{"id":23698147,"url":"https://github.com/samply/blazectl","last_synced_at":"2025-09-03T01:32:26.261Z","repository":{"id":39852040,"uuid":"196201278","full_name":"samply/blazectl","owner":"samply","description":"Control your FHIR® Server from the Command Line","archived":false,"fork":false,"pushed_at":"2025-08-21T16:37:26.000Z","size":230,"stargazers_count":22,"open_issues_count":16,"forks_count":6,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-08-21T19:20:28.503Z","etag":null,"topics":["cli","fhir","fhir-client","go","golang","hl7"],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/samply.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2019-07-10T12:28:29.000Z","updated_at":"2025-08-14T18:08:27.000Z","dependencies_parsed_at":"2023-07-15T00:08:28.418Z","dependency_job_id":"e04fc375-d898-4511-8458-d45c93cea9e8","html_url":"https://github.com/samply/blazectl","commit_stats":null,"previous_names":["life-research/blazectl"],"tags_count":48,"template":false,"template_full_name":null,"purl":"pkg:github/samply/blazectl","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/samply%2Fblazectl","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/samply%2Fblazectl/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/samply%2Fblazectl/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/samply%2Fblazectl/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/samply","download_url":"https://codeload.github.com/samply/blazectl/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/samply%2Fblazectl/sbom","scorecard":{"id":588720,"data":{"date":"2025-08-20T03:47:29Z","repo":{"name":"github.com/samply/blazectl","commit":"73648df5aa1455b0f84a56e8a659d15b2e4f14b2"},"scorecard":{"version":"v5.2.1","commit":"ab2f6e92482462fe66246d9e32f642855a691dc1"},"score":8.2,"checks":[{"name":"Dependency-Update-Tool","score":10,"reason":"update tool detected","details":["Info: detected update tool: RenovateBot: renovate.json:1"],"documentation":{"short":"Determines if the project uses a dependency update tool.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#dependency-update-tool"}},{"name":"Code-Review","score":2,"reason":"Found 4/16 approved changesets -- score normalized to 2","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#code-review"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#security-policy"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#dangerous-workflow"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#binary-artifacts"}},{"name":"Token-Permissions","score":10,"reason":"GitHub workflow tokens follow principle of least privilege","details":["Warn: jobLevel 'contents' permission set to 'write': .github/workflows/build.yml:76","Info: topLevel permissions set to 'read-all': .github/workflows/build.yml:16","Info: topLevel permissions set to 'read-all': .github/workflows/scorecard.yml:11"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#token-permissions"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#packaging"}},{"name":"Pinned-Dependencies","score":10,"reason":"all dependencies are pinned","details":["Info:  14 out of  14 GitHub-owned GitHubAction dependencies pinned","Info:   7 out of   7 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#cii-best-practices"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":10,"reason":"SAST tool is run on all commits","details":["Info: SAST configuration detected: CodeQL","Info: all commits (30) are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#sast"}},{"name":"Fuzzing","score":10,"reason":"project is fuzzed","details":["Info: GoBuiltInFuzzer integration found: util/fileAnalyzer_fuzz_test.go:8"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact v1.2.0-alpha.1 not signed: https://api.github.com/repos/samply/blazectl/releases/240053040","Warn: release artifact v1.1.0 not signed: https://api.github.com/repos/samply/blazectl/releases/238028834","Warn: release artifact v1.0.0 not signed: https://api.github.com/repos/samply/blazectl/releases/220398725","Warn: release artifact v0.17.1 not signed: https://api.github.com/repos/samply/blazectl/releases/216309652","Warn: release artifact v0.17.0 not signed: https://api.github.com/repos/samply/blazectl/releases/184345017","Warn: release artifact v1.2.0-alpha.1 does not have provenance: https://api.github.com/repos/samply/blazectl/releases/240053040","Warn: release artifact v1.1.0 does not have provenance: https://api.github.com/repos/samply/blazectl/releases/238028834","Warn: release artifact v1.0.0 does not have provenance: https://api.github.com/repos/samply/blazectl/releases/220398725","Warn: release artifact v0.17.1 does not have provenance: https://api.github.com/repos/samply/blazectl/releases/216309652","Warn: release artifact v0.17.0 does not have provenance: https://api.github.com/repos/samply/blazectl/releases/184345017"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#signed-releases"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#license"}},{"name":"Branch-Protection","score":8,"reason":"branch protection is not maximal on development and all release branches","details":["Info: 'allow deletion' disabled on branch 'main'","Info: 'force pushes' disabled on branch 'main'","Info: 'branch protection settings apply to administrators' is required to merge on branch 'main'","Info: 'stale review dismissal' is required to merge on branch 'main'","Warn: required approving review count is 1 on branch 'main'","Info: codeowner review is required on branch 'main'","Info: 'last push approval' is required to merge on branch 'main'","Info: 'up-to-date branches' is required to merge on branch 'main'","Info: status check found to merge onto on branch 'main'","Info: PRs are required in order to make changes on branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#branch-protection"}},{"name":"Contributors","score":10,"reason":"project has 6 contributing companies or organizations","details":["Info: found contributions from: AMPEL-CDSS-ORG, life-research, medizininformatik-initiative, num-codex, samply, university leipzig"],"documentation":{"short":"Determines if the project has a set of contributors from multiple organizations (e.g., companies).","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#contributors"}},{"name":"CI-Tests","score":10,"reason":"30 out of 30 merged PRs checked by a CI test -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project runs tests before pull requests are merged.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#ci-tests"}}]},"last_synced_at":"2025-08-20T21:16:56.661Z","repository_id":39852040,"created_at":"2025-08-20T21:16:56.661Z","updated_at":"2025-08-20T21:16:56.661Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":273377071,"owners_count":25094525,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-02T02:00:09.530Z","response_time":77,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cli","fhir","fhir-client","go","golang","hl7"],"created_at":"2024-12-30T07:13:59.310Z","updated_at":"2025-09-03T01:32:26.250Z","avatar_url":"https://github.com/samply.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![Build](https://github.com/samply/blazectl/actions/workflows/build.yml/badge.svg)](https://github.com/samply/blazectl/actions/workflows/build.yml)\n[![Go Report Card](https://goreportcard.com/badge/github.com/samply/blazectl)](https://goreportcard.com/report/github.com/samply/blazectl)\n[![OpenSSF Scorecard](https://api.scorecard.dev/projects/github.com/samply/blazectl/badge)](https://scorecard.dev/viewer/?uri=github.com/samply/blazectl)\n[![SLSA 2](https://slsa.dev/images/gh-badge-level2.svg)](https://slsa.dev)\n\n# blazectl\n\nblazectl is a command line tool to control your FHIR® server. blazectl also works with [Blaze][4].\n\nCurrently, you can do the following:\n\n* upload transaction bundles from a directory\n* download resources in NDJSON format\n* count all resources by type\n* evaluate a measure\n\n## Installation\n\nblazectl is available as binary for Linux, macOS and Windows.\n\nFor Linux and macOS an `install.sh` script is provided. It will download a tar file, extract it, and verify GitHub attestations using the [GitHub CLI][10] tool.  \n\n```sh\ncurl -sSfL https://raw.githubusercontent.com/samply/blazectl/main/install.sh | sh\n```\n\nIf you prefer a manual installation or need the Windows variant, please download the latest release [here][3]. The attestation verification is described below.\n\n## Usage\n\n```\nblazectl is a command line tool to control your FHIR® server.\n\nCurrently you can upload transaction bundles from a directory, download\nand count resources and evaluate measures.\n\nUsage:\n  blazectl [command]\n\nAvailable Commands:\n  completion       Generate the autocompletion script for the specified shell\n  count-resources  Counts all resources by type\n  download         Download FHIR resources in NDJSON format\n  evaluate-measure Evaluates a Measure\n  help             Help about any command\n  upload           Upload transaction bundles\n\nFlags:\n      --certificate-authority string   path to a cert file for the certificate authority\n  -h, --help                           help for blazectl\n  -k, --insecure                       allow insecure server connections when using SSL\n      --no-progress                    don't show progress bar\n      --password string                password information for basic authentication\n      --token string                   bearer token for authentication\n      --user string                    user information for basic authentication\n  -v, --version                        version for blazectl\n\nUse \"blazectl [command] --help\" for more information about a command.\n```\n\n### Upload\n\nYou can use the upload command to upload transaction bundles to your server. Currently, JSON (*.json), [gzip compressed][7] JSON (*.json.gz), [bzip2 compressed][8] JSON (*.json.bz2) and NDJSON (*.ndjson) files are supported. If you don't have any transaction bundles, you can generate some with [SyntheaTM][5].\n\nAssuming the URL of your FHIR server is `http://localhost:8080/fhir`, in order to upload run:\n\n```sh\nblazectl upload --server http://localhost:8080/fhir my/bundles\n```\n\nYou will see a progress bar with an estimated ETA during upload. After the upload, a statistic inspired by [vegeta][6] will be printed:\n\n```\nStarting Upload to http://localhost:8080/fhir ...\nUploads          [total, concurrency]     362, 4\nSuccess          [ratio]                  100 %\nDuration         [total]                  1m42s\nRequ. Latencies  [mean, 50, 95, 99, max]  826ms, 534ms, 2.71s, 3.85s 6.467s\nProc. Latencies  [mean, 50, 95, 99, max]  710ms, 526ms, 2.041s, 2.739s 4.133s\nBytes In         [total, mean]            5.10 MiB, 14.59 KiB\nBytes Out        [total, mean]            61.74 MiB, 176.59 KiB\nStatus Codes     [code:count]             200:362\n```\n\nThe statistics have the following meaning:\n\n* Uploads — the total number of files uploaded with the given concurrency\n* Success — the success rate (possible errors will be printed under the statistics)\n* Duration – the total duration of the upload\n* Requ. Latencies – mean, max and percentiles of the duration of whole requests including network transfers \n* Proc. Latencies – mean, max and percentiles of the duration of the server processing time excluding networks transfers \n* Bytes In – total and mean number of bytes returned by the server\n* Bytes Out – total and mean number of bytes send by blazectl\n* Status Codes – a list of status code frequencies. Will show non-200 status codes if they happen.\n\n### Download\n\nYou can use the download command to download bundles from the server. Downloaded bundles are stored within an NDJSON file. This operation is non-destructive on your site, i.e., if the specified NDJSON file already exists, then it won't be overwritten.\n\nUse the download command as follows:\n\n```sh\nblazectl download --server http://localhost:8080/fhir Patient \\\n         --query \"gender=female\" \\\n         --output-file ~/Downloads/Patients.ndjson\n```\n\nIf the optional resource-type is given, the corresponding type-level search will be used. Otherwise, the system-level search will be used and all resources of the whole system will be downloaded.\n\nThe --query flag will take an optional FHIR search query that will be used to constrain the resources to download.\n\nWith the flag --use-post, you can ensure that the FHIR search query specified with --query is send as POST request in the body.\n\nUsing POST can have two benefits, first if the query string is too large for URL's, it will still fine in the body. Second if the query string contains sensitive information like IDAT's it will be less likely end up in log files, because URL's are often logged but bodies not.\n\nThe next links are still traversed with GET. The FHIR server is supposed to not expose any sensitive query params in the URL and also keep the URL short enough.\n\nResources will be either streamed to STDOUT, delimited by newline, or stored in a file if the --output-file flag is given.\n\nAs soon as the download has finished, you will be shown a download statistics overview that looks something like this:\n\n```\nPages           [total]                 184\nResources       [total]                 1835\nResources/Page  [min, mean, max]        5, 9, 10\nDuration        [total]                 371ms\nRequ. Latencies\t[mean, 50, 95, 99, max]\t1ms, 1ms, 2ms, 2ms, 3ms\nProc. Latencies\t[mean, 50, 95, 99, max]\t1ms, 1ms, 1ms, 2ms, 3ms\nBytes In        [total, mean]           1.22 MiB, 6.82 KiB\n```\n\nThe statistics have the following meaning:\n\n* Pages - total number of pages requested from the server to retrieve resources\n* Resources - total number of downloaded resources\n* Resources/Page - minimum, mean and maximum number of resources over all pages \n* Duration - total duration of the download\n* Requ. Latencies - mean, max and percentiles of the duration of whole requests including networks transfers\n* Proc. Latencies - mean, max and percentiles of the duration of the server processing time excluding network transfers\n* Bytes In - total and mean number of bytes returned by the server\n\n### Count Resources\n\nThe count-resources command is useful to see how many resources a FHIR server stores by resource type. The resource counting is done by first fetching the capability statement of the server. After that blazectl will perform a search-type interaction with query parameter `_summary` set to `count` on every resource type which supports that interaction using one batch request. Bundle.total will be used as resource count.\n\nYou can run:\n \n```sh\nblazectl count-resources --server http://localhost:8080/fhir\n```\n\nIt will return:\n\n```\nCount all resources on http://localhost:8080/fhir ...\n\nAllergyIntolerance       :    7297\nCarePlan                 :   49818\nClaim                    :  689111\nCondition                :  116688\nDiagnosticReport         :  193141\nEncounter                :  540542\nExplanationOfBenefit     :  540542\nGoal                     :   39857\nImagingStudy             :   11212\nImmunization             :  187987\nMedicationAdministration :    6400\nMedicationRequest        :  148569\nObservation              : 2689215\nOrganization             :   52645\nPatient                  :   16875\nPractitioner             :   52647\nProcedure                :  418310\n```\n\n### Evaluate Measure\n\nGiven a measure in YAML form, creates the required FHIR resources, evaluates that measure and returns the measure report.\n\nYou can run:\n\n```sh\nblazectl evaluate-measure --server \"http://localhost:8080/fhir\" stratifier-condition-code.yml\n```\n\nMore comprehensive documentation can be found in the [Blaze CQL Queries Documentation][9].\n\n## GitHub Attestations\n\nTo ensure trust and security in the software supply chain, GitHub [attestations][11] are available for all `blazectl` binaries. To verify the attestations, please install the [GitHub CLI][10] tool and run:\n\n```sh\ngh attestation verify --repo samply/blazectl blazectl\n```\n\nThe `install.sh` script already verifies the attestations.\n\n### SBOM Viewer\n\nThe SBOM can be generated by the GitHub CLI:\n\n```sh\ngh attestation verify --repo samply/blazectl blazectl --predicate-type \"https://spdx.dev/Document/v2.3\" --format json  --jq '.[].verificationResult.statement.predicate' \u003e blazectl-sbom.json\n```\n\nThe resulting SBOM can be viewed at a [Web Viewer provided by SUSE][12].\n\n## Similar Software\n\n* [VonkLoader][1] - can also upload transaction bundles but needs .NET SDK\n* [Synthea Uploader][2] - no parallel uploads\n\n## License\n\nCopyright 2019 - 2025 The Samply Community\n\nLicensed under the Apache License, Version 2.0 (the \"License\"); you may not use this file except in compliance with the License. You may obtain a copy of the License at\n\nhttp://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.\n\n[1]: \u003chttp://docs.simplifier.net/vonkloader/\u003e\n[2]: \u003chttps://github.com/synthetichealth/uploader\u003e\n[3]: \u003chttps://github.com/samply/blazectl/releases/latest\u003e\n[4]: \u003chttps://github.com/samply/blaze\u003e\n[5]: \u003chttps://github.com/synthetichealth/synthea\u003e\n[6]: \u003chttps://github.com/tsenart/vegeta\u003e\n[7]: \u003chttps://en.wikipedia.org/wiki/Gzip\u003e\n[8]: \u003chttps://en.wikipedia.org/wiki/Bzip2\u003e\n[9]: \u003chttps://github.com/samply/blaze/blob/main/docs/cql-queries/blazectl.md\u003e\n[10]: \u003chttps://github.com/cli/cli\u003e\n[11]: \u003chttps://docs.github.com/en/actions/concepts/security/artifact-attestations\u003e\n[12]: \u003chttps://apps.rancher.io/sbom-viewer\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsamply%2Fblazectl","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsamply%2Fblazectl","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsamply%2Fblazectl/lists"}