{"id":13710023,"url":"https://github.com/viur-framework/viur-cli","last_synced_at":"2026-02-25T21:32:05.883Z","repository":{"id":39971658,"uuid":"361694703","full_name":"viur-framework/viur-cli","owner":"viur-framework","description":"Command-line tool for managing ViUR projects","archived":false,"fork":false,"pushed_at":"2025-12-09T16:38:00.000Z","size":5176,"stargazers_count":5,"open_issues_count":18,"forks_count":6,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-12-26T16:39:37.226Z","etag":null,"topics":["cli","python","viur"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/viur-framework.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2021-04-26T09:37:52.000Z","updated_at":"2025-11-29T06:23:56.000Z","dependencies_parsed_at":"2023-10-14T14:04:52.443Z","dependency_job_id":"23af4e8d-cb9d-4e20-b953-068c8f9c4ff1","html_url":"https://github.com/viur-framework/viur-cli","commit_stats":{"total_commits":78,"total_committers":8,"mean_commits":9.75,"dds":0.2435897435897436,"last_synced_commit":"ac67671297ff5cf38ab31bd138dcb6115616e6f6"},"previous_names":[],"tags_count":84,"template":false,"template_full_name":null,"purl":"pkg:github/viur-framework/viur-cli","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/viur-framework%2Fviur-cli","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/viur-framework%2Fviur-cli/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/viur-framework%2Fviur-cli/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/viur-framework%2Fviur-cli/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/viur-framework","download_url":"https://codeload.github.com/viur-framework/viur-cli/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/viur-framework%2Fviur-cli/sbom","scorecard":{"id":924389,"data":{"date":"2025-08-04","repo":{"name":"github.com/viur-framework/viur-cli","commit":"8ae20dba3c602cca2fb8cc66c8cc2ea10a39b0d4"},"scorecard":{"version":"v5.2.1-28-gc1d103a9","commit":"c1d103a9bb9f635ec7260bf9aa0699466fa4be0e"},"score":4.2,"checks":[{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/publish.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#token-permissions"}},{"name":"Code-Review","score":5,"reason":"Found 16/29 approved changesets -- score normalized to 5","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#code-review"}},{"name":"Maintained","score":2,"reason":"2 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 2","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#maintained"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/viur-framework/viur-cli/publish.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/viur-framework/viur-cli/publish.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/viur-framework/viur-cli/publish.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/viur-framework/viur-cli/publish.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/viur-framework/viur-cli/publish.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/viur-framework/viur-cli/publish.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/viur-framework/viur-cli/publish.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/viur-framework/viur-cli/publish.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/viur-framework/viur-cli/publish.yml/main?enable=pin","Warn: pipCommand not pinned by hash: .github/workflows/publish.yml:19","Info:   0 out of   5 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   4 third-party GitHubAction dependencies pinned","Info:   0 out of   1 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#license"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact v2.2.1 not signed: https://api.github.com/repos/viur-framework/viur-cli/releases/220498453","Warn: release artifact v2.2.0 not signed: https://api.github.com/repos/viur-framework/viur-cli/releases/215583870","Warn: release artifact v2.1.0 not signed: https://api.github.com/repos/viur-framework/viur-cli/releases/203039785","Warn: release artifact v2.1.0-dev1 not signed: https://api.github.com/repos/viur-framework/viur-cli/releases/185207769","Warn: release artifact v2.0.3 not signed: https://api.github.com/repos/viur-framework/viur-cli/releases/167659076","Warn: release artifact v2.2.1 does not have provenance: https://api.github.com/repos/viur-framework/viur-cli/releases/220498453","Warn: release artifact v2.2.0 does not have provenance: https://api.github.com/repos/viur-framework/viur-cli/releases/215583870","Warn: release artifact v2.1.0 does not have provenance: https://api.github.com/repos/viur-framework/viur-cli/releases/203039785","Warn: release artifact v2.1.0-dev1 does not have provenance: https://api.github.com/repos/viur-framework/viur-cli/releases/185207769","Warn: release artifact v2.0.3 does not have provenance: https://api.github.com/repos/viur-framework/viur-cli/releases/167659076"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#signed-releases"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/publish.yml:38"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#packaging"}},{"name":"Vulnerabilities","score":7,"reason":"3 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-9hjg-9r4m-mvj7","Warn: Project is vulnerable to: GHSA-48p4-8xcf-vxj5","Warn: Project is vulnerable to: GHSA-pq67-6m6q-mj2v"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":1,"reason":"SAST tool is not run on all commits -- score normalized to 1","details":["Warn: 3 commits out of 19 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-25T09:35:09.735Z","repository_id":39971658,"created_at":"2025-08-25T09:35:09.735Z","updated_at":"2025-08-25T09:35:09.735Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29841591,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-25T21:18:31.832Z","status":"ssl_error","status_checked_at":"2026-02-25T21:18:29.265Z","response_time":61,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cli","python","viur"],"created_at":"2024-08-02T23:00:50.820Z","updated_at":"2026-02-25T21:32:05.866Z","avatar_url":"https://github.com/viur-framework.png","language":"Python","funding_links":[],"categories":["Official ViUR Resources"],"sub_categories":["Main Repositories"],"readme":"\u003cdiv align=\"center\"\u003e\n    \u003cimg src=\"https://github.com/viur-framework/viur-artwork/raw/main/icons/icon-cli.svg\" height=\"196\" alt=\"A hexagonal logo of the viur-cli\" title=\"viur-cli\"\u003e\n    \u003ch1\u003eviur-cli\u003c/h1\u003e\n    \u003ca href=\"https://pypi.org/project/viur-cli/\"\u003e\n        \u003cimg alt=\"Badge showing current PyPI version\" title=\"PyPI\" src=\"https://img.shields.io/pypi/v/viur-cli\"\u003e\n    \u003c/a\u003e\n    \u003ca href=\"LICENSE\"\u003e\n        \u003cimg src=\"https://img.shields.io/github/license/viur-framework/viur-cli\" alt=\"Badge displaying the license\" title=\"License badge\"\u003e\n    \u003c/a\u003e\n    \u003cbr\u003e\n    Command-line interface for \u003ca href=\"https://www.viur.dev\"\u003eViUR framework\u003c/a\u003e project maintenance.\n\u003c/div\u003e\n\n## What does it do?\n`viur-cli` allows to control, maintain, develop and deploy a ViUR project from one central\nlocation by using the `viur` command.\n\n\n## Installation\n\nTo use `viur-cli` in your ViUR projects, install the [PyPI package `viur-cli`](https://pypi.org/project/pipenv/).\n\n```bash\n$ pipenv install --dev viur-cli\n```\n\n## Usage\n\n```sh\n$ viur -h\n```\nwill show all the commands that are currently supported by viur-cli\n\n```sh\n$ viur --version\n```\nwill show your current viur-cli version\n\n\n```sh\n$ viur create myapp\n```\nthis will create a new project folder, clone the base project and then call `viur init` to prepare a project.json\nyou can use this to get started quickly with a new viur project from scratch.\n\n```sh\n$ viur run [profile]\n```\nrun the appserver and start your app locally. You may specify a target profile.\n\n\n```sh\n$ viur check [--dev]\n```\nRuns a security check for the python environment and for each npm project registered under builds.\n\n```sh\n$ viur package {install|update} {vi|scriptor|admin|all}\n```\nhandles ViUR ecosystem package operations\n\nCommands:\n- `install`  installs a ViUR package (in a specific version)\n- `update`   updates a ViUR package to the newest version\n\nArguments:\n- `profile`  profile to install to\n- `version`  version to install\n\n```sh\n$ viur build {app|clean|release} [option]\n```\nBuilds ViUR Project or specific apps\nCommands:\n- `app` Build a specific application\n- `clean` Clean up Build Artifacts\n- `release` Build all relevant applications to deploy the project\n\n```sh\n$ viur cloud deploy {app|index|cloudfunction} {profile} {--ext|--yes|--name}\n```\nThis Function deploys the Google Cloud application and / or different .yaml files\nScripts:\n- `app`           Deploy application to the Google Appengine\n  - `index`         Deploy index.yaml to Google Appenginge\n  - `cloudfunction` Deploy Cloudfunction to Google Appengine\n  Commands:\n  - `profile`       The project.json profile you want to Work from\n\n```sh\n$ viur cloud init {service} {profile}\n```\nThis Function makes the init deployment for a ViUR project.\nThis Function needs to be called so that the development server works locally.\n\n\n```sh\n$ viur cloud {enable|disable} backup\n```\nEnable/ Disable the Backup buckets you need to Backup a cloud project in the Google Cloud Console\n\n```sh\n$ viur cloud setup {gcloud|gcroles}\n```\nScripts:\n- `gcloud`    This Function setups your project to work on the gcloud plattform\n  - `gcroles`   This function lets you set up Roles for your google appengine Workspace\n\n\n```sh\n$ viur cloud get {gcroles}\n```\nScripts:\n- `gcroles`   This function lets you get Roles for your google appengine Workspace in a readable .json Format\n\n```sh\n$ viur package {update|install} {vi|admin|scriptor|all} [profile] [version]\n```\nPerforms operations on packages\n\nScripts:\n- `update` Updates an installed package\n- `install` Installs a declared package\n\nOptions:\n- `vi`\n- `admin`\n- `scriptor`\n- `all`\n\n```sh\n$ viur env\n```\nShow information about your current environment.\n\n```sh\n$ viur project list\n```\nPretty prints your `project.json` file on the console.\n\n```sh\n$ viur update {requirements}\n```\nwith this you can update your project specific requirements.txt file automatically\n\n## The project.json\nThe `project.json` is your core project configuration file for every viur related operation.\nIt contains the default viur project profile and it can be expanded with several individual project profiles.\n\n### Example project.json\n```json lines\n{\n    /*\n      The format Key, Value pair defines the project json format, the viur-cli uses\n    */\n    \"format\": \"2.0.0\",\n    /*\n      The first level contains of your profiles\n      \"default\" is a profile, which is inherited by \"develop\" and \"live\" and can be customized for particular versions\n      and/or GAE projects. Therefore, every profile can contain all keys from the \"default\" profile.*/\n    \"default\": {\n        /*\n          The builds level declares steps for the `viur build` command.\n          It can contain viur components and other components that need to be build before project deployment\n        */\n        \"builds\": {\n            \"admin\": {\n                \"command\": \"viur install admin\",\n                \"kind\": \"exec\",\n                \"version\": \"4.0.8\"\n            },\n            \"npm\": {\n                \"command\": \"build\",\n                \"kind\": \"npm\",\n                \"source\": \"\"\n            }\n            /* OPTIONAL arguments, can be set in default or in a specific profile */\n            \"appyaml\": \"app_stub.yaml\",  // Use a name other than \"app.yaml\"\n            \"appyaml_substitition\": true,  // Set to true to replace only standard variables in app.yaml\n            \"appyaml_substitition\": {  // Set to an object to replace these in addition to the standard variables in app.yaml\n                \"$REGION\": \"europe-west3\"\n            }\n        },\n        \"gcloud\": {\n            \"functions\": { //Declarations for a cloud function\n                \"testfunction1\": {\n                    \"entry-point\": \"main\",\n                    \"env-vars-file\": \"env.yaml\",\n                    \"memory\": \"512MB\",\n                    \"runtime\": \"python311\",\n                    \"source\": \"deploy/cloudfunction/function1\",\n                    \"trigger\": \"http\"\n                }\n            },\n            \"max-instances\": \"1\",\n            \"region\": \"europe-west3\"\n        },\n        \"core\": \"3.5.1\",  // viur-core version of your project\n        \"distribution_folder\": \"./deploy\", // Deploy folder uploaded to GAE\n        \"sources_folder\": \"./sources\",\n        \"version\": \"live-$(year)-$(month)-$(day)\", // Version string; Variables can be used here.\n        \"application_name\": \"my-live-app-viur3\" // Name of the GAE project *4\n    },\n    \"develop\": {\n        \"application_name\": \"my-dev-app-viur3\",\n        \"version\": \"dev-$(user)\"\n    }\n}\n\n```\n\n## Viur scripting interface\n\nThere is a new core component that enables us to pull and push python scripts from/to a deployed application and run these in a sandbox or even locally.\nThe GUI version is called scriptor and can be accessed via a webinterface, but viur-cli also has a cli for this:\n\n```sh\n$ viur script {configure|pull|push|run|setup}\n```\nManage your ViUR Scriptor Scripts via the CLI\nCommands:\n- `configure`  Manage configuration settings.\n- `pull`       Pull contents from server to working_dir.\n- `push`       Push contents of working_dir to server.\n- `run`        Locally run a script located in the working_dir.\n- `setup`      Setup user session with a given username and...\n\n\n## Packaged tools\n\nIn order to use the packaged tools, you can run:\n\n```sh\n$ viur tool {2to3|pyodide|ssl-fix}\n```\nScripts:\n- `2to3`     viur porting script\n- `pyodide`  run the get_pyodide command\n- `ssl-fix`  ssl fix for MacOS\n\nfor example the 2to3 script helps porting viur2 project to viur3, it can be used to automatically rename some things that are deprecated\nin viur3 as well, so you can use it whenever a new core version is released for viur3 projects as well:\n\n```sh\n$ viur tool 2to3 -d .\n```\nwill dry-run the script in the current directory and not make any changes, only suggestions. If you want to make the changes,\nleave out the -d argument and if you are a daring go-getter and like to live dangerously, replace the -d with -x,\nwhich will write the suggested changes without making a backup of the changed files.\n\n## Development\n\nIf you want to hack `viur-cli`, clone this repository next to the folder of your ViUR project.\n\n```sh\n$ git clone git@github.com:viur-framework/viur-cli.git\n$ ls -1\nviur-cli\nyour-project\n```\n\nThen, add it to your project as an editable dependency using\n\n```sh\n$ cd your-project\n$ pipenv install --dev --editable ../viur-cli\n```\n\n## Dependencies\n\nviur-cli depends on\n\n* [click](https://click.palletsprojects.com/)\n* [app_server](https://github.com/XeoN-GHMB/app_server)\n* [pipfile-requirements](https://github.com/frostming/pipfile-requirements)\n* [watchgod](https://github.com/samuelcolvin/watchgod)\n\n## License\n\nCopyright © 2025 by Mausbrand Informationssysteme GmbH.\u003cbr\u003e\nMausbrand and ViUR are registered trademarks of Mausbrand Informationssysteme GmbH.\n\nThis project is free software under the MIT license.\u003cbr\u003e\nPlease see the LICENSE file for details.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fviur-framework%2Fviur-cli","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fviur-framework%2Fviur-cli","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fviur-framework%2Fviur-cli/lists"}