build(deps): bump bytes from 1.4.0 to 1.11.1 in the cargo group across 1 directory #2
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Claude Code Review | |
| on: | |
| # Use pull_request_target to allow secrets access for fork PRs. | |
| # CI only runs after manual approval for neqo, for non-members of the repo. | |
| pull_request_target: # zizmor: ignore[dangerous-triggers] See rationale above. | |
| branches: ["main"] | |
| types: [opened, synchronize, ready_for_review, reopened] | |
| workflow_dispatch: | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: read | |
| jobs: | |
| claude-review: | |
| name: Claude Code Review | |
| # Require approval before running on fork PRs to prevent secret exfiltration. | |
| environment: claude-review | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| contents: read | |
| pull-requests: write # Required to write PR details. | |
| id-token: write # Required for OIDC authentication. | |
| steps: | |
| # With pull_request_target, checkout defaults to the base branch. | |
| # Check out from the PR's head repository to handle fork PRs correctly. | |
| - name: Checkout PR head | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| repository: ${{ github.event.pull_request.head.repo.full_name }} | |
| ref: ${{ github.event.pull_request.head.ref }} | |
| fetch-depth: 0 | |
| persist-credentials: false | |
| - name: Run Claude Code Review | |
| id: claude | |
| # TODO: Would like to pin this, but the Mozilla org allowlist requires "anthropics/claude-code-action@v1" | |
| uses: anthropics/claude-code-action@v1 # zizmor: ignore[unpinned-uses] | |
| with: | |
| track_progress: ${{ github.event_name != 'workflow_dispatch' }} | |
| anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} | |
| # Use a PAT to allow the action to work on fork PRs. | |
| github_token: ${{ secrets.NEQO_CI }} | |
| use_sticky_comment: true | |
| use_commit_signing: true | |
| # See https://github.com/anthropics/claude-code-action/blob/main/docs/usage.md | |
| # or https://docs.anthropic.com/en/docs/claude-code/sdk#command-line for available options | |
| claude_args: | | |
| --allowedTools "mcp__github_inline_comment__create_inline_comment,Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*)" | |
| prompt: | | |
| REPO: ${{ github.repository }} | |
| PR NUMBER: ${{ github.event.pull_request.number }} | |
| Perform a comprehensive code review with the following focus areas: | |
| 1. **Code Quality** | |
| - Clean code principles and best practices | |
| - Proper error handling and edge cases | |
| - Code readability and maintainability | |
| 2. **Security** | |
| - Check for potential security vulnerabilities | |
| - Validate input sanitization | |
| - Review authentication/authorization logic | |
| 3. **Performance** | |
| - Identify potential performance bottlenecks | |
| - Review database queries for efficiency | |
| - Check for memory leaks or resource issues | |
| 4. **Testing** | |
| - Verify adequate test coverage | |
| - Review test quality and edge cases | |
| - Check for missing test scenarios | |
| 5. **Documentation** | |
| - Ensure code is properly documented | |
| - Verify README updates for new features | |
| - Check API documentation accuracy | |
| Follow the detailed instructions in `.github/copilot-instructions.md` | |
| as you prepare your review for the different focus areas listed above. | |
| If that file is changed as part of a PR, use the changed version instead | |
| of the file in the main branch. | |
| Provide detailed feedback using inline comments for specific issues, | |
| including GitHub suggestions in the comments whenever possible. | |
| Use top-level comments for general observations or praise. |