← 返回
未分类 Key 中文

GitHub Safe Sync

Inspect, trigger, and clean up GitHub mirror repositories that use a safe-sync GitHub Actions workflow. Use when Codex needs to work on repository mirroring...
检查、触发并清理使用安全同步 GitHub Actions 工作流的 GitHub 镜像仓库,用于 Codex 需要进行仓库镜像同步时。
grey0758 grey0758 来源
未分类 clawhub v1.0.0 1 版本 100000 Key: 需要
★ 0
Stars
📥 454
下载
💾 0
安装
1
版本
#git-github#latest#self-hosted-automation

概述

GitHub Safe Sync

Use this skill for repositories that mirror an upstream GitHub repo and preserve local .github workflow files with a safe-sync.yml workflow.

Requirements

  • Set GITHUB_TOKEN before running the script.
  • Pass repositories as owner/repo.
  • Treat tokens as secrets. Do not write them into the skill or commit them into repo files.

Quick Start

Inspect a mirror repo:

export GITHUB_TOKEN=...
./scripts/github_safe_sync.py status \
  --owner grey00758 \
  --repo ai-code-board \
  --upstream grey0758/ai-code-board

Trigger a manual sync:

export GITHUB_TOKEN=...
./scripts/github_safe_sync.py dispatch \
  --owner grey00758 \
  --repo ai-code-board

Clean false-positive artifacts after a workflow fix:

export GITHUB_TOKEN=...
./scripts/github_safe_sync.py close-force-push-issues \
  --owner grey00758 \
  --repo ai-code-board

./scripts/github_safe_sync.py delete-backups \
  --owner grey00758 \
  --repo ai-code-board

Workflow

  1. Inspect the mirror repository with status.
  2. If the workflow is inactive or the latest run failed, review the repo before dispatching anything.
  3. If the mirror should sync now, run dispatch.
  4. If a workflow fix stopped false-positive force-push alerts, run close-force-push-issues and delete-backups.
  5. Re-run status to verify the repo is clean.

Interpreting status

  • effective_state=exact: Mirror and upstream branch heads are identical.
  • effective_state=metadata-ahead: Mirror is only ahead by local .github-only commits. This is normally healthy for safe-sync mirrors.
  • effective_state=behind: Upstream has newer commits and the mirror has not caught up yet.
  • effective_state=local-ahead: Mirror has non-metadata commits that do not exist upstream. Inspect before forcing anything.
  • effective_state=metadata-diverged: Histories differ, but the mirror-only side is metadata-only. This often means the sync workflow logic still needs review.
  • effective_state=diverged: Mirror and upstream both changed in incompatible ways. Treat this as a real sync problem until proven otherwise.

Commands

status

Use status first. It returns JSON with:

  • workflow metadata
  • latest workflow runs
  • count of open force-push alert issues
  • count of backup/ branches
  • optional upstream branch comparison

If the requested upstream branch does not exist, the script falls back to the upstream repo default branch.

dispatch

Use dispatch to trigger workflow_dispatch on the sync workflow. Add --force-sync only when you intentionally want the workflow to ignore the normal no-op path.

close-force-push-issues

Use this only after you have confirmed the force-push alerts were false positives. It closes open issues whose title contains 检测到上游强制推送.

delete-backups

Use this only after you have confirmed the backup branches are noise. Start with --dry-run if you want to preview what would be removed.

Safety Rules

  • Do not close force-push alert issues until you have verified the alert was false.
  • Do not delete backup/ branches until the mirror workflow is healthy and the backups are no longer needed.
  • Do not assume main; pass --branch or --upstream explicitly when the repo uses a different upstream default branch.
  • Re-run status after every write operation.

版本历史

共 1 个版本

  • v1.0.0 当前
    2026-05-02 15:32 安全 安全

安全检测

腾讯云安全 (Keen)

安全,无风险
查看报告

腾讯云安全 (Sanbu)

安全,无风险
查看报告

🔗 相关推荐

dev-programming

Github

steipete
使用 `gh` CLI 与 GitHub 交互,通过 `gh issue`、`gh pr`、`gh run` 和 `gh api` 管理议题、PR、CI 运行及高级查询。
★ 687 📥 331,375
it-ops-security

Cloudflare Open WebUI Tunnel Operator

grey0758
使用 1Password 管理的 API token、Docker 运行时以及可选的 systemd 持久化,创建并维护 Open WebUI 的 Cloudflare Tunnel。
★ 0 📥 678
dev-programming

Mcporter

steipete
使用 mcporter CLI 直接列出、配置、认证及调用 MCP 服务器/工具(支持 HTTP 或 stdio),涵盖临时服务器、配置编辑及 CLI/类型生成功能。
★ 198 📥 68,292