only\": \"sibling\"\n}\n```\n\nNote that in all cases `-data` sources are processed from left-to-right, with values in right files overriding values in left files, so the following doesnt work, since the key `\"all\"`,\nis present in `./testdata/valid_parent.json`:\n\n```bash\n$echo 'all=\"MY OVERRIDDEN VALUE\"' |  conflate -data stdin -data ./testdata/valid_parent.json  -format JSON\n{\n  \"all\": \"parent\",\n  \"child_only\": \"child\",\n  \"parent_child\": \"parent\",\n  \"parent_only\": \"parent\",\n  \"parent_sibling\": \"parent\",\n  \"sibling_child\": \"sibling\",\n  \"sibling_only\": \"sibling\"\n}\n```\n\n### Merging of Remote files by Inclusion\n\nIf you instead host a file somewhere else, then just use a URL :\n\n```bash\n$conflate -data https://raw.githubusercontent.com/the4thamigo-uk/conflate/master/testdata/valid_parent.json -format JSON\n{\n  \"all\": \"parent\",\n  \"child_only\": \"child\",\n  \"parent_child\": \"parent\",\n  \"parent_only\": \"parent\",\n  \"parent_sibling\": \"parent\",\n  \"sibling_child\": \"sibling\",\n  \"sibling_only\": \"sibling\"\n}\n```\n\nThe `includes` here are also loaded as urls relative the the url of the _including_ file, and follow exactly the same merging rules as for local files.\n\n\n### Validation Against a JSON Schema\n\nTo validate your data against a JSON [schema](https://raw.githubusercontent.com/the4thamigo-uk/conflate/master/testdata/test.schema.json),\nuse `-schema` in combination with `-validate` :\n\n```bash\n$cat ./testdata/blank.yaml\n\n$conflate -data ./testdata/blank.yaml -schema ./testdata/test.schema.json -validate -format YAML\nSchema validation failed : The document is not valid against the schema : Invalid type. Expected: object, given: null (#)\n```\n\nNote that you can validate any conflated JSON, TOML or JSON files, against the JSON v4 schema, it doesnt have to be pure JSON. \n\nAlso, note that the schema, is itself, validated for correctness against the [JSON v4 meta-schema](https://github.com/the4thamigo-uk/conflate/blob/master/schema.go#L254).\n\n### Use for Simplifying Boiler Plate Validation\n\nOne typical use-case for _conflate_, is to use JSON schema validation to avoid having to write lots of boiler plate GO code in order to validate a user's configuration file.\nYou can perform quite extensive validation using only JSON schemas (even v4 schemas), so this can greatly simplify this kind of work.\nOne neat approach is to embed your schema into your code as a `const string`, and load it using [NewSchemaData](https://godoc.org/github.com/the4thamigo-uk/conflate#NewSchemaData),\nwhen your app starts up, so you can validate your configuration files against a schema that is directly compiled into your binary.\n\n### Applying Default Values from a JSON Schema\n\nTo apply default values defined in a JSON schema use `-schema` in combination with `-defaults`:\n\n```\n$conflate -data ./testdata/blank.yaml -schema ./testdata/test.schema.json -defaults -validate -format YAML\nall: parent\nchild_only: child\nparent_child: parent\nparent_only: parent\nparent_sibling: parent\nsibling_child: sibling\nsibling_only: sibling\n```\n\nNote if you also specify `-validate`, the defaults are applied before validation is performed, as you would expect.\n\n\n### Expansion of Environment Variables\n\nYou can optionally expand environment variables in the files like this :\n\n```bash\n$export echo MYVALUE=\"some value\"\n$export echo MYJSONMAP='{ \"item1\" : \"value1\" }'\n$echo '{ \"my_value\": \"$MYVALUE\", \"my_map\": $MYJSONMAP }' | conflate -data stdin -expand -format JSON\n{\n  \"my_map\": {\n    \"item1\": \"value1\"\n  },\n  \"my_value\": \"some value\"\n}\n```\n\n# Acknowledgements\n\nImages derived from originals by Renee French https://golang.org/doc/gopher/\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fthe4thamigo-uk%2Fconflate","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fthe4thamigo-uk%2Fconflate","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fthe4thamigo-uk%2Fconflate/lists"}