Navigation
Pinner MCP πŸ“: Immutable Pinning & Drift-Free AI Deployments - MCP Implementation

Pinner MCP πŸ“: Immutable Pinning & Drift-Free AI Deployments

Pinner MCP πŸ“: Pin components to immutable versions, ensuring rock-solid deployments. Eliminate dependency drift & future-proof AI models.

Visit Repository
✨ Developer Tools
4.2(25 reviews)
37 saves
17 comments

Users create an average of 24 projects per month with this tool

About Pinner MCP πŸ“

What is Pinner MCP πŸ“: Immutable Pinning & Drift-Free AI Deployments?

Picture this: you're building an AI model that relies on third-party dependencies like Docker images or GitHub Actions workflows. But what if those dependencies suddenly change under your feet, breaking your deployment? Enter Pinner MCP, the vigilant gatekeeper that ensures your dependencies stay fixed to immutable cryptographic digests. Think of it as dependency time travelβ€”your code will always reference the exact artifact that existed when you pinned it, even if the world around it evolves. No more "it worked on my machine" drama.

How to use Pinner MCP πŸ“: Immutable Pinning & Drift-Free AI Deployments?

Let's get hands-on. To start, you'll need to summon Pinner MCP via Docker: 

docker run -it --rm ghcr.io/safedep/pinner-mcp:latest

Next, configure Cursor by adding this magical incantation to your .cursor/mcp.json: 

{
  "mcpServers": {
    "pinner-mcp-stdio-server": {
      "command": "docker",
      "args": ["run", "--rm", "-i", "ghcr.io/safedep/pinner-mcp:latest"]
    }
  }
}

Now, when crafting your prompts with Composer, just whisper the names of dependencies you want to pin. For example: 

Pin GitHub Actions to their commit hash
Pin container base images to digests

Updating pinned versions? Simply ask nicely: 

Update pinned versions of container base images

Pinner MCP πŸ“ Features

Key Features of Pinner MCP πŸ“: Immutable Pinning & Drift-Free AI Deployments?

This tool isn't just a pretty interfaceβ€”it's a Swiss Army knife for dependency integrity. Here's the lowdown:

  • Immutable Fixation: Locks Docker images and GitHub Actions to cryptographic digests, not flaky tags
  • Drift Prevention: Ensures deployments don't unexpectedly "drift" to newer/older versions
  • Clever Context Awareness: Integrates smoothly with Cursor's Model Context Protocol (MCP) framework
  • Self-Service Updates: While updates don't auto-magically pull themselves (yet!), you can easily fetch the latest with docker pull ghcr.io/safedep/pinner-mcp:latest

Use cases of Pinner MCP πŸ“: Immutable Pinning & Drift-Free AI Deployments?

Imagine these scenarios:

  • CI/CD Safety: Protect your GitHub Actions workflows from malicious updates (yes, that's a real thing)
  • Astronomical Stability: Ensure your AI model's Docker base images remain constant across deploymentsβ€”even if the universe expands
  • Time Travel Debugging: Re-create past deployments down to the exact dependency versions
  • Regulatory Compliance: Audit-proof your dependency chain for ISO 27001 or HIPAA requirements
Pro tip: Pair Pinner with tools like SafeDep Vet

Pinner MCP πŸ“ FAQ

FAQ from Pinner MCP πŸ“: Immutable Pinning & Drift-Free AI Deployments?

Q: Does Pinner support npm packages or other dependency types?
A: Currently it's all about Docker and GitHub Actions, but the team's eyeing npm like a hawk. Watch this space!

Q: How often should I update the MCP server?
A: Like changing your socksβ€”daily if possible. New versions appear on GitHub Container Registry's "latest" tag.

Q: Can I use this with my pet project?
A: Absolutely! It's open-source and free. Just don't blame us if your cat learns to deploy AI models using it.

Q: What's the deal with "drift-free" in the name?
A: Drift is when dependencies unexpectedly change between deployments. Pinner stops that like a firewall stops hackers (or your ex's spam emails).

Content

Pinner MCP πŸ“

A Model Context Protocol (MCP) server that can help pin 3rd party dependencies to immutable digests. Supported dependency types include:

  • Docker base images
  • GitHub Actions

Pinner MCP

πŸ“¦ Usage

Run as a container with stdio transport.

docker run -it --rm ghcr.io/safedep/pinner-mcp:latest

πŸ’» Cursor

Add the following to your .cursor/mcp.json file. You must enable the MCP server in the settings. Learn more here.

{
  "mcpServers": {
    "pinner-mcp-stdio-server": {
      "command": "docker",
      "args": [
        "run",
        "--rm",
        "-i",
        "ghcr.io/safedep/pinner-mcp:latest"
      ]
    }
  }
}

Use a Composer prompt like the following to pin a specific commit hash.

Pin GitHub Actions to their commit hash



Pin container base images to digests

To update pinned versions, you can use a prompt like the following.

Update pinned versions of container base images

πŸ”„ Tool Updates

Updates for the MCP server are automatically pushed to the latest tag on GitHub Container Registry. You must manually update your local container image to the latest version.

docker pull ghcr.io/safedep/pinner-mcp:latest

πŸ“š References

  • Originally built to protect vet from malicious GitHub Actions
  • mcp-go is a great library for building MCP servers
  • Built and maintained by SafeDep Engineering

Related MCP Servers & Clients

Quick Navigation

MCP Categories

Developer Tools