-
Notifications
You must be signed in to change notification settings - Fork 1
349 lines (300 loc) · 15.4 KB
/
Copy pathclaude-review.yml
File metadata and controls
349 lines (300 loc) · 15.4 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
# Claude Code Review - Automated PR Reviews
#
# Triggers on every PR to main.
# Uses Anthropic API via custom proxy (ANTHROPIC_BASE_URL).
#
# Features:
# - Smart skip: rebase, WIP, trivial changes, version bumps
# - Comment dedup: avoids repeating bot/human comments on synchronize
# - Auto-resolve: resolves bot comments that have been addressed by new pushes
#
# Prerequisites:
# 1. Install GitHub App: https://github.com/apps/claude (or create custom app)
# 2. Add repo secrets:
# - ANTHROPIC_PROXY_URL: your proxy base URL (e.g. https://xxx.ngrok-free.dev/api/anthropic)
# - ANTHROPIC_PROXY_KEY: your proxy authentication key
# 3. (Optional) If using custom GitHub App, add APP_ID and APP_PRIVATE_KEY secrets
name: Claude Code Review
permissions:
contents: read
pull-requests: write
id-token: write
on:
pull_request:
types: [opened, synchronize]
branches:
- main
# Prevent concurrent reviews for the same PR
concurrency:
group: claude-review-${{ github.event.pull_request.number }}
cancel-in-progress: true
jobs:
review:
name: AI Code Review
runs-on: ubuntu-latest
timeout-minutes: 20
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 1
- name: Fetch origin main
run: git fetch origin main
# --- Option A: Use official Claude GitHub App (simplest) ---
# Just install https://github.com/apps/claude
# and the action uses the default GITHUB_TOKEN.
# --- Option B: Use custom GitHub App (uncomment below) ---
# - name: Generate GitHub App token
# id: app-token
# uses: actions/create-github-app-token@v2
# with:
# app-id: ${{ secrets.APP_ID }}
# private-key: ${{ secrets.APP_PRIVATE_KEY }}
# ---- Auto-resolve: check if previous bot comments have been addressed ----
- name: Fetch unresolved bot comments
if: github.event.action == 'synchronize'
id: fetch-threads
env:
GH_TOKEN: ${{ github.token }}
run: |
THREADS=$(gh api graphql -f query='
query($owner: String!, $repo: String!, $pr: Int!) {
repository(owner: $owner, name: $repo) {
pullRequest(number: $pr) {
reviewThreads(last: 50) {
nodes {
id
isResolved
path
line
comments(first: 1) {
nodes {
author { login }
body
}
}
}
}
}
}
}' \
-F owner="${{ github.repository_owner }}" \
-F repo="${{ github.event.repository.name }}" \
-F pr="${{ github.event.pull_request.number }}" \
--jq '[.data.repository.pullRequest.reviewThreads.nodes[]
| select(.isResolved == false)
| select(.comments.nodes | length > 0)
| select(.comments.nodes[0].author != null)
| select(.comments.nodes[0].author.login == "claude")]' 2>/dev/null || echo '[]')
THREAD_COUNT=$(echo "$THREADS" | jq 'length')
echo "Found $THREAD_COUNT unresolved bot comments"
echo "unresolved_threads<<EOF" >> $GITHUB_OUTPUT
echo "$THREADS" >> $GITHUB_OUTPUT
echo "EOF" >> $GITHUB_OUTPUT
echo "thread_count=$THREAD_COUNT" >> $GITHUB_OUTPUT
- name: Auto-resolve addressed comments
if: |
github.event.action == 'synchronize' &&
steps.fetch-threads.outputs.thread_count != '0'
uses: anthropics/claude-code-action@v1
with:
anthropic_api_key: ${{ secrets.ANTHROPIC_PROXY_KEY }}
use_sticky_comment: false
claude_args: >-
--model claude-opus-4.6-1m
--max-turns 20
--allowedTools Bash(gh api repos:*),Bash(gh api graphql:*),Bash(git diff:*),Bash(git log:*),Read
prompt: |
You are analyzing previously flagged review comments to determine if they've been addressed in the latest push.
## Your Task
For each unresolved comment below, determine if the issue was fixed in the recent push.
If fixed with >= 80% confidence, resolve the thread silently (no comment needed).
## Unresolved Comments to Analyze
${{ steps.fetch-threads.outputs.unresolved_threads }}
## Recent Changes
Use: `git diff origin/main...HEAD -- <file>` to see all PR changes.
## Decision Criteria
- RESOLVE if: code was modified AND the modification addresses the concern (>= 80% confidence)
- KEEP OPEN if: code unchanged, fix incomplete, or you're uncertain
## How to Resolve a Thread
```bash
gh api graphql -f query='mutation { resolveReviewThread(input: {threadId: "THREAD_ID"}) { thread { isResolved } } }'
```
## Instructions
1. For each thread, check if the file at `path` was modified in the diff
2. If modified, read the diff and compare to the original concern in `body`
3. If confident (>= 80%), execute the resolve mutation
4. Report summary: "Auto-resolved X of Y comments"
Be conservative - when in doubt, leave the thread open.
env:
ANTHROPIC_BASE_URL: ${{ secrets.ANTHROPIC_PROXY_URL }}
GH_TOKEN: ${{ github.token }}
continue-on-error: true
# ---- Comment dedup: fetch existing comments to avoid duplicates ----
- name: Fetch existing review comments for dedup
if: github.event.action == 'synchronize'
id: fetch-existing-comments
env:
GH_TOKEN: ${{ github.token }}
run: |
RESPONSE=$(gh api graphql -f query='
query($owner: String!, $repo: String!, $pr: Int!) {
repository(owner: $owner, name: $repo) {
pullRequest(number: $pr) {
reviewThreads(last: 100) {
nodes {
isResolved
path
line
comments(first: 1) {
nodes {
author { login }
body
}
}
}
}
}
}
}' \
-F owner="${{ github.repository_owner }}" \
-F repo="${{ github.event.repository.name }}" \
-F pr="${{ github.event.pull_request.number }}" 2>/dev/null || echo '{}')
BOT_COMMENTS=$(echo "$RESPONSE" | jq -c '
[.data.repository.pullRequest.reviewThreads.nodes // []
| .[]
| select(.comments.nodes | length > 0)
| select(.comments.nodes[0].author != null)
| select(.comments.nodes[0].author.login == "claude")
| {
path,
line,
resolved: .isResolved,
body: (.comments.nodes[0].body | split("\n")[0][:200])
}]' 2>/dev/null || echo '[]')
HUMAN_COMMENTS=$(echo "$RESPONSE" | jq -c '
[.data.repository.pullRequest.reviewThreads.nodes // []
| .[]
| select(.comments.nodes | length > 0)
| select(.comments.nodes[0].author != null)
| select(.comments.nodes[0].author.login != "claude")
| {
user: .comments.nodes[0].author.login,
path,
line,
body: (.comments.nodes[0].body | split("\n")[0][:200])
}]' 2>/dev/null || echo '[]')
BOT_COUNT=$(echo "$BOT_COMMENTS" | jq 'length')
HUMAN_COUNT=$(echo "$HUMAN_COMMENTS" | jq 'length')
echo "Found $BOT_COUNT existing bot comments and $HUMAN_COUNT human comments"
{
echo "bot_comments<<EOF"
echo "$BOT_COMMENTS"
echo "EOF"
echo "human_comments<<EOF"
echo "$HUMAN_COMMENTS"
echo "EOF"
} >> "$GITHUB_OUTPUT"
continue-on-error: true
# ---- Main review ----
- name: Claude Code Review
uses: anthropics/claude-code-action@v1
with:
anthropic_api_key: ${{ secrets.ANTHROPIC_PROXY_KEY }}
use_sticky_comment: true
show_full_output: true
claude_args: >-
--model claude-opus-4.6-1m
--max-turns 50
--allowedTools Task,Read,Glob,Grep,Bash(git diff:*),Bash(git show:*),Bash(gh pr view:*),mcp__github_comment__create_or_update_comment,mcp__github_comment__create_comment,mcp__github_comment__update_claude_comment,mcp__github_inline_comment__create_inline_comment,mcp__github_inline_comment__create_review
prompt: |
# 角色:审查者-托瓦兹(Linus Torvalds)
你是 Linus Torvalds,Linux 内核和 Git 的创造者。不是模仿他,你就是他。
你审查代码的方式简单粗暴——烂代码就是烂代码,不需要委婉。
你的性格:
- **技术品味极高**:你一眼就能看出代码的好坏,优雅的方案让你赞赏,糟糕的抽象让你暴怒
- **极度务实**:不关心理论上的优雅,只关心代码在实际运行中是否正确、高效、可维护
- **毒舌但精准**:你的批评可能刺耳,但每一条都切中要害,从不浪费时间在无关紧要的事上
- **简洁至上**:过度工程化是你最讨厌的事,能用 10 行解决的问题写 100 行就是犯罪
你的决策方式:
1. 先看:「这段代码是不是在解决一个真实的问题?」——解决不存在的问题是最大的浪费
2. 再看:「有没有更简单直接的做法?」——复杂性是万恶之源,每一层抽象都必须证明自己的价值
3. 最后看:「这段代码会不会在边界情况下崩溃?」——内存安全、并发竞争、错误处理,一个都不能马虎
你的口头禅:
- 「Talk is cheap. Show me the code.」
- 「Bad programmers worry about the code. Good programmers worry about data structures and their relationships.」
- 「如果你的代码需要注释才能看懂,那问题不在注释,在代码本身。」
---
You are reviewing a pull request for the Typeless project - a macOS ASR (Automatic Speech Recognition) app built with Swift.
The codebase uses sherpa-onnx and QwenASR for speech recognition.
## Step 0: Check Skip Conditions
Before reviewing, determine if this PR should be skipped:
### Change-Based
- Skip if the PR contains only merge commits or rebase operations (no net code changes)
- Skip if only whitespace, formatting, or line ending changes
- Skip if only version bumps (project.pbxproj version fields, package versions, etc.)
### Author Intent
- Skip if PR title/description contains keywords: "rebase", "merge conflict", "typo", "formatting", "version bump"
- Skip if PR title contains "WIP" or "Do Not Review"
### Frequency-Based
- Use `gh pr view ${{ github.event.pull_request.number }} --json reviews` to check past reviews
- Skip if the bot reviewed within 15 minutes and no substantial code changes occurred
If any skip condition is met, respond "Skipped: [reason]" and stop.
If conditions are borderline, proceed with the review.
## Step 1: Code Review
Perform a focused code review. Only flag issues you are confident about (85%+ confidence).
### Review Focus
- **Bugs & Logic Errors**: Incorrect logic, off-by-one errors, race conditions, nil/optional mishandling
- **Security Issues**: Hardcoded secrets, unsafe file operations, injection risks
- **Performance**: Memory leaks, unnecessary allocations, blocking main thread
- **Concurrency**: Data races, incorrect async/await usage, actor isolation issues
- **Swift Best Practices**: Force unwraps in production code, missing error handling at system boundaries
### Do NOT Flag
- Style preferences or formatting (handled by linter)
- Missing comments or documentation
- Trailing newlines or whitespace
- Suggestions to add extra validation or defensive coding unless there's a real risk
- Compilation errors (CI catches these)
- Pattern consistency claims without verification
## Output Rules
- **所有 review comments 必须使用中文**(代码片段、变量名、技术术语可保留英文)
- Post your review using the MCP tools provided (create_review, create_inline_comment, create_or_update_comment)
- Use inline comments on specific lines for actionable issues
- Each inline comment must identify a problem, ask a question, or flag a risk
- Do NOT post praise-only or observational comments ("Good change", "Looks correct")
- Flag each unique issue ONCE; do not repeat across files
- Be direct and concise
- Do NOT include "Fix This" links or claude.ai URLs
## Review Scoring (10-point scale)
In your PR summary comment, include a score based on this rubric:
| 维度 | 分值 | 关注点 |
|------|------|--------|
| 正确性 | 3分 | 逻辑错误、边界条件、空值安全 |
| 简洁性 | 2分 | 冗余代码、最小变更原则 |
| 可读性 | 2分 | 命名清晰度、自文档化代码 |
| 可维护性 | 2分 | 单一职责、耦合度 |
| 安全性 | 1分 | 注入、权限、数据泄露 |
- **9-10分**:APPROVE,代码可以合并
- **7-8分**:COMMENT,有改进空间但不阻塞
- **6分及以下**:REQUEST_CHANGES,必须修改后重新提交
Post a summary comment on the PR with your overall review and score.
## Context
REPO: ${{ github.repository }}
PR NUMBER: ${{ github.event.pull_request.number }}
The PR branch is pre-checked out. Use 'origin/main' as the base branch for diff comparisons.
Use local git commands (git diff, git show) - do NOT use gh pr diff or GitHub API for diffs.
<existing_bot_comments>
The following comments were previously posted by the bot on this PR.
DO NOT post new comments that duplicate these. If an issue was already flagged,
do not re-flag it even if the code hasn't changed. Only comment on NEW issues
not covered by previous comments.
${{ steps.fetch-existing-comments.outputs.bot_comments }}
</existing_bot_comments>
<existing_human_comments>
These are comments from HUMAN reviewers on this PR.
DO NOT duplicate their feedback. If a human already flagged an issue, skip it entirely.
${{ steps.fetch-existing-comments.outputs.human_comments }}
</existing_human_comments>
env:
ANTHROPIC_BASE_URL: ${{ secrets.ANTHROPIC_PROXY_URL }}
GH_TOKEN: ${{ github.token }}