-
Notifications
You must be signed in to change notification settings - Fork 22
"Claude PR Assistant workflow" #439
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| @@ -0,0 +1,44 @@ | ||||||||||||
| name: Claude Code Review | ||||||||||||
|
|
||||||||||||
| on: | ||||||||||||
| pull_request: | ||||||||||||
| types: [opened, synchronize, ready_for_review, reopened] | ||||||||||||
| # Optional: Only run on specific file changes | ||||||||||||
| # paths: | ||||||||||||
| # - "src/**/*.ts" | ||||||||||||
| # - "src/**/*.tsx" | ||||||||||||
| # - "src/**/*.js" | ||||||||||||
| # - "src/**/*.jsx" | ||||||||||||
|
|
||||||||||||
| jobs: | ||||||||||||
| claude-review: | ||||||||||||
| # Optional: Filter by PR author | ||||||||||||
| # if: | | ||||||||||||
| # github.event.pull_request.user.login == 'external-contributor' || | ||||||||||||
| # github.event.pull_request.user.login == 'new-developer' || | ||||||||||||
| # github.event.pull_request.author_association == 'FIRST_TIME_CONTRIBUTOR' | ||||||||||||
|
|
||||||||||||
| runs-on: ubuntu-latest | ||||||||||||
| permissions: | ||||||||||||
| contents: read | ||||||||||||
| pull-requests: read | ||||||||||||
| issues: read | ||||||||||||
| id-token: write | ||||||||||||
|
Comment on lines
+24
to
+26
|
||||||||||||
| pull-requests: read | |
| issues: read | |
| id-token: write | |
| pull-requests: write | |
| issues: read |
| Original file line number | Diff line number | Diff line change | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| @@ -0,0 +1,50 @@ | ||||||||||||||||||
| name: Claude Code | ||||||||||||||||||
|
|
||||||||||||||||||
| on: | ||||||||||||||||||
| issue_comment: | ||||||||||||||||||
| types: [created] | ||||||||||||||||||
| pull_request_review_comment: | ||||||||||||||||||
| types: [created] | ||||||||||||||||||
| issues: | ||||||||||||||||||
| types: [opened, assigned] | ||||||||||||||||||
| pull_request_review: | ||||||||||||||||||
| types: [submitted] | ||||||||||||||||||
|
Comment on lines
+3
to
+11
|
||||||||||||||||||
|
|
||||||||||||||||||
| jobs: | ||||||||||||||||||
| claude: | ||||||||||||||||||
| if: | | ||||||||||||||||||
| (github.event_name == 'issue_comment' && contains(github.event.comment.body, '@claude')) || | ||||||||||||||||||
| (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@claude')) || | ||||||||||||||||||
| (github.event_name == 'pull_request_review' && contains(github.event.review.body, '@claude')) || | ||||||||||||||||||
| (github.event_name == 'issues' && (contains(github.event.issue.body, '@claude') || contains(github.event.issue.title, '@claude'))) | ||||||||||||||||||
|
Comment on lines
+16
to
+19
|
||||||||||||||||||
| (github.event_name == 'issue_comment' && contains(github.event.comment.body, '@claude')) || | |
| (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@claude')) || | |
| (github.event_name == 'pull_request_review' && contains(github.event.review.body, '@claude')) || | |
| (github.event_name == 'issues' && (contains(github.event.issue.body, '@claude') || contains(github.event.issue.title, '@claude'))) | |
| (github.event_name == 'issue_comment' && contains(github.event.comment.body || '', '@claude')) || | |
| (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body || '', '@claude')) || | |
| (github.event_name == 'pull_request_review' && contains(github.event.review.body || '', '@claude')) || | |
| (github.event_name == 'issues' && (contains(github.event.issue.body || '', '@claude') || contains(github.event.issue.title || '', '@claude'))) |
Copilot
AI
Feb 8, 2026
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The job permissions are set to pull-requests: read / issues: read, but this workflow is expected to respond back on PRs/issues when invoked. With read-only permissions, the action will be unable to create comments/reviews/status updates via the GITHUB_TOKEN. Grant the minimal required write scopes (typically pull-requests: write and/or issues: write), and consider dropping id-token: write unless the action is actually using OIDC.
| pull-requests: read | |
| issues: read | |
| id-token: write | |
| pull-requests: write | |
| issues: write |
Copilot
AI
Feb 8, 2026
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
additional_permissions requests actions: read, but the job already has actions: read in permissions. Keeping both is redundant and can confuse future maintenance; prefer a single source of truth (either rely on workflow permissions or remove the duplicated action input if it isn't required).
| # This is an optional setting that allows Claude to read CI results on PRs | |
| additional_permissions: | | |
| actions: read |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This workflow runs on
pull_requestevents but depends onsecrets.ANTHROPIC_API_KEY. For PRs from forks, GitHub will not provide repository secrets, so the action will fail (or behave unexpectedly) on those PRs. Add a job-level guard to skip forked PRs (e.g.,if: github.event.pull_request.head.repo.fork == false) and/or document that it only supports same-repo branches.