Conversation
Only allow OWNER, MEMBER, and COLLABORATOR to trigger the @claude assistant workflow. This prevents random external users from consuming API quota on the public repository.
Since we're using claude_code_oauth_token for authentication, we don't need id-token: write (which is only for OIDC auth with Bedrock/Vertex). Keep actions: read in the assistant workflow since it explicitly uses additional_permissions to read CI results.
Pin actions/checkout and anthropics/claude-code-action to specific commit SHAs to prevent supply-chain attacks via compromised tags. - actions/checkout: v4.2.2 -> 11bd719 - anthropics/claude-code-action: v1 -> 3a38b37 These should be updated periodically when new versions are released.
Remove issue creation/assignment and PR review submission events, keeping only comment-based triggers. This reduces the event surface area and ensures @claude is only invoked through explicit comment mentions, making it harder to trigger accidentally.
|
I think it might be good to outline what we're trying to (and not trying to) achieve with AI code reviews. |
| claude-review: | ||
| if: | | ||
| ( | ||
| github.event_name == 'issue_comment' && |
There was a problem hiding this comment.
Do we need this? In your description you said:
With these changes, it is only possible to use Claude from PR comments
| permissions: | ||
| contents: read | ||
| pull-requests: read | ||
| issues: read |
|
|
||
| steps: | ||
| - name: Checkout repository | ||
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 |
There was a problem hiding this comment.
Pretty old, but doesn't matter I guess.
|
|
||
| - name: Run Claude Code Review | ||
| id: claude-review | ||
| uses: anthropics/claude-code-action@3a38b377b30c75102b420405ed9516b57ca2e248 # v1 |
There was a problem hiding this comment.
I can't even find this commit in their repo: anthropics/claude-code-action@3a38b37 So I think this won't work.
Also "v1" is kind of non-descript, would be better to say which specific one we use, for example v1.0.22
| - Security concerns | ||
| - Test coverage | ||
|
|
||
| Use the repository's CLAUDE.md for guidance on style and conventions. Be constructive and helpful in your feedback. |
There was a problem hiding this comment.
This file doesn't exist, did you mean doc/developer/{best-practices.md,guide-changes.md}?
| - Potential bugs or issues | ||
| - Performance considerations | ||
| - Security concerns | ||
| - Test coverage |
There was a problem hiding this comment.
Can we make this something more targeted?
| - Test coverage | |
| - Were relevant e2e tests added/changed, do they consider corner cases and check relevant results? |
I'm still worried that Claude probably has no idea about what testing frameworks we have and whether they are used for the correct kind of testing.
|
|
||
| # See https://github.com/anthropics/claude-code-action/blob/main/docs/usage.md | ||
| # or https://code.claude.com/docs/en/cli-reference for available options | ||
| claude_args: '--allowed-tools "Bash(gh issue view:*),Bash(gh search:*),Bash(gh issue list:*),Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*),Bash(gh pr list:*)"' |
|
|
||
| Use the repository's CLAUDE.md for guidance on style and conventions. Be constructive and helpful in your feedback. | ||
|
|
||
| Use `gh pr comment` with your Bash tool to leave your review as a comment on the PR. |
There was a problem hiding this comment.
I bet you can make Claude comment something on another person's PR from what you write in the body of your own PR. ;)
There was a problem hiding this comment.
claude-code-review.yml is for code reviews. What is this file for? I don't see that Claude has any permissions to do something here?
bosconi
force-pushed
the
add-claude-github-actions-1764885726289
branch
from
22d57f9 to
b24dcc1
Compare
|
@codex review |
|
To use Codex here, create a Codex account and connect to github. |
|
Superseded by #35621 |
3 participants
Add the Claude Code GitHub actions associated with the Claude / GitHub integration.
The security recommendations here are implemented as follow up commits:
https://chatgpt.com/share/e/693213d7-032c-8000-b36e-fa22ad663b64
With these changes, it is only possible to use Claude from PR comments. Possibly a moot point for this repo, since issues are disabled/hosted elsewhere.
Use only from comments is still useful: You can use it to conduct a review of code in the PR, or to add code/documentation to the (possibly stub) PR.