Python Dependency Manager Companion

MIT License

python-dependency-manager-companion-mcp-server
.github
workflows

auto-update-publish.yml•3.4 kB

name: Publish Image to Docker Hub on: workflow_call: secrets: DOCKERHUB_TOKEN: required: true workflow_dispatch: {} # Manual trigger for testing concurrency: ${{ github.workflow }}-${{ github.ref }} jobs: build-and-push-image: # Restrict to home repository and main branch only for security if: github.repository == 'KemingHe/python-dependency-manager-companion-mcp-server' && github.ref == 'refs/heads/main' runs-on: ubuntu-latest permissions: contents: read # Minimum: checkout repository attestations: write # Required: artifact attestation id-token: write # Required: OIDC token for attestation environment: docker-hub-publish env: # Docker requires lowercase names for both images and cache references IMAGE_NAME: py-dep-man-companion REPO_NAME: ${{ vars.DOCKERHUB_USERNAME }}/py-dep-man-companion steps: - name: Checkout repository uses: actions/checkout@v4 with: ref: ${{ github.ref }} - name: Log in to Docker Hub # Pinned 3rd party action to commit hash of release v3.4.0 on 2025-03-14 to prevent supply chain attacks uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 with: username: ${{ vars.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Extract metadata (tags, labels) for Docker id: meta # Pinned 3rd party action to commit hash of release v5.7.0 on 2025-02-26 to prevent supply chain attacks uses: docker/metadata-action@902fa8ec7d6ecbf8d84d538b9b233a880e428804 with: images: ${{ env.REPO_NAME }} tags: | type=ref,event=branch type=ref,event=pr type=schedule,pattern=weekly-{{date 'YYYYMMDD'}} type=raw,value=latest,enable={{is_default_branch}} # Add support for more platforms, i.e. linux/arm64 (macOS M1/M2) with QEMU - name: Set up QEMU # Pinned 3rd party action to commit hash of release v3.6.0 on 2025-02-28 to prevent supply chain attacks uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # Enable advanced build features like cache export - name: Set up Docker Buildx # Pinned 3rd party action to commit hash of release v3.11.1 on 2025-06-18 to prevent supply chain attacks uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 - name: Build and push Docker image id: push # Pinned 3rd party action to commit hash of release v6.18.0 on 2025-05-27 to prevent supply chain attacks uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 with: context: . push: true platforms: linux/amd64,linux/arm64 tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} cache-from: type=gha cache-to: type=gha,mode=max build-args: | BUILD_DATE=${{ github.event.head_commit.timestamp }} VCS_REF=${{ github.sha }} - name: Generate artifact attestation uses: actions/attest-build-provenance@v2 with: subject-name: index.docker.io/${{ env.REPO_NAME }} subject-digest: ${{ steps.push.outputs.digest }} push-to-registry: true

Latest Blog Posts

OpenTelemetry for Model Context Protocol (MCP) Analytics and Agent Observability
By Om-Shree-0709 on .
observability
mcp
opentelemetry
Securing Enterprise AI Agents with Unique Identities in the Model Context Protocol (MCP)
By Om-Shree-0709 on .
When Your Year of Work Gets Copied Overnight: What Actually Matters?
By punkpeye on .
startups

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/KemingHe/python-dependency-manager-companion-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server