Skip to content

DarkInno/scion

Repository files navigation

Scion

Graft backend patterns into your project. Copy source, not dependencies.

English | 中文

Scion is a copy-paste code library for Go backend development. It ships production-oriented modules as source templates, so you can copy them into your project, adapt them, and own every line.

Quick Start

Install the CLI with Go 1.22 or newer:

go install github.com/DarkInno/scion/cmd/scion@latest

For reproducible installs, pin a release:

go install github.com/DarkInno/scion/cmd/scion@v0.1.3

Make sure your Go bin directory is on PATH, then verify the install:

scion version
scion list

Copy a standard-library-only module into your project:

scion add cache --dry-run
scion add cache
scion diff cache

When --to or --target is omitted, Scion uses the module's default target, such as internal/cache. You can still override it with --to <dir> or --target <dir>.

Scion copies source files and writes .scion-module.json metadata for later comparison. It never edits your project's go.mod automatically. Modules marked stdlibOnly=false, such as auth and metrics, require explicit standalone mode:

scion add auth --standalone

Binary Downloads

Prebuilt binaries are available on the GitHub Releases page for macOS, Linux, and Windows on amd64 and arm64.

Verify a downloaded asset with SHA256SUMS:

sha256sum -c SHA256SUMS

On Windows PowerShell:

Get-FileHash .\scion_v0.1.3_windows_amd64.zip -Algorithm SHA256

Why Copy-Paste?

Backend modules such as auth, CRUD, file upload, and rate limiting share most of their structure across projects, but the last mile is usually project-specific:

  • You need to customize business logic inside the module.
  • You want to own the code instead of being locked to upstream APIs.
  • AI coding assistants work better with source they can read and edit directly.
  • Scion avoids dependency sprawl by default; security-sensitive exceptions are declared explicitly.

Available Modules

Module Description Security Features
auth JWT email/password auth + bcrypt Rate limiting, user enumeration prevention, JTI, aud/iss validation
crud Generic CRUD with pagination Sort/filter whitelist, SQL injection prevention, pagination ceiling
database database/sql setup + transactions DSN-safe errors, whitelisted SQL fragments, parameterized values
middleware Recovery, CORS, logging, timeout, etc. CRLF injection prevention, trusted proxy, body size limit
rbac Role-based access control Wildcard permissions, cycle detection, hierarchy inheritance
ratelimit Fixed window / sliding window / token bucket Memory exhaustion protection, LRU eviction, key length limit
validation Chainable request validation builder Regex DoS prevention, null byte/CRLF rejection, panic recovery
file-upload Secure file upload handler Magic bytes validation, path traversal prevention, size limit, rate limiting
health Liveness/readiness probes SSRF protection, CRLF injection prevention
cache Generic TTL + LRU cache Background cleanup, goroutine leak prevention, max entries limit
pagination Offset/limit + cursor pagination Cursor base64 validation, negative offset clamp, max limit enforcement
mail SMTP email with templates Header injection prevention, XSS escaping, attachment sanitization, async queue
migrations SQL migration runner Safe filenames, table whitelist, checksums, transactions
metrics Prometheus HTTP metrics Route cardinality limits, label sanitization, isolated registry
problem RFC 9457 problem responses CRLF/null rejection, detail truncation, panic recovery

CLI Commands

scion list [--json]
scion info <module> [--json]
scion add <module> [--to <dir>] [--dry-run] [--force] [--standalone]
scion diff <module> [--target <dir>] [--json]
scion doctor [--strict] [--json]
scion version [--json]

Use scion help <command> for command-specific examples.

Project Structure

scion/
|-- cmd/scion/              # CLI entrypoint
|-- internal/               # CLI implementation, bundle reader, doctor checks
|-- internal/bundle/        # Embedded registry bundle generated from registry/
|-- registry/
|   |-- index.json          # Machine-readable module index
|   |-- auth/               # Authentication module
|   |-- cache/              # TTL + LRU cache
|   |-- crud/               # CRUD operations module
|   |-- database/           # database/sql helpers
|   |-- file-upload/        # File upload handler
|   |-- health/             # Health check probes
|   |-- mail/               # SMTP email sender
|   |-- metrics/            # Prometheus HTTP metrics
|   |-- migrations/         # SQL migration runner
|   |-- middleware/         # HTTP middleware collection
|   |-- pagination/         # Pagination utilities
|   |-- problem/            # Problem Details API errors
|   |-- ratelimit/          # Rate limiting algorithms
|   |-- rbac/               # Role-based access control
|   `-- validation/         # Request validation builder
|-- docs/                   # VitePress documentation
|-- AGENTS.md               # AI coding agent instructions
|-- CONTRIBUTING.md         # Contribution guide
`-- LICENSE                 # MIT

Development

git clone https://github.com/DarkInno/scion.git
cd scion

# Regenerate the embedded CLI bundle after registry changes
go run ./internal/cmd/build-bundle

# Test and vet the root CLI
go test ./cmd/... ./internal/...
go vet ./cmd/... ./internal/...

# Run strict registry checks
go run ./cmd/scion doctor --strict

Run tests for all registry modules in PowerShell:

$modules = @('middleware','auth','crud','database','rbac','ratelimit','validation','file-upload','health','cache','pagination','mail','migrations','metrics','problem')
foreach ($m in $modules) { Push-Location "registry/$m/src/go"; go test ./...; Pop-Location }

Releasing

Releases are created from semantic version tags:

git tag -a v0.1.3 -m "v0.1.3"
git push origin v0.1.3

The release workflow verifies the CLI, rebuilds the embedded bundle check, cross-compiles binaries, generates SHA256SUMS, and publishes GitHub Release assets.

License

MIT

About

Copy-paste Go backend modules - zero dependencies, security-first, AI-friendly. Auth, CRUD, RBAC, rate limiting, validation & more.

Resources

License

Contributing

Stars

0 stars

Watchers

0 watching

Forks

Packages

 
 
 

Contributors

Languages