Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
CHT Conf is a command-line interface tool to manage and configure your apps built using the Core Framework of the Community Health Toolkit.
npm install -g cht-conf
sudo python -m pip install git+https://github.com/medic/pyxform.git@medic-conf-1.17#egg=pyxform-medic
npm install -g cht-conf
pip install git+https://github.com/medic/pyxform.git@medic-conf-1.17#egg=pyxform-medic
As Administrator:
npm install -g cht-conf
python -m pip install git+https://github.com/medic/pyxform.git@medic-conf-1.17#egg=pyxform-medic --upgrade
CHT Conf can also be run from within a Docker container. This is useful if you are already familiar with Docker and do not wish to configure the various dependencies required for developing CHT apps on your local machine. The necessary dependencies are pre-packaged in the Docker image.
The Docker image can be used as a VS Code Development Container (easiest) or as a standalone Docker utility.
Install Docker. If you are using Windows, you also need to enable the Windows Subsystem for Linux (WSL2) to perform the following steps.
If you want to develop CHT apps with VS Code, you can use the Docker image as a Development Container. This will allow you to use the cht
utility and its associated tech stack from within VS Code (without needing to install dependencies like NodeJS on your host system).
See the CHT Documentation for more information on building CHT apps with VS Code Development Containers.
If you are not using VS Code, you can use the Docker image as a standalone utility from the command line. Instead of using the cht ...
command, you can run docker run -it --rm -v "$PWD":/workdir medicmobile/cht-app-ide ...
. This will create an ephemeral container with access to your current directory that will run the given cht command. (Do not include the cht
part of the command, just your desired actions/parameters.)
Run the following command inside the project directory to bootstrap your new CHT project:
docker run -it --rm -v "$PWD":/workdir medicmobile/cht-app-ide initialise-project-layout
When using cht
within a Docker container to connect to a CHT instance that is running on your local machine (e.g. a development instance), you cannot use the --local
flag or localhost
in your --url
parameter (since these will be interpreted as "local to the container").
It is recommended to run a local CHT instance using the CHT Docker Helper script. You can connect to the resulting ...my.local-ip.co
URL from the Docker container (or the VS Code terminal). (Just make sure the port your CHT instance is hosted on is not blocked by your firewall).
To enable tab completion in bash, add the following to your .bashrc
/.bash_profile
:
eval "$(cht --shell-completion=bash)"
To upgrade to the latest version
npm install -g cht-conf
cht
will upload the configuration from your current directory.
If you are using the default actionset, or performing any actions that require a CHT instance to function (e.g. upload-xyz
or backup-xyz
actions) you must specify the server you'd like to function against.
For developers, this is the instance defined in your COUCH_URL
environment variable.
cht --local
For configuring Medic-hosted instances.
cht --instance=instance-name.dev
Username admin
is used. A prompt is shown for entering password.
If a different username is required, add the --user
switch:
--user user-name --instance=instance-name.dev
cht --url=https://username:password@example.com:12345
NB - When specifying the URL with --url
, be sure not to specify the CouchDB database name in the URL. The CHT API will find the correct database.
CHT Conf supports authentication using a session token by adding --session-token
parameter:
cht --url=https://example.com:12345 --session-token=*my_token*
cht --archive
The resulting archive is consumable by CHT API >v3.7 to create default configurations.
cht <--archive|--local|--instance=instance-name|--url=url> <...action>
The list of available actions can be seen via cht --help
.
cht <--local|--instance=instance-name|--url=url> <...action> -- <...form>
Added in v3.2.0
In order to avoid overwriting someone else's configuration cht-conf records the last uploaded configuration snapshot in the .snapshots
directory. The remote.json
file should be committed to your repository along with the associated configuration change. When uploading future configuration if cht-conf detects the snapshot doesn't match the configuration on the server you will be prompted to overwrite or cancel.
.xlsx
To edit existing couchdb documents, create a CSV file that contains the id's of the document you wish to update, and the columns of the document attribute(s) you wish to add/edit. By default, values are parsed as strings. To parse a CSV column as a JSON type, refer to the Property Types section to see how you can parse the values to different types. Also refer to the Excluded Columns section to see how to exclude column(s) from being added to the docs.
Parameter | Description | Required |
---|---|---|
column(s) | Comma delimited list of columns you wish to add/edit. If this is not specified all columns will be added. | No |
docDirectoryPath | This action outputs files to local disk at this destination | No. Default json-docs |
file(s) | Comma delimited list of files you wish to process using edit-contacts. By default, contact.csv is searched for in the current directory and processed. | No. |
updateOfflineDocs | If passed, this updates the docs already in the docDirectoryPath instead of downloading from the server. | No. |
Create a contact.csv file with your columns in the csv folder in your current path. The documentID column is a requirement. (The documentID column contains the document IDs to be fetched from couchdb.)
documentID | is_in_emnch:bool |
---|---|
documentID1 | false |
documentID2 | false |
documentID3 | true |
Use the following command to download and edit the documents:
cht --instance=*instance* edit-contacts -- --column=*is_in_emnch* --docDirectoryPath=*my_folder*
or this one to update already downloaded docs
cht --instance=*instance* edit-contacts -- --column=*is_in_emnch* --docDirectoryPath=*my_folder* --updateOfflineDocs
Then upload the edited documents using the upload-docs command.
This tool expects a project to be structured as follows:
example-project/
.eslintrc
app_settings.json
contact-summary.js
privacy-policies.json
privacy-policies/
language1.html
…
purge.js
resources.json
resources/
icon-one.png
…
targets.js
tasks.js
task-schedules.json
forms/
app/
my_project_form.xlsx
my_project_form.xml
my_project_form.properties.json
my_project_form-media/
[extra files]
…
contact/
person-create.xlsx
person-create.xml
person-create-media/
[extra files]
…
…
…
translations/
messages-xx.properties
…
If you are starting from scratch you can initialise the file layout using the initialise-project-layout
action:
cht initialise-project-layout
Configuration can be inherited from another project, and then modified. This allows the app_settings.json
and contained files (task-schedules.json
, targets.json
etc.) to be imported, and then modified.
To achieve this, create a file called settings.inherit.json
in your project's root directory with the following format:
{
"inherit": "../path/to/other/project",
"replace": {
"keys.to.replace": "value-to-replace-it-with"
},
"merge": {
"complex.objects": {
"will_be_merged": true
}
},
"delete": [
"all.keys.listed.here",
"will.be.deleted"
],
"filter": {
"object.at.this.key": [
"will",
"keep",
"only",
"these",
"properties"
]
}
}
Fetch logs from a CHT v2.x production server.
This is a standalone command installed alongside cht-conf
. For usage information, run cht-logs --help
.
cht-logs <instance-name> <log-types...>
Accepted log types:
api
couchdb
gardener
nginx
sentinel
To develop a new action or improve an existing one, check the "Actions" doc.
Execute npm test
to run static analysis checks and the test suite. Requires Docker to run integration tests against a CouchDB instance.
Run npm run test-e2e
to run the end-to-end test suite against an actual CHT instance locally. These tests rely on CHT Docker Helper to spin up and tear down an instance locally.
The code interfacing with CHT Docker Helper lives in test/e2e/cht-docker-utils.js
. You should rely on the API exposed by this file to orchestrate CHT instances for testing purposes. It is preferable to keep the number of CHT instances orchestrated in E2E tests low as it takes a non-negligible amount of time to spin up an instance and can quickly lead to timeouts.
node <project_dir>/src/bin/index.js
. This will run as if you installed via npm.npm install <project_dir>
to use the local version of cht-conf.The commit format should follow this conventional-changelog angular preset. Examples are provided below.
Type | Example commit message | Release type |
---|---|---|
Bug fixes | fix(#123): infinite spinner when clicking contacts tab twice | patch |
Performance | perf(#789): lazily loaded angular modules | patch |
Features | feat(#456): add home tab | minor |
Non-code | chore(#123): update README | none |
Breaking | perf(#2): remove reporting rates feature BREAKING CHANGE: reporting rates no longer supported | major |
main
npm version --no-git-tag-version <major>.<minor>.<patch>-beta.1
. This will only update the versions in package.json
and package-lock.json
. It will not create a git tag and not create an associated commit.npm publish --tag beta
. This will publish your beta tag to npm's beta channel.To install from the beta channel, run npm install cht-conf@beta
.
Builds brought to you courtesy of GitHub actions.
Copyright 2013-2024 Medic Mobile, Inc. hello@medic.org
The software is provided under AGPL-3.0. Contributions to this project are accepted under the same license.
FAQs
Configure CHT deployments
We found that cht-conf demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.