Merge branch 'master' into fix/mv-loop-nnode

Author: sbryngelson

.github/workflows/claude-code-review.yml

@@ -15,6 +15,11 @@ jobs:
       id-token: write
 
     steps:
+      - name: Install unzip (required by bun setup)
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y unzip
+
       # IMPORTANT: checkout BASE repo only (safe on forks)
       - name: Checkout base repo (safe)
         uses: actions/checkout@v4
@@ -23,39 +28,20 @@ jobs:
 
       - name: Run Claude Code Review
         uses: anthropics/claude-code-action@v1
-        env:
-          # Ensure the action can execute the Claude CLI it installs.
-          PATH: /home/runner/.local/bin:${{ env.PATH }}
         with:
           claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
           github_token: ${{ github.token }}
 
           plugin_marketplaces: "https://github.com/anthropics/claude-code.git"
           plugins: "code-review@claude-code-plugins"
 
+          # NOTE: do NOT use --dangerouslyDisableSandbox (it can crash the CLI).
+          # This flag is for non-interactive CI runs (bypasses approval prompts).
           claude_args: >
             --dangerously-skip-permissions
-            --max-turns 80
+            --max-turns 10
             --allowedTools
-            "Bash(gh pr view:*)"
-            "Bash(gh pr diff:*)"
-            "Bash(gh pr comment:*)"
-            "Bash(gh api:*)"
-            "Bash(cat:*)"
-            "Bash(ls:*)"
-            "Bash(find:*)"
-            "Bash(grep:*)"
-            "Bash(sed:*)"
-            "Bash(awk:*)"
-            "Bash(head:*)"
-            "Bash(tail:*)"
-            "Bash(wc:*)"
-            "Bash(sort:*)"
-            "Bash(uniq:*)"
-            "Bash(cut:*)"
-            "Bash(xargs:*)"
-            "Bash(jq:*)"
-            "Bash(python3:*)"
+            "Bash"
 
           prompt: |
             You are running in pull_request_target.
@@ -71,7 +57,7 @@ jobs:
             3) find .claude/rules -maxdepth 1 -name "*.md" -print | head -n 10 | xargs -I{} cat "{}" 2>/dev/null || true
             4) gh pr view ${{ github.event.pull_request.number }} --repo ${{ github.repository }} --json title,body,files,changedFiles,additions,deletions,headRefOid
             5) gh pr diff ${{ github.event.pull_request.number }} --repo ${{ github.repository }}
-            6) Post ONE top-level PR comment, then STOP.
+            6) Post ONE top-level PR comment titled "Claude Code Review", then STOP.
 
             Output format:
             - Head SHA
@@ -80,7 +66,6 @@ jobs:
             - Findings with file + line numbers when possible
             - If no issues: 0–3 improvement opportunities (only if confident)
 
-            Post ONE top-level PR comment titled "Claude Code Review".
             If posting is blocked, write the full review to the GitHub Actions job summary instead, then STOP.
 
           additional_permissions: |

.lychee.toml

@@ -16,8 +16,11 @@ accept = ["200", "429", "502", "504"]
 
 verbose = "error"
 
-# Exclude sitemap file from scanning (it contains pre-publish production URLs)
-exclude_path = ["sitemap\\.xml"]
+# Exclude files from scanning
+exclude_path = [
+    "sitemap\\.xml",  # Contains pre-publish production URLs
+    "404\\.html",     # Root-relative links (/, /documentation/) can't resolve in local checks
+]
 
 # Exclude URLs that fail due to external issues (broken SSL, pre-deploy only, etc.)
 exclude = [

CLAUDE.md

@@ -51,7 +51,7 @@ source ./mfc.sh load -c p -m c             # Load Phoenix CPU modules
 
 # Other
 ./mfc.sh validate case.py                  # Validate case file without running
-./mfc.sh params <query>                    # Search ~3,400 case parameters
+./mfc.sh params <query>                    # Search 3,400 case parameters
 ./mfc.sh clean                             # Remove build artifacts
 ./mfc.sh new <name>                        # Create new case from template
 ```