Conversation
There was a problem hiding this comment.
Pull request overview
This pull request adds a new GitHub Actions workflow to integrate Claude, Anthropic's AI assistant, for automated code reviews and issue responses. The workflow is triggered when users mention @claude in issue comments, PR review comments, or PR reviews, as well as when issues are opened or assigned to the Claude bot. This enables the repository to leverage AI-powered assistance for code-related questions and reviews.
Changes:
- Added a new GitHub Actions workflow file that triggers on issue and PR comment events
- Configured the workflow to respond to
@claudementions and Claude bot assignments - Set up necessary permissions and OAuth token authentication for the Claude integration
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| (github.event_name == 'issue_comment' && contains(github.event.comment.body, '@claude')) || | ||
| (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@claude')) || | ||
| (github.event_name == 'pull_request_review' && contains(github.event.review.body, '@claude')) || | ||
| (github.event_name == 'issues' && (contains(github.event.issue.body, '@claude') || contains(github.event.issue.assignees.*.login, 'claude[bot]'))) |
There was a problem hiding this comment.
The condition on line 19 uses 'contains(github.event.issue.assignees..login, 'claude[bot]')' which may not work as intended. The 'github.event.issue.assignees..login' syntax is not valid for filtering arrays in GitHub Actions expressions.
To check if 'claude[bot]' is among the assignees, you would need to use a different approach, such as converting the assignees array to JSON and using the 'contains()' function on the JSON string. However, this is complex and error-prone. Consider removing this check or using a separate step with a script to properly validate assignees if this functionality is needed.
| (github.event_name == 'issues' && (contains(github.event.issue.body, '@claude') || contains(github.event.issue.assignees.*.login, 'claude[bot]'))) | |
| (github.event_name == 'issues' && contains(github.event.issue.body, '@claude')) |
| issues: write | ||
| id-token: write | ||
| steps: | ||
| - uses: anthropics/claude-code-action@v1 |
There was a problem hiding this comment.
For better security, consider pinning the action to a specific commit SHA rather than using a mutable version tag like @v1. Version tags can be moved to point to different commits, potentially introducing malicious code. This is especially important for third-party actions that have write permissions to the repository.
For example, instead of:
- uses: anthropics/claude-code-action@v1Use:
- uses: anthropics/claude-code-action@<commit-sha> # v1This pattern is already used for the docker/login-action in build.yml:31, which pins to a specific SHA.
| - uses: anthropics/claude-code-action@v1 | |
| - uses: anthropics/claude-code-action@<commit-sha> # v1 |
| issues: write | ||
| id-token: write | ||
| steps: | ||
| - uses: anthropics/claude-code-action@v1 |
There was a problem hiding this comment.
The step using the claude-code-action is missing a 'name' attribute. All other workflow steps in the repository include descriptive names for better readability and debugging. Add a name to this step, such as:
- name: Run Claude Code Action
uses: anthropics/claude-code-action@v1| - uses: anthropics/claude-code-action@v1 | |
| - name: Run Claude Code Action | |
| uses: anthropics/claude-code-action@v1 |
| types: [opened, assigned] | ||
| pull_request_review: | ||
| types: [submitted] | ||
|
|
There was a problem hiding this comment.
This workflow is missing the concurrency configuration that is present in all other workflows in the repository. All other workflows include a concurrency setting to prevent multiple concurrent runs and manage workflow execution properly. Add the following after the 'on' section:
concurrency:
group: ${{ github.workflow }}-${{ github.ref_protected == 'true' && github.sha || github.ref }}-{{ github.event_name }}
cancel-in-progress: trueThis ensures that for event-driven workflows like this one, only the most recent instance runs, which is important for managing Claude's responses to comments and avoiding confusion from multiple concurrent executions.
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref_protected == 'true' && github.sha || github.ref }}-{{ github.event_name }} | |
| cancel-in-progress: true |
PR Checklist
PR Structure
otherwise).
Thoroughness
Release planning
semver, and I've changed the name of the BRANCH to major/_ , minor/_ or patch/* .
What
Test adding claude workflow for https://github.com/anthropics/claude-code-action/tree/main
Why
Unsure if this is what is needed for claude tagging for reviews and github issues
Known limitations
[TODO or N/A]