SocketDev · dacoburn · Nov 7, 2025 · Nov 7, 2025 · Nov 7, 2025 · Nov 7, 2025
@@ -4,24 +4,38 @@ ARG CLI_VERSION
 ARG SDK_VERSION
 ARG PIP_INDEX_URL=https://pypi.org/simple
 ARG PIP_EXTRA_INDEX_URL=https://pypi.org/simple
+ARG USE_LOCAL_INSTALL=false
 
 RUN apk update \
     && apk add --no-cache git nodejs npm yarn curl \
     && npm install @coana-tech/cli -g
 
 # Install uv
-RUN curl -LsSf https://astral.sh/uv/install.sh | sh
-ENV PATH="/root/.cargo/bin:${PATH}"
+COPY --from=ghcr.io/astral-sh/uv:latest /uv /usr/local/bin/uv
 
-# Install CLI with retries for TestPyPI propagation (10 attempts, 30s each = 5 minutes total)
-RUN for i in $(seq 1 10); do \
-        echo "Attempt $i/10: Installing socketsecurity==$CLI_VERSION"; \
-        if pip install --index-url ${PIP_INDEX_URL} --extra-index-url ${PIP_EXTRA_INDEX_URL} socketsecurity==$CLI_VERSION; then \
-            break; \
+# Install CLI based on build mode
+RUN if [ "$USE_LOCAL_INSTALL" = "true" ]; then \
+        echo "Using local development install"; \
+    else \
+        for i in $(seq 1 10); do \
+            echo "Attempt $i/10: Installing socketsecurity==$CLI_VERSION"; \
+            if pip install --index-url ${PIP_INDEX_URL} --extra-index-url ${PIP_EXTRA_INDEX_URL} socketsecurity==$CLI_VERSION; then \
+                break; \
+            fi; \
+            echo "Install failed, waiting 30s before retry..."; \
+            sleep 30; \
+        done && \
+        if [ ! -z "$SDK_VERSION" ]; then \
+            pip install --index-url ${PIP_INDEX_URL} --extra-index-url ${PIP_EXTRA_INDEX_URL} socketdev==${SDK_VERSION}; \
         fi; \
-        echo "Install failed, waiting 30s before retry..."; \
-        sleep 30; \
-    done && \
-    if [ ! -z "$SDK_VERSION" ]; then \
-        pip install --index-url ${PIP_INDEX_URL} --extra-index-url ${PIP_EXTRA_INDEX_URL} socketdev==${SDK_VERSION}; \
-    fi
+    fi
+
+# Copy local source and install in editable mode if USE_LOCAL_INSTALL is true
+COPY . /app
+WORKDIR /app
+RUN if [ "$USE_LOCAL_INSTALL" = "true" ]; then \
+        pip install --upgrade -e .; \
+        pip install --upgrade socketdev; \
+    fi
+
+# ENTRYPOINT ["socketcli"]
@@ -6,7 +6,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "socketsecurity"
-version = "2.2.23"
+version = "2.2.26"
 requires-python = ">= 3.10"
 license = {"file" = "LICENSE"}
 dependencies = [
@@ -16,7 +16,7 @@ dependencies = [
     'GitPython',
     'packaging',
     'python-dotenv',
-    'socketdev>=3.0.16,<4.0.0',
+    'socketdev>=3.0.17,<4.0.0',
     "bs4>=0.0.2",
 ]
 readme = "README.md"

@@ -24,9 +24,15 @@ verify_package() {
 
 echo $VERSION
 if [ -z $ENABLE_PYPI_BUILD ] || [ -z $STABLE_VERSION ]; then
-    echo "$0 pypi-build=enable stable=true"
-    echo "\tpypi-build: Build and publish a new version of the package to pypi. Options are prod or test"
-    echo "\tstable: Only build and publish a new version for the stable docker tag if it has been tested and going on the changelog"
+    echo "$0 pypi-build=<option> stable=<true|false|prod|test>"
+    echo "\tpypi-build: Options are prod, test, or local"
+    echo "\t  - prod: Build and publish to production PyPI, then build Docker images"
+    echo "\t  - test: Build and publish to test PyPI, then build Docker images"
+    echo "\t  - local: Build Docker images only using existing PyPI package (specify prod or test via stable parameter)"
+    echo "\tstable: true/false/prod/test - Also tag as stable; for local builds:"
+    echo "\t  - stable=prod: Use production PyPI package"
+    echo "\t  - stable=test: Use test PyPI package"
+    echo "\t  - stable=false: Use local development install (pip install -e .)"
     exit
 fi
 
@@ -97,3 +103,44 @@ if [ $STABLE_VERSION = "stable=true" ]; then
         && docker push socketdev/cli:stable
 fi
 
+if [ $ENABLE_PYPI_BUILD = "pypi-build=local" ]; then
+    echo "Building local version without publishing to PyPI"
+
+    # Determine PyPI source based on stable parameter
+    if [ $STABLE_VERSION = "stable=prod" ]; then
+        echo "Using production PyPI"
+        PIP_INDEX_URL="https://pypi.org/simple"
+        PIP_EXTRA_INDEX_URL="https://pypi.org/simple"
+        TAG_SUFFIX="local"
+        USE_LOCAL_INSTALL="false"
+    elif [ $STABLE_VERSION = "stable=test" ]; then
+        echo "Using test PyPI"
+        PIP_INDEX_URL="https://test.pypi.org/simple"
+        PIP_EXTRA_INDEX_URL="https://pypi.org/simple"
+        TAG_SUFFIX="local-test"
+        USE_LOCAL_INSTALL="false"
+    elif [ $STABLE_VERSION = "stable=false" ]; then
+        echo "Using local development install (pip install -e .)"
+        TAG_SUFFIX="local-dev"
+        USE_LOCAL_INSTALL="true"
+    else
+        echo "For local builds, use stable=prod, stable=test, or stable=false"
+        exit 1
+    fi
+
+    if [ $USE_LOCAL_INSTALL = "true" ]; then
+        docker build --no-cache \
+            --build-arg USE_LOCAL_INSTALL=true \
+            -t socketdev/cli:$VERSION-$TAG_SUFFIX \
+            -t socketdev/cli:$TAG_SUFFIX .
+    else
+        docker build --no-cache \
+            --build-arg CLI_VERSION=$VERSION \
+            --build-arg PIP_INDEX_URL=$PIP_INDEX_URL \
+            --build-arg PIP_EXTRA_INDEX_URL=$PIP_EXTRA_INDEX_URL \
+            -t socketdev/cli:$VERSION-$TAG_SUFFIX \
+            -t socketdev/cli:$TAG_SUFFIX .
+    fi
+    echo "Local build complete. Tagged as socketdev/cli:$VERSION-$TAG_SUFFIX and socketdev/cli:$TAG_SUFFIX"
+fi
+
@@ -1,3 +1,3 @@
 __author__ = 'socket.dev'
-__version__ = '2.2.23'
+__version__ = '2.2.26'
 USER_AGENT = f'SocketPythonCLI/{__version__}'
@@ -251,8 +251,7 @@ def main_code():
                     org_slug=org_slug,
                     file_paths=manifest_files,
                     workspace=config.repo or "default-workspace",
-                    base_path=None,
-                    base_paths=base_paths,
+                    base_paths=[config.target_path],
                     use_lazy_loading=False
                 )
                 log.info(f"Manifest upload successful, tar hash: {tar_hash}")