You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Mise already excels at tool pinning, env management, tasks, and generating a few specific integration files. I’d like to propose adding first-class project scaffolding: a template-pack system (local or git-sourced) that can render a complete project tree using mise’s existing Tera templating, with strong security defaults aligned with mise trust / paranoid mode.
This would make mise a one-stop “front-end for repositories” not only for day-2 workflows (tasks/tools), but also for day-0 project creation (bootstrap/scaffold).
Unlike projen’sprojen new <type>, mise doesn’t provide a native “create a new repo skeleton” flow (e.g., new CDK TypeScript app or new Python service), even though it already has:
a templating engine embedded in config,
a task runner suitable for “post-init steps” (install, format, init git, etc.),
a trust/paranoid model that can govern execution of risky operations.
Proposal
Add a new subcommand under the existing generate namespace:
mise generate project
A template-pack–driven scaffolder that:
resolves a template pack (local directory or git URL/ref)
collects variables (interactive prompts or --set key=value, supports --no-prompt)
renders/copies files into a destination directory
optionally runs post steps (as commands or as mise tasks)
offers a future managed-files “re-apply” mode. This is so some files can be managed by mise and re-generated when the configuration changes
Why under generate ?
mise already uses generate for producing repo-related artifacts. Project scaffolding fits naturally there and keeps UX cohesive.
Architecture diagram (proposed flow)
flowchart TD
A["mise generate project"] --> B["Resolve template pack (local path or git URL/ref)"]
B --> C["Trust gate (trust/paranoid rules for remote packs & executable features)"]
C --> D["Collect variables (prompt OR --set/--no-prompt)"]
D --> E["Render templates (Tera; exec disabled unless trusted)"]
E --> F["Write output tree (conflict policy: --force/--skip-existing/--dry-run)"]
F --> G{"Run post steps?"}
G -->|no| H["Done"]
G -->|yes| I["Run post steps (commands and/or mise tasks)"]
I --> J["Optional: mise install / generate github-action / git-pre-commit / bootstrap"]
J --> H
Loading
CLI UX (suggested)
Basic usage (interactive)
mise generate project --template gh:my-org/mise-templates/cdk-ts --dir ./my-cdk-app
mise generate project --template ... --dir ./my-cdk-app --dry-run
mise generate project --template ... --dir ./my-cdk-app --skip-existing
mise generate project --template ... --dir ./my-cdk-app --force
Security model (important)
Scaffolding is inherently supply-chain sensitive (remote templates + optional hooks). mise already has good primitives here; the scaffolder should align with them:
Recommended defaults
Remote template packs must pass a trust gate before any risky features are enabled.
During rendering: disable command execution in templates by default (even if Tera supports it today in other contexts).
Post steps (hooks) should require explicit opt-in:
--accept-hooks=ask|yes|no (default: ask locally, no in non-interactive unless explicitly set)
Paranoid mode behavior
In paranoid mode: require trust for remote packs, and re-trust if pack contents change.
Avoid any shorthand “registry-like” resolution unless pinned (e.g., require URL+ref).
Why this fits mise’s philosophy
mise already positions itself as a unified entry point for tools/tasks/env.
Scaffolding is the missing “day-0” capability that completes the story:
Day 0: mise generate project
Day 1+: mise install, mise run, hooks, CI generation, etc.
Open questions (implementation details)
Best way to represent variable schema and prompt types (string/bool/enum, validation, regex).
Git template resolution conventions (gh: shorthand vs explicit URL).
How to store trust metadata for template packs (reuse existing trust store).
Hook execution environment (run with mise environment? likely yes).
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
Mise already excels at tool pinning, env management, tasks, and generating a few specific integration files. I’d like to propose adding first-class project scaffolding: a template-pack system (local or git-sourced) that can render a complete project tree using mise’s existing Tera templating, with strong security defaults aligned with mise trust / paranoid mode.
This would make mise a one-stop “front-end for repositories” not only for day-2 workflows (tasks/tools), but also for day-0 project creation (bootstrap/scaffold).
Problem statement
Today, teams often standardize on:
Unlike projen’s
projen new <type>, mise doesn’t provide a native “create a new repo skeleton” flow (e.g., new CDK TypeScript app or new Python service), even though it already has:Proposal
Add a new subcommand under the existing generate namespace:
A template-pack–driven scaffolder that:
Why under generate ?
mise already uses generate for producing repo-related artifacts. Project scaffolding fits naturally there and keeps UX cohesive.
Architecture diagram (proposed flow)
flowchart TD A["mise generate project"] --> B["Resolve template pack (local path or git URL/ref)"] B --> C["Trust gate (trust/paranoid rules for remote packs & executable features)"] C --> D["Collect variables (prompt OR --set/--no-prompt)"] D --> E["Render templates (Tera; exec disabled unless trusted)"] E --> F["Write output tree (conflict policy: --force/--skip-existing/--dry-run)"] F --> G{"Run post steps?"} G -->|no| H["Done"] G -->|yes| I["Run post steps (commands and/or mise tasks)"] I --> J["Optional: mise install / generate github-action / git-pre-commit / bootstrap"] J --> HCLI UX (suggested)
Basic usage (interactive)
Non-interactive / CI-friendly
Conflict handling
Security model (important)
Scaffolding is inherently supply-chain sensitive (remote templates + optional hooks). mise already has good primitives here; the scaffolder should align with them:
Recommended defaults
Paranoid mode behavior
In paranoid mode: require trust for remote packs, and re-trust if pack contents change.
Avoid any shorthand “registry-like” resolution unless pinned (e.g., require URL+ref).
Why this fits mise’s philosophy
Open questions (implementation details)
Beta Was this translation helpful? Give feedback.
All reactions