Files
wehub-resource-sync e30e75b5d4
Changesets / Create Version PR (push) Has been cancelled
Deploy Shadcn Registry / Deploy Production (push) Has been cancelled
Template Metrics / LOC + Bundle Size (push) Has been cancelled
Code Quality / Oxlint + Oxfmt (push) Has been cancelled
Code Quality / Template Sync (push) Has been cancelled
Code Quality / Build Changed Packages (push) Has been cancelled
Code Quality / Test Changed Packages (push) Has been cancelled
Deploy Expo Example / Deploy Production (push) Has been cancelled
Deploy Ink Example / Deploy Production (push) Has been cancelled
Python Tests / pytest (assistant-stream, 3.10) (push) Has been cancelled
Python Tests / pytest (assistant-stream, 3.12) (push) Has been cancelled
Python Tests / pytest (assistant-ui-sync-server-api, 3.10) (push) Has been cancelled
Python Tests / pytest (assistant-ui-sync-server-api, 3.12) (push) Has been cancelled
chore: import upstream snapshot with attribution
2026-07-13 13:40:13 +08:00

160 lines
8.6 KiB
YAML

name: Claude Code Review
on:
pull_request:
types: [opened, synchronize, ready_for_review, reopened]
# Optional: Only run on specific file changes
# paths:
# - "src/**/*.ts"
# - "src/**/*.tsx"
# - "src/**/*.js"
# - "src/**/*.jsx"
concurrency:
group: claude-code-review-${{ github.event.pull_request.number }}
cancel-in-progress: true
env:
# Shared action configuration
TRACK_PROGRESS: 'true'
USE_STICKY_COMMENT: 'true'
ADDITIONAL_PERMISSIONS: |
actions: read
REVIEW_PROMPT: |
REPO: ${{ github.repository }}
PR NUMBER: ${{ github.event.pull_request.number }}
TITLE: ${{ github.event.pull_request.title }}
BODY: ${{ github.event.pull_request.body }}
AUTHOR: ${{ github.event.pull_request.user.login }}
COMMIT: ${{ github.event.pull_request.head.sha }}
Note: The PR branch is already checked out in the current working directory.
FIRST: Immediately launch a simplification subagent in the background using the Agent tool (with run_in_background: true) with this prompt:
"Read the file .github/prompts/simplify-review.md for guidance on what to look for. The PR number is ${{ github.event.pull_request.number }}. Wherever the file says <PR_NUMBER>, use ${{ github.event.pull_request.number }}. The repository is checked out in the current working directory. Return your findings as a structured summary — do NOT post any GitHub comments yourself."
THEN: While the simplify agent runs in the background, proceed with the review:
Gather Context (complete these steps silently - don't report on this process):
1. Check CI status: Use mcp__github_ci__get_ci_status to see if tests passed/failed
2. Get previous reviews: Run gh pr view ${{ github.event.pull_request.number }} --comments
3. Identify previous bot reviews and track which issues were raised before
4. If CI failed: Use mcp__github_ci__get_workflow_run_details for failure details
Review Approach:
- If first review: Comprehensive analysis of all changes
- If previous reviews exist: Focus on changes since last review, track issue status, understand how changes impact pr
- Incorporate CI/test failure context into your feedback if relevant
- Use inline comments (mcp__github_inline_comment__create_inline_comment) for specific code issues
Do not include in your review:
- Task completion statements ("I completed the review", "Review finished")
- Process descriptions ("First I checked X, then I analyzed Y")
- Generic meta-commentary about reviewing
- Progress tracking
Review this pull request by individually analysing each of these thoroughly:
- Code quality and best practices
- Potential bugs or issues
- Security implications
- Performance considerations
- Test coverage
- assistant-ui specific requirements:
- The PR has a changeset if updating source code of published packages (packages/*)
- The PR includes documentation if API surface changes
Provide a comprehensive review build on previous reviews including:
- Summary of changes since last review
- Critical issues found (be thorough)
- Suggested improvements (be thorough)
- Good practices observed (be concise - list only the most notable items without elaboration)
- Leverage collapsible <details> sections where appropriate for lengthy explanations or code snippets to enhance human readability
When reviewing subsequent commits:
- Track status of previously identified issues
- Identify new problems introduced since last review
- Note if fixes introduced new issues
IMPORTANT: Be comprehensive about issues and improvements. For good practices, be brief - just note what was done well without explaining why or praising excessively. NO meta-commentary about the review process itself.
Use `mcp__github_inline_comment__create_inline_comment` only for critical code issues or relevant suggestions. Check existing inline comments first to avoid duplicates. Do NOT use inline comments for good practices or positive observations. Each inline comment must be well thought out, precise, and actionable.
You have been provided with the mcp__github_comment__update_claude_comment tool to update your comment. This tool automatically handles PR comments. Only the body parameter is required - the tool automatically knows which comment to update.
FINALLY: Once your review is complete, wait for the background simplify agent to finish. Collect its structured findings, then:
1. For each simplify finding that you agree is worth flagging, post an inline comment using mcp__github_inline_comment__create_inline_comment. Skip findings that overlap with issues you already commented on during your review.
2. Submit one final comment using mcp__github_comment__update_claude_comment that includes your full review followed by a `## Simplify` section with the agent's summary. If no simplification issues were found, note that the code looks clean.
# Allowed tools:
# - mcp__github_inline_comment__create_inline_comment: Create inline code comments
# - Bash(gh ...): Read-only GitHub CLI commands for PR/issue info
# Note: gh pr comment is NOT allowed - Claude must use update_claude_comment only
# Temporarily on Opus 4.8 while Fable usage credits are exhausted; swap back to
# `--model fable` when access returns. The Fable-specific machinery below
# (Opus-fallback flagging) stays in place for that switch-back.
CLAUDE_ARGS: '--model claude-opus-4-8 --effort high --allowedTools "Agent,mcp__github_inline_comment__create_inline_comment,Bash(gh issue view:*),Bash(gh search:*),Bash(gh issue list:*),Bash(gh pr diff:*),Bash(gh pr view:*),Bash(gh pr list:*)"'
jobs:
claude-review:
if: github.event.pull_request.draft == false && github.event.pull_request.head.repo.full_name == github.repository
runs-on: blacksmith-4vcpu-ubuntu-2404
timeout-minutes: 15
permissions:
contents: read
pull-requests: write
issues: read
id-token: write
actions: read
steps:
- name: Checkout repository
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # ratchet:actions/checkout@v7
with:
ref: refs/pull/${{ github.event.pull_request.number }}/head
fetch-depth: 1
- name: Review
id: review
uses: anthropics/claude-code-action@536f2c32a39763739000b0e1ac69ca2647d97ce9 # ratchet:anthropics/claude-code-action@v1
with:
claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
prompt: ${{ env.REVIEW_PROMPT }}
use_sticky_comment: ${{ fromJSON(env.USE_STICKY_COMMENT) }}
track_progress: ${{ fromJSON(env.TRACK_PROGRESS) }}
claude_args: ${{ env.CLAUDE_ARGS }}
additional_permissions: ${{ env.ADDITIONAL_PERMISSIONS }}
# The action reports success even when the Claude execution errors out
# (e.g. expired OAuth token or exhausted usage limit), leaving PRs with a
# green check and no review. Fail loudly and surface the error text,
# which the action redacts from its own logs.
- name: Fail on Claude execution error
if: always()
run: |
FILE='${{ steps.review.outputs.execution_file }}'
[ -f "$FILE" ] || exit 0
jq -e 'last(.[] | select(.type == "result")) | .is_error == true' "$FILE" >/dev/null || exit 0
echo "::error::Claude review failed: $(jq -r 'last(.[] | select(.type == "result")) | .result // "no error text"' "$FILE" | tr '\n' ' ' | head -c 500)"
exit 1
# Fable's cybersecurity classifier can silently swap the session to Opus
# mid-run; the model's own context still claims Fable, so the transcript
# is the only reliable signal of the downgrade.
- name: Flag Opus fallback
if: always()
env:
GH_TOKEN: ${{ github.token }}
run: |
FILE='${{ steps.review.outputs.execution_file }}'
[ -f "$FILE" ] && grep -q '"model_refusal_fallback"' "$FILE" || exit 0
echo "::warning::Fable safeguard triggered — review served by Opus fallback"
COMMENT=$(gh api --paginate "repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/comments" \
--jq '.[] | select(.user.login == "claude[bot]")' | jq -s 'last')
[ -n "$COMMENT" ] && [ "$COMMENT" != "null" ] || exit 0
gh api --method PATCH "repos/${{ github.repository }}/issues/comments/$(jq -r .id <<<"$COMMENT")" \
-f body="> [!WARNING]
> **Fable's cybersecurity safeguard triggered — this review was served by Opus 4.8.** Ignore it and re-review with Fable locally.
$(jq -r .body <<<"$COMMENT")"