Enhance development setup with uv support

- Updated `CONTRIBUTING.md` to include installation instructions for `uv` and new make targets for development tasks.
- Modified `Makefile` to add `uv`-specific commands for installation, linting, testing, and building.
- Enhanced `README.md` with instructions for using `uv` during installation and development.
- Updated GitHub Actions workflow to utilize `uv` for dependency installation, linting, testing, and building, improving the CI process.
- Introduced `uv.lock` for managing dependencies with `uv`.

Author: Av7danger

.github/workflows/secnode-pentest.yml

@@ -14,19 +14,20 @@ jobs:
         with:
           python-version: '3.10'
 
+      - name: Set up uv
+        uses: astral-sh/setup-uv@v5
+
       - name: Install dependencies
-        run: pip install -r requirements.txt && pip install -e .[dev]
+        run: uv sync --extra dev
 
       - name: Lint
-        run: ruff check src tests
+        run: uv run ruff check src tests
 
       - name: Run tests with coverage
-        run: pytest
+        run: uv run pytest
 
       - name: Build package
-        run: |
-          python -m pip install build
-          python -m build
+        run: uv build
 
   security-scan:
     needs: lint-test-build
@@ -39,12 +40,15 @@ jobs:
         with:
           python-version: '3.10'
 
+      - name: Set up uv
+        uses: astral-sh/setup-uv@v5
+
       - name: Install SecNode
-        run: pip install -r requirements.txt && pip install -e .
+        run: uv sync
 
       - name: Run SecNode Scan
         env:
           SECNODE_LLM: ${{ secrets.SECNODE_LLM }}
           OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
           ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
-        run: secnodeapi --target https://staging-api.example.com/swagger.json
+        run: uv run secnodeapi --target https://staging-api.example.com/swagger.json

CONTRIBUTING.md

@@ -8,6 +8,7 @@ Thank you for your interest in contributing to SecNode API! This guide will help
 
 - Python 3.9+
 - Git
+- uv (recommended)
 
 ### Local Development
 
@@ -27,6 +28,10 @@ Thank you for your interest in contributing to SecNode API! This guide will help
    ```bash
    make install-dev
    ```
+   Or with uv:
+   ```bash
+   make install-dev-uv
+   ```
 
 4. **Configure your LLM provider**
    ```bash
@@ -52,6 +57,14 @@ make test
 make build
 ```
 
+With uv:
+
+```bash
+make lint-uv
+make test-uv
+make build-uv
+```
+
 ##  Enhancing the AI Engine
 
 SecNode relies heavily on its `ai/` package (`understand`, `generate`, `validate`) for cognitive test generation and verification.

Makefile

@@ -1,6 +1,7 @@
 PYTHON ?= python
+UV ?= uv
 
-.PHONY: install install-dev lint test test-cov build run clean
+.PHONY: install install-dev install-uv install-dev-uv lint lint-uv test test-uv test-cov test-cov-uv build build-uv run run-uv clean
 
 install:
 	$(PYTHON) -m pip install -r requirements.txt
@@ -10,21 +11,42 @@ install-dev:
 	$(PYTHON) -m pip install -r requirements.txt
 	$(PYTHON) -m pip install -e .[dev]
 
+install-uv:
+	$(UV) sync
+
+install-dev-uv:
+	$(UV) sync --extra dev
+
 lint:
 	ruff check src tests
 
+lint-uv:
+	$(UV) run ruff check src tests
+
 test:
 	pytest
 
+test-uv:
+	$(UV) run pytest
+
 test-cov:
 	pytest --cov=src/secnodeapi --cov-report=term-missing --cov-fail-under=70
 
+test-cov-uv:
+	$(UV) run pytest --cov=src/secnodeapi --cov-report=term-missing --cov-fail-under=70
+
 build:
 	$(PYTHON) -m pip install build
 	$(PYTHON) -m build
 
+build-uv:
+	$(UV) build
+
 run:
 	secnodeapi --help
 
+run-uv:
+	$(UV) run secnodeapi --help
+
 clean:
 	$(PYTHON) -c "import shutil, pathlib; [shutil.rmtree(p, ignore_errors=True) for p in ['dist','build','.pytest_cache','htmlcov']]; [q.unlink() for q in pathlib.Path('.').rglob('*.pyc')]"

README.md

@@ -40,6 +40,12 @@ pip install -r requirements.txt
 pip install -e .[dev]
 ```
 
+### Install with uv (recommended)
+
+```bash
+uv sync --extra dev
+```
+
 On Windows (PowerShell):
 
 ```powershell
@@ -49,6 +55,12 @@ pip install -r requirements.txt
 pip install -e .[dev]
 ```
 
+On Windows (PowerShell) with uv:
+
+```powershell
+uv sync --extra dev
+```
+
 ## Configuration
 
 Set the model and provider credentials before running scans:
@@ -127,6 +139,16 @@ make test-cov
 make build
 ```
 
+Using uv-native targets:
+
+```bash
+make install-dev-uv
+make lint-uv
+make test-uv
+make test-cov-uv
+make build-uv
+```
+
 ## CI
 
 GitHub Actions workflow runs: