About
Pinner MCP is a Model Context Protocol server that pins third‑party dependencies—such as Docker base images and GitHub Actions—to immutable digests. It integrates with VS Code, Cursor, and GitHub Copilot to provide secure, reproducible builds.
Capabilities
Overview
The Pinner MCP is a lightweight Model Context Protocol server designed to lock third‑party dependencies to immutable digests. In modern software pipelines, external components such as Docker base images and GitHub Actions can change silently between builds, introducing regressions or security vulnerabilities. Pinner MCP solves this problem by providing a declarative way to “pin” these resources—resolving them once and then referencing the exact hash or digest in subsequent operations. This guarantees reproducibility, auditability, and a clear attack surface for developers who rely on AI assistants to manage their tooling.
When an AI assistant (e.g., GitHub Copilot or Cursor) issues a prompt like “Pin container base images to digests,” the server queries the relevant registries, computes the cryptographic hash for each image, and returns a deterministic mapping. The assistant can then embed these digests directly into Dockerfiles, GitHub Action workflows, or other configuration artifacts. Updating pinned versions is equally straightforward; a prompt such as “Update pinned versions of container base images” triggers the server to refresh the digests and provide the latest immutable references. This workflow keeps projects locked to known good states while still allowing controlled upgrades.
Key capabilities include:
- Support for multiple dependency types: Docker base images and GitHub Actions are the primary targets, but the protocol can be extended to other registries.
- Zero‑configuration integration: Developers only need to add a small MCP configuration file () to VS Code or Cursor; the server runs as a container over stdio, requiring no additional networking setup.
- AI‑friendly prompts: Natural language commands are mapped to concrete actions, enabling developers to manage dependency pinning through conversational interfaces.
- Automatic updates: The server image is versioned on GitHub Container Registry, and new releases are automatically pushed to the tag for easy refresh.
Typical use cases involve secure CI/CD pipelines, where a team wants to guarantee that every build uses the exact same GitHub Action or base image version. By integrating Pinner MCP into an AI assistant workflow, developers can quickly generate and maintain pinned references without manual lookups or scripting. The server’s declarative nature also makes it ideal for compliance audits, as the pinned digests can be checked against a policy registry or stored in version control for traceability.
In summary, Pinner MCP empowers developers to enforce immutability of external dependencies through conversational AI, simplifying reproducibility and security in modern DevOps practices.
Related Servers
MarkItDown MCP Server
Convert documents to Markdown for LLMs quickly and accurately
Context7 MCP
Real‑time, version‑specific code docs for LLMs
Playwright MCP
Browser automation via structured accessibility trees
BlenderMCP
Claude AI meets Blender for instant 3D creation
Pydantic AI
Build GenAI agents with Pydantic validation and observability
Chrome DevTools MCP
AI-powered Chrome automation and debugging
Weekly Views
Server Health
Information
Tags
Explore More Servers
Google Calendar MCP Server
Seamless Google Calendar integration for AI assistants
iMessage Query MCP Server
Securely query iMessage conversations via Model Context Protocol on macOS
IBKR MCP Server
FastAPI service for Interactive Brokers portfolio data
iMCP
macOS AI companion for calendar, contacts, and more
PocketBase MCP Server
Fast, lightweight MCP server built on PocketBase
NyxDocs
Real‑time crypto project documentation hub