11name : Claude PR Review
22
33on :
4- pull_request_target :
5- types : [opened, synchronize, reopened]
6- pull_request_review_comment :
7- types : [created]
8- issue_comment :
9- types : [created]
4+ workflow_dispatch :
5+ inputs :
6+ pr_number :
7+ description : Pull request number to review
8+ required : true
9+ type : number
10+ extra_focus :
11+ description : Optional extra review focus for this run
12+ required : false
13+ type : string
14+
15+ concurrency :
16+ group : claude-pr-review-${{ inputs.pr_number }}
17+ cancel-in-progress : true
1018
1119permissions :
1220 contents : read
@@ -16,91 +24,80 @@ permissions:
1624
1725jobs :
1826 claude-review :
19- if : >
20- github.event_name == 'pull_request_target' ||
21- ((github.event_name == 'issue_comment' &&
22- contains(github.event.comment.body, '@claude')) &&
23- contains('justfinethanku,matthallett1,adrienneaguirre,kaleab27', github.event.comment.user.login)) ||
24- ((github.event_name == 'pull_request_review_comment' &&
25- contains(github.event.comment.body, '@claude')) &&
26- contains('justfinethanku,matthallett1,adrienneaguirre,kaleab27', github.event.comment.user.login))
2727 runs-on : ubuntu-latest
28+ timeout-minutes : 20
29+
2830 steps :
2931 - name : Checkout repository
3032 uses : actions/checkout@v4
3133 with :
3234 fetch-depth : 0
3335
34- - name : Checkout PR branch
36+ - name : Fetch PR branch
3537 env :
3638 GH_TOKEN : ${{ secrets.GITHUB_TOKEN }}
39+ PR_NUMBER : ${{ inputs.pr_number }}
3740 run : |
38- # Determine PR number based on event type
39- if [ "${{ github.event_name }}" = "issue_comment" ]; then
40- PR_NUMBER="${{ github.event.issue.number }}"
41- else
42- PR_NUMBER="${{ github.event.pull_request.number }}"
43- fi
41+ set -euo pipefail
4442
45- # Fetch PR head via refs/pull/N/head (works for both fork and same-repo PRs)
46- git fetch origin "pull/${PR_NUMBER}/head:refs/remotes/origin/pr-head"
43+ gh pr view "$PR_NUMBER" \
44+ --repo "$GITHUB_REPOSITORY" \
45+ --json state,isDraft,title,url
4746
48- # Get the branch name the action expects and check it out locally
49- BRANCH=$(gh pr view "${PR_NUMBER}" --json headRefName -q .headRefName)
50- git checkout -B "${BRANCH}" refs/remotes/origin/pr-head
47+ pr_state=$(gh pr view "$PR_NUMBER" \
48+ --repo "$GITHUB_REPOSITORY" \
49+ --json state \
50+ --jq '.state')
5151
52- # Point origin to the fork repo so claude-code-action can fetch the branch.
53- # gh pr view doesn't expose clone_url, so use the REST API directly.
54- FORK_URL=$(gh api "repos/${{ github.repository }}/pulls/${PR_NUMBER}" --jq '.head.repo.clone_url')
55- if [ -n "$FORK_URL" ]; then
56- git remote set-url origin "${FORK_URL}"
52+ if [ "$pr_state" != "OPEN" ]; then
53+ echo "PR #$PR_NUMBER is not open."
54+ exit 1
5755 fi
5856
59- uses : anthropics/claude-code-action@v1
57+ git fetch origin "pull/$PR_NUMBER/head:pr-$PR_NUMBER"
58+ git checkout "pr-$PR_NUMBER"
59+
60+ name : Run Claude review
61+ uses : anthropics/claude-code-action@v1
6062 with :
6163 github_token : ${{ secrets.GITHUB_TOKEN }}
6264 anthropic_api_key : ${{ secrets.ANTHROPIC_API_KEY }}
63- track_progress : true
64- claude_args : ' --allowedTools "mcp__github_inline_comment__create_inline_comment,Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*),Bash(gh api:*),Bash(git diff:*),Bash(git log:*),Bash(git show:*),Read,Glob,Grep"'
6565 prompt : |
66+ REPO: ${{ github.repository }}
67+ PR NUMBER: ${{ inputs.pr_number }}
68+ EXTRA REVIEW FOCUS: ${{ inputs.extra_focus }}
69+
6670 You are reviewing a contribution to Open Brain (OB1), an open-source
6771 persistent AI memory system. Read CLAUDE.md, CONTRIBUTING.md, and
6872 SOUL.md (if it exists) for full project context.
6973
7074 Review this PR for:
71- 1. **Alignment** — Does this contribution fit OB1's mission? Is it a
72- capture pathway, retrieval pathway, schema extension, dashboard, or
73- teaching-through-building contribution?
74- 2. **Clarity** — Will a user with the stated prerequisites actually be
75- able to follow the instructions and get a working result?
76- 3. **Completeness** — README has prerequisites, numbered steps, and
77- expected outcome? metadata.json looks right?
78- 4. **Safety** — No credentials, no destructive SQL, no core schema
79- modifications, no local MCP servers (must use remote Edge Functions)?
80- 5. **Value** — Does this add something meaningfully different from
81- existing contributions?
82- 6. **Design patterns** — Does this follow OB1's established patterns?
83- Check for: direct Supabase insert or MCP ingest endpoint (not
84- custom servers), remote Edge Functions (not local Node.js),
85- Row Level Security on new tables, JSONB metadata fields,
86- environment variables for credentials (not hardcoded).
87- 7. **Scope fit** — Is this appropriately sized for OB1, or is it
88- growing into its own project? Red flags: own package.json with
89- many dependencies, doesn't interact with the thoughts table,
90- needs independent deployment, or introduces its own auth system.
91- If it seems too big, suggest it could be a standalone project
92- that integrates with OB1 instead.
93-
94- Before writing your review, read any existing PR comments and
95- review discussion. If maintainers or contributors have already
96- flagged issues, asked questions, or discussed changes, acknowledge
97- them in your review rather than duplicating. Build on the existing
98- conversation instead of starting from scratch.
75+ 1. Alignment with OB1's mission and contribution categories
76+ 2. Clarity for contributors following the README instructions
77+ 3. Completeness of README, metadata, and user guidance
78+ 4. Safety: no secrets, no destructive SQL, no core schema breakage,
79+ no local MCP servers
80+ 5. Value: whether this adds something meaningfully useful
81+ 6. Design patterns: direct Supabase insert or MCP ingest endpoint,
82+ remote Edge Functions, RLS on new tables, JSONB metadata fields,
83+ env vars for credentials
84+ 7. Scope fit: whether this belongs in OB1 or is drifting into its
85+ own standalone project
9986
100- Be constructive and welcoming. If a contribution needs work, explain
101- what specifically needs to change. If it looks good, approve the PR.
102-
103- Important: The mechanical checks (file structure, metadata validation,
104- SQL safety) are handled by a separate CI job. Focus your review on the
105- things that require judgment — clarity, alignment, value, design
87+ The mechanical checks are already handled by a separate CI job.
88+ Focus on judgment-heavy review: clarity, alignment, value, design
10689 patterns, scope fit, and quality.
90+
91+ Review behavior:
92+ - Use `gh pr diff` and `gh pr view` for PR context.
93+ - Use inline comments only for specific, actionable findings.
94+ - Submit one final GitHub PR review with `gh pr review`.
95+ - Be conservative with approvals. Approve only when there are no
96+ substantive concerns left.
97+ - If there are blocking issues, request changes and explain them
98+ clearly.
99+ - If feedback is non-blocking, submit a comment review instead of
100+ cluttering the thread with extra top-level comments.
101+ - Do not output the review as chat text. Put the feedback on GitHub.
102+ claude_args : |
103+ --model haiku --allowedTools "mcp__github_inline_comment__create_inline_comment,Bash(gh pr diff:*),Bash(gh pr review:*),Bash(gh pr view:*),Bash(git diff:*),Bash(git status:*)"
0 commit comments