MCP Serversafedeppublic

pinner mcp

Model Context Protocol (MCP) server to pin components to their immutable version

Repository Info

Stars

Forks

Watchers

Issues

Language

Apache License 2.0

License

View on GitHubGitHub Download DocumentationDocs

About This Server

Model Context Protocol (MCP) server to pin components to their immutable version

Model Context Protocol (MCP) - This server can be integrated with AI applications to provide additional context and capabilities, enabling enhanced AI interactions and functionality.

Documentation

Pinner MCP 📍

A Model Context Protocol (MCP) server that can help pin 3rd party dependencies to immutable digests. Supported dependency types include:

Docker base images
GitHub Actions

!Pinner MCP

📦 Usage

Run as a container with stdio transport.

docker run -it --rm ghcr.io/safedep/pinner-mcp:latest

💻 Cursor

Add the following to your .cursor/mcp.json file. You must enable the MCP server in the settings. Learn more here.

{
  "mcpServers": {
    "pinner-mcp-stdio-server": {
      "command": "docker",
      "args": [
        "run",
        "--rm",
        "-i",
        "ghcr.io/safedep/pinner-mcp:latest"
      ]
    }
  }
}

Use a Composer prompt like the following to pin a specific commit hash.

Pin GitHub Actions to their commit hash

Pin container base images to digests

To update pinned versions, you can use a prompt like the following.

Update pinned versions of container base images

🔄 Tool Updates

Updates for the MCP server are automatically pushed to the latest tag on GitHub Container Registry. You must manually update your local container image to the latest version.

docker pull ghcr.io/safedep/pinner-mcp:latest

📚 References

Originally built to protect vet from malicious GitHub Actions
mcp-go is a great library for building MCP servers
Built and maintained by SafeDep Engineering

Quick Start

Clone the repository

git clone https://github.com/safedep/pinner-mcp

Install dependencies

cd pinner-mcp
npm install

Follow the documentation

Check the repository's README.md file for specific installation and usage instructions.

Repository Details

Ownersafedep

Repopinner-mcp

LanguageGo

LicenseApache License 2.0

Last fetched8/10/2025

Quick Links

Issues

Releases

License

Recommended MCP Servers

💬

Discord MCP

Enable AI assistants to seamlessly interact with Discord servers, channels, and messages.

integrationsdiscordchat

🔗

Knit MCP

Connect AI agents to 200+ SaaS applications and automate workflows.

integrationsautomationsaas

🕷️

Apify MCP Server

Deploy and interact with Apify actors for web scraping and data extraction.

apifycrawlerdata

🌐

BrowserStack MCP

BrowserStack MCP Server for automated testing across multiple browsers.

testingqabrowsers

⚡

Zapier MCP

A Zapier server that provides automation capabilities for various apps.

zapierautomation