Deploy attribution reference

The public trueclara/deploy-action@v1 repository is pending external verification. Until the repo, tag, and license are visible, treat deploy attribution as the /v1/deploys API plus private beta CI integration. A deploy upload should verify a non-shallow checkout, resolve the previous deploy, run the parser, compute a graph diff, and upload deploy context to /v1/deploys. Transient API failures should be retried; parser hard errors and authentication failures should fail the workflow.