{"id":42912409,"url":"https://github.com/php-coder/query2app","last_synced_at":"2026-01-30T16:58:46.915Z","repository":{"id":42733742,"uuid":"279082426","full_name":"php-coder/query2app","owner":"php-coder","description":"Map SQL queries to URLs and generate a whole app","archived":false,"fork":false,"pushed_at":"2025-07-27T23:21:19.000Z","size":360,"stargazers_count":3,"open_issues_count":25,"forks_count":1,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-08-09T13:53:04.420Z","etag":null,"topics":["code-generator","express","fastapi","generator","golang","javascript","python","rest","rest-api","scaffold","sql","typescript"],"latest_commit_sha":null,"homepage":"","language":"EJS","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/php-coder.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2020-07-12T14:33:54.000Z","updated_at":"2025-07-14T04:20:29.000Z","dependencies_parsed_at":"2025-04-24T06:19:57.470Z","dependency_job_id":"b5e5b2af-81e1-4c74-8d04-c806179b5fe0","html_url":"https://github.com/php-coder/query2app","commit_stats":{"total_commits":195,"total_committers":3,"mean_commits":65.0,"dds":0.01538461538461533,"last_synced_commit":"5d379d25518872986b70a0308650568bc3dd6565"},"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"purl":"pkg:github/php-coder/query2app","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/php-coder%2Fquery2app","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/php-coder%2Fquery2app/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/php-coder%2Fquery2app/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/php-coder%2Fquery2app/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/php-coder","download_url":"https://codeload.github.com/php-coder/query2app/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/php-coder%2Fquery2app/sbom","scorecard":{"id":732363,"data":{"date":"2025-08-11","repo":{"name":"github.com/php-coder/query2app","commit":"5b8ca66a05255c37724c67e8eef6598019aefad1"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4.8,"checks":[{"name":"Code-Review","score":0,"reason":"Found 0/17 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":5,"reason":"6 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":10,"reason":"GitHub workflow tokens follow principle of least privilege","details":["Info: topLevel 'contents' permission set to 'read': .github/workflows/generate-go-app.yml:10","Info: topLevel 'contents' permission set to 'read': .github/workflows/generate-js-app.yml:10","Info: topLevel 'contents' permission set to 'read': .github/workflows/generate-python-app.yml:10","Info: topLevel 'contents' permission set to 'read': .github/workflows/generate-ts-app.yml:10","Info: topLevel 'contents' permission set to 'read': .github/workflows/integration-tests.yml:10","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE.txt:0","Info: FSF or OSI recognized license: GNU General Public License v2.0: LICENSE.txt:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Pinned-Dependencies","score":2,"reason":"dependency not pinned by hash detected -- score normalized to 2","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/generate-go-app.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/php-coder/query2app/generate-go-app.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/generate-go-app.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/php-coder/query2app/generate-go-app.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/generate-js-app.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/php-coder/query2app/generate-js-app.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/generate-js-app.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/php-coder/query2app/generate-js-app.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/generate-python-app.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/php-coder/query2app/generate-python-app.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/generate-python-app.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/php-coder/query2app/generate-python-app.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/generate-ts-app.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/php-coder/query2app/generate-ts-app.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/generate-ts-app.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/php-coder/query2app/generate-ts-app.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration-tests.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/php-coder/query2app/integration-tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/integration-tests.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/php-coder/query2app/integration-tests.yml/master?enable=pin","Warn: containerImage not pinned by hash: examples/go/chi/mysql/Dockerfile:1","Warn: containerImage not pinned by hash: examples/js/express/mysql/Dockerfile:1: pin your Docker image by updating node:18-bookworm to node:18-bookworm@sha256:c6ae79e38498325db67193d391e6ec1d224d96c693a8a4d943498556716d3783","Warn: containerImage not pinned by hash: examples/python/fastapi/postgres/Dockerfile:1: pin your Docker image by updating python:3.7-bookworm to python:3.7-bookworm@sha256:eedf63967cdb57d8214db38ce21f105003ed4e4d0358f02bedc057341bcf92a0","Warn: containerImage not pinned by hash: examples/ts/express/mysql/Dockerfile:1: pin your Docker image by updating node:18-bookworm to node:18-bookworm@sha256:c6ae79e38498325db67193d391e6ec1d224d96c693a8a4d943498556716d3783","Warn: containerImage not pinned by hash: src/templates/Dockerfile.ts:1: pin your Docker image by updating node:18-bookworm to node:18-bookworm@sha256:c6ae79e38498325db67193d391e6ec1d224d96c693a8a4d943498556716d3783","Warn: npmCommand not pinned by hash: examples/js/express/mysql/Dockerfile:5","Warn: pipCommand not pinned by hash: examples/python/fastapi/postgres/Dockerfile:4","Warn: npmCommand not pinned by hash: examples/ts/express/mysql/Dockerfile:5","Warn: npmCommand not pinned by hash: src/templates/Dockerfile.ts:5","Info:   0 out of   9 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   1 third-party GitHubAction dependencies pinned","Info:   4 out of   7 npmCommand dependencies pinned","Info:   0 out of   1 pipCommand dependencies pinned","Info:   0 out of   5 containerImage dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 13 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":8,"reason":"2 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GO-2025-3770","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-22T14:47:28.952Z","repository_id":42733742,"created_at":"2025-08-22T14:47:28.952Z","updated_at":"2025-08-22T14:47:28.952Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28915942,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-30T16:37:38.804Z","status":"ssl_error","status_checked_at":"2026-01-30T16:37:37.878Z","response_time":66,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["code-generator","express","fastapi","generator","golang","javascript","python","rest","rest-api","scaffold","sql","typescript"],"created_at":"2026-01-30T16:58:45.974Z","updated_at":"2026-01-30T16:58:46.903Z","avatar_url":"https://github.com/php-coder.png","language":"EJS","readme":"# Query To App\nGenerates the endpoints (or a whole app) from a mapping (SQL query -\u003e URL)\n\n\u003e [!WARNING]\n\u003e This is a proof of concept at this moment. Until it reaches a stable version, it might (and will) break a compatibility.\n\n# How to use\n\n1. Navigate to a project catalog\n   ```console\n   $ mkdir new-project\n   $ cd new-project\n   ```\n\n1. Create a mapping file `endpoints.yaml`\n   ```console\n   $ vim endpoints.yaml\n   - path: /v1/categories\n     get_list:\n       query: \u003e-\n         SELECT id, name, name_ru, slug\n           FROM categories\n          LIMIT :q.limit\n     post:\n       query: \u003e-\n         INSERT INTO categories(name, slug, created_at, created_by, updated_at, updated_by)\n         VALUES (:b.name, :b.slug, NOW(), :b.user_id, NOW(), :b.user_id)\n\n   - path: /v1/categories/:categoryId\n     get:\n       query: \u003e-\n         SELECT id, name, name_ru, slug\n           FROM categories\n          WHERE id = :p.categoryId\n     put:\n       query: \u003e-\n         UPDATE categories\n            SET name = :b.name, name_ru = :b.name_ru, slug = :b.slug, updated_at = NOW(), updated_by = :b.user_id\n          WHERE id = :p.categoryId\n     delete:\n       query: \u003e-\n         DELETE\n           FROM categories\n          WHERE id = :p.categoryId\n   ```\n   Note that the queries use a little unusual named parameters: `:b.name`, `:p.categoryId`, etc The prefixes `q` (query), `b` (body) and `p` (path) are used here in order to bind to parameters from the appropriate sources. The prefixes are needed only during code generation and they will absent from the resulted code.\n\n1. Generate code\n   \u003cdetails\u003e\n   \u003csummary\u003eExample commands\u003c/summary\u003e\n\n   | Language   | Command                     | Generated files            | Dependencies |\n   | -----------| ----------------------------| ---------------------------| ------------ |\n   | JavaScript | `npx query2app --lang js`   | [`app.js`](examples/js/express/mysql/app.js)\u003cbr/\u003e[`routes.js`](examples/js/express/mysql/routes.js)\u003cbr/\u003e[`package.json`](examples/js/express/mysql/package.json)\u003cbr/\u003e[`Dockerfile`](examples/js/express/mysql/Dockerfile) | [`express`](https://www.npmjs.com/package/express)\u003cbr/\u003e[`mysql`](https://www.npmjs.com/package/mysql) |\n   | TypeScript | `npx query2app --lang ts`   | [`app.ts`](examples/ts/express/mysql/app.ts)\u003cbr/\u003e[`routes.ts`](examples/ts/express/mysql/routes.ts)\u003cbr/\u003e[`package.json`](examples/ts/express/mysql/package.json)\u003cbr/\u003e[`tsconfig.json`](examples/ts/express/mysql/tsconfig.json)\u003cbr/\u003e[`Dockerfile`](examples/ts/express/mysql/Dockerfile) | [`express`](https://www.npmjs.com/package/express)\u003cbr/\u003e[`mysql`](https://www.npmjs.com/package/mysql) |\n   | Golang     | `npx query2app --lang go`   | [`app.go`](examples/go/chi/mysql/app.go)\u003cbr/\u003e[`routes.go`](examples/go/chi/mysql/routes.go)\u003cbr/\u003e[`go.mod`](examples/go/chi/mysql/go.mod)\u003cbr/\u003e[`Dockerfile`](examples/go/chi/mysql/Dockerfile) | [`go-chi/chi`](https://github.com/go-chi/chi)\u003cbr/\u003e[`go-sql-driver/mysql`](https://github.com/go-sql-driver/mysql)\u003cbr/\u003e[`jmoiron/sqlx`](https://github.com/jmoiron/sqlx) |\n   | Python     | `npx query2app --lang python` | [`app.py`](examples/python/fastapi/postgres/app.py)\u003cbr/\u003e[`db.py`](examples/python/fastapi/postgres/db.py)\u003cbr/\u003e[`routes.py`](examples/python/fastapi/postgres/routes.py)\u003cbr/\u003e[`requirements.txt`](examples/python/fastapi/postgres/requirements.txt)\u003cbr/\u003e[`Dockerfile`](examples/python/fastapi/postgres/Dockerfile) | [FastAPI](https://github.com/tiangolo/fastapi)\u003cbr/\u003e[Uvicorn](https://www.uvicorn.org)\u003cbr/\u003e[psycopg2](https://pypi.org/project/psycopg2/) |\n   \u003c/details\u003e\n\n1. Run the application\n   \u003cdetails\u003e\n   \u003csummary\u003eExample commands\u003c/summary\u003e\n\n   | Language   | Commands |\n   | -----------| ---------|\n   | JavaScript | \u003cpre\u003e$ npm install\u003cbr/\u003e$ export DB_NAME=my-db DB_USER=my-user DB_PASSWORD=my-password\u003cbr/\u003e$ npm start\u003c/pre\u003e |\n   | TypeScript | \u003cpre\u003e$ npm install\u003cbr/\u003e$ npm run build\u003cbr/\u003e$ export DB_NAME=my-db DB_USER=my-user DB_PASSWORD=my-password\u003cbr/\u003e$ npm start\u003c/pre\u003e |\n   | Golang     | \u003cpre\u003e$ export DB_NAME=my-db DB_USER=my-user DB_PASSWORD=my-password\u003cbr/\u003e$ go run *.go\u003c/pre\u003eor\u003cpre\u003e$ go build -o app\u003cbr/\u003e$ ./app\u003c/pre\u003e |\n   | Python     | \u003cpre\u003e$ pip install -r requirements.txt\u003cbr/\u003e$ export DB_NAME=my-db DB_USER=my-user DB_PASSWORD=my-password\u003cbr/\u003e$ uvicorn app:app --port 3000\u003c/pre\u003e |\n   \n   ---\n   :bulb: **NOTE**\n   \n   While the example used `export` for setting up the environment variables, we don't recommend export variables that way! This was provided as an example to illustrate that an application follows [The Twelve Factors](https://12factor.net/config) and can be configured by passing environment variables. In real life, you will use docker, docker-compose, Kubernetes or other ways to run an app with required environment variables.\n   \n   ---\n   :bulb: **NOTE**\n   \n   An app also supports other environment variables:\n   \n   * `PORT`: a port to listen (defaults to `3000`)\n   * `DB_HOST` a database host (defaults to `localhost`)\n   \n   ---\n   \u003c/details\u003e\n\n1. Test that it works\n   \u003cdetails\u003e\n   \u003csummary\u003eExamples for curl\u003c/summary\u003e\n\n   ```console\n   $ curl -i http://localhost:3000/v1/categories \\\n       --json '{\"name\":\"Sport\",\"name_ru\":\"Спорт\",\"slug\":\"sport\",\"user_id\":100}' \n   HTTP/1.1 204 No Content\n   ETag: W/\"a-bAsFyilMr4Ra1hIU5PyoyFRunpI\"\n   Date: Wed, 15 Jul 2020 18:06:33 GMT\n   Connection: keep-alive\n\n   $ curl http://localhost:3000/v1/categories\n   [{\"id\":1,\"name\":\"Sport\",\"name_ru\":\"Спорт\",\"slug\":\"sport\"}]\n\n   $ curl -i -X PUT http://localhost:3000/v1/categories/1 \\\n       --json '{\"name\":\"Fauna\",\"name_ru\":\"Фауна\",\"slug\":\"fauna\",\"user_id\":101}'\n   HTTP/1.1 204 No Content\n   ETag: W/\"a-bAsFyilMr4Ra1hIU5PyoyFRunpI\"\n   Date: Wed, 15 Jul 2020 18:06:34 GMT\n   Connection: keep-alive\n\n   $ curl http://localhost:3000/v1/categories/1\n   {\"id\":1,\"name\":\"Fauna\",\"name_ru\":\"Фауна\",\"slug\":\"fauna\"}\n\n   $ curl -i -X DELETE http://localhost:3000/v1/categories/1\n   HTTP/1.1 204 No Content\n   ETag: W/\"a-bAsFyilMr4Ra1hIU5PyoyFRunpI\"\n   Date: Wed, 15 Jul 2020 18:06:35 GMT\n   Connection: keep-alive\n   ```\n   \u003c/details\u003e\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fphp-coder%2Fquery2app","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fphp-coder%2Fquery2app","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fphp-coder%2Fquery2app/lists"}