From 64a3c9aa120118086da290bd6e46f70ac1a39546 Mon Sep 17 00:00:00 2001 From: Pavel Tarnopolsky Date: Wed, 11 Feb 2026 11:44:56 +0200 Subject: [PATCH 1/3] ci: allow Claude bot to run bun commands Enable Bash permissions for bun commands (install, build, lint, typecheck, test) so Claude can fix lint/type issues on PRs. Co-Authored-By: Claude Opus 4.6 --- .github/workflows/claude.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml index d300267f..b364ea76 100644 --- a/.github/workflows/claude.yml +++ b/.github/workflows/claude.yml @@ -43,8 +43,6 @@ jobs: # Optional: Give a custom prompt to Claude. If this is not specified, Claude will perform the instructions specified in the comment that tagged it. # prompt: 'Update the pull request description to include a summary of changes.' - # Optional: Add claude_args to customize behavior and configuration - # See https://github.com/anthropics/claude-code-action/blob/main/docs/usage.md - # or https://code.claude.com/docs/en/cli-reference for available options - # claude_args: '--allowed-tools Bash(gh pr:*)' + # Allow Claude to run bun commands (install, build, lint, typecheck, test) + claude_args: '--allowedTools "Bash(bun *)"' From 9219214e88ffdfd258fa41db35f70c553e4a50be Mon Sep 17 00:00:00 2001 From: Pavel Tarnopolsky Date: Wed, 11 Feb 2026 11:48:16 +0200 Subject: [PATCH 2/3] ci: also allow Claude to run gh pr and gh issue commands Co-Authored-By: Claude Opus 4.6 --- .github/workflows/claude.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml index b364ea76..ae4d2860 100644 --- a/.github/workflows/claude.yml +++ b/.github/workflows/claude.yml @@ -43,6 +43,6 @@ jobs: # Optional: Give a custom prompt to Claude. If this is not specified, Claude will perform the instructions specified in the comment that tagged it. # prompt: 'Update the pull request description to include a summary of changes.' - # Allow Claude to run bun commands (install, build, lint, typecheck, test) - claude_args: '--allowedTools "Bash(bun *)"' + # Allow Claude to run bun and gh commands + claude_args: '--allowedTools "Bash(bun *)" --allowedTools "Bash(gh pr *)" --allowedTools "Bash(gh issue *)"' From acd76021d936bb7c669d1953b2edd3c81dd171c7 Mon Sep 17 00:00:00 2001 From: Pavel Tarnopolsky Date: Wed, 11 Feb 2026 11:49:42 +0200 Subject: [PATCH 3/3] fix(ci): use correct allowedTools syntax with colon prefix matching Use Bash(bun:*) instead of Bash(bun *) per claude-code-action docs. Comma-separate tools in a single --allowedTools flag. Co-Authored-By: Claude Opus 4.6 --- .github/workflows/claude.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml index ae4d2860..2d8ca28b 100644 --- a/.github/workflows/claude.yml +++ b/.github/workflows/claude.yml @@ -44,5 +44,6 @@ jobs: # prompt: 'Update the pull request description to include a summary of changes.' # Allow Claude to run bun and gh commands - claude_args: '--allowedTools "Bash(bun *)" --allowedTools "Bash(gh pr *)" --allowedTools "Bash(gh issue *)"' + claude_args: | + --allowedTools "Bash(bun:*),Bash(gh pr:*),Bash(gh issue:*)"