Skip to content
Claude Code Review

chore: Avoid Box<dyn CongestionControl> #925

Sign in to view logs

chore: Avoid Box<dyn CongestionControl>

chore: Avoid Box<dyn CongestionControl> #925

Workflow file for this run

.github/workflows/claude.yml at 1ad8dc3
name: Claude Code Review
on:
# Use pull_request_target to allow secrets access for fork PRs.
# CI only runs after manual approval for neqo, for non-members of the repo.
pull_request_target: # zizmor: ignore[dangerous-triggers] See rationale above.
branches: ["main"]
types: [opened, synchronize, ready_for_review, reopened]
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
permissions:
contents: read
jobs:
claude-review:
name: Claude Code Review
# Require approval before running on fork PRs to prevent secret exfiltration.
environment: claude-review
runs-on: ubuntu-24.04
permissions:
contents: read
pull-requests: write # Required to write PR details.
id-token: write # Required for OIDC authentication.
steps:
# With pull_request_target, checkout defaults to the base branch.
# Check out from the PR's head repository to handle fork PRs correctly.
- name: Checkout PR head
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
repository: ${{ github.event.pull_request.head.repo.full_name }}
ref: ${{ github.event.pull_request.head.sha }}
persist-credentials: false
- name: Restore trusted instruction files from base branch
env:
BASE_REPO: ${{ github.repository }}
BASE_SHA: ${{ github.event.pull_request.base.sha }}
run: |
git fetch --depth=1 "https://github.com/$BASE_REPO" "$BASE_SHA"
# Overwrite instruction files with the trusted base-branch versions.
git checkout FETCH_HEAD -- .github/copilot-instructions.md 2>/dev/null || true
- name: Run Claude Code Review
id: claude
# TODO: Would like to pin this, but the Mozilla org allowlist requires "anthropics/claude-code-action@v1"
uses: anthropics/claude-code-action@v1 # zizmor: ignore[unpinned-uses]
with:
show_full_output: 'true'
track_progress: ${{ github.event_name != 'workflow_dispatch' }}
anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
# Use a PAT to allow the action to work on fork PRs.
github_token: ${{ secrets.NEQO_CI }}
use_sticky_comment: true
use_commit_signing: true
# See https://github.com/anthropics/claude-code-action/blob/main/docs/usage.md
# or https://docs.anthropic.com/en/docs/claude-code/sdk#command-line for available options
claude_args: |
--allowedTools "mcp__github_inline_comment__create_inline_comment"
prompt: |
REPO: ${{ github.repository }}
PR NUMBER: ${{ github.event.pull_request.number }}
Perform a comprehensive code review with the following focus areas:
1. **Code Quality**
- Clean code principles and best practices
- Proper error handling and edge cases
- Code readability and maintainability
2. **Security**
- Check for potential security vulnerabilities
- Validate input sanitization
- Review authentication/authorization logic
3. **Performance**
- Identify potential performance bottlenecks
- Review database queries for efficiency
- Check for memory leaks or resource issues
4. **Testing**
- Verify adequate test coverage
- Review test quality and edge cases
- Check for missing test scenarios
5. **Documentation**
- Ensure code is properly documented
- Verify README updates for new features
- Check API documentation accuracy
Follow the detailed instructions in `.github/copilot-instructions.md`
as you prepare your review for the different focus areas listed above.
Provide detailed feedback using inline comments for specific issues,
including GitHub suggestions in the comments whenever possible.
Use top-level comments for general observations or praise.