apunkt/plano
1
0
Fork 0
mirror of https://github.com/katanemo/plano.git synced 2026-06-17 15:25:17 +02:00
Code Issues Projects Releases Packages Wiki Activity
591 commits 523 branches 69 tags 90 MiB
Commit graph

10 commits

Author SHA1 Message Date
Adil Hafeez
ea78102b89 Consolidate GitHub Actions CI from 15 to 5 workflow files 
Reduce Docker builds from 10 to 1 per PR by building the image once and
sharing it as an artifact across all dependent jobs. Merge duplicate
Docker Hub and GHCR push workflows into single workflows that push to
both registries per build.

- ci.yml: replaces pre-commit, rust_tests, validate_plano_config,
  plano_tools_tests, docker-security-scan, e2e_tests, e2e_plano_tests,
  e2e_test_preference_based_routing, e2e_test_currency_convert
- docker-push-main.yml: replaces old docker-push-main + ghrc-push-main
- docker-push-release.yml: replaces old docker-push-release + ghrc-push-release
- static.yml and publish-pypi.yml unchanged

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-15 02:15:23 +00:00
Adil Hafeez
1df43872a6
Fix code scanning and dependabot security alerts (#756) 
* Fix code scanning and dependabot security alerts

Code scanning fixes (14 alerts):
- Fix XSS in OG image route by validating request origin against allowlist
- Fix incomplete URL sanitization in blog layout using exact hostname matching
- Bind port-check socket to 127.0.0.1 instead of 0.0.0.0
- Add explicit permissions to 7 GitHub Actions workflows

Dependabot fixes:
- Update @isaacs/brace-expansion 5.0.0 -> 5.0.1 (CVE-2026-25547)
- Update bytes 1.10.1 -> 1.11.1 (CVE-2026-25541)
- Update time 0.3.41 -> 0.3.47 (CVE-2026-25727)
- Update cryptography 45.0.7 -> 46.0.5 (CVE-2026-26007)
- Update python-multipart 0.0.20 -> 0.0.22 (CVE-2026-24486)
- Update urllib3 2.6.2 -> 2.6.3 in test lockfiles (CVE-2026-21441)
- Update Werkzeug 3.1.4 -> 3.1.5 (CVE-2026-21860)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* Address PR review feedback

- Replace plano.katanemo.com with planoai.dev in allowed hosts
- Add planoai.dev to OG route and blog layout allowlists
- Revert socket bind to 0.0.0.0 (intentional for port-in-use check)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-14 12:27:07 -08:00
Adil Hafeez
88d14a205b
restructure cli (#656) 2025-12-25 14:55:29 -08:00
Adil Hafeez
e7ce00b5a7
rename cli to plano (#647) 2025-12-23 18:37:58 -08:00
Adil Hafeez
6d6c03a7e8
fix docker hub release tag source image name (#468) 2025-04-16 13:08:43 -07:00
Adil Hafeez
3eb438550a
fix source name for docker images (#467) 2025-04-16 12:24:17 -07:00
Adil Hafeez
e17d5fb2eb
test docker rel (#466) 2025-04-16 12:18:03 -07:00
Adil Hafeez
3cda4d6b69
fix docker hub tag (#465) 2025-04-16 11:46:12 -07:00
Adil Hafeez
ceca553399
fix release image (#464) 2025-04-16 11:34:45 -07:00
Adil Hafeez
09c9d3706e
publish docker release images (#422) 
* add release docker publish

* more testing

* fix more
 2025-03-04 14:16:03 -08:00