* fix: add baseUrl to Octokit initialization in update_claude_comment
Fixes Bad credentials error on GitHub Enterprise Server by passing
GITHUB_API_URL as baseUrl when initializing Octokit, consistent with
other Octokit instances in the codebase.
Fixes#156
Related to #107
Co-authored-by: ashwin-ant <ashwin-ant@users.noreply.github.com>
* fix: pass GITHUB_API_URL as env var to MCP server
Update the MCP server initialization to pass GITHUB_API_URL as an
environment variable, allowing it to work correctly with GitHub
Enterprise Server instances.
Co-authored-by: ashwin-ant <ashwin-ant@users.noreply.github.com>
* fix: import GITHUB_API_URL from config in install-mcp-server
Use the centralized GITHUB_API_URL constant from src/github/api/config.ts instead of reading directly from process.env when passing environment variables to the MCP server. This ensures consistency with how the API URL is handled throughout the codebase.
Co-authored-by: ashwin-ant <ashwin-ant@users.noreply.github.com>
* fix
---------
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
Co-authored-by: ashwin-ant <ashwin-ant@users.noreply.github.com>
Add MultiEdit tool to the BASE_ALLOWED_TOOLS array to enable Claude Code to use the MultiEdit tool for making multiple edits to a single file in one operation.
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
Co-authored-by: ashwin-ant <ashwin-ant@users.noreply.github.com>
Add ROADMAP.md documenting planned features and improvements for reaching v1.0:
- GitHub Action CI results visibility
- Cross-repo support
- Workflow file modification capabilities
- Additional event trigger support
- Configurable commit signing
- Enhanced code review features
- Bot user trigger support
- Customizable base prompts
The roadmap provides transparency on development priorities and invites
community feedback and contributions.
This change fixes an issue where the action fails in containerized workflow
jobs. By using ${GITHUB_ACTION_PATH} instead of ${{ github.action_path }},
the action can properly locate its resources in container environments.
Fixes#132
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
Co-authored-by: ashwin-ant <ashwin-ant@users.noreply.github.com>
* fix: only load GitHub MCP server when its tools are allowed
- Add allowedTools parameter to prepareMcpConfig
- Check for mcp__github__ and mcp__github_file_ops__ tool prefixes
- Only include MCP servers when their tools are in allowed_tools
- Maintain backward compatibility when allowed_tools is not specified
- Update tests to reflect the new conditional loading behavior
This optimizes resource usage by not loading unnecessary MCP servers
when their tools are not allowed in the configuration.
Co-authored-by: ashwin-ant <ashwin-ant@users.noreply.github.com>
* fix: always load github_file_ops server regardless of allowed_tools
- Only apply conditional loading to the github MCP server
- Always load github_file_ops server as it contains essential tools
- Update tests to reflect this behavior
Co-authored-by: ashwin-ant <ashwin-ant@users.noreply.github.com>
* refactor: move allowedTools/disallowedTools parsing to parseGitHubContext
- Change allowedTools and disallowedTools from string to string[] in ParsedGitHubContext type
- Parse comma-separated environment variables into arrays in parseGitHubContext function
- Update create-prompt and install-mcp-server to use pre-parsed arrays
- Update all affected test files to use array syntax
- Eliminate duplicate parsing logic across the codebase
* style: apply prettier formatting
---------
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
Co-authored-by: ashwin-ant <ashwin-ant@users.noreply.github.com>
Update the MCP configuration structure to properly wrap the github
server configuration within an mcpServers object, matching the
expected format for MCP config files.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-authored-by: Claude <noreply@anthropic.com>
* feat: add claude_env input for custom environment variables
Co-authored-by: ashwin-ant <ashwin-ant@users.noreply.github.com>
* docs: add claude_env input documentation with clear syntax examples
Added comprehensive documentation for the new claude_env input including:
- Entry in the Inputs table with description
- Example in the basic workflow configuration
- Detailed section in Advanced Configuration with practical use cases
This makes it clear how users can pass custom environment variables
to Claude Code execution in YAML format for CI/test setups.
Co-authored-by: ashwin-ant <ashwin-ant@users.noreply.github.com>
---------
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
Co-authored-by: ashwin-ant <ashwin-ant@users.noreply.github.com>
* feat: add unified update_claude_comment tool
- Add new update_claude_comment tool that automatically handles both issue and PR comments
- Remove individual update_issue_comment and update_pull_request_comment tools
- Pass CLAUDE_COMMENT_ID, GITHUB_EVENT_NAME, and IS_PR to MCP server environment
- Simplify Claude's comment update workflow by removing need for owner/repo/commentId params
- Update prompts and tests to use the new unified tool
* feat: add unified update_claude_comment tool
- Add new update_claude_comment tool that automatically handles both issue and PR comments
- Remove individual update_issue_comment and update_pull_request_comment tools
- Pass CLAUDE_COMMENT_ID, GITHUB_EVENT_NAME, and IS_PR to MCP server environment
- Use Octokit instead of raw fetch for better type safety and error handling
- Simplify Claude's comment update workflow by removing need for owner/repo/commentId params
- Update prompts and tests to use the new unified tool
* refactor: extract update_claude_comment logic to standalone testable function
- Create new updateClaudeComment function in operations/comments
- Add comprehensive unit tests following image-downloader pattern
- Update MCP server to use extracted function
- Refactor update-comment-link.ts and update-with-branch.ts to eliminate duplication
- All tests passing (10 new tests for update-claude-comment)
Co-authored-by: ashwin-ant <ashwin-ant@users.noreply.github.com>
* prettier
* tsc
* clean up comments
---------
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
Co-authored-by: ashwin-ant <ashwin-ant@users.noreply.github.com>
The last message in the Claude Code output does not have a role, but instead has a field "type" set to "result". With the current condition, the duration is never appended to the header of the comments.
- Add FAQ.md with sections on triggering, authentication, capabilities, and troubleshooting
- Document key limitations including workflow access, PR creation, and CI results visibility
- Include workarounds for common issues like automated workflows and test result access
- Cover security considerations and best practices for safe usage
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-authored-by: Claude <noreply@anthropic.com>
* Add enhanced text sanitization
* Format code with prettier
* Refactor tests to remove redundancy and improve structure
- Remove redundant 'mixed input patterns' test from sanitizer.test.ts
- Consolidate integration tests into 2 focused real-world scenarios
- Add HTML comment stripping to sanitizeContent function
- Update test expectations to match sanitization behavior
- Maintain full coverage with fewer, more focused tests
* Fix prettier formatting
* Remove rendered.html from repository
* Remove test-markdown.json and update .gitignore
* Revert .gitignore changes
The workflow was using 'mcp_config_file' which is not a valid parameter for
the claude-code-base-action. The correct parameter name is 'mcp_config' as
defined in the action.yml file.
This fix ensures that the MCP server configuration is properly passed to the
action, allowing the GitHub MCP server to be correctly initialized.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-authored-by: Claude <noreply@anthropic.com>
* feat: add base_branch input to specify source branch for new Claude branches
- Add base_branch input parameter to action.yml allowing users to specify which branch to use as source
- Update setupBranch function to accept and use the base branch parameter
- Defaults to repository default branch if no base branch is specified
- Addresses issue #62 for better branch control
Co-authored-by: ashwin-ant <ashwin-ant@users.noreply.github.com>
* perf: optimize setupBranch to avoid unnecessary default branch fetch
Only fetch repository default branch when actually needed:
- Skip initial fetch when baseBranch is provided
- Fetch default branch at end only for return value and GitHub Actions output
- Eliminates unnecessary API call when users specify base branch
Co-authored-by: ashwin-ant <ashwin-ant@users.noreply.github.com>
* fix: properly handle base branch throughout the action workflow
- Fix TypeScript error where defaultBranch was used before being assigned
- Replace DEFAULT_BRANCH with BASE_BRANCH in subsequent workflow steps
- Update PR creation and branch comparison to use the actual base branch
- Ensure custom base_branch input is respected in all operations
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
* refactor: move BASE_BRANCH env reading into parseGitHubContext
- Move BASE_BRANCH environment variable reading into parseGitHubContext for consistency
- Update setupBranch to use context.inputs.baseBranch instead of process.env
- Fix test descriptions to correctly reference BASE_BRANCH instead of DEFAULT_BRANCH
- Update test environment setup to use BASE_BRANCH
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
---------
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
Co-authored-by: ashwin-ant <ashwin-ant@users.noreply.github.com>
Co-authored-by: Claude <noreply@anthropic.com>
* feat: display detailed error messages when prepare step fails
- Capture prepare step errors in action.yml (up to 2000 chars)
- Add error details to comment update with collapsible section
- Handle both prepare and Claude execution failures separately
- Add test coverage for error detail display
This helps users debug issues like git errors, permission problems,
and branch creation failures more easily.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
* refactor: simplify error capture to show clean error messages only
- Remove complex shell script that captured full output logs
- Use core.setOutput in prepare.ts to pass clean error message directly
- Avoid exposing potentially sensitive information from logs
- Show only the actual error message (e.g. 'Failed to fetch issue data')
This provides cleaner, more readable error messages without the risk
of exposing sensitive information from debug logs.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
* refactor: simplify error display to show clean error messages only
- Remove collapsible <details> section for error messages
- Display errors in simple code blocks since messages are now clean and short
- Makes error messages more direct and readable
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
---------
Co-authored-by: Claude <noreply@anthropic.com>
* feat: allow user override of hardcoded disallowed tools
Allow users to override hardcoded disallowed tools (WebSearch, WebFetch) by including them in their allowed_tools configuration. This provides users with the ability to control tool access based on their security requirements.
Changes:
- Modified buildDisallowedToolsString() to accept allowedTools parameter
- Added logic to filter out hardcoded disallowed tools if present in allowed tools
- Updated function call site to pass allowedTools
- Added comprehensive test coverage for override behavior
- Maintains backward compatibility
Resolves#49
Co-authored-by: ashwin-ant <ashwin-ant@users.noreply.github.com>
* prettier
---------
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
Co-authored-by: ashwin-ant <ashwin-ant@users.noreply.github.com>
* Add shallow fetch to improve performance for large repositories
This change adds `--depth=1` to git fetch operations to perform shallow
fetches instead of full history downloads. This significantly reduces
checkout time for large repositories as reported in issue #52.
Changes:
- Line 55: Added --depth=1 to PR branch fetch
- Line 102: Added --depth=1 to new branch fetch
Fixes#52
Co-authored-by: ashwin-ant <ashwin-ant@users.noreply.github.com>
* fetch 50 commits for PRs
---------
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
Co-authored-by: ashwin-ant <ashwin-ant@users.noreply.github.com>
Pin oven-sh/setup-bun and anthropics/claude-code-base-action to specific commit SHAs instead of version tags to ensure reproducible builds and improve supply chain security.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-authored-by: Claude <noreply@anthropic.com>
- Add helpful hint about workflow permissions when OIDC token is not found
- Include response body in app token exchange failure errors for better debugging
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-authored-by: Claude <noreply@anthropic.com>
