-
Notifications
You must be signed in to change notification settings - Fork 3
96 lines (76 loc) · 4.2 KB
/
Copy pathclaude-code-review.yml
File metadata and controls
96 lines (76 loc) · 4.2 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
name: Claude Code Review
on:
pull_request:
types: [opened, synchronize, ready_for_review, reopened]
jobs:
claude-review:
if: ${{ !github.event.pull_request.draft && github.event.pull_request.user.login != 'dependabot[bot]' }}
runs-on: ubuntu-latest
permissions:
contents: read
pull-requests: write
issues: read
id-token: write
steps:
- name: Checkout repository
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6
with:
fetch-depth: 1
- name: Clean up stale review comments
env:
GH_TOKEN: ${{ github.token }}
run: |
PR=${{ github.event.pull_request.number }}
REPO=${{ github.repository }}
# Dismiss all previous claude[bot] reviews
gh api "repos/${REPO}/pulls/${PR}/reviews" \
--paginate --jq '.[] | select(.user.login == "claude[bot]" and (.state == "CHANGES_REQUESTED" or .state == "COMMENTED")) | .id' \
| while read -r review_id; do
gh api -X PUT "repos/${REPO}/pulls/${PR}/reviews/${review_id}/dismissals" \
-f message="Superseded by new review" -f event="DISMISS" 2>/dev/null || true
done
# Delete all previous claude[bot] inline review comments
gh api "repos/${REPO}/pulls/${PR}/comments" \
--paginate --jq '.[] | select(.user.login == "claude[bot]") | .id' \
| while read -r comment_id; do
gh api -X DELETE "repos/${REPO}/pulls/comments/${comment_id}" 2>/dev/null || true
done
# Delete all previous claude[bot] issue comments (sticky comment is managed by the action)
gh api "repos/${REPO}/issues/${PR}/comments" \
--paginate --jq '.[] | select(.user.login == "claude[bot]") | .id' \
| while read -r comment_id; do
gh api -X DELETE "repos/${REPO}/issues/comments/${comment_id}" 2>/dev/null || true
done
- name: Run Claude Code Review
id: claude-review
uses: anthropics/claude-code-action@d5726de019ec4498aa667642bc3a80fca83aa102 # v1
with:
claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
use_sticky_comment: true
claude_args: "--allowedTools Bash,Read,Glob,Grep"
prompt: |
Review PR #${{ github.event.pull_request.number }} in ${{ github.repository }}.
Read `REVIEW.md` for the project context, review dimensions, severity scale, and
skip rules. Follow those guidelines strictly.
## CRITICAL SCOPE RULE
**ONLY review lines that were actually added or modified in this PR's diff.**
You MUST NOT comment on:
- Pre-existing code that was not changed in this PR
- Context lines shown in the diff that were not added/modified (lines without + prefix)
- Issues in unchanged files or unchanged sections of changed files
- Pre-existing patterns, naming, style, or technical debt in surrounding code
You may read full files for context to understand the changes, but every single
finding you report MUST point to a line that was added or modified in the diff.
If a line was not changed by this PR, it is OUT OF SCOPE, no matter how wrong it looks.
Before submitting each finding, verify: "Was this line actually changed in the PR diff?"
If the answer is no, drop the finding.
Skip dimensions that have no findings. Be precise and actionable — no "consider"
or "you might want to" comments.
## Output format
Structure your review as a single comment with sections for each dimension that has
findings. Use this severity scale:
- 🔴 **Critical** — wrong legal outcome, data loss, runtime crash, security vulnerability
- 🟠 **Significant** — likely bug, broken reference, missing edge case, lost jobs
- 🟡 **Minor** — code quality, style, non-blocking improvement
Also leave inline comments on specific lines where possible.
If there are no issues, say so briefly. Do not pad the review with praise or filler.