The MCP servers (including github_comment server) were configured but not passed to Claude. This caused the "update_claude_comment" tool to be unavailable.
Changes:
- Write MCP config to a file at $RUNNER_TEMP/claude-mcp-config.json
- Add mcp_config_file output from prepare.ts
- Pass MCP config file via --mcp-config flag in claude_args
- Use fs/promises writeFile to match codebase conventions
- Agent mode now only triggers when explicit prompt is provided
- Removed automatic triggering for workflow_dispatch/schedule without prompt
- Re-added additional_permissions input for requesting GitHub permissions
- Fixed TypeScript types for mock context helpers to properly handle partial inputs
- Updated documentation to reflect simplified mode behavior
- Remove all backward compatibility for v1.0 simplification
- Remove 10 legacy inputs from base-action/action.yml
- Remove 9 legacy inputs from main action.yml
- Simplify ClaudeOptions type to just timeoutMinutes and claudeArgs
- Remove all legacy option handling from prepareRunConfig
- Update tests to remove references to deleted fields
- Remove obsolete test file github/context.test.ts
- Clean up types to remove customInstructions, allowedTools, disallowedTools
Users now use claudeArgs exclusively for CLI control.
* feat: skip permission check for GitHub App bot users
GitHub Apps (users ending with [bot]) now bypass permission checks
as they have their own authorization mechanism.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
* feat: add allow_bot_users option to control bot user access
- Add allow_bot_users input parameter (default: false)
- Modify checkHumanActor to optionally allow bot users
- Add comprehensive tests for bot user handling
- Improve security by blocking bot users by default
This change prevents potential prompt injection attacks from bot users
while providing flexibility for trusted bot integrations.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
* docs: mark bot user support feature as completed in roadmap
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
* refactor: move allowedBots parameter to context object
Move allowedBots from function parameter to context.inputs to maintain
consistency with other input handling throughout the codebase.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
* docs: update README for bot user support feature
Add documentation for the new allowed_bots parameter that enables
bot users to trigger Claude actions with granular control.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
* fix: add missing allowedBots property in permissions test
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
* fix: update bot name format to include [bot] suffix in tests and docs
- Update test cases to use correct bot actor names with [bot] suffix
- Update documentation example to show correct bot name format
- Align with GitHub's actual bot naming convention
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
* feat: normalize bot names for allowed_bots validation
- Strip [bot] suffix from both actor names and allowed bot list for comparison
- Allow both "dependabot" and "dependabot[bot]" formats in allowed_bots input
- Display normalized bot names in error messages for consistency
- Add comprehensive test coverage for both naming formats
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
---------
Co-authored-by: Claude <noreply@anthropic.com>
BREAKING CHANGES:
- Remove review mode entirely - now handled via slash commands in agent mode
- Remove all deprecated backward compatibility fields (mode, anthropic_model, override_prompt, direct_prompt)
- Simplify mode detection: prompt overrides everything, then @claude mentions trigger tag mode, default is agent mode
- Remove slash command resolution from GitHub Action - Claude Code handles natively
- Remove variable substitution - prompts passed through as-is
Architecture changes:
- Only two modes now: tag (for @claude mentions) and agent (everything else)
- Agent mode is the default for all events including PRs
- Users configure behavior via prompts/slash commands (e.g. /review)
- GitHub Action is now a thin wrapper that passes prompts to Claude Code
- Mode names changed: 'experimental-review' → removed entirely
This aligns with the philosophy that the GitHub Action should do minimal work and delegate to Claude Code for all intelligent behavior.
Major features:
- Mode auto-detection based on GitHub event type
- Unified prompt field replacing override_prompt and direct_prompt
- Slash command system with pre-built commands
- Full backward compatibility with v0.x
Key changes:
- Add mode detector for automatic mode selection
- Implement slash command loader with YAML frontmatter support
- Update action.yml with new prompt input
- Create pre-built slash commands for common tasks
- Update all tests for v1.0 compatibility
Breaking changes (with compatibility):
- Mode input now optional (auto-detected)
- override_prompt deprecated (use prompt)
- direct_prompt deprecated (use prompt)
* feat: add agent mode for automation scenarios
- Add agent mode that always triggers without checking for mentions
- Implement Mode interface with support for mode-specific tool configuration
- Add getAllowedTools() and getDisallowedTools() methods to Mode interface
- Simplify tests by combining related test cases
- Update documentation and examples to include agent mode
- Fix TypeScript imports to prevent circular dependencies
Agent mode is designed for automation and workflow_dispatch scenarios
where Claude should always run without requiring trigger phrases.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
* Minor update to readme (from @main to @beta)
* Since workflow_dispatch isn't in the base action, update the examples accordingly
* minor formatting issue
* Update to say beta instead of main
* Fix missed tracking comment to be false
* add schedule & workflow dispatch paths. Also make prepare logic conditional
* tests
* Add test workflow for workflow_dispatch functionality
* Update workflow to use correct branch reference
* remove test workflow dispatch file
* minor lint update
* update workflow dispatch agent example
* minor lint update
* refactor: simplify prepare logic with mode-specific implementations
* ensure tag mode can't work with workflow dispatch and schedule tasks
* simplify: remove workflow_dispatch/schedule from create-prompt
- Remove workflow_dispatch and schedule event handling from create-prompt
since agent mode doesn't use the standard prompt generation flow
- Enforce mode compatibility at selection time in the registry instead
of runtime validation in tag mode
- Add explanatory comment in agent mode about why prompt file is needed
- Update tests to reflect simplified event handling
This reduces code duplication and makes the separation between tag mode
(entity-based events) and agent mode (automation events) clearer.
* simplify PR by making agent mode only work with workflow dispatch and schedule events
* remove unnecessary changes
* remove unnecessary changes from PR
- Revert update-comment-link.ts changes (agent mode doesn't use this)
- Revert create-initial.ts changes (agent mode doesn't create comments)
- Remove unused default-branch.ts file
- Revert install-mcp-server.ts changes (agent mode uses minimal MCP)
These files are only used by tag mode for entity-based events, not needed
for workflow_dispatch/schedule support via agent mode.
* fix: handle optional entityNumber for TypeScript
- Add runtime checks in files that require entityNumber
- These files are only used by tag mode which always has entityNumber
- Agent mode (workflow_dispatch/schedule) doesn't use these files
* linting update
* refactor: implement discriminated unions for GitHub contexts
Split ParsedGitHubContext into entity-specific and automation contexts:
- ParsedGitHubContext: For entity events (issues/PRs) with required entityNumber and isPR
- AutomationContext: For workflow_dispatch/schedule events without entity fields
- GitHubContext: Union type for all contexts
This eliminates ~20 null checks throughout the codebase and provides better type safety.
Entity-specific code paths are now guaranteed to have the required fields.
Co-Authored-By: Claude <noreply@anthropic.com>
* update comment
* More robust type checking
* refactor: improve discriminated union implementation based on review feedback
- Use eventName checks instead of 'in' operator for more robust type guards
- Remove unnecessary type assertions - TypeScript's control flow analysis works correctly
- Remove redundant runtime checks for entityNumber and isPR
- Simplify code by using context directly after type guard
Co-Authored-By: Claude <noreply@anthropic.com>
* some structural simplification
* refactor: further simplify discriminated union implementation
- Add event name constants to reduce duplication
- Derive EntityEventName and AutomationEventName types from constants
- Use isAutomationContext consistently in agent mode and registry
- Simplify parseGitHubContext by removing redundant type assertions
- Extract payload casts to variables for cleaner code
Co-Authored-By: Claude <noreply@anthropic.com>
* bun format
* specify the type
* minor linting update again
---------
Co-authored-by: km-anthropic <km-anthropic@users.noreply.github.com>
Co-authored-by: Claude <noreply@anthropic.com>
* Add mode support
* update "as any" with proper "as unknwon as ModeName" casting
* Add documentation to README and registry.ts
* Add tests for differen event types, integration flows, and error conditions
* Clean up some tests
* Minor test fix
* Minor formatting test + switch from interface to type
* correct the order of mkdir call
* always configureGitAuth as there's already a fallback to handle null users by using the bot ID
* simplify registry setup
---------
Co-authored-by: km-anthropic <km-anthropic@users.noreply.github.com>
* feat: add use_commit_signing input with default false
- Add new input 'use_commit_signing' to action.yml (defaults to false)
- Separate comment update functionality into standalone github-comment-server.ts
- Update MCP server configuration to conditionally load servers based on signing preference
- When commit signing is disabled, use specific Bash git commands (e.g., Bash(git add:*))
- When commit signing is enabled, use github-file-ops-server for atomic commits with signing
- Always include github-comment-server for comment updates regardless of signing mode
- Update prompt generation to provide appropriate instructions based on signing preference
- Add comprehensive test coverage for new functionality
This change simplifies the default setup for users who don't need commit signing,
while maintaining the option to enable it for those who require GitHub's commit
signature verification.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
* feat: auto-commit uncommitted changes when commit signing is disabled
- Check for uncommitted changes after Claude finishes (non-signing mode only)
- Automatically commit and push any uncommitted work to preserve Claude's changes
- Update tests to avoid actual git operations during test runs
- Pass use_commit_signing flag to branch cleanup logic
---------
Co-authored-by: Claude <noreply@anthropic.com>
* actions server
* tmp
* Replace view_actions_results with additional_permissions input
- Changed input from boolean view_actions_results to a more flexible additional_permissions format
- Uses newline-separated colon format similar to claude_env (e.g., "actions: read")
- Maintains permission checking to warn users when their token lacks required permissions
- Updated all tests to use the new format
This allows for future extensibility while currently supporting only "actions: read" permission.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
* Update GitHub Actions MCP server with RUNNER_TEMP and status filtering
- Use RUNNER_TEMP environment variable for log storage directory (defaults to /tmp)
- Add status parameter to get_ci_status tool to filter workflow runs
- Supported statuses: completed, action_required, cancelled, failure, neutral, skipped, stale, success, timed_out, in_progress, queued, requested, waiting, pending
- Pass RUNNER_TEMP from install-mcp-server.ts to the MCP server environment
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
* Add GitHub Actions MCP tools to allowed tools when actions:read is granted
- Automatically include github_ci MCP server tools in allowed tools list when actions:read permission is granted
- Added mcp__github_ci__get_ci_status, mcp__github_ci__get_workflow_run_details, mcp__github_ci__download_job_log
- Simplified permission checking to avoid duplicate parsing logic
- Added tests for the new functionality
This ensures Claude can use the Actions tools when the server is enabled.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
* Refactor additional permissions parsing to parseGitHubContext
- Moved additional permissions parsing from individual functions to centralized parseGitHubContext
- Added parseAdditionalPermissions function to handle newline-separated colon format
- Removed redundant additionalPermissions parameter from prepareMcpConfig
- Updated tests to use permissions from context instead of passing as parameter
- Added comprehensive tests for parseAdditionalPermissions function
This centralizes all input parsing logic in one place for better maintainability.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
* Remove unnecessary hasActionsReadPermission parameter from createPrompt
- Removed hasActionsReadPermission parameter since createPrompt has access to context
- Calculate hasActionsReadPermission directly from context.inputs.additionalPermissions inside createPrompt
- Simplified prepare.ts by removing intermediate permission check
This completes the refactoring to centralize all permission handling through the context object.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
* docs: Add documentation for additional_permissions feature
- Document the new additional_permissions input that replaces view_actions_results
- Add dedicated section explaining CI/CD integration with actions:read permission
- Include example workflow showing how to grant GitHub token permissions
- Update main workflow example to show optional additional_permissions usage
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
* roadmap
---------
Co-authored-by: Claude <noreply@anthropic.com>
- introduced a new input parameter `label_trigger` in `action.yml` to allow triggering actions based on specific labels applied to issues.
- Enhanced the context preparation and event handling in the code to support the new labled event.
* fix: use direct assignee field
* fix: correct assignee trigger test to handle different assignee properly
The test was failing because the mockIssueAssignedContext was missing the
top-level assignee field that the trigger validation logic checks. Added
the missing assignee field to the mock context and updated the test to
properly override both the top-level assignee and issue.assignee fields
when testing assignment to a different user.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
* Adjust IssuesAssignedEvent import position (#2)
---------
Co-authored-by: Claude <noreply@anthropic.com>
* fix: only load GitHub MCP server when its tools are allowed
- Add allowedTools parameter to prepareMcpConfig
- Check for mcp__github__ and mcp__github_file_ops__ tool prefixes
- Only include MCP servers when their tools are in allowed_tools
- Maintain backward compatibility when allowed_tools is not specified
- Update tests to reflect the new conditional loading behavior
This optimizes resource usage by not loading unnecessary MCP servers
when their tools are not allowed in the configuration.
Co-authored-by: ashwin-ant <ashwin-ant@users.noreply.github.com>
* fix: always load github_file_ops server regardless of allowed_tools
- Only apply conditional loading to the github MCP server
- Always load github_file_ops server as it contains essential tools
- Update tests to reflect this behavior
Co-authored-by: ashwin-ant <ashwin-ant@users.noreply.github.com>
* refactor: move allowedTools/disallowedTools parsing to parseGitHubContext
- Change allowedTools and disallowedTools from string to string[] in ParsedGitHubContext type
- Parse comma-separated environment variables into arrays in parseGitHubContext function
- Update create-prompt and install-mcp-server to use pre-parsed arrays
- Update all affected test files to use array syntax
- Eliminate duplicate parsing logic across the codebase
* style: apply prettier formatting
---------
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
Co-authored-by: ashwin-ant <ashwin-ant@users.noreply.github.com>
