Skip to content

Commit 3394ee6

Browse files
KemingHeKemingHe
authored
docs(readme): improve clarity and add security guidance (#6)
* docs(readme): improve clarity and add security guidance CHANGES - Clarify problem statement with concrete AI command examples - Add Docker commit hash pinning for production security - Remove redundant sections and sync across README files - Convert diagrams to mobile-friendly lists in dockerhub version IMPACT - Users better understand when to use this tool vs alternatives - Production deployments can audit container contents for security - Consistent messaging across GitHub and Docker Hub * docs(README*.md): add concrete example to pin image to commit hash * fix(README*.md): correct docker image commit hash tag format * docs(REAME*.md): remove excess whitespace * docs(README*.md): add action-oriented comments for docker pull
1 parent 0ea1acc commit 3394ee6

File tree

2 files changed

+20
-27
lines changed

2 files changed

+20
-27
lines changed

README-dockerhub.md

Lines changed: 12 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -2,13 +2,18 @@
22

33
> README updated on 2025-07-23 by [@KemingHe](https://github.com/KemingHe)
44
5-
Official docs from `pip`, `poetry`, `uv`, and `conda` + automated weekly updates = zero maintenance overhead for developers using VSCode/Cursor with AI assistants. [[Demo]](https://www.loom.com/share/a80f6041dc374c07b95b2397ee4e8ca1?sid=1209cdce-7239-447e-8b20-49eae454cc9a)
5+
Stop getting out-of-date Python package manager commands from your AI. Cross-reference latest official `pip`, `poetry`, `uv`, and `conda` docs with auto-updates. [[Demo]](https://www.loom.com/share/a80f6041dc374c07b95b2397ee4e8ca1?sid=1209cdce-7239-447e-8b20-49eae454cc9a)
66

77
## 🚀 Quick Start for Agentic IDEs
88

9-
**1. Pull latest Docker image**:
9+
**1. Pull Docker image**:
1010

1111
```shell
12+
# Pin to commit hash for production security
13+
# Get current hash from: https://hub.docker.com/r/keminghe/py-dep-man-companion/tags
14+
docker pull keminghe/py-dep-man-companion@sha256:2c896dc617e8cd3b1a1956580322b0f0c80d5b6dfd09743d90859d2ef2b71ec6 # 2025-07-22 release example
15+
16+
# Or use latest for development
1217
docker pull keminghe/py-dep-man-companion:latest
1318
```
1419

@@ -27,29 +32,14 @@ docker pull keminghe/py-dep-man-companion:latest
2732
}
2833
```
2934

30-
**3. Query official docs directly in your AI chat** - guaranteed fresh from weekly automated updates.
35+
**3. Ask package manager questions** - "How to migrate a `conda` project to `uv`?" and get accurate, current official syntax.
3136

3237
## 🔄 Auto-Update Architecture
3338

34-
```plaintext
35-
┌───────────────────────────┐
36-
│ ⏰ Every Tuesday 6pm ET │
37-
└─────────────┬─────────────┘
38-
39-
┌───────────────────────────┐
40-
│ 📚 Sync Official Docs │
41-
└─────────────┬─────────────┘
42-
43-
┌───────────────────────────┐
44-
│ 🔍 Rebuild Search Index │
45-
└─────────────┬─────────────┘
46-
47-
┌───────────────────────────┐
48-
│ 🐳 Publish Latest Image │
49-
└───────────────────────────┘
50-
```
51-
52-
**Zero maintenance**: Documentation automatically synced weekly from official sources. Docker `:latest` tag guarantees you always get current docs without manual updates.
39+
1.**Every Tuesday 6pm ET**
40+
2. 📚 **Sync Official Docs**
41+
3. 🔍 **Rebuild Search Index**
42+
4. 🐳 **Publish Latest Image**
5343

5444
## 🤝 Contributing
5545

README.md

Lines changed: 8 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -2,13 +2,18 @@
22

33
> README updated on 2025-07-23 by [@KemingHe](https://github.com/KemingHe)
44
5-
Official docs from `pip`, `poetry`, `uv`, and `conda` + automated weekly updates = zero maintenance overhead for developers using VSCode/Cursor with AI assistants. [[Demo]](https://www.loom.com/share/a80f6041dc374c07b95b2397ee4e8ca1?sid=1209cdce-7239-447e-8b20-49eae454cc9a)
5+
Stop getting out-of-date Python package manager commands from your AI. Cross-reference latest official `pip`, `poetry`, `uv`, and `conda` docs with auto-updates. [[Demo]](https://www.loom.com/share/a80f6041dc374c07b95b2397ee4e8ca1?sid=1209cdce-7239-447e-8b20-49eae454cc9a)
66

77
## 🚀 Quick Start for Agentic IDEs
88

9-
**1. Pull latest Docker image**:
9+
**1. Pull Docker image**:
1010

1111
```shell
12+
# Pin to commit hash for production security
13+
# Get current hash from: https://hub.docker.com/r/keminghe/py-dep-man-companion/tags
14+
docker pull keminghe/py-dep-man-companion@sha256:2c896dc617e8cd3b1a1956580322b0f0c80d5b6dfd09743d90859d2ef2b71ec6 # 2025-07-22 release example
15+
16+
# Or use latest for development
1217
docker pull keminghe/py-dep-man-companion:latest
1318
```
1419

@@ -27,7 +32,7 @@ docker pull keminghe/py-dep-man-companion:latest
2732
}
2833
```
2934

30-
**3. Query official docs directly in your AI chat** - guaranteed fresh from weekly automated updates.
35+
**3. Ask package manager questions** - "How to migrate a `conda` project to `uv`?" and get accurate, current official syntax.
3136

3237
## 🤝 Contributing
3338

@@ -49,8 +54,6 @@ graph LR
4954
INDEX --> DOCKER
5055
```
5156

52-
**Zero maintenance**: Documentation automatically synced weekly from official sources. Docker `:latest` tag guarantees you always get current docs without manual updates.
53-
5457
## 🗺️ Roadmap
5558

5659
- [ ] Add support for `pipenv`, `pdm`, `pixi`

0 commit comments

Comments
 (0)