Security News
PyPI Introduces Digital Attestations to Strengthen Python Package Security
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
hasura-cli
Advanced tools
A package that automatically installs and wraps Hasura CLI binary in isolated manner
An npm package that automatically installs and wraps Hasura CLI binary in isolated manner
The package is automatically published (always up-to-date) when a new version is released from Hasura's side.
The Original Hasura CLI, which is not this package, is a compiled binary originally written in go. But just installing it on your system could cause some problems.
hasura-cli solves them. It automatically downloads the CLI and exposes the command hasura
. Downloaded CLI would be isolated, making it only dedicated to the "project" that installed it. Of course, you can install it as global package as well.
You can simply install hasura-cli through npm, yarn or pnpm. Note that this package follows a version of the Original Hasura CLI. If you want to check its releases, go here.
Currently, there are 3 npm tags (npm tags are different from versions), latest
, beta
and alpha
. latest
tag refers to Hasura's latest stable version(e.g. ), while beta
and alpha
, respectively beta version(e.g. ) and alpha version(e.g. ).
Of course, you can install it globally,
npm install --global hasura-cli[@tag|@version]
or in a project.
# latest version from latest tag (Same as hasura-cli@latest)
npm install --save-dev hasura-cli
# specific version
npm install --save-dev hasura-cli@2.0.0
# latest version from beta tag
npm install --save-dev hasura-cli@beta
# latest version from alpha tag
npm install --save-dev hasura-cli@alpha
Then you will be able to run hasura command.
For example,
# print hasura version
npx hasura version
Or configure npm scripts on package.json in the way you want.
(tip. provide env vars like $HASURA_GRAPHQL_ENDPOINT
or $HASURA_GRAPHQL_ADMIN_SECRET
)
{
"scripts": {
"hasura": "hasura --project hasura --skip-update-check",
"hasura:console": "npm run hasura console",
"hasura:apply": "npm run hasura migrate apply"
}
}
Generally, it works on 64 bits architecture of any Linux, macOS, and Windows with node@>=16.
It's simple. Just update the version
in package.json, then make a Pull Request. That's it!
{
"name": "hasura-cli",
"version": "1.3.0", // Patch this to "1.3.1-beta.1", for example.
"license": "MIT"
// ...
}
Please read NOTE.md, before getting started.
Environment variables are intended to be only used on development environment.
First, create .env
file, and configure it as you want.
cp .env.example .env
You can simply populate the variables by executing pnpm dev
or pnpm dev:no-respawn
. Otherwise, you have to manually feed them (e.g. dotenv -- <your command>
). That's because this project doesn't use dotenv
, but dotenv-cli
. So, the application does not read .env
by itself.
HASURA_CLI_INSTALL
(boolean)Whether src/index.ts
would install the cli. You can set it false
to prevent unwanted downloads.
HASURA_CLI_DEST_DIR
(string)A directory where Hasura CLI should be installed.
HASURA_CLI_DEST_FILENAME
(string)A file name of Hasura CLI.
Install dependencies. Lifecycle script postinstall
is only for clients who want to install the binary. So, ignore it with --ignore-scripts
option. It should also be used on CI.
pnpm install --ignore-scripts
On development, you can run
pnpm dev
# or
pnpm dev:no-respawn
# or
pnpm dev:build
pnpm dev
watches source code and restarts a process when a file changes. It does not write compiled js to the file system. ts-node-dev watches, compiles and restarts.
pnpm dev:no-respawn
does the same thing except it does not restart.
pnpm dev:build
logically does the identical job at the high viewpoint. But it compiles (tsc -w
) ts, writes js on file system, and runs (nodemon
) js. concurrently runs tsc
and nodemon
simultaneously.
To manually test compiled js, you can run
pnpm build # compiles ts to js
pnpm start # runs dist/index.js
pnpm test # runs all tests (against "*.test.ts")
pnpm test:coverage # runs all tests and measures coverage
pnpm lint . # lint
Here is a brief file system tree.
hasura-cli
├── dist // to be generated by build process (e.g. `pnpm build`), and ignored by git
├── hasura
├── package.json
└── src
├── asset.ts
├── index.ts
└── install.ts
package.json exposes the command hasura
as a symlink to the flie hasura
. Only the directory dist
and file hasura
are packed as a package.
{
"bin": {
"hasura": "./hasura"
},
"files": ["dist", "hasura"]
}
However, when publishing the package, the file hasura
is just a dummy 'text' file, not a binary file. The file will be replaced with a binary only when a client installs the package on Linux or macOS. On Windows, unlike Linux or macOS, the file hasura
is to be removed, and a new file hasura.exe
will be created. postinstall
lifecycle hook executes dist/index.js
, which would install the platform-specific binary.
The binaries are hosted on GitHub as release assets. src/asset.ts
exposes functions of "getting GitHub asset URL" and "downloading the asset from the URL". src/install.ts
exposes a function of "composing them and handling how the installation should be processed". src/index.ts
uses the function to install the asset with some additional control.
MIT License. Copyright © 2019, GIL B. Chan <bnbcmindnpass@gmail.com>
FAQs
A package that automatically installs and wraps Hasura CLI binary in isolated manner
The npm package hasura-cli receives a total of 29,716 weekly downloads. As such, hasura-cli popularity was classified as popular.
We found that hasura-cli demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.