Run plugin SHA bump nightly instead of weekly

Upstream plugins move daily; a weekly sweep with a 20-bump cap can fall behind. Each run force-resets the bump branch, so stale unmerged PRs are replaced rather than piling up.
2026-05-21 14:32:40 +00:00 · 2026-05-18 18:02:05 +00:00
1 changed files with 5 additions and 3 deletions
--- a/.github/workflows/bump-plugin-shas.yml
+++ b/.github/workflows/bump-plugin-shas.yml
@@ -1,8 +1,10 @@
 name: Bump Plugin SHAs
-# Weekly sweep: for each external entry whose upstream HEAD has moved past
+# Nightly sweep: for each external entry whose upstream HEAD has moved past
 # its pinned SHA, validate at the new SHA with `claude plugin validate`
-# inline, then open one PR with all passing bumps.
+# inline, then open one PR with all passing bumps. Each run force-resets the
 # bump/plugin-shas branch, so a previous night's unmerged PR is replaced (and
 # its review state discarded) — review and merge same-day to avoid churn.
 #
 # Bot-free — uses the default GITHUB_TOKEN. PRs opened with GITHUB_TOKEN don't
 # trigger on:pull_request workflows, so the policy scan (`Scan Plugins`, a
@@ -14,7 +16,7 @@ name: Bump Plugin SHAs
 on:
  schedule:
-    - cron: '23 7 * * 1'  # Monday 07:23 UTC
+    - cron: '23 7 * * *'  # Daily 07:23 UTC
  workflow_dispatch:
    inputs:
      max_bumps: