-
Notifications
You must be signed in to change notification settings - Fork 56
157 lines (126 loc) · 5.69 KB
/
claude-code-review.yml
File metadata and controls
157 lines (126 loc) · 5.69 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
# Claude Code Review with Fork Support
#
# Uses default workflow token for GitHub operations (comments appear from github-actions[bot])
# Supports fork PRs and automatically minimizes old review comments
#
# Required GitHub Secret:
# - CLAUDE_CODE_OAUTH_TOKEN: OAuth token for Claude Code
name: Claude Code Review
on:
pull_request_target:
types: [opened, synchronize]
jobs:
claude-review:
runs-on: ubuntu-latest
permissions:
contents: write
pull-requests: write
issues: write
id-token: write
actions: read
steps:
- name: Checkout PR head
uses: actions/checkout@v5
with:
repository: ${{ github.event.pull_request.head.repo.full_name }}
ref: ${{ github.event.pull_request.head.ref }}
fetch-depth: 0
- name: Minimize old Claude review comments
continue-on-error: true
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
REPO="${{ github.repository }}"
PR_NUMBER="${{ github.event.pull_request.number }}"
echo "Finding previous Claude Code Review comments to minimize..."
# Get all comment IDs from github-actions[bot] with "Claude Code Review" at the start
# Using startswith() to avoid matching code blocks or inline mentions
COMMENT_IDS=$(gh api "repos/$REPO/issues/$PR_NUMBER/comments" \
--jq '.[] | select(.user.login == "github-actions[bot]" and (.body | startswith("# Claude Code Review"))) | .node_id')
if [ -z "$COMMENT_IDS" ]; then
echo "No old Claude Code Review comments found"
exit 0
fi
# Minimize each comment with error handling
# Use here-string to avoid subshell variable scoping issues with pipe
COUNT=0
ERRORS=0
while read -r id; do
if [ -n "$id" ]; then
if gh api graphql -f query='mutation($id: ID!) { minimizeComment(input: {subjectId: $id, classifier: OUTDATED}) { minimizedComment { isMinimized } } }' -f id="$id" 2>&1; then
echo "✓ Minimized $id"
((COUNT++))
else
echo "✗ Failed to minimize $id" >&2
((ERRORS++))
fi
fi
done <<< "$COMMENT_IDS"
echo "Minimized $COUNT comment(s), $ERRORS error(s)"
- name: Run Claude Code Review
id: claude-review
uses: anthropics/claude-code-action@v1
with:
claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
github_token: ${{ secrets.GITHUB_TOKEN }}
allowed_non_write_users: '*'
claude_args: |
--allowedTools "Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*),Bash(gh issue list:*)"
prompt: |
REPO: ${{ github.repository }}
PR NUMBER: ${{ github.event.pull_request.number }}
Perform a comprehensive code review with the following focus areas:
1. **Code Quality & Best Practices**
- Follow repository's CLAUDE.md guidelines
- Clean code principles and design patterns
- Proper error handling and edge cases
- Code readability and maintainability
- TypeScript/Go best practices (see CLAUDE.md)
2. **Security**
- Potential security vulnerabilities
- Input validation and sanitization
- Authentication/authorization logic
- Sensitive data handling
- API security concerns
3. **Performance**
- Performance bottlenecks
- Database query efficiency
- Memory leaks or resource issues
- React rendering optimizations
- API response times
4. **Testing**
- Test coverage adequacy
- Test quality and edge cases
- Missing test scenarios
- Integration test needs
5. **Architecture & Design**
- Component structure and organization
- API design and contracts
- State management patterns
- Separation of concerns
6. **Documentation**
- Code comments and clarity
- README updates for new features
- API documentation accuracy
- Type definitions completeness
---
**Review Instructions:**
- Use `gh pr comment` for the review comment with this format:
# Claude Code Review
## Summary
[Brief overview and overall assessment]
## Issues by Severity
Categorize findings by severity (omit empty sections):
### 🚫 Blocker Issues
[Must fix before merge - security vulnerabilities, breaking changes, data loss risks]
### 🔴 Critical Issues
[Should fix before merge - major bugs, performance issues, significant security concerns]
### 🟡 Major Issues
[Important to address - code quality, maintainability, test coverage gaps]
### 🔵 Minor Issues
[Nice-to-have - style, minor optimizations, documentation]
## Positive Highlights
[Things done well]
## Recommendations
[Prioritized action items]
Focus on substance. Be constructive and specific.