Package Manager CLI - PraisonAI Documentation

The PraisonAI Package Manager provides a pip-like interface with built-in security defaults to prevent dependency confusion attacks.

Quick Start

# Install a package
praisonai install requests

# Uninstall a package
praisonai uninstall requests

# List installed packages
praisonai package list

# Search for packages
praisonai package search langchain

Commands

install

Install Python packages from PyPI or custom index.

praisonai install <package...> [options]

Options:

Option	Description
`--index-url <url>`	Use custom index URL
`--extra-index-url <url>`	Add extra index (requires `--allow-extra-index`)
`--allow-extra-index`	Allow extra index URLs (security risk!)
`--python <path>`	Python interpreter to use
`-U, --upgrade`	Upgrade packages
`--no-deps`	Don’t install dependencies
`--json`	Output in JSON format

Examples:

# Install single package
praisonai install requests

# Install multiple packages
praisonai install requests httpx aiohttp

# Install with version constraint
praisonai install "requests>=2.28"

# Install specific version
praisonai install requests==2.31.0

# Upgrade existing package
praisonai install requests --upgrade

# Install without dependencies
praisonai install mypackage --no-deps

# Use custom index
praisonai install mypackage --index-url https://pypi.mycompany.com/simple

# JSON output
praisonai install requests --json

uninstall

Uninstall Python packages.

praisonai uninstall <package...> [options]

Options:

Option	Description
`--python <path>`	Python interpreter to use
`-y, --yes`	Don’t ask for confirmation
`--json`	Output in JSON format

Examples:

# Uninstall package (with confirmation)
praisonai uninstall requests

# Uninstall without confirmation
praisonai uninstall requests --yes

# Uninstall multiple packages
praisonai uninstall requests httpx --yes

# JSON output
praisonai uninstall requests --json

package list

List installed packages.

praisonai package list [options]

Options:

Option	Description
`--python <path>`	Python interpreter to use
`--json`	Output in JSON format

Examples:

# List all packages
praisonai package list

# JSON output
praisonai package list --json

# Filter with jq
praisonai package list --json | jq '.packages[] | select(.name | contains("praison"))'

package search

Search for packages on PyPI.

praisonai package search <query> [options]

Options:

Option	Description
`--json`	Output in JSON format

Examples:

# Search for packages
praisonai package search langchain

# JSON output
praisonai package search langchain --json

package index

Manage package index configuration.

praisonai package index <subcommand> [options]

Subcommands:

Subcommand	Description
`show`	Show current index configuration
`set <url>`	Set primary index URL

Examples:

# Show current configuration
praisonai package index show

# JSON output
praisonai package index show --json

# Set custom index
praisonai package index set https://pypi.mycompany.com/simple

# Reset to PyPI default
praisonai package index set https://pypi.org/simple

Security Features

Dependency Confusion Prevention

By default, only the primary index (PyPI) is used. Extra indexes are blocked to prevent dependency confusion attacks.

# This will FAIL (extra index not allowed by default)
praisonai install mypackage --extra-index-url https://other.index.com/simple

# Explicitly allow extra index (shows security warning)
praisonai install mypackage \
  --extra-index-url https://other.index.com/simple \
  --allow-extra-index

Security Warning

When using --allow-extra-index, you’ll see:

⚠️  WARNING: Using extra index URLs can lead to dependency confusion attacks.
Only use this option if you trust the extra index and understand the risks.

Best Practices

Prefer --index-url over --extra-index-url when possible
Pin versions for production deployments
Use private index for internal packages instead of extra indexes
Audit dependencies regularly

Configuration

Configuration is stored in ~/.praison/config.toml:

[package]
index_url = "https://pypi.org/simple"
extra_index_urls = []
allow_extra_index = false

Environment Variables

Variable	Description
`PRAISONAI_PACKAGE_INDEX_URL`	Override primary index URL
`PIP_INDEX_URL`	Fallback to pip’s index URL

Exit Codes

Code	Meaning
0	Success
1	General error
2	Validation error
11	Dependency error

JSON Output Format

install

{
  "ok": true,
  "packages": ["requests"],
  "message": "Successfully installed requests-2.31.0"
}

package list

{
  "ok": true,
  "packages": [
    {"name": "requests", "version": "2.31.0"},
    {"name": "httpx", "version": "0.25.0"}
  ]
}

package search

{
  "ok": true,
  "results": [
    {
      "name": "langchain",
      "version": "0.1.0",
      "summary": "Building applications with LLMs",
      "author": "LangChain",
      "home_page": "https://langchain.com"
    }
  ]
}

package index show

{
  "ok": true,
  "index_url": "https://pypi.org/simple",
  "extra_index_urls": [],
  "allow_extra_index": false
}

CLI

​Quick Start

​Commands

​install

​uninstall

​package list

​package search

​package index

​Security Features

​Dependency Confusion Prevention

​Security Warning

​Best Practices

​Configuration

​Environment Variables

​Exit Codes

​JSON Output Format

​install

​package list

​package search

​package index show

​See Also

Quick Start

Commands

install

uninstall

package list

package search

package index

Security Features

Dependency Confusion Prevention

Security Warning

Best Practices

Configuration

Environment Variables

Exit Codes

JSON Output Format

install

package list

package search

package index show

See Also