{"id":13412509,"url":"https://github.com/z5labs/bedrock","last_synced_at":"2026-02-05T08:06:38.520Z","repository":{"id":183603278,"uuid":"670436725","full_name":"z5labs/bedrock","owner":"z5labs","description":"A framework for building other frameworks","archived":false,"fork":false,"pushed_at":"2026-02-04T01:07:44.000Z","size":801,"stargazers_count":15,"open_issues_count":5,"forks_count":1,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-02-04T11:32:30.514Z","etag":null,"topics":["framework","go","golang"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/z5labs.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2023-07-25T03:56:36.000Z","updated_at":"2026-02-03T06:07:01.000Z","dependencies_parsed_at":"2024-10-26T04:25:29.121Z","dependency_job_id":"e5946062-addc-43ab-8f0d-038fa27e95c1","html_url":"https://github.com/z5labs/bedrock","commit_stats":null,"previous_names":["z5labs/app","z5labs/bedrock"],"tags_count":77,"template":false,"template_full_name":null,"purl":"pkg:github/z5labs/bedrock","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/z5labs%2Fbedrock","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/z5labs%2Fbedrock/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/z5labs%2Fbedrock/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/z5labs%2Fbedrock/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/z5labs","download_url":"https://codeload.github.com/z5labs/bedrock/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/z5labs%2Fbedrock/sbom","scorecard":{"id":670611,"data":{"date":"2025-07-07","repo":{"name":"github.com/z5labs/bedrock","commit":"0c9398ecf68c7b45e22389b2e02f1f9cd5179e74"},"scorecard":{"version":"v5.2.1-18-gbb9c347d","commit":"bb9c347dff6349d986baab6578a46d68a5524c62"},"score":5.9,"checks":[{"name":"Code-Review","score":0,"reason":"Found 0/5 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/bb9c347dff6349d986baab6578a46d68a5524c62/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/bb9c347dff6349d986baab6578a46d68a5524c62/docs/checks.md#dangerous-workflow"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/bb9c347dff6349d986baab6578a46d68a5524c62/docs/checks.md#packaging"}},{"name":"Maintained","score":10,"reason":"22 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/bb9c347dff6349d986baab6578a46d68a5524c62/docs/checks.md#maintained"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/bb9c347dff6349d986baab6578a46d68a5524c62/docs/checks.md#binary-artifacts"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: jobLevel 'contents' permission set to 'write': .github/workflows/build.yaml:26","Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql.yaml:27","Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql.yaml:28","Warn: no topLevel permission defined: .github/workflows/build.yaml:1","Warn: no topLevel permission defined: .github/workflows/codeql.yaml:1","Warn: topLevel 'contents' permission set to 'write': .github/workflows/coverage.yaml:11","Warn: topLevel 'packages' permission set to 'write': .github/workflows/release.yaml:10","Warn: topLevel 'contents' permission set to 'write': .github/workflows/release.yaml:9"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/bb9c347dff6349d986baab6578a46d68a5524c62/docs/checks.md#token-permissions"}},{"name":"Pinned-Dependencies","score":8,"reason":"dependency not pinned by hash detected -- score normalized to 8","details":["Warn: third-party GitHubAction not pinned by hash: .github/workflows/coverage.yaml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/z5labs/bedrock/coverage.yaml/main?enable=pin","Info:  10 out of  10 GitHub-owned GitHubAction dependencies pinned","Info:   4 out of   5 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/bb9c347dff6349d986baab6578a46d68a5524c62/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/bb9c347dff6349d986baab6578a46d68a5524c62/docs/checks.md#cii-best-practices"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/bb9c347dff6349d986baab6578a46d68a5524c62/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/bb9c347dff6349d986baab6578a46d68a5524c62/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/bb9c347dff6349d986baab6578a46d68a5524c62/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/bb9c347dff6349d986baab6578a46d68a5524c62/docs/checks.md#branch-protection"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/bb9c347dff6349d986baab6578a46d68a5524c62/docs/checks.md#security-policy"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/bb9c347dff6349d986baab6578a46d68a5524c62/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":7,"reason":"SAST tool detected but not run on all commits","details":["Info: SAST configuration detected: CodeQL","Warn: 1 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/bb9c347dff6349d986baab6578a46d68a5524c62/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-21T19:53:41.583Z","repository_id":183603278,"created_at":"2025-08-21T19:53:41.584Z","updated_at":"2025-08-21T19:53:41.584Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29116450,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-05T05:31:32.482Z","status":"ssl_error","status_checked_at":"2026-02-05T05:31:29.075Z","response_time":65,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["framework","go","golang"],"created_at":"2024-07-30T20:01:25.524Z","updated_at":"2026-02-05T08:06:38.514Z","avatar_url":"https://github.com/z5labs.png","language":"Go","funding_links":[],"categories":["分布式系统","Distributed Systems"],"sub_categories":["检索及分析资料库","Search and Analytic Databases"],"readme":"# bedrock\n[![Mentioned in Awesome Go](https://awesome.re/mentioned-badge.svg)](https://github.com/avelino/awesome-go)\n[![Go Reference](https://pkg.go.dev/badge/github.com/z5labs/bedrock.svg)](https://pkg.go.dev/github.com/z5labs/bedrock)\n[![Go Report Card](https://goreportcard.com/badge/github.com/z5labs/bedrock)](https://goreportcard.com/report/github.com/z5labs/bedrock)\n![Coverage](https://img.shields.io/badge/Coverage-87.3%25-brightgreen)\n[![build](https://github.com/z5labs/bedrock/actions/workflows/build.yaml/badge.svg)](https://github.com/z5labs/bedrock/actions/workflows/build.yaml)\n\n**bedrock provides a minimal, modular and composable foundation for\nquickly developing more use case specific frameworks in Go.**\n\n# Building custom frameworks with bedrock\n\nOne of the guiding principals for [bedrock](https://pkg.go.dev/github.com/z5labs/bedrock) is to be composable.\nThis principal comes from the experience gained from working with custom, tailor made frameworks which\nover their lifetime within an organization are unable to adapt to changing\ndevelopment and deployment patterns. Eventually, these frameworks are abandoned\nfor new ones or completely rewritten to reflect the current state of the organization.\n\n[bedrock](https://pkg.go.dev/github.com/z5labs/bedrock) defines a small set of types and carefully\nchooses its opinions to balance composability and functionality, as much as it can. The result is, in fact, a framework\nthat isn't necessarily designed for building services directly, but instead meant for building\nmore custom, use case specific frameworks.\n\nFor example, [bedrock](https://pkg.go.dev/github.com/z5labs/bedrock) could be used by your organizations\nplatform engineering or framework team(s) to quickly develop internal frameworks which abstract over all of\nyour organizations requirements e.g. OpenTelemetry, Logging, Authenticated endpoints, etc. Then, due to the\nhigh composibility of [bedrock](https://pkg.go.dev/github.com/z5labs/bedrock), any changes within your\norganization would then be very easy to adapt to within your internal framework.\n\n## Core Concepts\n\n### Builder\n\n```go\ntype Builder[T any] interface {\n\tBuild(context.Context) (T, error)\n}\n```\n\n[Builder](https://pkg.go.dev/github.com/z5labs/bedrock#Builder) is a\ngeneric interface for constructing application components with context support.\nBuilders can be composed using functional combinators like\n[Map](https://pkg.go.dev/github.com/z5labs/bedrock#Map) and\n[Bind](https://pkg.go.dev/github.com/z5labs/bedrock#Bind).\n\n### Runtime\n\n```go\ntype Runtime interface {\n\tRun(context.Context) error\n}\n```\n\n[Runtime](https://pkg.go.dev/github.com/z5labs/bedrock#Runtime) is a\nsimple abstraction over the execution of your specific application type\ne.g. HTTP server, gRPC server, background worker, etc.\n\n### Runner\n\n```go\ntype Runner[T Runtime] interface {\n\tRun(context.Context, Builder[T]) error\n}\n```\n\n[Runner](https://pkg.go.dev/github.com/z5labs/bedrock#Runner) executes\napplication components built from Builders. Runners can be wrapped to add\ncross-cutting concerns like signal handling with\n[NotifyOnSignal](https://pkg.go.dev/github.com/z5labs/bedrock#NotifyOnSignal)\nand panic recovery with\n[RecoverPanics](https://pkg.go.dev/github.com/z5labs/bedrock#RecoverPanics).\n\n### Configuration\n\n```go\npackage config\n\ntype Reader[T any] interface {\n\tRead(context.Context) (Value[T], error)\n}\n```\n\nThe [config.Reader](https://pkg.go.dev/github.com/z5labs/bedrock/config#Reader) is\narguably the most powerful abstraction defined in any of the [bedrock](https://pkg.go.dev/github.com/z5labs/bedrock)\npackages. It abstracts over reading configuration values that may or may not be present,\ndistinguishing between \"not set\" and \"set to zero value.\" Readers can be composed using\nfunctional combinators like\n[Or](https://pkg.go.dev/github.com/z5labs/bedrock/config#Or),\n[Map](https://pkg.go.dev/github.com/z5labs/bedrock/config#Map),\n[Bind](https://pkg.go.dev/github.com/z5labs/bedrock/config#Bind), and\n[Default](https://pkg.go.dev/github.com/z5labs/bedrock/config#Default).\n\n## Putting them altogether\n\nBelow is a tiny and simplistic example of all the core concepts of [bedrock](https://pkg.go.dev/github.com/z5labs/bedrock).\n\n### main.go\n\n```go\npackage main\n\nimport (\n\t\"context\"\n\t\"log/slog\"\n\t\"os\"\n\t\"syscall\"\n\n\t\"github.com/z5labs/bedrock\"\n\t\"github.com/z5labs/bedrock/config\"\n)\n\nfunc main() {\n\tos.Exit(run())\n}\n\nfunc run() int {\n\t// Create a runner with signal handling and panic recovery\n\trunner := bedrock.NotifyOnSignal(\n\t\tbedrock.RecoverPanics(\n\t\t\tbedrock.DefaultRunner[bedrock.Runtime](),\n\t\t),\n\t\tos.Interrupt,\n\t\tos.Kill,\n\t\tsyscall.SIGTERM,\n\t)\n\n\t// Build and run the application\n\terr := runner.Run(\n\t\tcontext.Background(),\n\t\tbedrock.BuilderFunc[bedrock.Runtime](buildApp),\n\t)\n\tif err == nil {\n\t\treturn 0\n\t}\n\treturn 1\n}\n\ntype myApp struct {\n\tlog *slog.Logger\n}\n\n// buildApp constructs the application using functional config composition\nfunc buildApp(ctx context.Context) (bedrock.Runtime, error) {\n\t// Read log level from environment with a default\n\tlogLevelReader := config.Default(\n\t\t\"INFO\",\n\t\tconfig.Env(\"MIN_LOG_LEVEL\"),\n\t)\n\n\tlogLevel, err := config.Read(ctx, logLevelReader)\n\tif err != nil {\n\t\treturn nil, err\n\t}\n\n\t// Parse the log level string\n\tvar level slog.Level\n\terr = level.UnmarshalText([]byte(logLevel))\n\tif err != nil {\n\t\treturn nil, err\n\t}\n\n\treturn \u0026myApp{\n\t\tlog: slog.New(slog.NewJSONHandler(os.Stdout, \u0026slog.HandlerOptions{\n\t\t\tLevel: level,\n\t\t})),\n\t}, nil\n}\n\n// Run implements the bedrock.Runtime interface.\nfunc (a *myApp) Run(ctx context.Context) error {\n\t// Do something here like:\n\t// - run an HTTP server\n\t// - start the AWS lambda runtime,\n\t// - run goroutines to consume from Kafka\n\t//   etc.\n\n\ta.log.InfoContext(ctx, \"running my app\")\n\treturn nil\n}\n```\n\n# Built with bedrock\n\n- [z5labs/humus](https://github.com/z5labs/humus)","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fz5labs%2Fbedrock","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fz5labs%2Fbedrock","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fz5labs%2Fbedrock/lists"}