* bump: switch to per-entry PR mode (one PR per stale plugin)
Replaces the single batched bump PR with one PR per stale plugin so a
single failing plugin no longer blocks the rest. Pins to a feature
branch of the bump-plugin-shas action that adds 'pr-mode: per-entry';
re-pin to the merge commit on the action's main when that lands.
- pr-mode: per-entry → one PR per plugin on bump/<slug>
- max_bumps default lowered 130 → 30 (per-entry scans cost more)
- scan dispatch fanned out over pr-urls JSON (one per per-entry branch)
- header comments updated for per-entry semantics
* bump: re-pin to merged composite action SHA on -community main
The pr-mode: per-entry input now lives on main of the bump-plugin-shas
action (merged at e2019b2a). Update the pin and drop the now-stale
header comment that tracked the feature branch.
* bump: dispatch all three required checks per per-entry PR
Bump PRs are opened with GITHUB_TOKEN, which doesn't fire on:pull_request
(recursion guard). The per-entry cutover already dispatched scan-plugins.yml
per branch to satisfy the `scan` required check, but `check` (Check MCP URLs)
and `validate` (Validate Plugins) are also required on main and likewise
never fired — leaving every bump PR BLOCKED on missing checks (observed on
the batched #2079, which only cleared after a human-authored push re-fired
the pull_request workflows).
Fix: dispatch all three workflows per per-entry bump branch. Each runs its
job unconditionally on workflow_dispatch, so the check run lands on the
branch HEAD (= PR head) and satisfies the required check.
- validate-plugins.yml: add workflow_dispatch trigger (check-mcp-urls.yml
already had one). gh workflow run requires the trigger on the default
branch; this lands together with the per-entry bump so main stays
consistent.
- bump-plugin-shas.yml: loop the dispatch over
{scan-plugins,check-mcp-urls,validate-plugins}; tolerate a single
transient dispatch failure (warn, don't abort) so one hiccup can't
strand the rest of the batch.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
* bump: fail the per-entry check-dispatch step when a dispatch fails
The dispatch step logged each failed gh workflow run as a warning and exited 0, so a transient API error or rate limit could leave a per-entry bump PR missing a required check while the bump run still showed green. The composite action skips slugs with an open PR, so the stranded PR was never retried.
Attempt every dispatch (one failure must not strand the other branches), record failures via a temp file (the while loop runs in a pipe subshell), then emit an error and exit non-zero if any dispatch failed, so the bump run goes red and the affected PR can be re-dispatched.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
* Cache scan verdicts and drop policy-failing entries from bump PRs
Three changes that together let the nightly bump clear any backlog in a
single run without blocking on a single bad upstream or re-burning Claude
time on already-scanned SHAs:
- bump-plugin-shas.yml: raise max-bumps default 20 -> 130 (above the
external entry count, so a single run can clear a full backlog) and add
an explicit 60-min job timeout. The cap was the only thing bounding the
blast radius of a single policy failure; the changes below take over
that role so the cap can be lifted.
- scan-plugins.yml: add a verdict cache keyed on (plugin, sha, policy
hash). The bump action force-resets bump/plugin-shas every night, which
makes the same SHAs reappear in the diff on consecutive nights — without
the cache the scan would re-burn ~90s of Claude time per entry per
night. Cached verdicts (pass and fail) are served from disk; only
uncached SHAs are scanned. The job still fails on cached failures so
the required check stays honest.
- revert-failed-bumps.yml (new): after a Scan Plugins workflow_run on
bump/plugin-shas concludes with a failure, drop just the failing
entries' source.sha back to main's pin via a follow-up signed commit
and re-dispatch the scan. The re-dispatch finds only cached-pass
entries and goes green in seconds. Bounded at 3 passes/night, restricted
to SHA-only diffs, and aborts if the bump branch was tampered with.
* Harden bump cache and revert workflows after review
- revert-failed-bumps: replace the time-based revert budget (anchored on
the PR head, which a revert commit immediately replaces — never
accumulating past 1) with a commit count: every nightly bump force-
resets to one commit and every revert pass adds exactly one, so
commits > MAX+1 is the budget without date math, pagination, or
exposure to comment spoofing.
- revert-failed-bumps: filter the bump PR by head owner so a fork PR
with a branch named bump/plugin-shas can't be selected.
- revert-failed-bumps: continue-on-error on the artifact download so a
scan that died before uploading (infra error) doesn't fail the revert
job — the missing-file guard downstream handles it.
- scan-plugins: add a per-ref concurrency group so concurrent scans
don't lose one another's cache writes; key the cache on run_attempt
so a re-run can save its own verdicts.
- scan-plugins: store the full source object in the cache and require
source equality on lookup, so a repo/path change at the same SHA
misses the cache instead of getting a stale verdict.
- scan-plugins / revert-failed-bumps: strip markdown control chars,
wrap model-generated text in code spans (neutralizes auto-linked
URLs), and redact key-shaped tokens before they reach the step
summary, artifact, cache, or PR comment.
Upstream plugins move daily; a weekly sweep with a 20-bump cap can fall
behind. Each run force-resets the bump branch, so stale unmerged PRs are
replaced rather than piling up.
Scan Plugins is meant to gate every change to marketplace.json, but two
gaps made that unenforceable:
1. The bump workflow opens PRs with GITHUB_TOKEN, which GitHub exempts
from on:pull_request triggers. Weekly bump PRs (e.g. #1809) get no
scan check at all.
2. The workflow had a paths filter, so a required-check ruleset for
`scan` would block every PR that doesn't touch marketplace.json
(no check run = pending forever).
Fixes:
scan-plugins.yml
- Drop the paths filter; replace with a step-level `git diff --quiet`
early-exit on the same paths. The check now reports on every PR,
which makes it safe to require.
- Fail closed when ANTHROPIC_API_KEY is unset and a scan is needed.
The shared action no-ops gracefully in that case (right default for
community repos), but a required check that silently does nothing is
a rubber stamp.
bump-plugin-shas.yml
- After the action opens the bump PR, `gh workflow run scan-plugins.yml
--ref bump/plugin-shas`. workflow_dispatch is exempt from the
GITHUB_TOKEN recursion guard, and the resulting check run lands on
the branch HEAD (= PR head), so it satisfies the required check.
- Add `actions: write` so the dispatch is allowed.
Follow-up: add a repo ruleset on main requiring the `scan` check
(integration: github-actions) once this merges.
The pinned version of anthropics/claude-plugins-community's
bump-plugin-shas action creates the bump commit with a local git commit,
which is unsigned and unmergeable under the required_signatures ruleset
on main. The new SHA creates the commit via the GraphQL
createCommitOnBranch mutation, which GitHub signs server-side, so weekly
bump PRs (e.g. #1809) become mergeable.
* Adopt validate-plugins action suite; pin all external SHAs
Replaces the hand-rolled marketplace validator and bot-based bump
workflow with the shared composite actions (pinned at f846a0b).
marketplace.json:
- 62 external entries that were missing a `sha` are now pinned to
their current upstream HEAD (resolved via git ls-remote).
Workflows:
- validate-plugins.yml: invariants I1-I11 + claude plugin validate +
diff-gated clone-at-SHA validation of changed external entries.
SHA-pin (I5) is a hard error. I8/I11 stay warnings until the 15
known data issues (vendored dirs without manifests; one dotted
name) are cleaned up.
- bump-plugin-shas.yml: bot-free weekly refresh. Validates each new
SHA with claude plugin validate before opening one PR; works with
the default GITHUB_TOKEN (contents:write + pull-requests:write).
- scan-plugins.yml: Claude policy scan of changed external entries.
Non-blocking; graceful no-op if ANTHROPIC_API_KEY isn't set.
Removed:
- validate-marketplace.yml + the two TS helper scripts (superseded
by step 11/20 of validate-plugins).
validate-frontmatter.yml is kept — it's complementary (targeted
checks on agent/skill/command files for in-repo plugins).
* Remove 5 external entries that fail validation at HEAD
Step 30 (clone at pinned SHA + claude plugin validate) fails for
these at their current HEAD:
aiven Unrecognized key "logo" in plugin.json
atlassian-forge-skills skill YAML frontmatter parse error
sagemaker-ai skill YAML frontmatter parse error
speakai no plugin manifest at repo root
stagehand no plugin manifest at repo root
These can be re-added once the upstream repos are fixed.
* Wire scan-plugins to the detailed policy prompt
Adds .github/policy/prompt.md and schema.json (the full security
review rubric — malicious code, privacy, deception, safety
circumvention, exfiltration; plus network-call and software-install
flags) and points scan-plugins at it via the policy-prompt input.
With ANTHROPIC_API_KEY now configured on the repo, scan-plugins runs
the actual policy review on changed external entries instead of
no-op'ing.
* Bump scan-plugins action pin to include L11/L12 fixes
* Add auto-SHA-bump workflow for marketplace plugins
Weekly CI action that discovers stale SHA pins in marketplace.json
and opens a batched PR with updated SHAs. Adapted from the
claude-plugins-community-internal bump-plugin-shas workflow for
the single-file marketplace.json format.
- discover_bumps.py: checks 56 SHA-pinned plugins against upstream
repos, oldest-stale-first rotation, capped at 20 bumps/run
- bump-plugin-shas.yml: weekly Monday schedule + manual dispatch
with dry_run and per-plugin targeting options
Entries without SHA pins (intentionally tracking HEAD) are never
touched. Existing validate-marketplace CI runs on the resulting PR.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* Fix input interpolation and add BASE_BRANCH overlay
- Pass workflow_dispatch inputs through env vars instead of direct
${{ inputs.* }} interpolation in run blocks (avoids shell injection)
- Add marketplace.json overlay from main so the workflow can be tested
via dispatch from a feature branch against main's real plugin data
Both patterns match claude-plugins-community-internal's implementation.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* Use GitHub App token for PR creation
The anthropics org disables "Allow GitHub Actions to create and approve
pull requests", so GITHUB_TOKEN cannot call gh pr create. Split the
workflow: GITHUB_TOKEN pushes the branch, then the same GitHub App
used by -internal's bump workflow (app-id 2812036) creates the PR.
Prerequisite: app must be installed on this repo and the PEM secret
(CLAUDE_DIRECTORY_BOT_PRIVATE_KEY) must exist in repo settings.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* Use --force-with-lease for bump branch push
Prevents push failure if the branch exists from a previous same-day
run whose PR was merged but whose branch wasn't auto-deleted.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
