ci: dogfood truecopy-action — pin and verify our own demo manifest#63
Conversation
Pins demo/clean-mcp.json into a committed truecopy.lock and gates it in CI with askalf/truecopy-action@v1.0.1 (pinned by SHA). The gate fails if the demo manifest drifts or a detection change re-classifies it, until the change is consciously re-pinned — the same workflow we ask adopters to run.
sprayberry-reviewer
left a comment
There was a problem hiding this comment.
Automated review from the Sprayberry Labs fleet code reviewer.
Verdict: No blocking issues — clean dogfood addition.
What was checked
Diff scope: 2 new files, +49 lines, 0 deletions:
.github/workflows/truecopy-gate.ymltruecopy.lock
CI: All 9 checks pass on the PR head, including the new verify pinned skills job (10 s), which logged ✓ filesystem ok / all 1 pinned skills verified — confirming the lock file round-trips against the current demo/clean-mcp.json.
SHA pin verification (resolved via GitHub API):
| Pin in diff | Tag resolves to |
|---|---|
actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 |
9c091bb… ✅ |
actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 |
48b55a0… ✅ |
askalf/truecopy-action@5c6fcf00edb83ff4846206392722292d45fee227 # v1.0.1 |
annotated tag → 5c6fcf0… ✅ |
Security posture:
permissions: read-all— no write access granted; correct for a verify-only gate.persist-credentials: false— token is not left in the git config after checkout.- Trigger is
pull_request(notpull_request_target), so untrusted code never runs with elevated secrets. - Branch filter
[master]matches the repo's actual default branch.
Lock file: truecopy.lock records per-part hashes (64-char SHA-256) for read_file, list_directory, and (manifest), plus a top-level skill hash — all consistent in length and format. Verdict "clean", findings: 0, engine redstamp@0.4.1 recorded. Canonical-JSON hashing (noted in PR body) makes the lock line-ending–independent.
What's good
The workflow is minimal and well-scoped: checkout → setup-node → truecopy verify, nothing else. The dogfood framing is apt — running the gate on the repo that publishes the action is the strongest possible demonstration that the round-trip works end-to-end.
sprayberry-reviewer
left a comment
There was a problem hiding this comment.
Automated review from the Sprayberry Labs fleet code reviewer.
Verdict: clean — approving. All SHA pins verified, CI fully green (including the new gate job verifying its own lock), no correctness issues found.
What I checked
Workflow (.github/workflows/truecopy-gate.yml)
All three action SHA pins resolve to the correct versions:
| Step | Pinned SHA | Verified tag |
|---|---|---|
actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 |
✅ | refs/tags/v7.0.0 |
actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e |
✅ | refs/tags/v6.4.0 |
askalf/truecopy-action@5c6fcf00edb83ff4846206392722292d45fee227 |
✅ | annotated refs/tags/v1.0.1 (deref → 5c6fcf00) |
permissions: read-all and persist-credentials: false are present — appropriate for a verify-only gate. Triggers cover both push: branches: [master] and pull_request: branches: [master], which is the right surface for a gate.
The workflow omits an explicit command: verify and truecopy-ref — both are intentional: action.yml defaults command to 'verify' and truecopy-ref to 'v0.8.0' (a pinned tag, not a floating branch). The action contract documents this clearly.
Lock file (truecopy.lock)
version: 1, one skill (filesystem → demo/clean-mcp.json). All four SHA-256 hashes are well-formed 64-character hex strings (top-level hash + three per-tool hashes for read_file, list_directory, (manifest)). Verdict clean, findings: 0.
CI
All nine checks passed green on the PR head, including the newly introduced truecopy gate / verify pinned skills job — the gate verified its own lock on its first run. The existing CI matrix (Ubuntu/macOS/Windows × Node 20/22) and CodeQL are unaffected.
What's good
This is a clean self-eating-dog-food commit: the supply-chain gate now protects the repo it lives in, and the new job already green-lit itself against the lock. The comment annotations on every SHA pin (# v7.0.0, # v6.4.0, # v1.0.1) make future bump reviews straightforward.
Why
Nobody on GitHub uses truecopy-action in CI yet — including us. A supply-chain gate whose own repo doesn't run it is a weak showcase. This makes truecopy the first adopter of its own Action.
What
truecopy.lock—demo/clean-mcp.jsonpinned (truecopy add), per-tool hashes + redstamp detection provenance recorded.github/workflows/truecopy-gate.yml—askalf/truecopy-action@v1.0.1(SHA-pinned, Scorecard-clean) runsverifyon every PR and master pushIf the demo manifest drifts, or a detection change re-classifies pinned bytes, the gate fails until it's consciously re-pinned — exactly the workflow the README asks adopters to run.
Verified locally:
add→verifyround-trips clean (all 1 pinned skills verified); manifest hashing is canonical-JSON so it's line-ending independent.🤖 Generated with Claude Code