New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
Socket
Book a DemoSign in
Socket
Book a DemoSign in

postman-api

Package Overview
Dependencies
Maintainers
1
Versions
4
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

postman-api

Code-first Postman collections CLI and SDK (Bun/Node)

latest
npmnpm
Version
0.1.3
Version published
Maintainers
1
Created
Source

postman-api

TypeScript API starter using Bun + Elysia + Drizzle + OpenTelemetry and a CLI to generate and sync a code-first Postman configuration (api.postman.config.ts).

Quickstart (local dev)

  • Install deps: bun install
  • Copy env: cp .env.example .env and set POSTMAN_API_KEY
  • Run server: bun run src/server.ts (or bun run start)
  • Generate config: bun run src/cli.ts init
  • Sync to Postman: bun run src/cli.ts sync
  • Auto-sync on change: bun run src/cli.ts watch
  • Interactive setup (banner + prompts): bun run src/cli.ts start

NPM Package / SDK

  • Install (project): npm i postman-api or global: npm i -g postman-api
  • Run interactive setup: npx postman-api init (ou postman-api init se instalado globalmente)
  • Sincronizar configurado: postman-api sync
  • Assistir mudanças: postman-api watch
  • Logout (remover API Key): postman-api logout (use --keychain, --env ou --all)
  • Login (salvar no Keychain): postman-api login (opções: --key <APIKEY> ou --from-env)

Se preferir npm start postman-api no seu projeto, adicione no seu package.json:

{
  "scripts": {
    "start": "postman-api start"
  }
}

Observações:

  • Por padrão, a API Key é salva com segurança no Keychain do sistema (Windows Credential Manager / macOS Keychain / Linux Secret Service) usando keytar. Como fallback, pode ser gravada no .env.
  • O arquivo padrão do config é api.postman.config.mjs (ESM). Se você já usa Bun e prefere TypeScript, mantenha api.postman.config.ts e use bun run src/cli.ts ... localmente.

Scripts (dev)

  • bun run dev — run server with watch
  • bun run start — run server
  • bun run cli — run CLI
  • bun run cli:watch — watch config and auto-sync
  • bun run build — build ESM artifacts to dist/
  • bun run drizzle:generate — generate SQL from schema
  • bun run drizzle:push — push migrations

Postman CLI

postmanapi init creates api.postman.config.ts which lets you define:

  • collections: name, description, baseUrl
  • folders and requests: method, path, headers, body, responses
  • environments: named variable maps

postmanapi sync reads the config, validates it, then creates/updates Postman collections and environments in the workspace set by POSTMAN_WORKSPACE_ID (or the workspaceId in the config).

Environment variables are loaded via dotenv when using the CLI.

Telemetry

Basic OpenTelemetry tracing is initialized in src/telemetry.ts with an OTLP HTTP exporter (OTEL_EXPORTER_OTLP_ENDPOINT, default http://localhost:4318).

Database (Drizzle + Bun SQLite)

Database lives in app.db. Schema in src/db/schema.ts. Configure Drizzle with drizzle.config.ts.

FAQs

Package last updated on 12 Sep 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Attackers Are Hunting High-Impact Node.js Maintainers in a Coordinated Social Engineering Campaign

Security News

Attackers Are Hunting High-Impact Node.js Maintainers in a Coordinated Social Engineering Campaign

Multiple high-impact npm maintainers confirm they have been targeted in the same social engineering campaign that compromised Axios.

By Sarah Gooding  -  Apr 03, 2026