Research
Security News
Kill Switch Hidden in npm Packages Typosquatting Chalk and Chokidar
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
eralchemy2 generates Entity Relation (ER) diagram (like the one below) from databases or from SQLAlchemy models. Works with SQLAlchemy < 1.4 but also with versions greater than 1.4
To install eralchemy2, just do:
$ pip install eralchemy2
eralchemy2
requires GraphViz to generate the graphs and Python. Both are available for Windows, Mac and Linux.
For Debian based systems, run:
$ apt install graphviz libgraphviz-dev
before installing eralchemy2.
There is also a packaged version in conda-forge, which directly installs the dependencies:
$ conda install -c conda-forge eralchemy2
$ eralchemy2 -i sqlite:///relative/path/to/db.db -o erd_from_sqlite.pdf
The database is specified as a SQLAlchemy database url.
$ curl 'https://raw.githubusercontent.com/maurerle/eralchemy2/main/example/newsmeme.er' > markdown_file.er
$ eralchemy2 -i 'markdown_file.er' -o erd_from_markdown_file.pdf
temp
and audit
$ eralchemy2 -i 'postgresql+psycopg2://username:password@hostname:5432/databasename' -o filtered.er --exclude-tables temp audit
created_at
and updated_at
from all tables$ eralchemy2 -i 'postgresql+psycopg2://username:password@hostname:5432/databasename' -o filtered.er --exclude-columns created_at updated_at
schema1
and schema2
$ eralchemy2 -i 'postgresql+psycopg2://username:password@hostname:5432/databasename' -s "schema1, schema2"
$ eralchemy2 -i 'markdown_file.er' -o erd_from_markdown_file.md -m mermaid_er
from eralchemy2 import render_er
## Draw from SQLAlchemy base
render_er(Base, 'erd_from_sqlalchemy.png')
## Draw from database
render_er("sqlite:///relative/path/to/db.db", 'erd_from_sqlite.png')
Thanks to it's modular architecture, it can be connected to other ORMs/ODMs/OGMs/O*Ms.
Every feedback is welcome on the GitHub issues.
Install the development dependencies using
$ pip install -e .[ci,dev]
Make sure to run the pre-commit to fix formatting
$ pre-commit run --all
All tested PR are welcome.
This project uses the pytest test suite.
To run the tests, use : $ pytest
or $ tox
.
Some tests require having a local PostgreSQL database with a schema named test in a database
named test all owned by a user named eralchemy with a password of eralchemy.
If docker compose is available, one can use docker compose up -d
for this purpose.
You can deselct the tests which require a PostgreSQL database using:
$ pytest -m "not external_db"
$ rm -r dist && python -m build && python3 -m twine upload --repository pypi dist/*
eralchemy2 is a fork of its predecessor ERAlchemy by @Alexis-benoist, which is not maintained anymore and does not work with SQLAlchemy > 1.4. If it is maintained again, I'd like to push the integrated changes upstream.
ERAlchemy was inspired by erd, though it is able to render the ER diagram directly
from the database and not just only from the ER
markup language.
Released under an Apache License 2.0
Initial Creator: Alexis Benoist Alexis_Benoist
FAQs
Simple entity relation (ER) diagrams generation
We found that eralchemy2 demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.