mirror of
https://github.com/anthropics/claude-plugins-official.git
synced 2026-05-12 06:25:52 -03:00
fe8f81309e
The pinned version of anthropics/claude-plugins-community's bump-plugin-shas action creates the bump commit with a local git commit, which is unsigned and unmergeable under the required_signatures ruleset on main. The new SHA creates the commit via the GraphQL createCommitOnBranch mutation, which GitHub signs server-side, so weekly bump PRs (e.g. #1809) become mergeable.
41 lines
1.2 KiB
YAML
41 lines
1.2 KiB
YAML
name: Bump Plugin SHAs
|
|
|
|
# Weekly sweep: for each external entry whose upstream HEAD has moved past
|
|
# its pinned SHA, validate at the new SHA with `claude plugin validate`
|
|
# inline, then open one PR with all passing bumps.
|
|
#
|
|
# Bot-free — uses the default GITHUB_TOKEN. Because GITHUB_TOKEN-opened PRs
|
|
# don't trigger on:pull_request workflows, validation runs in this workflow
|
|
# before the PR is opened; the PR body links back here as the CI evidence.
|
|
|
|
on:
|
|
schedule:
|
|
- cron: '23 7 * * 1' # Monday 07:23 UTC
|
|
workflow_dispatch:
|
|
inputs:
|
|
max_bumps:
|
|
description: Cap on plugins bumped this run
|
|
required: false
|
|
default: '20'
|
|
|
|
permissions:
|
|
contents: write
|
|
pull-requests: write
|
|
|
|
concurrency:
|
|
group: bump-plugin-shas
|
|
|
|
jobs:
|
|
bump:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
# createCommitOnBranch-based bump so commits are signed by GitHub and
|
|
# satisfy the org-level required_signatures ruleset on main.
|
|
- uses: anthropics/claude-plugins-community/.github/actions/bump-plugin-shas@c41c6911de0afffd2bc5cd8b21fb1e06444ee13b
|
|
with:
|
|
marketplace-path: .claude-plugin/marketplace.json
|
|
max-bumps: ${{ inputs.max_bumps || '20' }}
|
|
claude-cli-version: latest
|