Skip to content

Add claude GitHub actions 1761430070589 #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
nielspeter merged 2 commits into from
Oct 25, 2025
Merged

Add claude GitHub actions 1761430070589 #1

nielspeter merged 2 commits into from
Oct 25, 2025

Conversation

@nielspeter
Copy link
Owner

@nielspeter nielspeter commented Oct 25, 2025

No description provided.

@nielspeter nielspeter merged commit 409ce26 into main Oct 25, 2025
5 checks passed
@claude
Copy link

claude bot commented Oct 25, 2025

Code Review - GitHub Actions Workflows

Critical Issues

  1. Missing pull-requests: write permission (.github/workflows/claude-code-review.yml:22-26)

    • The workflow instructs Claude to use gh pr comment but only has pull-requests: read
    • Must change to pull-requests: write

  2. Wrong path filters (.github/workflows/claude-code-review.yml:6-11)

    • References TypeScript/JavaScript files but this is a Go project
    • Should use /*.go, go.mod, go.sum, internal/, pkg/, cmd/

Security & Performance

  1. No concurrency control - Multiple PRs could spawn many concurrent jobs causing API quota issues
  2. No timeout protection - Long sessions could exceed GitHub Actions limits (recommend 15min timeout)
  3. Shallow clone - fetch-depth: 1 limits git history context (consider fetch-depth: 0)

Best Practices

  1. Missing secret validation - No error handling if CLAUDE_CODE_OAUTH_TOKEN is not configured
  2. Branch filters - Consider limiting to main/master branches only
  3. Commented code - Lines 15-19 should be implemented or removed
  4. Workflow naming - Use Claude Code Assistant vs Claude Code Review for clarity
  5. CLAUDE.md reference - Add explicit mention in prompt to use repo guidance

Summary

Category Count
Critical (blocking) 2
Security concerns 2
Best practices 5
Minor improvements 3

Recommendation: Fix the pull-requests: write permission before merging. Other issues can be addressed iteratively.

Would you like me to prepare a commit with these fixes?

@nielspeter nielspeter deleted the add-claude-github-actions-1761430070589 branch October 25, 2025 22:17
@claude claude bot mentioned this pull request Oct 26, 2025
Closed
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@nielspeter