apunkt/plano
1
0
Fork 0
mirror of https://github.com/katanemo/plano.git synced 2026-05-02 12:22:43 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
plano/cli
History
Adil Hafeez 38646fdac2
Add Trivy Docker security scan to CI (#755) 
* Add Trivy Docker image security scan workflow

Scans the Docker image for CRITICAL and HIGH vulnerabilities using Trivy.
Blocks PRs on failures; runs non-blocking on main for visibility. Results
are uploaded to the GitHub Security tab via SARIF.


* Add explicit permissions to Docker security scan workflow

Set minimal permissions: contents read for checkout, security-events
write for SARIF upload to the GitHub Security tab.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* Fix 27 HIGH vulnerabilities found by Trivy Docker scan

- Install supervisor via pip instead of apt to eliminate 22 Debian
  python3.13 package vulnerabilities
- Pin urllib3>=2.6.3 to fix CVE-2025-66418, CVE-2025-66471, CVE-2026-21441
- Add ignore-unfixed to Trivy scan to suppress unfixable glibc CVE-2026-0861

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-13 19:53:49 -08:00
..
planoai Rename all arch references to plano (#745) 2026-02-13 15:16:56 -08:00
test Rename all arch references to plano (#745) 2026-02-13 15:16:56 -08:00
build_cli.sh use uv instead of poetry (#663) 2025-12-26 11:21:42 -08:00
pyproject.toml Add Trivy Docker security scan to CI (#755) 2026-02-13 19:53:49 -08:00
README.md add instructions about uv build/sync in cli (#675) 2026-01-05 13:46:58 -08:00
uv.lock Add Trivy Docker security scan to CI (#755) 2026-02-13 19:53:49 -08:00

README.md

plano CLI - Local Development

This guide will walk you through setting up the plano CLI for local development using uv.

Install uv

First, install the uv package manager. This is required for managing dependencies and running the development version of planoai.

On macOS and Linux:

curl -LsSf https://astral.sh/uv/install.sh | sh

On Windows:

powershell -ExecutionPolicy ByPass -c "irm https://astral.sh/uv/install.ps1 | iex"

Setup

  1. Install dependencies

    In the cli directory, run:

    uv sync

    This will create a virtual environment in .venv and install all dependencies from pyproject.toml.

  2. Install the CLI tool globally (optional)

    To install planoai as a global tool on your system:

    uv tool install --editable .

    This installs planoai globally in editable mode, allowing you to run planoai commands from anywhere while still using the source code from this directory. Any changes you make to the code will be reflected immediately.

  3. Run plano commands

    Use uv run to execute plano commands with the development version:

    uv run planoai build

    Or, if you installed globally with uv tool install .:

    planoai build

    Note: uv run automatically uses the virtual environment - no activation needed.

Development Workflow

Build plano:

uv run planoai build

View logs:

uv run planoai logs --follow

Run other plano commands:

uv run planoai <command> [options]

Optional: Manual Virtual Environment Activation

While uv run handles the virtual environment automatically, you can activate it manually if needed:

source .venv/bin/activate
planoai build  # No need for 'uv run' when activated

Note: For end-user installation instructions, see the plano documentation.