claude-code-action

anthropics/claude-code-action

Fork 0

mirror of https://github.com/anthropics/claude-code-action.git synced 2026-01-22 22:44:13 +08:00

Commit Graph

Author	SHA1	Message	Date
Ashwin Bhat	7e4bf87b1c	feat: add ssh_signing_key input for SSH commit signing (#784 ) * feat: add ssh_signing_key input for SSH commit signing Add a new ssh_signing_key input that allows passing an SSH signing key for commit signing, as an alternative to the existing use_commit_signing (which uses GitHub API-based commits). When ssh_signing_key is provided: - Git is configured to use SSH signing (gpg.format=ssh, commit.gpgsign=true) - The key is written to ~/.ssh/claude_signing_key with 0600 permissions - Git CLI commands are used (not MCP file ops) - The key is cleaned up in a post step for security Behavior matrix: \| ssh_signing_key \| use_commit_signing \| Result \| \|-----------------\|-------------------\|--------\| \| not set \| false \| Regular git, no signing \| \| not set \| true \| GitHub API (MCP), verified commits \| \| set \| false \| Git CLI with SSH signing \| \| set \| true \| Git CLI with SSH signing (ssh_signing_key takes precedence) * docs: add SSH signing key documentation - Update security.md with detailed setup instructions for both signing options - Explain that ssh_signing_key enables full git CLI operations (rebasing, etc.) - Add ssh_signing_key to inputs table in usage.md - Update bot_id/bot_name descriptions to note they're needed for verified commits * fix: address security review feedback for SSH signing - Write SSH key atomically with mode 0o600 (fixes TOCTOU race condition) - Create .ssh directory with mode 0o700 (SSH best practices) - Add input validation for SSH key format - Remove unused chmod import - Add tests for validation logic	2026-01-02 10:37:25 -08:00
Aidan Dunlap	154d0de144	feat: add instant "Fix this" links to PR code reviews (#773 ) * feat: add "Fix this" links to PR code reviews When Claude reviews PRs and identifies fixable issues, it now includes inline links that open Claude Code with the fix request pre-loaded. Format: [Fix this →](https://claude.ai/code?q=<URI_ENCODED_INSTRUCTIONS>&repo=<REPO>) This enables one-click fix requests directly from code review comments. * feat: add include_fix_links input to control Fix this links Adds a configurable input to enable/disable the "Fix this →" links in PR code reviews. Defaults to true for backwards compatibility.	2025-12-27 15:29:06 -08:00
Benny Yen	86d6f44e34	chore: consolidate duplicate test directories (#565 ) Move detector.test.ts from tests/modes/ to test/modes/ and fix TypeScript type errors by adding missing required properties (botId, botName, allowedNonWriteUsers). Remove empty tests/ directory structure. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-authored-by: Claude <noreply@anthropic.com>	2025-09-11 07:24:55 -07:00

Author

SHA1

Message

Date

Ashwin Bhat

7e4bf87b1c

feat: add ssh_signing_key input for SSH commit signing (#784 )

* feat: add ssh_signing_key input for SSH commit signing

Add a new ssh_signing_key input that allows passing an SSH signing key
for commit signing, as an alternative to the existing use_commit_signing
(which uses GitHub API-based commits).

When ssh_signing_key is provided:
- Git is configured to use SSH signing (gpg.format=ssh, commit.gpgsign=true)
- The key is written to ~/.ssh/claude_signing_key with 0600 permissions
- Git CLI commands are used (not MCP file ops)
- The key is cleaned up in a post step for security

Behavior matrix:
| ssh_signing_key | use_commit_signing | Result |
|-----------------|-------------------|--------|
| not set         | false             | Regular git, no signing |
| not set         | true              | GitHub API (MCP), verified commits |
| set             | false             | Git CLI with SSH signing |
| set             | true              | Git CLI with SSH signing (ssh_signing_key takes precedence)

* docs: add SSH signing key documentation

- Update security.md with detailed setup instructions for both signing options
- Explain that ssh_signing_key enables full git CLI operations (rebasing, etc.)
- Add ssh_signing_key to inputs table in usage.md
- Update bot_id/bot_name descriptions to note they're needed for verified commits

* fix: address security review feedback for SSH signing

- Write SSH key atomically with mode 0o600 (fixes TOCTOU race condition)
- Create .ssh directory with mode 0o700 (SSH best practices)
- Add input validation for SSH key format
- Remove unused chmod import
- Add tests for validation logic

2026-01-02 10:37:25 -08:00

Aidan Dunlap

154d0de144

feat: add instant "Fix this" links to PR code reviews (#773 )

* feat: add "Fix this" links to PR code reviews

When Claude reviews PRs and identifies fixable issues, it now includes
inline links that open Claude Code with the fix request pre-loaded.

Format: [Fix this →](https://claude.ai/code?q=<URI_ENCODED_INSTRUCTIONS>&repo=<REPO>)

This enables one-click fix requests directly from code review comments.

* feat: add include_fix_links input to control Fix this links

Adds a configurable input to enable/disable the "Fix this →" links
in PR code reviews. Defaults to true for backwards compatibility.

2025-12-27 15:29:06 -08:00

Benny Yen

86d6f44e34

chore: consolidate duplicate test directories (#565 )

Move detector.test.ts from tests/modes/ to test/modes/ and fix TypeScript
type errors by adding missing required properties (botId, botName, allowedNonWriteUsers).
Remove empty tests/ directory structure.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-authored-by: Claude <noreply@anthropic.com>

2025-09-11 07:24:55 -07:00

3 Commits