fix(sync): pin cosign identity to release.yml's actual trigger branches#982
Merged
Conversation
Adds `scripts/check-skill-sync.ts` (npm script `check:skill-sync`, wired
into CI right after the existing schema-sync validation step). Two
regressions it surfaces:
1. Any of the 7 protocol-managed skills (`call-adcp-agent` plus the
`adcp-{brand,creative,governance,media-buy,si,signals}` set) being
missing or frontmatter-only after sync. Catches the silent-no-op
failure mode where the pinned tarball predates `manifest.contents.skills`
(tracked upstream as adcontextprotocol/adcp#3116).
2. Any path-shaped backtick reference in `skills/call-adcp-agent/SKILL.md`
whose base directory doesn't exist in the SDK layout. Catches the
`dist/schemas/<adcp-version>/bundled/` drift where the canonical skill
describes the spec-repo source tree instead of the SDK consumer tree
(tracked upstream as adcontextprotocol/adcp#3117).
Both regressions are on a `KNOWN_UPSTREAM_BLOCKS` allow-list keyed to
the upstream issue numbers, scoped to the specific file + path-base so a
future legitimate `dist/schemas/` tree wouldn't get its broken
references silently swallowed. Allow-list entries should be deleted as
upstream fixes land — the lint then either goes silent or fails red,
either of which is the correct signal.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Adds a CI lint script + workflow step + npm script wiring. No library or CLI surface changes; package.json modification is the script entry only. No release needed. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Switched empty-skill check to read body content directly in the prior review pass; statSync is no longer referenced. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
`scripts/sync-schemas.ts` accepted any `refs/heads/*` for the cosign keyless identity. Upstream `release.yml` only fires on `main` and `2.6.x` (per its `on.push.branches`), so the wider regex was a governance loosening that didn't reflect the real trust anchor — a maintainer-pushed branch running release.yml would have passed verification. Tightened to `refs/heads/(main|2\.6\.x)$` to mirror the workflow's trigger branches exactly. Verified end-to-end: cosign verify-blob succeeds against the production-signed `3.0.0.tgz`. Negative tests confirm `feature-branch`, `main-x`, and tag refs all reject. When a new release branch lands upstream (future LTS line), bump both ends together — same coupling as the version compat list. Closes #978. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Closes #978.
scripts/sync-schemas.tsline 30-32 accepted anyrefs/heads/*for the cosign keyless identity. Upstreamrelease.ymlonly fires onmainand2.6.x(verified viaon.push.branches), so the wider regex was a governance loosening — a tarball signed byrelease.ymlrunning on a feature branch a maintainer owns would have passed verification.Tightened to
refs/heads/(main|2\.6\.x)$to mirror the workflow's trigger branches exactly.Verification
Positive (real signed artifact):
npm run sync-schemasagainst the production-signed3.0.0.tgz:Negative (regex enforcement):
…release.yml@refs/heads/main…release.yml@refs/heads/2.6.x…release.yml@refs/heads/feature-branch…release.yml@refs/heads/main-x(substring trap)…release.yml@refs/tags/v3.0.0(tag-ref trap)Maintenance note
When a new release branch lands upstream (e.g. a future
3.6.xLTS line), update both ends together — the regex here and the correspondingon.push.branchesinadcontextprotocol/adcp/.github/workflows/release.yml. Comment in the source flags this coupling.Test plan
3.0.0.tgzsignaturenpm run typecheckcleannpm run format:checkcleanNotes
scripts/is not in the publishedfilesarray, so this is a build-time security improvement only — no published-package version bump needed.🤖 Generated with Claude Code