Commit 99b2f74
fix: allow non-write users to trigger closed issue comment handler (#2578)
## Summary
- The `claude-code-action` requires write permissions on the triggering
actor by default, but the closed issue comment workflow is designed to
respond to **any** user commenting on a closed issue
- Added `allowed_non_write_users: '*'` to bypass this check — safe
because the workflow's permissions are tightly scoped (`issues: write`,
`contents: read`) and Claude is restricted to only `gh issue reopen` and
`gh issue comment`
## Test plan
- Comment on a closed issue from a non-collaborator account and verify
the workflow runs successfully instead of failing with "Actor does not
have write permissions"
#skip-bugbot
🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->
---
<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2578"
target="_blank">
<picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
</picture>
</a>
<!-- devin-review-badge-end -->
<!-- This is an auto-generated description by cubic. -->
---
## Summary by cubic
Allow non-write users to trigger the closed-issue comment workflow by
setting allowed_non_write_users: "*". This removes the write-permission
block so any comment on a closed issue runs the workflow, while staying
safe via scoped permissions and restricted tools (only gh issue
reopen/comment).
<sup>Written for commit 211887f.
Summary will update on new commits.</sup>
<!-- End of auto-generated description by cubic. -->
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
1 parent a07fe7c commit 99b2f74
1 file changed
+1
-0
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
25 | 25 | | |
26 | 26 | | |
27 | 27 | | |
| 28 | + | |
28 | 29 | | |
29 | 30 | | |
30 | 31 | | |
| |||
0 commit comments