ci(deps): bump actions/checkout from 4 to 6 #2
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Claude Code Review | |
| on: | |
| # Same-repo branches: full access to secrets and write permissions | |
| pull_request: | |
| types: [opened, synchronize, ready_for_review, reopened] | |
| # Fork PRs: runs in base repo context with secrets access | |
| pull_request_target: | |
| types: [opened, synchronize, ready_for_review, reopened] | |
| jobs: | |
| claude-review: | |
| # Skip owner's own PRs; avoid duplicate runs for same-repo vs fork branches | |
| if: | | |
| github.event.pull_request.user.login != 'neuromechanist' && | |
| !(github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork) && | |
| !(github.event_name == 'pull_request_target' && !github.event.pull_request.head.repo.fork) | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| issues: read | |
| id-token: write | |
| actions: read | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v6 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| fetch-depth: 1 | |
| - name: Review and fix PR | |
| uses: anthropics/claude-code-action@v1 | |
| with: | |
| claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }} | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| additional_permissions: | | |
| actions: read | |
| prompt: | | |
| Review this pull request thoroughly. For each issue found: | |
| 1. Classify severity: critical, important, or suggestion | |
| 2. For critical and important issues: fix them directly by editing the code and pushing a commit | |
| 3. For suggestions that clearly improve code quality and are not false positives: fix them too | |
| 4. Skip suggestions that are stylistic preferences or false positives | |
| Project conventions: | |
| - Python 3.12+, managed with uv | |
| - Ruff for linting and formatting (no manual style fixes needed) | |
| - No mock objects that replace business logic; avoid mock classes or mock return values | |
| that bypass real code paths (HTTP response fixtures with respx/pytest-httpx are acceptable) | |
| - Type hints required on new code | |
| - Atomic, focused commits; no AI attribution in commit messages | |
| - Commit messages: concise, <50 chars, no emojis | |
| After making fixes, leave a PR comment summarizing what was found and what was fixed. | |
| If you cannot push to the PR branch (e.g., fork PRs), leave detailed review comments instead. |