chore: add retry loop to Claude Code installation (#694 )

* chore: add --debug and retry loop to Claude Code installation Adds 2-minute timeout with up to 3 retry attempts for installation. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * fix: remove unsupported --debug flag from install script 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> --------- Co-authored-by: Claude <noreply@anthropic.com>
chore: bump Claude Code version to 2.0.50
2026-01-23 15:04:13 +08:00 · 2025-11-21 16:52:35 -08:00 · 2025-11-21 23:16:27 +00:00 · 2025-11-21 01:31:39 +00:00 · 2025-11-20 13:50:13 -08:00 · 2025-11-20 13:47:12 -08:00
48 changed files with 3636 additions and 184 deletions
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -9,7 +9,7 @@ jobs:
  test:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - uses: oven-sh/setup-bun@v2
        with:
@@ -24,7 +24,7 @@ jobs:
  prettier:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - uses: oven-sh/setup-bun@v1
        with:
@@ -39,7 +39,7 @@ jobs:
  typecheck:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - uses: oven-sh/setup-bun@v2
        with:
--- a/.github/workflows/claude-review.yml
+++ b/.github/workflows/claude-review.yml
@@ -2,7 +2,7 @@ name: PR Review
 on:
  pull_request:
-    types: [opened, synchronize, ready_for_review, reopened]
+    types: [opened]
 jobs:
  review:
@@ -13,7 +13,7 @@ jobs:
      id-token: write
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
        with:
          fetch-depth: 1
--- a/.github/workflows/claude-test.yml
+++ b/.github/workflows/claude-test.yml
@@ -1,38 +0,0 @@
 # Test workflow for km-anthropic fork (v1-dev branch)
 # This tests the fork implementation, not the main repo
 name: Claude Code (Fork Test)
 on:
  issue_comment:
    types: [created]
  pull_request_review_comment:
    types: [created]
  issues:
    types: [opened, assigned]
  pull_request_review:
    types: [submitted]
 jobs:
  claude:
    if: |
      (github.event_name == 'issue_comment' && contains(github.event.comment.body, '@claude')) ||
      (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@claude')) ||
      (github.event_name == 'pull_request_review' && contains(github.event.review.body, '@claude')) ||
      (github.event_name == 'issues' && (
        contains(github.event.issue.body, '@claude') || 
        contains(github.event.issue.title, '@claude')
      ))
    runs-on: ubuntu-latest
    permissions:
      contents: write
      pull-requests: write
      issues: write
      id-token: write # Required for OIDC token exchange
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
      - name: Run Claude Code
        uses: km-anthropic/claude-code-action@v1-dev
        with:
          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
--- a/.github/workflows/claude.yml
+++ b/.github/workflows/claude.yml
@@ -25,7 +25,7 @@ jobs:
      id-token: write
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
        with:
          fetch-depth: 1
--- a/.github/workflows/issue-triage.yml
+++ b/.github/workflows/issue-triage.yml
@@ -14,7 +14,7 @@ jobs:
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
        with:
          fetch-depth: 0
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -19,7 +19,7 @@ jobs:
      next_version: ${{ steps.next_version.outputs.next_version }}
    steps:
      - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
        with:
          fetch-depth: 0
@@ -91,7 +91,7 @@ jobs:
      contents: write
    steps:
      - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
        with:
          fetch-depth: 0
@@ -116,7 +116,7 @@ jobs:
    environment: production
    steps:
      - name: Checkout base-action repo
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
        with:
          repository: anthropics/claude-code-base-action
          token: ${{ secrets.CLAUDE_CODE_BASE_ACTION_PAT }}
--- a/.github/workflows/test-settings.yml
+++ b/.github/workflows/test-settings.yml
@@ -67,7 +67,7 @@ jobs:
        uses: ./base-action
        with:
          prompt: |
-            Use Bash to echo "This should not work"
+            Run the command `echo $HOME` to check the home directory path
          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
          settings: |
            {
@@ -163,7 +163,7 @@ jobs:
        uses: ./base-action
        with:
          prompt: |
-            Use Bash to echo "This should not work from file"
+            Run the command `echo $HOME` to check the home directory path
          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
          settings: "test-settings.json"
--- a/.github/workflows/test-structured-output.yml
+++ b/.github/workflows/test-structured-output.yml
@@ -0,0 +1,307 @@
 name: Test Structured Outputs
 on:
  push:
    branches:
      - main
  pull_request:
  workflow_dispatch:
 permissions:
  contents: read
 jobs:
  test-basic-types:
    name: Test Basic Type Conversions
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
      - name: Test with explicit values
        id: test
        uses: ./base-action
        with:
          prompt: |
            Run this command: echo "test"
            Then return EXACTLY these values:
            - text_field: "hello"
            - number_field: 42
            - boolean_true: true
            - boolean_false: false
          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
          claude_args: |
            --allowedTools Bash
            --json-schema '{"type":"object","properties":{"text_field":{"type":"string"},"number_field":{"type":"number"},"boolean_true":{"type":"boolean"},"boolean_false":{"type":"boolean"}},"required":["text_field","number_field","boolean_true","boolean_false"]}'
      - name: Verify outputs
        run: |
          # Parse the structured_output JSON
          OUTPUT='${{ steps.test.outputs.structured_output }}'
          # Test string pass-through
          TEXT_FIELD=$(echo "$OUTPUT" | jq -r '.text_field')
          if [ "$TEXT_FIELD" != "hello" ]; then
            echo "❌ String: expected 'hello', got '$TEXT_FIELD'"
            exit 1
          fi
          # Test number → string conversion
          NUMBER_FIELD=$(echo "$OUTPUT" | jq -r '.number_field')
          if [ "$NUMBER_FIELD" != "42" ]; then
            echo "❌ Number: expected '42', got '$NUMBER_FIELD'"
            exit 1
          fi
          # Test boolean → "true" conversion
          BOOLEAN_TRUE=$(echo "$OUTPUT" | jq -r '.boolean_true')
          if [ "$BOOLEAN_TRUE" != "true" ]; then
            echo "❌ Boolean true: expected 'true', got '$BOOLEAN_TRUE'"
            exit 1
          fi
          # Test boolean → "false" conversion
          BOOLEAN_FALSE=$(echo "$OUTPUT" | jq -r '.boolean_false')
          if [ "$BOOLEAN_FALSE" != "false" ]; then
            echo "❌ Boolean false: expected 'false', got '$BOOLEAN_FALSE'"
            exit 1
          fi
          echo "✅ All basic type conversions correct"
  test-complex-types:
    name: Test Arrays and Objects
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
      - name: Test complex types
        id: test
        uses: ./base-action
        with:
          prompt: |
            Run: echo "ready"
            Return EXACTLY:
            - items: ["apple", "banana", "cherry"]
            - config: {"key": "value", "count": 3}
            - empty_array: []
          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
          claude_args: |
            --allowedTools Bash
            --json-schema '{"type":"object","properties":{"items":{"type":"array","items":{"type":"string"}},"config":{"type":"object"},"empty_array":{"type":"array"}},"required":["items","config","empty_array"]}'
      - name: Verify JSON stringification
        run: |
          # Parse the structured_output JSON
          OUTPUT='${{ steps.test.outputs.structured_output }}'
          # Arrays should be JSON stringified
          if ! echo "$OUTPUT" | jq -e '.items | length == 3' > /dev/null; then
            echo "❌ Array not properly formatted"
            echo "$OUTPUT" | jq '.items'
            exit 1
          fi
          # Objects should be JSON stringified
          if ! echo "$OUTPUT" | jq -e '.config.key == "value"' > /dev/null; then
            echo "❌ Object not properly formatted"
            echo "$OUTPUT" | jq '.config'
            exit 1
          fi
          # Empty arrays should work
          if ! echo "$OUTPUT" | jq -e '.empty_array | length == 0' > /dev/null; then
            echo "❌ Empty array not properly formatted"
            echo "$OUTPUT" | jq '.empty_array'
            exit 1
          fi
          echo "✅ All complex types handled correctly"
  test-edge-cases:
    name: Test Edge Cases
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
      - name: Test edge cases
        id: test
        uses: ./base-action
        with:
          prompt: |
            Run: echo "test"
            Return EXACTLY:
            - zero: 0
            - empty_string: ""
            - negative: -5
            - decimal: 3.14
          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
          claude_args: |
            --allowedTools Bash
            --json-schema '{"type":"object","properties":{"zero":{"type":"number"},"empty_string":{"type":"string"},"negative":{"type":"number"},"decimal":{"type":"number"}},"required":["zero","empty_string","negative","decimal"]}'
      - name: Verify edge cases
        run: |
          # Parse the structured_output JSON
          OUTPUT='${{ steps.test.outputs.structured_output }}'
          # Zero should be "0", not empty or falsy
          ZERO=$(echo "$OUTPUT" | jq -r '.zero')
          if [ "$ZERO" != "0" ]; then
            echo "❌ Zero: expected '0', got '$ZERO'"
            exit 1
          fi
          # Empty string should be empty (not "null" or missing)
          EMPTY_STRING=$(echo "$OUTPUT" | jq -r '.empty_string')
          if [ "$EMPTY_STRING" != "" ]; then
            echo "❌ Empty string: expected '', got '$EMPTY_STRING'"
            exit 1
          fi
          # Negative numbers should work
          NEGATIVE=$(echo "$OUTPUT" | jq -r '.negative')
          if [ "$NEGATIVE" != "-5" ]; then
            echo "❌ Negative: expected '-5', got '$NEGATIVE'"
            exit 1
          fi
          # Decimals should preserve precision
          DECIMAL=$(echo "$OUTPUT" | jq -r '.decimal')
          if [ "$DECIMAL" != "3.14" ]; then
            echo "❌ Decimal: expected '3.14', got '$DECIMAL'"
            exit 1
          fi
          echo "✅ All edge cases handled correctly"
  test-name-sanitization:
    name: Test Output Name Sanitization
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
      - name: Test special characters in field names
        id: test
        uses: ./base-action
        with:
          prompt: |
            Run: echo "test"
            Return EXACTLY: {test-result: "passed", item_count: 10}
          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
          claude_args: |
            --allowedTools Bash
            --json-schema '{"type":"object","properties":{"test-result":{"type":"string"},"item_count":{"type":"number"}},"required":["test-result","item_count"]}'
      - name: Verify sanitized names work
        run: |
          # Parse the structured_output JSON
          OUTPUT='${{ steps.test.outputs.structured_output }}'
          # Hyphens should be preserved in the JSON
          TEST_RESULT=$(echo "$OUTPUT" | jq -r '.["test-result"]')
          if [ "$TEST_RESULT" != "passed" ]; then
            echo "❌ Hyphenated name failed: expected 'passed', got '$TEST_RESULT'"
            exit 1
          fi
          # Underscores should work
          ITEM_COUNT=$(echo "$OUTPUT" | jq -r '.item_count')
          if [ "$ITEM_COUNT" != "10" ]; then
            echo "❌ Underscore name failed: expected '10', got '$ITEM_COUNT'"
            exit 1
          fi
          echo "✅ Name sanitization works"
  test-execution-file-structure:
    name: Test Execution File Format
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
      - name: Run with structured output
        id: test
        uses: ./base-action
        with:
          prompt: "Run: echo 'complete'. Return: {done: true}"
          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
          claude_args: |
            --allowedTools Bash
            --json-schema '{"type":"object","properties":{"done":{"type":"boolean"}},"required":["done"]}'
      - name: Verify execution file contains structured_output
        run: |
          FILE="${{ steps.test.outputs.execution_file }}"
          # Check file exists
          if [ ! -f "$FILE" ]; then
            echo "❌ Execution file missing"
            exit 1
          fi
          # Check for structured_output field
          if ! jq -e '.[] | select(.type == "result") | .structured_output' "$FILE" > /dev/null; then
            echo "❌ No structured_output in execution file"
            cat "$FILE"
            exit 1
          fi
          # Verify the actual value
          DONE=$(jq -r '.[] | select(.type == "result") | .structured_output.done' "$FILE")
          if [ "$DONE" != "true" ]; then
            echo "❌ Wrong value in execution file"
            exit 1
          fi
          echo "✅ Execution file format correct"
  test-summary:
    name: Summary
    runs-on: ubuntu-latest
    needs:
      - test-basic-types
      - test-complex-types
      - test-edge-cases
      - test-name-sanitization
      - test-execution-file-structure
    if: always()
    steps:
      - name: Generate Summary
        run: |
          echo "# Structured Output Tests (Optimized)" >> $GITHUB_STEP_SUMMARY
          echo "" >> $GITHUB_STEP_SUMMARY
          echo "Fast, deterministic tests using explicit prompts" >> $GITHUB_STEP_SUMMARY
          echo "" >> $GITHUB_STEP_SUMMARY
          echo "| Test | Result |" >> $GITHUB_STEP_SUMMARY
          echo "|------|--------|" >> $GITHUB_STEP_SUMMARY
          echo "| Basic Types | ${{ needs.test-basic-types.result == 'success' && '✅ PASS' || '❌ FAIL' }} |" >> $GITHUB_STEP_SUMMARY
          echo "| Complex Types | ${{ needs.test-complex-types.result == 'success' && '✅ PASS' || '❌ FAIL' }} |" >> $GITHUB_STEP_SUMMARY
          echo "| Edge Cases | ${{ needs.test-edge-cases.result == 'success' && '✅ PASS' || '❌ FAIL' }} |" >> $GITHUB_STEP_SUMMARY
          echo "| Name Sanitization | ${{ needs.test-name-sanitization.result == 'success' && '✅ PASS' || '❌ FAIL' }} |" >> $GITHUB_STEP_SUMMARY
          echo "| Execution File | ${{ needs.test-execution-file-structure.result == 'success' && '✅ PASS' || '❌ FAIL' }} |" >> $GITHUB_STEP_SUMMARY
          # Check if all passed
          ALL_PASSED=${{
            needs.test-basic-types.result == 'success' &&
            needs.test-complex-types.result == 'success' &&
            needs.test-edge-cases.result == 'success' &&
            needs.test-name-sanitization.result == 'success' &&
            needs.test-execution-file-structure.result == 'success'
          }}
          if [ "$ALL_PASSED" = "true" ]; then
            echo "" >> $GITHUB_STEP_SUMMARY
            echo "## ✅ All Tests Passed" >> $GITHUB_STEP_SUMMARY
          else
            echo "" >> $GITHUB_STEP_SUMMARY
            echo "## ❌ Some Tests Failed" >> $GITHUB_STEP_SUMMARY
            exit 1
          fi
--- a/README.md
+++ b/README.md
@@ -2,7 +2,7 @@
 # Claude Code Action
-A general-purpose [Claude Code](https://claude.ai/code) action for GitHub PRs and issues that can answer questions and implement code changes. This action intelligently detects when to activate based on your workflow context—whether responding to @claude mentions, issue assignments, or executing automation tasks with explicit prompts. It supports multiple authentication methods including Anthropic direct API, Amazon Bedrock, and Google Vertex AI.
+A general-purpose [Claude Code](https://claude.ai/code) action for GitHub PRs and issues that can answer questions and implement code changes. This action intelligently detects when to activate based on your workflow context—whether responding to @claude mentions, issue assignments, or executing automation tasks with explicit prompts. It supports multiple authentication methods including Anthropic direct API, Amazon Bedrock, Google Vertex AI, and Microsoft Foundry.
 ## Features
@@ -13,6 +13,7 @@ A general-purpose [Claude Code](https://claude.ai/code) action for GitHub PRs an
 - 💬 **PR/Issue Integration**: Works seamlessly with GitHub comments and PR reviews
 - 🛠️ **Flexible Tool Access**: Access to GitHub APIs and file operations (additional tools can be enabled via configuration)
 - 📋 **Progress Tracking**: Visual progress indicators with checkboxes that dynamically update as Claude completes tasks
 - 📊 **Structured Outputs**: Get validated JSON results that automatically become GitHub Action outputs for complex automations
 - 🏃 **Runs on Your Infrastructure**: The action executes entirely on your own GitHub runner (Anthropic API calls go to your chosen provider)
 - ⚙️ **Simplified Configuration**: Unified `prompt` and `claude_args` inputs provide clean, powerful configuration aligned with Claude Code SDK
@@ -29,7 +30,7 @@ This command will guide you through setting up the GitHub app and required secre
 **Note**:
 - You must be a repository admin to install the GitHub app and add secrets
- This quickstart method is only available for direct Anthropic API users. For AWS Bedrock or Google Vertex AI setup, see [docs/cloud-providers.md](./docs/cloud-providers.md).
+- This quickstart method is only available for direct Anthropic API users. For AWS Bedrock, Google Vertex AI, or Microsoft Foundry setup, see [docs/cloud-providers.md](./docs/cloud-providers.md).
 ## 📚 Solutions & Use Cases
@@ -56,7 +57,7 @@ Each solution includes complete working examples, configuration details, and exp
 - [Custom Automations](./docs/custom-automations.md) - Examples of automated workflows and custom prompts
 - [Configuration](./docs/configuration.md) - MCP servers, permissions, environment variables, and advanced settings
 - [Experimental Features](./docs/experimental.md) - Execution modes and network restrictions
- [Cloud Providers](./docs/cloud-providers.md) - AWS Bedrock and Google Vertex AI setup
+- [Cloud Providers](./docs/cloud-providers.md) - AWS Bedrock, Google Vertex AI, and Microsoft Foundry setup
 - [Capabilities & Limitations](./docs/capabilities-and-limitations.md) - What Claude can and cannot do
 - [Security](./docs/security.md) - Access control, permissions, and commit signing
 - [FAQ](./docs/faq.md) - Common questions and troubleshooting
--- a/action.yml
+++ b/action.yml
@@ -44,7 +44,7 @@ inputs:
  # Auth configuration
  anthropic_api_key:
-    description: "Anthropic API key (required for direct API, not needed for Bedrock/Vertex)"
+    description: "Anthropic API key (required for direct API, not needed for Bedrock/Vertex/Foundry)"
    required: false
  claude_code_oauth_token:
    description: "Claude Code OAuth token (alternative to anthropic_api_key)"
@@ -60,6 +60,10 @@ inputs:
    description: "Use Google Vertex AI with OIDC authentication instead of direct Anthropic API"
    required: false
    default: "false"
  use_foundry:
    description: "Use Microsoft Foundry with OIDC authentication instead of direct Anthropic API"
    required: false
    default: "false"
  claude_args:
    description: "Additional arguments to pass directly to Claude CLI"
@@ -101,6 +105,18 @@ inputs:
    description: "Optional path to a custom Bun executable. If provided, skips automatic Bun installation and uses this executable instead. WARNING: Using an incompatible version may cause problems if the action requires specific Bun features. This input is typically not needed unless you're debugging something specific or have unique needs in your environment."
    required: false
    default: ""
  show_full_output:
    description: "Show full JSON output from Claude Code. WARNING: This outputs ALL Claude messages including tool execution results which may contain secrets, API keys, or other sensitive information. These logs are publicly visible in GitHub Actions. Only enable for debugging in non-sensitive environments."
    required: false
    default: "false"
  plugins:
    description: "Newline-separated list of Claude Code plugin names to install (e.g., 'code-review@claude-code-plugins\nfeature-dev@claude-code-plugins')"
    required: false
    default: ""
  plugin_marketplaces:
    description: "Newline-separated list of Claude Code plugin marketplace Git URLs to install from (e.g., 'https://github.com/user/marketplace1.git\nhttps://github.com/user/marketplace2.git')"
    required: false
    default: ""
 outputs:
  execution_file:
@@ -112,6 +128,9 @@ outputs:
  github_token:
    description: "The GitHub token used by the action (Claude App token if available)"
    value: ${{ steps.prepare.outputs.github_token }}
  structured_output:
    description: "JSON string containing all structured output fields when --json-schema is provided in claude_args. Use fromJSON() to parse: fromJSON(steps.id.outputs.structured_output).field_name"
    value: ${{ steps.claude-code.outputs.structured_output }}
 runs:
  using: "composite"
@@ -177,7 +196,19 @@ runs:
        # Install Claude Code if no custom executable is provided
        if [ -z "${{ inputs.path_to_claude_code_executable }}" ]; then
          echo "Installing Claude Code..."
-          curl -fsSL https://claude.ai/install.sh | bash -s 1.0.113
+          for attempt in 1 2 3; do
            echo "Installation attempt $attempt..."
            if timeout 120 bash -c 'curl -fsSL https://claude.ai/install.sh | bash -s -- 2.0.50'; then
              echo "Claude Code installed successfully"
              break
            fi
            if [ $attempt -eq 3 ]; then
              echo "Failed to install Claude Code after 3 attempts"
              exit 1
            fi
            echo "Installation timed out or failed, retrying..."
            sleep 5
          done
          echo "$HOME/.local/bin" >> "$GITHUB_PATH"
        else
          echo "Using custom Claude Code executable: ${{ inputs.path_to_claude_code_executable }}"
@@ -213,6 +244,9 @@ runs:
        INPUT_ACTION_INPUTS_PRESENT: ${{ steps.prepare.outputs.action_inputs_present }}
        INPUT_PATH_TO_CLAUDE_CODE_EXECUTABLE: ${{ inputs.path_to_claude_code_executable }}
        INPUT_PATH_TO_BUN_EXECUTABLE: ${{ inputs.path_to_bun_executable }}
        INPUT_SHOW_FULL_OUTPUT: ${{ inputs.show_full_output }}
        INPUT_PLUGINS: ${{ inputs.plugins }}
        INPUT_PLUGIN_MARKETPLACES: ${{ inputs.plugin_marketplaces }}
        # Model configuration
        GITHUB_TOKEN: ${{ steps.prepare.outputs.GITHUB_TOKEN }}
@@ -226,12 +260,14 @@ runs:
        ANTHROPIC_CUSTOM_HEADERS: ${{ env.ANTHROPIC_CUSTOM_HEADERS }}
        CLAUDE_CODE_USE_BEDROCK: ${{ inputs.use_bedrock == 'true' && '1' || '' }}
        CLAUDE_CODE_USE_VERTEX: ${{ inputs.use_vertex == 'true' && '1' || '' }}
        CLAUDE_CODE_USE_FOUNDRY: ${{ inputs.use_foundry == 'true' && '1' || '' }}
        # AWS configuration
        AWS_REGION: ${{ env.AWS_REGION }}
        AWS_ACCESS_KEY_ID: ${{ env.AWS_ACCESS_KEY_ID }}
        AWS_SECRET_ACCESS_KEY: ${{ env.AWS_SECRET_ACCESS_KEY }}
        AWS_SESSION_TOKEN: ${{ env.AWS_SESSION_TOKEN }}
        AWS_BEARER_TOKEN_BEDROCK: ${{ env.AWS_BEARER_TOKEN_BEDROCK }}
        ANTHROPIC_BEDROCK_BASE_URL: ${{ env.ANTHROPIC_BEDROCK_BASE_URL || (env.AWS_REGION && format('https://bedrock-runtime.{0}.amazonaws.com', env.AWS_REGION)) }}
        # GCP configuration
@@ -245,6 +281,13 @@ runs:
        VERTEX_REGION_CLAUDE_3_5_SONNET: ${{ env.VERTEX_REGION_CLAUDE_3_5_SONNET }}
        VERTEX_REGION_CLAUDE_3_7_SONNET: ${{ env.VERTEX_REGION_CLAUDE_3_7_SONNET }}
        # Microsoft Foundry configuration
        ANTHROPIC_FOUNDRY_RESOURCE: ${{ env.ANTHROPIC_FOUNDRY_RESOURCE }}
        ANTHROPIC_FOUNDRY_BASE_URL: ${{ env.ANTHROPIC_FOUNDRY_BASE_URL }}
        ANTHROPIC_DEFAULT_SONNET_MODEL: ${{ env.ANTHROPIC_DEFAULT_SONNET_MODEL }}
        ANTHROPIC_DEFAULT_HAIKU_MODEL: ${{ env.ANTHROPIC_DEFAULT_HAIKU_MODEL }}
        ANTHROPIC_DEFAULT_OPUS_MODEL: ${{ env.ANTHROPIC_DEFAULT_OPUS_MODEL }}
    - name: Update comment with job link
      if: steps.prepare.outputs.contains_trigger == 'true' && steps.prepare.outputs.claude_comment_id && always()
      shell: bash
@@ -259,7 +302,7 @@ runs:
        GITHUB_EVENT_NAME: ${{ github.event_name }}
        TRIGGER_COMMENT_ID: ${{ github.event.comment.id }}
        CLAUDE_BRANCH: ${{ steps.prepare.outputs.CLAUDE_BRANCH }}
-        IS_PR: ${{ github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' }}
+        IS_PR: ${{ github.event.issue.pull_request != null || github.event_name == 'pull_request_target' || github.event_name == 'pull_request_review_comment' }}
        BASE_BRANCH: ${{ steps.prepare.outputs.BASE_BRANCH }}
        CLAUDE_SUCCESS: ${{ steps.claude-code.outputs.conclusion == 'success' }}
        OUTPUT_FILE: ${{ steps.claude-code.outputs.execution_file || '' }}
--- a/base-action/README.md
+++ b/base-action/README.md
@@ -85,29 +85,32 @@ Add the following to your workflow file:
 ## Inputs
-| Input                     | Description                                                                                       | Required | Default                      |
+| Input                     | Description                                                                                                             | Required | Default                      |
-| ------------------------- | ------------------------------------------------------------------------------------------------- | -------- | ---------------------------- |
+| ------------------------- | ----------------------------------------------------------------------------------------------------------------------- | -------- | ---------------------------- |
-| `prompt`                  | The prompt to send to Claude Code                                                                 | No\*     | ''                           |
+| `prompt`                  | The prompt to send to Claude Code                                                                                       | No\*     | ''                           |
-| `prompt_file`             | Path to a file containing the prompt to send to Claude Code                                       | No\*     | ''                           |
+| `prompt_file`             | Path to a file containing the prompt to send to Claude Code                                                             | No\*     | ''                           |
-| `allowed_tools`           | Comma-separated list of allowed tools for Claude Code to use                                      | No       | ''                           |
+| `allowed_tools`           | Comma-separated list of allowed tools for Claude Code to use                                                            | No       | ''                           |
-| `disallowed_tools`        | Comma-separated list of disallowed tools that Claude Code cannot use                              | No       | ''                           |
+| `disallowed_tools`        | Comma-separated list of disallowed tools that Claude Code cannot use                                                    | No       | ''                           |
-| `max_turns`               | Maximum number of conversation turns (default: no limit)                                          | No       | ''                           |
+| `max_turns`               | Maximum number of conversation turns (default: no limit)                                                                | No       | ''                           |
-| `mcp_config`              | Path to the MCP configuration JSON file, or MCP configuration JSON string                         | No       | ''                           |
+| `mcp_config`              | Path to the MCP configuration JSON file, or MCP configuration JSON string                                               | No       | ''                           |
-| `settings`                | Path to Claude Code settings JSON file, or settings JSON string                                   | No       | ''                           |
+| `settings`                | Path to Claude Code settings JSON file, or settings JSON string                                                         | No       | ''                           |
-| `system_prompt`           | Override system prompt                                                                            | No       | ''                           |
+| `system_prompt`           | Override system prompt                                                                                                  | No       | ''                           |
-| `append_system_prompt`    | Append to system prompt                                                                           | No       | ''                           |
+| `append_system_prompt`    | Append to system prompt                                                                                                 | No       | ''                           |
-| `claude_env`              | Custom environment variables to pass to Claude Code execution (YAML multiline format)             | No       | ''                           |
+| `claude_env`              | Custom environment variables to pass to Claude Code execution (YAML multiline format)                                   | No       | ''                           |
-| `model`                   | Model to use (provider-specific format required for Bedrock/Vertex)                               | No       | 'claude-4-0-sonnet-20250219' |
+| `model`                   | Model to use (provider-specific format required for Bedrock/Vertex)                                                     | No       | 'claude-4-0-sonnet-20250219' |
-| `anthropic_model`         | DEPRECATED: Use 'model' instead                                                                   | No       | 'claude-4-0-sonnet-20250219' |
+| `anthropic_model`         | DEPRECATED: Use 'model' instead                                                                                         | No       | 'claude-4-0-sonnet-20250219' |
-| `fallback_model`          | Enable automatic fallback to specified model when default model is overloaded                     | No       | ''                           |
+| `fallback_model`          | Enable automatic fallback to specified model when default model is overloaded                                           | No       | ''                           |
-| `anthropic_api_key`       | Anthropic API key (required for direct Anthropic API)                                             | No       | ''                           |
+| `anthropic_api_key`       | Anthropic API key (required for direct Anthropic API)                                                                   | No       | ''                           |
-| `claude_code_oauth_token` | Claude Code OAuth token (alternative to anthropic_api_key)                                        | No       | ''                           |
+| `claude_code_oauth_token` | Claude Code OAuth token (alternative to anthropic_api_key)                                                              | No       | ''                           |
-| `use_bedrock`             | Use Amazon Bedrock with OIDC authentication instead of direct Anthropic API                       | No       | 'false'                      |
+| `use_bedrock`             | Use Amazon Bedrock with OIDC authentication instead of direct Anthropic API                                             | No       | 'false'                      |
-| `use_vertex`              | Use Google Vertex AI with OIDC authentication instead of direct Anthropic API                     | No       | 'false'                      |
+| `use_vertex`              | Use Google Vertex AI with OIDC authentication instead of direct Anthropic API                                           | No       | 'false'                      |
-| `use_node_cache`          | Whether to use Node.js dependency caching (set to true only for Node.js projects with lock files) | No       | 'false'                      |
+| `use_node_cache`          | Whether to use Node.js dependency caching (set to true only for Node.js projects with lock files)                       | No       | 'false'                      |
 | `show_full_output`        | Show full JSON output (⚠️ May expose secrets - see [security docs](../docs/security.md#️-full-output-security-warning)) | No       | 'false'\*\*                  |
 \*Either `prompt` or `prompt_file` must be provided, but not both.
 \*\*`show_full_output` is automatically enabled when GitHub Actions debug mode is active. See [security documentation](../docs/security.md#️-full-output-security-warning) for important security considerations.
 ## Outputs
 | Output           | Description                                                |
@@ -336,7 +339,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
        with:
          fetch-depth: 0
--- a/base-action/action.yml
+++ b/base-action/action.yml
@@ -42,6 +42,10 @@ inputs:
    description: "Use Google Vertex AI with OIDC authentication instead of direct Anthropic API"
    required: false
    default: "false"
  use_foundry:
    description: "Use Microsoft Foundry with OIDC authentication instead of direct Anthropic API"
    required: false
    default: "false"
  use_node_cache:
    description: "Whether to use Node.js dependency caching (set to true only for Node.js projects with lock files)"
@@ -55,6 +59,18 @@ inputs:
    description: "Optional path to a custom Bun executable. If provided, skips automatic Bun installation and uses this executable instead. WARNING: Using an incompatible version may cause problems if the action requires specific Bun features. This input is typically not needed unless you're debugging something specific or have unique needs in your environment."
    required: false
    default: ""
  show_full_output:
    description: "Show full JSON output from Claude Code. WARNING: This outputs ALL Claude messages including tool execution results which may contain secrets, API keys, or other sensitive information. These logs are publicly visible in GitHub Actions. Only enable for debugging in non-sensitive environments."
    required: false
    default: "false"
  plugins:
    description: "Newline-separated list of Claude Code plugin names to install (e.g., 'code-review@claude-code-plugins\nfeature-dev@claude-code-plugins')"
    required: false
    default: ""
  plugin_marketplaces:
    description: "Newline-separated list of Claude Code plugin marketplace Git URLs to install from (e.g., 'https://github.com/user/marketplace1.git\nhttps://github.com/user/marketplace2.git')"
    required: false
    default: ""
 outputs:
  conclusion:
@@ -63,6 +79,9 @@ outputs:
  execution_file:
    description: "Path to the JSON file containing Claude Code execution log"
    value: ${{ steps.run_claude.outputs.execution_file }}
  structured_output:
    description: "JSON string containing all structured output fields when --json-schema is provided in claude_args (use fromJSON() or jq to parse)"
    value: ${{ steps.run_claude.outputs.structured_output }}
 runs:
  using: "composite"
@@ -99,7 +118,19 @@ runs:
      run: |
        if [ -z "${{ inputs.path_to_claude_code_executable }}" ]; then
          echo "Installing Claude Code..."
-          curl -fsSL https://claude.ai/install.sh | bash -s 1.0.113
+          for attempt in 1 2 3; do
            echo "Installation attempt $attempt..."
            if timeout 120 bash -c 'curl -fsSL https://claude.ai/install.sh | bash -s -- 2.0.50'; then
              echo "Claude Code installed successfully"
              break
            fi
            if [ $attempt -eq 3 ]; then
              echo "Failed to install Claude Code after 3 attempts"
              exit 1
            fi
            echo "Installation timed out or failed, retrying..."
            sleep 5
          done
        else
          echo "Using custom Claude Code executable: ${{ inputs.path_to_claude_code_executable }}"
          # Add the directory containing the custom executable to PATH
@@ -126,6 +157,9 @@ runs:
        INPUT_CLAUDE_ARGS: ${{ inputs.claude_args }}
        INPUT_PATH_TO_CLAUDE_CODE_EXECUTABLE: ${{ inputs.path_to_claude_code_executable }}
        INPUT_PATH_TO_BUN_EXECUTABLE: ${{ inputs.path_to_bun_executable }}
        INPUT_SHOW_FULL_OUTPUT: ${{ inputs.show_full_output }}
        INPUT_PLUGINS: ${{ inputs.plugins }}
        INPUT_PLUGIN_MARKETPLACES: ${{ inputs.plugin_marketplaces }}
        # Provider configuration
        ANTHROPIC_API_KEY: ${{ inputs.anthropic_api_key }}
@@ -135,12 +169,14 @@ runs:
        # Only set provider flags if explicitly true, since any value (including "false") is truthy
        CLAUDE_CODE_USE_BEDROCK: ${{ inputs.use_bedrock == 'true' && '1' || '' }}
        CLAUDE_CODE_USE_VERTEX: ${{ inputs.use_vertex == 'true' && '1' || '' }}
        CLAUDE_CODE_USE_FOUNDRY: ${{ inputs.use_foundry == 'true' && '1' || '' }}
        # AWS configuration
        AWS_REGION: ${{ env.AWS_REGION }}
        AWS_ACCESS_KEY_ID: ${{ env.AWS_ACCESS_KEY_ID }}
        AWS_SECRET_ACCESS_KEY: ${{ env.AWS_SECRET_ACCESS_KEY }}
        AWS_SESSION_TOKEN: ${{ env.AWS_SESSION_TOKEN }}
        AWS_BEARER_TOKEN_BEDROCK: ${{ env.AWS_BEARER_TOKEN_BEDROCK }}
        ANTHROPIC_BEDROCK_BASE_URL: ${{ env.ANTHROPIC_BEDROCK_BASE_URL || (env.AWS_REGION && format('https://bedrock-runtime.{0}.amazonaws.com', env.AWS_REGION)) }}
        # GCP configuration
@@ -148,3 +184,10 @@ runs:
        CLOUD_ML_REGION: ${{ env.CLOUD_ML_REGION }}
        GOOGLE_APPLICATION_CREDENTIALS: ${{ env.GOOGLE_APPLICATION_CREDENTIALS }}
        ANTHROPIC_VERTEX_BASE_URL: ${{ env.ANTHROPIC_VERTEX_BASE_URL }}
        # Microsoft Foundry configuration
        ANTHROPIC_FOUNDRY_RESOURCE: ${{ env.ANTHROPIC_FOUNDRY_RESOURCE }}
        ANTHROPIC_FOUNDRY_BASE_URL: ${{ env.ANTHROPIC_FOUNDRY_BASE_URL }}
        ANTHROPIC_DEFAULT_SONNET_MODEL: ${{ env.ANTHROPIC_DEFAULT_SONNET_MODEL }}
        ANTHROPIC_DEFAULT_HAIKU_MODEL: ${{ env.ANTHROPIC_DEFAULT_HAIKU_MODEL }}
        ANTHROPIC_DEFAULT_OPUS_MODEL: ${{ env.ANTHROPIC_DEFAULT_OPUS_MODEL }}
--- a/base-action/examples/issue-triage.yml
+++ b/base-action/examples/issue-triage.yml
@@ -32,7 +32,7 @@ jobs:
                  "--rm",
                  "-e",
                  "GITHUB_PERSONAL_ACCESS_TOKEN",
-                  "ghcr.io/github/github-mcp-server:sha-7aced2b"
+                  "ghcr.io/github/github-mcp-server:sha-23fa0dd"
                ],
                "env": {
                  "GITHUB_PERSONAL_ACCESS_TOKEN": "${{ secrets.GITHUB_TOKEN }}"
--- a/base-action/package-lock.json
+++ b/base-action/package-lock.json
@@ -0,0 +1,196 @@
 {
  "name": "@anthropic-ai/claude-code-base-action",
  "version": "1.0.0",
  "lockfileVersion": 3,
  "requires": true,
  "packages": {
    "": {
      "name": "@anthropic-ai/claude-code-base-action",
      "version": "1.0.0",
      "dependencies": {
        "@actions/core": "^1.10.1",
        "shell-quote": "^1.8.3"
      },
      "devDependencies": {
        "@types/bun": "^1.2.12",
        "@types/node": "^20.0.0",
        "@types/shell-quote": "^1.7.5",
        "prettier": "3.5.3",
        "typescript": "^5.8.3"
      }
    },
    "node_modules/@actions/core": {
      "version": "1.11.1",
      "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.11.1.tgz",
      "integrity": "sha512-hXJCSrkwfA46Vd9Z3q4cpEpHB1rL5NG04+/rbqW9d3+CSvtB1tYe8UTpAlixa1vj0m/ULglfEK2UKxMGxCxv5A==",
      "license": "MIT",
      "dependencies": {
        "@actions/exec": "^1.1.1",
        "@actions/http-client": "^2.0.1"
      }
    },
    "node_modules/@actions/exec": {
      "version": "1.1.1",
      "resolved": "https://registry.npmjs.org/@actions/exec/-/exec-1.1.1.tgz",
      "integrity": "sha512-+sCcHHbVdk93a0XT19ECtO/gIXoxvdsgQLzb2fE2/5sIZmWQuluYyjPQtrtTHdU1YzTZ7bAPN4sITq2xi1679w==",
      "license": "MIT",
      "dependencies": {
        "@actions/io": "^1.0.1"
      }
    },
    "node_modules/@actions/http-client": {
      "version": "2.2.3",
      "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-2.2.3.tgz",
      "integrity": "sha512-mx8hyJi/hjFvbPokCg4uRd4ZX78t+YyRPtnKWwIl+RzNaVuFpQHfmlGVfsKEJN8LwTCvL+DfVgAM04XaHkm6bA==",
      "license": "MIT",
      "dependencies": {
        "tunnel": "^0.0.6",
        "undici": "^5.25.4"
      }
    },
    "node_modules/@actions/io": {
      "version": "1.1.3",
      "resolved": "https://registry.npmjs.org/@actions/io/-/io-1.1.3.tgz",
      "integrity": "sha512-wi9JjgKLYS7U/z8PPbco+PvTb/nRWjeoFlJ1Qer83k/3C5PHQi28hiVdeE2kHXmIL99mQFawx8qt/JPjZilJ8Q==",
      "license": "MIT"
    },
    "node_modules/@fastify/busboy": {
      "version": "2.1.1",
      "resolved": "https://registry.npmjs.org/@fastify/busboy/-/busboy-2.1.1.tgz",
      "integrity": "sha512-vBZP4NlzfOlerQTnba4aqZoMhE/a9HY7HRqoOPaETQcSQuWEIyZMHGfVu6w9wGtGK5fED5qRs2DteVCjOH60sA==",
      "license": "MIT",
      "engines": {
        "node": ">=14"
      }
    },
    "node_modules/@types/bun": {
      "version": "1.3.1",
      "resolved": "https://registry.npmjs.org/@types/bun/-/bun-1.3.1.tgz",
      "integrity": "sha512-4jNMk2/K9YJtfqwoAa28c8wK+T7nvJFOjxI4h/7sORWcypRNxBpr+TPNaCfVWq70tLCJsqoFwcf0oI0JU/fvMQ==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
        "bun-types": "1.3.1"
      }
    },
    "node_modules/@types/node": {
      "version": "20.19.23",
      "resolved": "https://registry.npmjs.org/@types/node/-/node-20.19.23.tgz",
      "integrity": "sha512-yIdlVVVHXpmqRhtyovZAcSy0MiPcYWGkoO4CGe/+jpP0hmNuihm4XhHbADpK++MsiLHP5MVlv+bcgdF99kSiFQ==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
        "undici-types": "~6.21.0"
      }
    },
    "node_modules/@types/react": {
      "version": "19.2.2",
      "resolved": "https://registry.npmjs.org/@types/react/-/react-19.2.2.tgz",
      "integrity": "sha512-6mDvHUFSjyT2B2yeNx2nUgMxh9LtOWvkhIU3uePn2I2oyNymUAX1NIsdgviM4CH+JSrp2D2hsMvJOkxY+0wNRA==",
      "dev": true,
      "license": "MIT",
      "peer": true,
      "dependencies": {
        "csstype": "^3.0.2"
      }
    },
    "node_modules/@types/shell-quote": {
      "version": "1.7.5",
      "resolved": "https://registry.npmjs.org/@types/shell-quote/-/shell-quote-1.7.5.tgz",
      "integrity": "sha512-+UE8GAGRPbJVQDdxi16dgadcBfQ+KG2vgZhV1+3A1XmHbmwcdwhCUwIdy+d3pAGrbvgRoVSjeI9vOWyq376Yzw==",
      "dev": true,
      "license": "MIT"
    },
    "node_modules/bun-types": {
      "version": "1.3.1",
      "resolved": "https://registry.npmjs.org/bun-types/-/bun-types-1.3.1.tgz",
      "integrity": "sha512-NMrcy7smratanWJ2mMXdpatalovtxVggkj11bScuWuiOoXTiKIu2eVS1/7qbyI/4yHedtsn175n4Sm4JcdHLXw==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
        "@types/node": "*"
      },
      "peerDependencies": {
        "@types/react": "^19"
      }
    },
    "node_modules/csstype": {
      "version": "3.1.3",
      "resolved": "https://registry.npmjs.org/csstype/-/csstype-3.1.3.tgz",
      "integrity": "sha512-M1uQkMl8rQK/szD0LNhtqxIPLpimGm8sOBwU7lLnCpSbTyY3yeU1Vc7l4KT5zT4s/yOxHH5O7tIuuLOCnLADRw==",
      "dev": true,
      "license": "MIT",
      "peer": true
    },
    "node_modules/prettier": {
      "version": "3.5.3",
      "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.5.3.tgz",
      "integrity": "sha512-QQtaxnoDJeAkDvDKWCLiwIXkTgRhwYDEQCghU9Z6q03iyek/rxRh/2lC3HB7P8sWT2xC/y5JDctPLBIGzHKbhw==",
      "dev": true,
      "license": "MIT",
      "bin": {
        "prettier": "bin/prettier.cjs"
      },
      "engines": {
        "node": ">=14"
      },
      "funding": {
        "url": "https://github.com/prettier/prettier?sponsor=1"
      }
    },
    "node_modules/shell-quote": {
      "version": "1.8.3",
      "resolved": "https://registry.npmjs.org/shell-quote/-/shell-quote-1.8.3.tgz",
      "integrity": "sha512-ObmnIF4hXNg1BqhnHmgbDETF8dLPCggZWBjkQfhZpbszZnYur5DUljTcCHii5LC3J5E0yeO/1LIMyH+UvHQgyw==",
      "license": "MIT",
      "engines": {
        "node": ">= 0.4"
      },
      "funding": {
        "url": "https://github.com/sponsors/ljharb"
      }
    },
    "node_modules/tunnel": {
      "version": "0.0.6",
      "resolved": "https://registry.npmjs.org/tunnel/-/tunnel-0.0.6.tgz",
      "integrity": "sha512-1h/Lnq9yajKY2PEbBadPXj3VxsDDu844OnaAo52UVmIzIvwwtBPIuNvkjuzBlTWpfJyUbG3ez0KSBibQkj4ojg==",
      "license": "MIT",
      "engines": {
        "node": ">=0.6.11 <=0.7.0 || >=0.7.3"
      }
    },
    "node_modules/typescript": {
      "version": "5.9.3",
      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.9.3.tgz",
      "integrity": "sha512-jl1vZzPDinLr9eUt3J/t7V6FgNEw9QjvBPdysz9KfQDD41fQrC2Y4vKQdiaUpFT4bXlb1RHhLpp8wtm6M5TgSw==",
      "dev": true,
      "license": "Apache-2.0",
      "bin": {
        "tsc": "bin/tsc",
        "tsserver": "bin/tsserver"
      },
      "engines": {
        "node": ">=14.17"
      }
    },
    "node_modules/undici": {
      "version": "5.29.0",
      "resolved": "https://registry.npmjs.org/undici/-/undici-5.29.0.tgz",
      "integrity": "sha512-raqeBD6NQK4SkWhQzeYKd1KmIG6dllBOTt55Rmkt4HtI9mwdWtJljnrXjAFUBLTSN67HWrOIZ3EPF4kjUw80Bg==",
      "license": "MIT",
      "dependencies": {
        "@fastify/busboy": "^2.0.0"
      },
      "engines": {
        "node": ">=14.0"
      }
    },
    "node_modules/undici-types": {
      "version": "6.21.0",
      "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz",
      "integrity": "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==",
      "dev": true,
      "license": "MIT"
    }
  }
 }
--- a/base-action/src/index.ts
+++ b/base-action/src/index.ts
@@ -5,6 +5,7 @@ import { preparePrompt } from "./prepare-prompt";
 import { runClaude } from "./run-claude";
 import { setupClaudeCodeSettings } from "./setup-claude-code-settings";
 import { validateEnvironmentVariables } from "./validate-env";
 import { installPlugins } from "./install-plugins";
 async function run() {
  try {
@@ -15,6 +16,13 @@ async function run() {
      undefined, // homeDir
    );
    // Install Claude Code plugins if specified
    await installPlugins(
      process.env.INPUT_PLUGIN_MARKETPLACES,
      process.env.INPUT_PLUGINS,
      process.env.INPUT_PATH_TO_CLAUDE_CODE_EXECUTABLE,
    );
    const promptConfig = await preparePrompt({
      prompt: process.env.INPUT_PROMPT || "",
      promptFile: process.env.INPUT_PROMPT_FILE || "",
@@ -33,6 +41,7 @@ async function run() {
      model: process.env.ANTHROPIC_MODEL,
      pathToClaudeCodeExecutable:
        process.env.INPUT_PATH_TO_CLAUDE_CODE_EXECUTABLE,
      showFullOutput: process.env.INPUT_SHOW_FULL_OUTPUT,
    });
  } catch (error) {
    core.setFailed(`Action failed with error: ${error}`);
--- a/base-action/src/install-plugins.ts
+++ b/base-action/src/install-plugins.ts
@@ -0,0 +1,222 @@
 import { spawn, ChildProcess } from "child_process";
 const PLUGIN_NAME_REGEX = /^[@a-zA-Z0-9_\-\/\.]+$/;
 const MAX_PLUGIN_NAME_LENGTH = 512;
 const PATH_TRAVERSAL_REGEX =
  /\.\.\/|\/\.\.|\.\/|\/\.|(?:^|\/)\.\.$|(?:^|\/)\.$|\.\.(?![0-9])/;
 const MARKETPLACE_URL_REGEX =
  /^https:\/\/[a-zA-Z0-9\-._~:/?#[\]@!$&'()*+,;=%]+\.git$/;
 /**
 * Validates a marketplace URL for security issues
 * @param url - The marketplace URL to validate
 * @throws {Error} If the URL is invalid
 */
 function validateMarketplaceUrl(url: string): void {
  const normalized = url.trim();
  if (!normalized) {
    throw new Error("Marketplace URL cannot be empty");
  }
  if (!MARKETPLACE_URL_REGEX.test(normalized)) {
    throw new Error(`Invalid marketplace URL format: ${url}`);
  }
  // Additional check for valid URL structure
  try {
    new URL(normalized);
  } catch {
    throw new Error(`Invalid marketplace URL: ${url}`);
  }
 }
 /**
 * Validates a plugin name for security issues
 * @param pluginName - The plugin name to validate
 * @throws {Error} If the plugin name is invalid
 */
 function validatePluginName(pluginName: string): void {
  // Normalize Unicode to prevent homoglyph attacks (e.g., fullwidth dots, Unicode slashes)
  const normalized = pluginName.normalize("NFC");
  if (normalized.length > MAX_PLUGIN_NAME_LENGTH) {
    throw new Error(`Plugin name too long: ${normalized.substring(0, 50)}...`);
  }
  if (!PLUGIN_NAME_REGEX.test(normalized)) {
    throw new Error(`Invalid plugin name format: ${pluginName}`);
  }
  // Prevent path traversal attacks with single efficient regex check
  if (PATH_TRAVERSAL_REGEX.test(normalized)) {
    throw new Error(`Invalid plugin name format: ${pluginName}`);
  }
 }
 /**
 * Parse a newline-separated list of marketplace URLs and return an array of validated URLs
 * @param marketplaces - Newline-separated list of marketplace Git URLs
 * @returns Array of validated marketplace URLs (empty array if none provided)
 */
 function parseMarketplaces(marketplaces?: string): string[] {
  const trimmed = marketplaces?.trim();
  if (!trimmed) {
    return [];
  }
  // Split by newline and process each URL
  return trimmed
    .split("\n")
    .map((url) => url.trim())
    .filter((url) => {
      if (url.length === 0) return false;
      validateMarketplaceUrl(url);
      return true;
    });
 }
 /**
 * Parse a newline-separated list of plugin names and return an array of trimmed, non-empty plugin names
 * Validates plugin names to prevent command injection and path traversal attacks
 * Allows: letters, numbers, @, -, _, /, . (common npm/scoped package characters)
 * Disallows: path traversal (../, ./), shell metacharacters, and consecutive dots
 * @param plugins - Newline-separated list of plugin names, or undefined/empty to return empty array
 * @returns Array of validated plugin names (empty array if none provided)
 * @throws {Error} If any plugin name fails validation
 */
 function parsePlugins(plugins?: string): string[] {
  const trimmedPlugins = plugins?.trim();
  if (!trimmedPlugins) {
    return [];
  }
  // Split by newline and process each plugin
  return trimmedPlugins
    .split("\n")
    .map((p) => p.trim())
    .filter((p) => {
      if (p.length === 0) return false;
      validatePluginName(p);
      return true;
    });
 }
 /**
 * Executes a Claude Code CLI command with proper error handling
 * @param claudeExecutable - Path to the Claude executable
 * @param args - Command arguments to pass to the executable
 * @param errorContext - Context string for error messages (e.g., "Failed to install plugin 'foo'")
 * @returns Promise that resolves when the command completes successfully
 * @throws {Error} If the command fails to execute
 */
 async function executeClaudeCommand(
  claudeExecutable: string,
  args: string[],
  errorContext: string,
 ): Promise<void> {
  return new Promise((resolve, reject) => {
    const childProcess: ChildProcess = spawn(claudeExecutable, args, {
      stdio: "inherit",
    });
    childProcess.on("close", (code: number | null) => {
      if (code === 0) {
        resolve();
      } else if (code === null) {
        reject(new Error(`${errorContext}: process terminated by signal`));
      } else {
        reject(new Error(`${errorContext} (exit code: ${code})`));
      }
    });
    childProcess.on("error", (err: Error) => {
      reject(new Error(`${errorContext}: ${err.message}`));
    });
  });
 }
 /**
 * Installs a single Claude Code plugin
 * @param pluginName - The name of the plugin to install
 * @param claudeExecutable - Path to the Claude executable
 * @returns Promise that resolves when the plugin is installed successfully
 * @throws {Error} If the plugin installation fails
 */
 async function installPlugin(
  pluginName: string,
  claudeExecutable: string,
 ): Promise<void> {
  console.log(`Installing plugin: ${pluginName}`);
  return executeClaudeCommand(
    claudeExecutable,
    ["plugin", "install", pluginName],
    `Failed to install plugin '${pluginName}'`,
  );
 }
 /**
 * Adds a Claude Code plugin marketplace
 * @param claudeExecutable - Path to the Claude executable
 * @param marketplaceUrl - The marketplace Git URL to add
 * @returns Promise that resolves when the marketplace add command completes
 * @throws {Error} If the command fails to execute
 */
 async function addMarketplace(
  claudeExecutable: string,
  marketplaceUrl: string,
 ): Promise<void> {
  console.log(`Adding marketplace: ${marketplaceUrl}`);
  return executeClaudeCommand(
    claudeExecutable,
    ["plugin", "marketplace", "add", marketplaceUrl],
    `Failed to add marketplace '${marketplaceUrl}'`,
  );
 }
 /**
 * Installs Claude Code plugins from a newline-separated list
 * @param marketplacesInput - Newline-separated list of marketplace Git URLs
 * @param pluginsInput - Newline-separated list of plugin names
 * @param claudeExecutable - Path to the Claude executable (defaults to "claude")
 * @returns Promise that resolves when all plugins are installed
 * @throws {Error} If any plugin fails validation or installation (stops on first error)
 */
 export async function installPlugins(
  marketplacesInput?: string,
  pluginsInput?: string,
  claudeExecutable?: string,
 ): Promise<void> {
  // Resolve executable path with explicit fallback
  const resolvedExecutable = claudeExecutable || "claude";
  // Parse and add all marketplaces before installing plugins
  const marketplaces = parseMarketplaces(marketplacesInput);
  if (marketplaces.length > 0) {
    console.log(`Adding ${marketplaces.length} marketplace(s)...`);
    for (const marketplace of marketplaces) {
      await addMarketplace(resolvedExecutable, marketplace);
      console.log(`✓ Successfully added marketplace: ${marketplace}`);
    }
  } else {
    console.log("No marketplaces specified, skipping marketplace setup");
  }
  const plugins = parsePlugins(pluginsInput);
  if (plugins.length > 0) {
    console.log(`Installing ${plugins.length} plugin(s)...`);
    for (const plugin of plugins) {
      await installPlugin(plugin, resolvedExecutable);
      console.log(`✓ Successfully installed: ${plugin}`);
    }
  } else {
    console.log("No plugins specified, skipping plugins installation");
  }
 }
--- a/base-action/src/run-claude.ts
+++ b/base-action/src/run-claude.ts
@@ -1,7 +1,7 @@
 import * as core from "@actions/core";
 import { exec } from "child_process";
 import { promisify } from "util";
-import { unlink, writeFile, stat } from "fs/promises";
+import { unlink, writeFile, stat, readFile } from "fs/promises";
 import { createWriteStream } from "fs";
 import { spawn } from "child_process";
 import { parse as parseShellArgs } from "shell-quote";
@@ -12,6 +12,59 @@ const PIPE_PATH = `${process.env.RUNNER_TEMP}/claude_prompt_pipe`;
 const EXECUTION_FILE = `${process.env.RUNNER_TEMP}/claude-execution-output.json`;
 const BASE_ARGS = ["--verbose", "--output-format", "stream-json"];
 /**
 * Sanitizes JSON output to remove sensitive information when full output is disabled
 * Returns a safe summary message or null if the message should be completely suppressed
 */
 function sanitizeJsonOutput(
  jsonObj: any,
  showFullOutput: boolean,
 ): string | null {
  if (showFullOutput) {
    // In full output mode, return the full JSON
    return JSON.stringify(jsonObj, null, 2);
  }
  // In non-full-output mode, provide minimal safe output
  const type = jsonObj.type;
  const subtype = jsonObj.subtype;
  // System initialization - safe to show
  if (type === "system" && subtype === "init") {
    return JSON.stringify(
      {
        type: "system",
        subtype: "init",
        message: "Claude Code initialized",
        model: jsonObj.model || "unknown",
      },
      null,
      2,
    );
  }
  // Result messages - Always show the final result
  if (type === "result") {
    // These messages contain the final result and should always be visible
    return JSON.stringify(
      {
        type: "result",
        subtype: jsonObj.subtype,
        is_error: jsonObj.is_error,
        duration_ms: jsonObj.duration_ms,
        num_turns: jsonObj.num_turns,
        total_cost_usd: jsonObj.total_cost_usd,
        permission_denials: jsonObj.permission_denials,
      },
      null,
      2,
    );
  }
  // For any other message types, suppress completely in non-full-output mode
  return null;
 }
 export type ClaudeOptions = {
  claudeArgs?: string;
  model?: string;
@@ -24,6 +77,7 @@ export type ClaudeOptions = {
  appendSystemPrompt?: string;
  claudeEnv?: string;
  fallbackModel?: string;
  showFullOutput?: string;
 };
 type PreparedConfig = {
@@ -68,9 +122,54 @@ export function prepareRunConfig(
  };
 }
 /**
 * Parses structured_output from execution file and sets GitHub Action outputs
 * Only runs if --json-schema was explicitly provided in claude_args
 * Exported for testing
 */
 export async function parseAndSetStructuredOutputs(
  executionFile: string,
 ): Promise<void> {
  try {
    const content = await readFile(executionFile, "utf-8");
    const messages = JSON.parse(content) as {
      type: string;
      structured_output?: Record<string, unknown>;
    }[];
    // Search backwards - result is typically last or second-to-last message
    const result = messages.findLast(
      (m) => m.type === "result" && m.structured_output,
    );
    if (!result?.structured_output) {
      throw new Error(
        `--json-schema was provided but Claude did not return structured_output.\n` +
          `Found ${messages.length} messages. Result exists: ${!!result}\n`,
      );
    }
    // Set the complete structured output as a single JSON string
    // This works around GitHub Actions limitation that composite actions can't have dynamic outputs
    const structuredOutputJson = JSON.stringify(result.structured_output);
    core.setOutput("structured_output", structuredOutputJson);
    core.info(
      `Set structured_output with ${Object.keys(result.structured_output).length} field(s)`,
    );
  } catch (error) {
    if (error instanceof Error) {
      throw error; // Preserve original error and stack trace
    }
    throw new Error(`Failed to parse structured outputs: ${error}`);
  }
 }
 export async function runClaude(promptPath: string, options: ClaudeOptions) {
  const config = prepareRunConfig(promptPath, options);
  // Detect if --json-schema is present in claude args
  const hasJsonSchema = options.claudeArgs?.includes("--json-schema") ?? false;
  // Create a named pipe
  try {
    await unlink(PIPE_PATH);
@@ -138,12 +237,27 @@ export async function runClaude(promptPath: string, options: ClaudeOptions) {
    pipeStream.destroy();
  });
  // Determine if full output should be shown
  // Show full output if explicitly set to "true" OR if GitHub Actions debug mode is enabled
  const isDebugMode = process.env.ACTIONS_STEP_DEBUG === "true";
  let showFullOutput = options.showFullOutput === "true" || isDebugMode;
  if (isDebugMode && options.showFullOutput !== "false") {
    console.log("Debug mode detected - showing full output");
    showFullOutput = true;
  } else if (!showFullOutput) {
    console.log("Running Claude Code (full output hidden for security)...");
    console.log(
      "Rerun in debug mode or enable `show_full_output: true` in your workflow file for full output.",
    );
  }
  // Capture output for parsing execution metrics
  let output = "";
  claudeProcess.stdout.on("data", (data) => {
    const text = data.toString();
-    // Try to parse as JSON and pretty print if it's on a single line
+    // Try to parse as JSON and handle based on verbose setting
    const lines = text.split("\n");
    lines.forEach((line: string, index: number) => {
      if (line.trim() === "") return;
@@ -151,17 +265,24 @@ export async function runClaude(promptPath: string, options: ClaudeOptions) {
      try {
        // Check if this line is a JSON object
        const parsed = JSON.parse(line);
-        const prettyJson = JSON.stringify(parsed, null, 2);
+        const sanitizedOutput = sanitizeJsonOutput(parsed, showFullOutput);
-        process.stdout.write(prettyJson);
+
-        if (index < lines.length - 1 || text.endsWith("\n")) {
+        if (sanitizedOutput) {
-          process.stdout.write("\n");
+          process.stdout.write(sanitizedOutput);
          if (index < lines.length - 1 || text.endsWith("\n")) {
            process.stdout.write("\n");
          }
        }
      } catch (e) {
-        // Not a JSON object, print as is
+        // Not a JSON object
-        process.stdout.write(line);
+        if (showFullOutput) {
-        if (index < lines.length - 1 || text.endsWith("\n")) {
+          // In full output mode, print as is
-          process.stdout.write("\n");
+          process.stdout.write(line);
          if (index < lines.length - 1 || text.endsWith("\n")) {
            process.stdout.write("\n");
          }
        }
        // In non-full-output mode, suppress non-JSON output
      }
    });
@@ -232,8 +353,23 @@ export async function runClaude(promptPath: string, options: ClaudeOptions) {
      core.warning(`Failed to process output for execution metrics: ${e}`);
    }
    core.setOutput("conclusion", "success");
    core.setOutput("execution_file", EXECUTION_FILE);
    // Parse and set structured outputs only if user provided --json-schema in claude_args
    if (hasJsonSchema) {
      try {
        await parseAndSetStructuredOutputs(EXECUTION_FILE);
      } catch (error) {
        const errorMessage =
          error instanceof Error ? error.message : String(error);
        core.setFailed(errorMessage);
        core.setOutput("conclusion", "failure");
        process.exit(1);
      }
    }
    // Set conclusion to success if we reached here
    core.setOutput("conclusion", "success");
  } else {
    core.setOutput("conclusion", "failure");
--- a/base-action/src/validate-env.ts
+++ b/base-action/src/validate-env.ts
@@ -1,39 +1,50 @@
 /**
 * Validates the environment variables required for running Claude Code
- * based on the selected provider (Anthropic API, AWS Bedrock, or Google Vertex AI)
+ * based on the selected provider (Anthropic API, AWS Bedrock, Google Vertex AI, or Microsoft Foundry)
 */
 export function validateEnvironmentVariables() {
  const useBedrock = process.env.CLAUDE_CODE_USE_BEDROCK === "1";
  const useVertex = process.env.CLAUDE_CODE_USE_VERTEX === "1";
  const useFoundry = process.env.CLAUDE_CODE_USE_FOUNDRY === "1";
  const anthropicApiKey = process.env.ANTHROPIC_API_KEY;
  const claudeCodeOAuthToken = process.env.CLAUDE_CODE_OAUTH_TOKEN;
  const errors: string[] = [];
-  if (useBedrock && useVertex) {
+  // Check for mutual exclusivity between providers
  const activeProviders = [useBedrock, useVertex, useFoundry].filter(Boolean);
  if (activeProviders.length > 1) {
    errors.push(
-      "Cannot use both Bedrock and Vertex AI simultaneously. Please set only one provider.",
+      "Cannot use multiple providers simultaneously. Please set only one of: CLAUDE_CODE_USE_BEDROCK, CLAUDE_CODE_USE_VERTEX, or CLAUDE_CODE_USE_FOUNDRY.",
    );
  }
-  if (!useBedrock && !useVertex) {
+  if (!useBedrock && !useVertex && !useFoundry) {
    if (!anthropicApiKey && !claudeCodeOAuthToken) {
      errors.push(
        "Either ANTHROPIC_API_KEY or CLAUDE_CODE_OAUTH_TOKEN is required when using direct Anthropic API.",
      );
    }
  } else if (useBedrock) {
-    const requiredBedrockVars = {
+    const awsRegion = process.env.AWS_REGION;
-      AWS_REGION: process.env.AWS_REGION,
+    const awsAccessKeyId = process.env.AWS_ACCESS_KEY_ID;
-      AWS_ACCESS_KEY_ID: process.env.AWS_ACCESS_KEY_ID,
+    const awsSecretAccessKey = process.env.AWS_SECRET_ACCESS_KEY;
-      AWS_SECRET_ACCESS_KEY: process.env.AWS_SECRET_ACCESS_KEY,
+    const awsBearerToken = process.env.AWS_BEARER_TOKEN_BEDROCK;
    };
-    Object.entries(requiredBedrockVars).forEach(([key, value]) => {
+    // AWS_REGION is always required for Bedrock
-      if (!value) {
+    if (!awsRegion) {
-        errors.push(`${key} is required when using AWS Bedrock.`);
+      errors.push("AWS_REGION is required when using AWS Bedrock.");
-      }
+    }
-    });
+
    // Either bearer token OR access key credentials must be provided
    const hasAccessKeyCredentials = awsAccessKeyId && awsSecretAccessKey;
    const hasBearerToken = awsBearerToken;
    if (!hasAccessKeyCredentials && !hasBearerToken) {
      errors.push(
        "Either AWS_BEARER_TOKEN_BEDROCK or both AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY are required when using AWS Bedrock.",
      );
    }
  } else if (useVertex) {
    const requiredVertexVars = {
      ANTHROPIC_VERTEX_PROJECT_ID: process.env.ANTHROPIC_VERTEX_PROJECT_ID,
@@ -45,6 +56,16 @@ export function validateEnvironmentVariables() {
        errors.push(`${key} is required when using Google Vertex AI.`);
      }
    });
  } else if (useFoundry) {
    const foundryResource = process.env.ANTHROPIC_FOUNDRY_RESOURCE;
    const foundryBaseUrl = process.env.ANTHROPIC_FOUNDRY_BASE_URL;
    // Either resource name or base URL is required
    if (!foundryResource && !foundryBaseUrl) {
      errors.push(
        "Either ANTHROPIC_FOUNDRY_RESOURCE or ANTHROPIC_FOUNDRY_BASE_URL is required when using Microsoft Foundry.",
      );
    }
  }
  if (errors.length > 0) {
--- a/base-action/test/install-plugins.test.ts
+++ b/base-action/test/install-plugins.test.ts
@@ -0,0 +1,599 @@
 #!/usr/bin/env bun
 import { describe, test, expect, mock, spyOn, afterEach } from "bun:test";
 import { installPlugins } from "../src/install-plugins";
 import * as childProcess from "child_process";
 describe("installPlugins", () => {
  let spawnSpy: ReturnType<typeof spyOn> | undefined;
  afterEach(() => {
    // Restore original spawn after each test
    if (spawnSpy) {
      spawnSpy.mockRestore();
    }
  });
  function createMockSpawn(
    exitCode: number | null = 0,
    shouldError: boolean = false,
  ) {
    const mockProcess = {
      on: mock((event: string, handler: Function) => {
        if (event === "close" && !shouldError) {
          // Simulate successful close
          setTimeout(() => handler(exitCode), 0);
        } else if (event === "error" && shouldError) {
          // Simulate error
          setTimeout(() => handler(new Error("spawn error")), 0);
        }
        return mockProcess;
      }),
    };
    spawnSpy = spyOn(childProcess, "spawn").mockImplementation(
      () => mockProcess as any,
    );
    return spawnSpy;
  }
  test("should not call spawn when no plugins are specified", async () => {
    const spy = createMockSpawn();
    await installPlugins(undefined, "");
    expect(spy).not.toHaveBeenCalled();
  });
  test("should not call spawn when plugins is undefined", async () => {
    const spy = createMockSpawn();
    await installPlugins(undefined, undefined);
    expect(spy).not.toHaveBeenCalled();
  });
  test("should not call spawn when plugins is only whitespace", async () => {
    const spy = createMockSpawn();
    await installPlugins(undefined, "   ");
    expect(spy).not.toHaveBeenCalled();
  });
  test("should install a single plugin with default executable", async () => {
    const spy = createMockSpawn();
    await installPlugins(undefined, "test-plugin");
    expect(spy).toHaveBeenCalledTimes(1);
    // Only call: install plugin (no marketplace without explicit marketplace input)
    expect(spy).toHaveBeenNthCalledWith(
      1,
      "claude",
      ["plugin", "install", "test-plugin"],
      { stdio: "inherit" },
    );
  });
  test("should install multiple plugins sequentially", async () => {
    const spy = createMockSpawn();
    await installPlugins(undefined, "plugin1\nplugin2\nplugin3");
    expect(spy).toHaveBeenCalledTimes(3);
    // Install plugins (no marketplace without explicit marketplace input)
    expect(spy).toHaveBeenNthCalledWith(
      1,
      "claude",
      ["plugin", "install", "plugin1"],
      { stdio: "inherit" },
    );
    expect(spy).toHaveBeenNthCalledWith(
      2,
      "claude",
      ["plugin", "install", "plugin2"],
      { stdio: "inherit" },
    );
    expect(spy).toHaveBeenNthCalledWith(
      3,
      "claude",
      ["plugin", "install", "plugin3"],
      { stdio: "inherit" },
    );
  });
  test("should use custom claude executable path when provided", async () => {
    const spy = createMockSpawn();
    await installPlugins(undefined, "test-plugin", "/custom/path/to/claude");
    expect(spy).toHaveBeenCalledTimes(1);
    // Only call: install plugin (no marketplace without explicit marketplace input)
    expect(spy).toHaveBeenNthCalledWith(
      1,
      "/custom/path/to/claude",
      ["plugin", "install", "test-plugin"],
      { stdio: "inherit" },
    );
  });
  test("should trim whitespace from plugin names before installation", async () => {
    const spy = createMockSpawn();
    await installPlugins(undefined, " plugin1 \n plugin2 ");
    expect(spy).toHaveBeenCalledTimes(2);
    // Install plugins (no marketplace without explicit marketplace input)
    expect(spy).toHaveBeenNthCalledWith(
      1,
      "claude",
      ["plugin", "install", "plugin1"],
      { stdio: "inherit" },
    );
    expect(spy).toHaveBeenNthCalledWith(
      2,
      "claude",
      ["plugin", "install", "plugin2"],
      { stdio: "inherit" },
    );
  });
  test("should skip empty entries in plugin list", async () => {
    const spy = createMockSpawn();
    await installPlugins(undefined, "plugin1\n\nplugin2");
    expect(spy).toHaveBeenCalledTimes(2);
    // Install plugins (no marketplace without explicit marketplace input)
    expect(spy).toHaveBeenNthCalledWith(
      1,
      "claude",
      ["plugin", "install", "plugin1"],
      { stdio: "inherit" },
    );
    expect(spy).toHaveBeenNthCalledWith(
      2,
      "claude",
      ["plugin", "install", "plugin2"],
      { stdio: "inherit" },
    );
  });
  test("should handle plugin installation error and throw", async () => {
    createMockSpawn(1, false); // Exit code 1
    await expect(installPlugins(undefined, "failing-plugin")).rejects.toThrow(
      "Failed to install plugin 'failing-plugin' (exit code: 1)",
    );
  });
  test("should handle null exit code (process terminated by signal)", async () => {
    createMockSpawn(null, false); // Exit code null (terminated by signal)
    await expect(
      installPlugins(undefined, "terminated-plugin"),
    ).rejects.toThrow(
      "Failed to install plugin 'terminated-plugin': process terminated by signal",
    );
  });
  test("should stop installation on first error", async () => {
    const spy = createMockSpawn(1, false); // Exit code 1
    await expect(
      installPlugins(undefined, "plugin1\nplugin2\nplugin3"),
    ).rejects.toThrow("Failed to install plugin 'plugin1' (exit code: 1)");
    // Should only try to install first plugin before failing
    expect(spy).toHaveBeenCalledTimes(1);
  });
  test("should handle plugins with special characters in names", async () => {
    const spy = createMockSpawn();
    await installPlugins(undefined, "org/plugin-name\n@scope/plugin");
    expect(spy).toHaveBeenCalledTimes(2);
    // Install plugins (no marketplace without explicit marketplace input)
    expect(spy).toHaveBeenNthCalledWith(
      1,
      "claude",
      ["plugin", "install", "org/plugin-name"],
      { stdio: "inherit" },
    );
    expect(spy).toHaveBeenNthCalledWith(
      2,
      "claude",
      ["plugin", "install", "@scope/plugin"],
      { stdio: "inherit" },
    );
  });
  test("should handle spawn errors", async () => {
    createMockSpawn(0, true); // Trigger error event
    await expect(installPlugins(undefined, "test-plugin")).rejects.toThrow(
      "Failed to install plugin 'test-plugin': spawn error",
    );
  });
  test("should install plugins with custom executable and multiple plugins", async () => {
    const spy = createMockSpawn();
    await installPlugins(
      undefined,
      "plugin-a\nplugin-b",
      "/usr/local/bin/claude-custom",
    );
    expect(spy).toHaveBeenCalledTimes(2);
    // Install plugins (no marketplace without explicit marketplace input)
    expect(spy).toHaveBeenNthCalledWith(
      1,
      "/usr/local/bin/claude-custom",
      ["plugin", "install", "plugin-a"],
      { stdio: "inherit" },
    );
    expect(spy).toHaveBeenNthCalledWith(
      2,
      "/usr/local/bin/claude-custom",
      ["plugin", "install", "plugin-b"],
      { stdio: "inherit" },
    );
  });
  test("should reject plugin names with command injection attempts", async () => {
    const spy = createMockSpawn();
    // Should throw due to invalid characters (semicolon and spaces)
    await expect(
      installPlugins(undefined, "plugin-name; rm -rf /"),
    ).rejects.toThrow("Invalid plugin name format");
    // Mock should never be called because validation fails first
    expect(spy).not.toHaveBeenCalled();
  });
  test("should reject plugin names with path traversal using ../", async () => {
    const spy = createMockSpawn();
    await expect(
      installPlugins(undefined, "../../../malicious-plugin"),
    ).rejects.toThrow("Invalid plugin name format");
    expect(spy).not.toHaveBeenCalled();
  });
  test("should reject plugin names with path traversal using ./", async () => {
    const spy = createMockSpawn();
    await expect(
      installPlugins(undefined, "./../../@scope/package"),
    ).rejects.toThrow("Invalid plugin name format");
    expect(spy).not.toHaveBeenCalled();
  });
  test("should reject plugin names with consecutive dots", async () => {
    const spy = createMockSpawn();
    await expect(installPlugins(undefined, ".../.../package")).rejects.toThrow(
      "Invalid plugin name format",
    );
    expect(spy).not.toHaveBeenCalled();
  });
  test("should reject plugin names with hidden path traversal", async () => {
    const spy = createMockSpawn();
    await expect(installPlugins(undefined, "package/../other")).rejects.toThrow(
      "Invalid plugin name format",
    );
    expect(spy).not.toHaveBeenCalled();
  });
  test("should accept plugin names with single dots in version numbers", async () => {
    const spy = createMockSpawn();
    await installPlugins(undefined, "plugin-v1.0.2");
    expect(spy).toHaveBeenCalledTimes(1);
    // Only call: install plugin (no marketplace without explicit marketplace input)
    expect(spy).toHaveBeenNthCalledWith(
      1,
      "claude",
      ["plugin", "install", "plugin-v1.0.2"],
      { stdio: "inherit" },
    );
  });
  test("should accept plugin names with multiple dots in semantic versions", async () => {
    const spy = createMockSpawn();
    await installPlugins(undefined, "@scope/plugin-v1.0.0-beta.1");
    expect(spy).toHaveBeenCalledTimes(1);
    // Only call: install plugin (no marketplace without explicit marketplace input)
    expect(spy).toHaveBeenNthCalledWith(
      1,
      "claude",
      ["plugin", "install", "@scope/plugin-v1.0.0-beta.1"],
      { stdio: "inherit" },
    );
  });
  test("should reject Unicode homoglyph path traversal attempts", async () => {
    const spy = createMockSpawn();
    // Using fullwidth dots (U+FF0E) and fullwidth solidus (U+FF0F)
    await expect(installPlugins(undefined, "．．／malicious")).rejects.toThrow(
      "Invalid plugin name format",
    );
    expect(spy).not.toHaveBeenCalled();
  });
  test("should reject path traversal at end of path", async () => {
    const spy = createMockSpawn();
    await expect(installPlugins(undefined, "package/..")).rejects.toThrow(
      "Invalid plugin name format",
    );
    expect(spy).not.toHaveBeenCalled();
  });
  test("should reject single dot directory reference", async () => {
    const spy = createMockSpawn();
    await expect(installPlugins(undefined, "package/.")).rejects.toThrow(
      "Invalid plugin name format",
    );
    expect(spy).not.toHaveBeenCalled();
  });
  test("should reject path traversal in middle of path", async () => {
    const spy = createMockSpawn();
    await expect(installPlugins(undefined, "package/../other")).rejects.toThrow(
      "Invalid plugin name format",
    );
    expect(spy).not.toHaveBeenCalled();
  });
  // Marketplace functionality tests
  test("should add a single marketplace before installing plugins", async () => {
    const spy = createMockSpawn();
    await installPlugins(
      "https://github.com/user/marketplace.git",
      "test-plugin",
    );
    expect(spy).toHaveBeenCalledTimes(2);
    // First call: add marketplace
    expect(spy).toHaveBeenNthCalledWith(
      1,
      "claude",
      [
        "plugin",
        "marketplace",
        "add",
        "https://github.com/user/marketplace.git",
      ],
      { stdio: "inherit" },
    );
    // Second call: install plugin
    expect(spy).toHaveBeenNthCalledWith(
      2,
      "claude",
      ["plugin", "install", "test-plugin"],
      { stdio: "inherit" },
    );
  });
  test("should add multiple marketplaces with newline separation", async () => {
    const spy = createMockSpawn();
    await installPlugins(
      "https://github.com/user/m1.git\nhttps://github.com/user/m2.git",
      "test-plugin",
    );
    expect(spy).toHaveBeenCalledTimes(3); // 2 marketplaces + 1 plugin
    // First two calls: add marketplaces
    expect(spy).toHaveBeenNthCalledWith(
      1,
      "claude",
      ["plugin", "marketplace", "add", "https://github.com/user/m1.git"],
      { stdio: "inherit" },
    );
    expect(spy).toHaveBeenNthCalledWith(
      2,
      "claude",
      ["plugin", "marketplace", "add", "https://github.com/user/m2.git"],
      { stdio: "inherit" },
    );
    // Third call: install plugin
    expect(spy).toHaveBeenNthCalledWith(
      3,
      "claude",
      ["plugin", "install", "test-plugin"],
      { stdio: "inherit" },
    );
  });
  test("should add marketplaces before installing multiple plugins", async () => {
    const spy = createMockSpawn();
    await installPlugins(
      "https://github.com/user/marketplace.git",
      "plugin1\nplugin2",
    );
    expect(spy).toHaveBeenCalledTimes(3); // 1 marketplace + 2 plugins
    // First call: add marketplace
    expect(spy).toHaveBeenNthCalledWith(
      1,
      "claude",
      [
        "plugin",
        "marketplace",
        "add",
        "https://github.com/user/marketplace.git",
      ],
      { stdio: "inherit" },
    );
    // Next calls: install plugins
    expect(spy).toHaveBeenNthCalledWith(
      2,
      "claude",
      ["plugin", "install", "plugin1"],
      { stdio: "inherit" },
    );
    expect(spy).toHaveBeenNthCalledWith(
      3,
      "claude",
      ["plugin", "install", "plugin2"],
      { stdio: "inherit" },
    );
  });
  test("should handle only marketplaces without plugins", async () => {
    const spy = createMockSpawn();
    await installPlugins("https://github.com/user/marketplace.git", undefined);
    expect(spy).toHaveBeenCalledTimes(1);
    expect(spy).toHaveBeenNthCalledWith(
      1,
      "claude",
      [
        "plugin",
        "marketplace",
        "add",
        "https://github.com/user/marketplace.git",
      ],
      { stdio: "inherit" },
    );
  });
  test("should skip empty marketplace entries", async () => {
    const spy = createMockSpawn();
    await installPlugins(
      "https://github.com/user/m1.git\n\nhttps://github.com/user/m2.git",
      "test-plugin",
    );
    expect(spy).toHaveBeenCalledTimes(3); // 2 marketplaces (skip empty) + 1 plugin
  });
  test("should trim whitespace from marketplace URLs", async () => {
    const spy = createMockSpawn();
    await installPlugins(
      "  https://github.com/user/marketplace.git  \n  https://github.com/user/m2.git  ",
      "test-plugin",
    );
    expect(spy).toHaveBeenCalledTimes(3);
    expect(spy).toHaveBeenNthCalledWith(
      1,
      "claude",
      [
        "plugin",
        "marketplace",
        "add",
        "https://github.com/user/marketplace.git",
      ],
      { stdio: "inherit" },
    );
    expect(spy).toHaveBeenNthCalledWith(
      2,
      "claude",
      ["plugin", "marketplace", "add", "https://github.com/user/m2.git"],
      { stdio: "inherit" },
    );
  });
  test("should reject invalid marketplace URL format", async () => {
    const spy = createMockSpawn();
    await expect(
      installPlugins("not-a-valid-url", "test-plugin"),
    ).rejects.toThrow("Invalid marketplace URL format");
    expect(spy).not.toHaveBeenCalled();
  });
  test("should reject marketplace URL without .git extension", async () => {
    const spy = createMockSpawn();
    await expect(
      installPlugins("https://github.com/user/marketplace", "test-plugin"),
    ).rejects.toThrow("Invalid marketplace URL format");
    expect(spy).not.toHaveBeenCalled();
  });
  test("should reject marketplace URL with non-https protocol", async () => {
    const spy = createMockSpawn();
    await expect(
      installPlugins("http://github.com/user/marketplace.git", "test-plugin"),
    ).rejects.toThrow("Invalid marketplace URL format");
    expect(spy).not.toHaveBeenCalled();
  });
  test("should skip whitespace-only marketplace input", async () => {
    const spy = createMockSpawn();
    await installPlugins("   ", "test-plugin");
    // Should skip marketplaces and only install plugin
    expect(spy).toHaveBeenCalledTimes(1);
    expect(spy).toHaveBeenNthCalledWith(
      1,
      "claude",
      ["plugin", "install", "test-plugin"],
      { stdio: "inherit" },
    );
  });
  test("should handle marketplace addition error", async () => {
    createMockSpawn(1, false); // Exit code 1
    await expect(
      installPlugins("https://github.com/user/marketplace.git", "test-plugin"),
    ).rejects.toThrow(
      "Failed to add marketplace 'https://github.com/user/marketplace.git' (exit code: 1)",
    );
  });
  test("should stop if marketplace addition fails before installing plugins", async () => {
    const spy = createMockSpawn(1, false); // Exit code 1
    await expect(
      installPlugins(
        "https://github.com/user/marketplace.git",
        "plugin1\nplugin2",
      ),
    ).rejects.toThrow("Failed to add marketplace");
    // Should only try to add marketplace, not install any plugins
    expect(spy).toHaveBeenCalledTimes(1);
  });
  test("should use custom executable for marketplace operations", async () => {
    const spy = createMockSpawn();
    await installPlugins(
      "https://github.com/user/marketplace.git",
      "test-plugin",
      "/custom/path/to/claude",
    );
    expect(spy).toHaveBeenCalledTimes(2);
    expect(spy).toHaveBeenNthCalledWith(
      1,
      "/custom/path/to/claude",
      [
        "plugin",
        "marketplace",
        "add",
        "https://github.com/user/marketplace.git",
      ],
      { stdio: "inherit" },
    );
    expect(spy).toHaveBeenNthCalledWith(
      2,
      "/custom/path/to/claude",
      ["plugin", "install", "test-plugin"],
      { stdio: "inherit" },
    );
  });
 });
--- a/base-action/test/run-claude.test.ts
+++ b/base-action/test/run-claude.test.ts
@@ -78,5 +78,19 @@ describe("prepareRunConfig", () => {
        "stream-json",
      ]);
    });
    test("should include json-schema flag when provided", () => {
      const options: ClaudeOptions = {
        claudeArgs:
          '--json-schema \'{"type":"object","properties":{"result":{"type":"boolean"}}}\'',
      };
      const prepared = prepareRunConfig("/tmp/test-prompt.txt", options);
      expect(prepared.claudeArgs).toContain("--json-schema");
      expect(prepared.claudeArgs).toContain(
        '{"type":"object","properties":{"result":{"type":"boolean"}}}',
      );
    });
  });
 });
--- a/base-action/test/structured-output.test.ts
+++ b/base-action/test/structured-output.test.ts
@@ -0,0 +1,158 @@
 #!/usr/bin/env bun
 import { describe, test, expect, afterEach, beforeEach, spyOn } from "bun:test";
 import { writeFile, unlink } from "fs/promises";
 import { tmpdir } from "os";
 import { join } from "path";
 import { parseAndSetStructuredOutputs } from "../src/run-claude";
 import * as core from "@actions/core";
 // Mock execution file path
 const TEST_EXECUTION_FILE = join(tmpdir(), "test-execution-output.json");
 // Helper to create mock execution file with structured output
 async function createMockExecutionFile(
  structuredOutput?: Record<string, unknown>,
  includeResult: boolean = true,
 ): Promise<void> {
  const messages: any[] = [
    { type: "system", subtype: "init" },
    { type: "turn", content: "test" },
  ];
  if (includeResult) {
    messages.push({
      type: "result",
      cost_usd: 0.01,
      duration_ms: 1000,
      structured_output: structuredOutput,
    });
  }
  await writeFile(TEST_EXECUTION_FILE, JSON.stringify(messages));
 }
 // Spy on core functions
 let setOutputSpy: any;
 let infoSpy: any;
 beforeEach(() => {
  setOutputSpy = spyOn(core, "setOutput").mockImplementation(() => {});
  infoSpy = spyOn(core, "info").mockImplementation(() => {});
 });
 describe("parseAndSetStructuredOutputs", () => {
  afterEach(async () => {
    setOutputSpy?.mockRestore();
    infoSpy?.mockRestore();
    try {
      await unlink(TEST_EXECUTION_FILE);
    } catch {
      // Ignore if file doesn't exist
    }
  });
  test("should set structured_output with valid data", async () => {
    await createMockExecutionFile({
      is_flaky: true,
      confidence: 0.85,
      summary: "Test looks flaky",
    });
    await parseAndSetStructuredOutputs(TEST_EXECUTION_FILE);
    expect(setOutputSpy).toHaveBeenCalledWith(
      "structured_output",
      '{"is_flaky":true,"confidence":0.85,"summary":"Test looks flaky"}',
    );
    expect(infoSpy).toHaveBeenCalledWith(
      "Set structured_output with 3 field(s)",
    );
  });
  test("should handle arrays and nested objects", async () => {
    await createMockExecutionFile({
      items: ["a", "b", "c"],
      config: { key: "value", nested: { deep: true } },
    });
    await parseAndSetStructuredOutputs(TEST_EXECUTION_FILE);
    const callArgs = setOutputSpy.mock.calls[0];
    expect(callArgs[0]).toBe("structured_output");
    const parsed = JSON.parse(callArgs[1]);
    expect(parsed).toEqual({
      items: ["a", "b", "c"],
      config: { key: "value", nested: { deep: true } },
    });
  });
  test("should handle special characters in field names", async () => {
    await createMockExecutionFile({
      "test-result": "passed",
      "item.count": 10,
      "user@email": "test",
    });
    await parseAndSetStructuredOutputs(TEST_EXECUTION_FILE);
    const callArgs = setOutputSpy.mock.calls[0];
    const parsed = JSON.parse(callArgs[1]);
    expect(parsed["test-result"]).toBe("passed");
    expect(parsed["item.count"]).toBe(10);
    expect(parsed["user@email"]).toBe("test");
  });
  test("should throw error when result exists but structured_output is undefined", async () => {
    const messages = [
      { type: "system", subtype: "init" },
      { type: "result", cost_usd: 0.01, duration_ms: 1000 },
    ];
    await writeFile(TEST_EXECUTION_FILE, JSON.stringify(messages));
    await expect(
      parseAndSetStructuredOutputs(TEST_EXECUTION_FILE),
    ).rejects.toThrow(
      "--json-schema was provided but Claude did not return structured_output",
    );
  });
  test("should throw error when no result message exists", async () => {
    const messages = [
      { type: "system", subtype: "init" },
      { type: "turn", content: "test" },
    ];
    await writeFile(TEST_EXECUTION_FILE, JSON.stringify(messages));
    await expect(
      parseAndSetStructuredOutputs(TEST_EXECUTION_FILE),
    ).rejects.toThrow(
      "--json-schema was provided but Claude did not return structured_output",
    );
  });
  test("should throw error with malformed JSON", async () => {
    await writeFile(TEST_EXECUTION_FILE, "{ invalid json");
    await expect(
      parseAndSetStructuredOutputs(TEST_EXECUTION_FILE),
    ).rejects.toThrow();
  });
  test("should throw error when file does not exist", async () => {
    await expect(
      parseAndSetStructuredOutputs("/nonexistent/file.json"),
    ).rejects.toThrow();
  });
  test("should handle empty structured_output object", async () => {
    await createMockExecutionFile({});
    await parseAndSetStructuredOutputs(TEST_EXECUTION_FILE);
    expect(setOutputSpy).toHaveBeenCalledWith("structured_output", "{}");
    expect(infoSpy).toHaveBeenCalledWith(
      "Set structured_output with 0 field(s)",
    );
  });
 });
--- a/base-action/test/validate-env.test.ts
+++ b/base-action/test/validate-env.test.ts
@@ -13,15 +13,19 @@ describe("validateEnvironmentVariables", () => {
    delete process.env.ANTHROPIC_API_KEY;
    delete process.env.CLAUDE_CODE_USE_BEDROCK;
    delete process.env.CLAUDE_CODE_USE_VERTEX;
    delete process.env.CLAUDE_CODE_USE_FOUNDRY;
    delete process.env.AWS_REGION;
    delete process.env.AWS_ACCESS_KEY_ID;
    delete process.env.AWS_SECRET_ACCESS_KEY;
    delete process.env.AWS_SESSION_TOKEN;
    delete process.env.AWS_BEARER_TOKEN_BEDROCK;
    delete process.env.ANTHROPIC_BEDROCK_BASE_URL;
    delete process.env.ANTHROPIC_VERTEX_PROJECT_ID;
    delete process.env.CLOUD_ML_REGION;
    delete process.env.GOOGLE_APPLICATION_CREDENTIALS;
    delete process.env.ANTHROPIC_VERTEX_BASE_URL;
    delete process.env.ANTHROPIC_FOUNDRY_RESOURCE;
    delete process.env.ANTHROPIC_FOUNDRY_BASE_URL;
  });
  afterEach(() => {
@@ -92,31 +96,58 @@ describe("validateEnvironmentVariables", () => {
      );
    });
-    test("should fail when AWS_ACCESS_KEY_ID is missing", () => {
+    test("should fail when only AWS_SECRET_ACCESS_KEY is provided without bearer token", () => {
      process.env.CLAUDE_CODE_USE_BEDROCK = "1";
      process.env.AWS_REGION = "us-east-1";
      process.env.AWS_SECRET_ACCESS_KEY = "test-secret-key";
      expect(() => validateEnvironmentVariables()).toThrow(
-        "AWS_ACCESS_KEY_ID is required when using AWS Bedrock.",
+        "Either AWS_BEARER_TOKEN_BEDROCK or both AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY are required when using AWS Bedrock.",
      );
    });
-    test("should fail when AWS_SECRET_ACCESS_KEY is missing", () => {
+    test("should fail when only AWS_ACCESS_KEY_ID is provided without bearer token", () => {
      process.env.CLAUDE_CODE_USE_BEDROCK = "1";
      process.env.AWS_REGION = "us-east-1";
      process.env.AWS_ACCESS_KEY_ID = "test-access-key";
      expect(() => validateEnvironmentVariables()).toThrow(
-        "AWS_SECRET_ACCESS_KEY is required when using AWS Bedrock.",
+        "Either AWS_BEARER_TOKEN_BEDROCK or both AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY are required when using AWS Bedrock.",
      );
    });
-    test("should report all missing Bedrock variables", () => {
+    test("should pass when AWS_BEARER_TOKEN_BEDROCK is provided instead of access keys", () => {
      process.env.CLAUDE_CODE_USE_BEDROCK = "1";
      process.env.AWS_REGION = "us-east-1";
      process.env.AWS_BEARER_TOKEN_BEDROCK = "test-bearer-token";
      expect(() => validateEnvironmentVariables()).not.toThrow();
    });
    test("should pass when both bearer token and access keys are provided", () => {
      process.env.CLAUDE_CODE_USE_BEDROCK = "1";
      process.env.AWS_REGION = "us-east-1";
      process.env.AWS_BEARER_TOKEN_BEDROCK = "test-bearer-token";
      process.env.AWS_ACCESS_KEY_ID = "test-access-key";
      process.env.AWS_SECRET_ACCESS_KEY = "test-secret-key";
      expect(() => validateEnvironmentVariables()).not.toThrow();
    });
    test("should fail when no authentication method is provided", () => {
      process.env.CLAUDE_CODE_USE_BEDROCK = "1";
      process.env.AWS_REGION = "us-east-1";
      expect(() => validateEnvironmentVariables()).toThrow(
        "Either AWS_BEARER_TOKEN_BEDROCK or both AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY are required when using AWS Bedrock.",
      );
    });
    test("should report missing region and authentication", () => {
      process.env.CLAUDE_CODE_USE_BEDROCK = "1";
      expect(() => validateEnvironmentVariables()).toThrow(
-        /AWS_REGION is required when using AWS Bedrock.*AWS_ACCESS_KEY_ID is required when using AWS Bedrock.*AWS_SECRET_ACCESS_KEY is required when using AWS Bedrock/s,
+        /AWS_REGION is required when using AWS Bedrock.*Either AWS_BEARER_TOKEN_BEDROCK or both AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY are required when using AWS Bedrock/s,
      );
    });
  });
@@ -167,6 +198,56 @@ describe("validateEnvironmentVariables", () => {
    });
  });
  describe("Microsoft Foundry", () => {
    test("should pass when ANTHROPIC_FOUNDRY_RESOURCE is provided", () => {
      process.env.CLAUDE_CODE_USE_FOUNDRY = "1";
      process.env.ANTHROPIC_FOUNDRY_RESOURCE = "test-resource";
      expect(() => validateEnvironmentVariables()).not.toThrow();
    });
    test("should pass when ANTHROPIC_FOUNDRY_BASE_URL is provided", () => {
      process.env.CLAUDE_CODE_USE_FOUNDRY = "1";
      process.env.ANTHROPIC_FOUNDRY_BASE_URL =
        "https://test-resource.services.ai.azure.com";
      expect(() => validateEnvironmentVariables()).not.toThrow();
    });
    test("should pass when both resource and base URL are provided", () => {
      process.env.CLAUDE_CODE_USE_FOUNDRY = "1";
      process.env.ANTHROPIC_FOUNDRY_RESOURCE = "test-resource";
      process.env.ANTHROPIC_FOUNDRY_BASE_URL =
        "https://custom.services.ai.azure.com";
      expect(() => validateEnvironmentVariables()).not.toThrow();
    });
    test("should construct Foundry base URL from resource name when ANTHROPIC_FOUNDRY_BASE_URL is not provided", () => {
      // This test verifies our action.yml change, which constructs:
      // ANTHROPIC_FOUNDRY_BASE_URL: ${{ env.ANTHROPIC_FOUNDRY_BASE_URL || (env.ANTHROPIC_FOUNDRY_RESOURCE && format('https://{0}.services.ai.azure.com', env.ANTHROPIC_FOUNDRY_RESOURCE)) }}
      process.env.CLAUDE_CODE_USE_FOUNDRY = "1";
      process.env.ANTHROPIC_FOUNDRY_RESOURCE = "my-foundry-resource";
      // ANTHROPIC_FOUNDRY_BASE_URL is intentionally not set
      // The actual URL construction happens in the composite action in action.yml
      // This test is a placeholder to document the behavior
      expect(() => validateEnvironmentVariables()).not.toThrow();
      // In the actual action, ANTHROPIC_FOUNDRY_BASE_URL would be:
      // https://my-foundry-resource.services.ai.azure.com
    });
    test("should fail when neither ANTHROPIC_FOUNDRY_RESOURCE nor ANTHROPIC_FOUNDRY_BASE_URL is provided", () => {
      process.env.CLAUDE_CODE_USE_FOUNDRY = "1";
      expect(() => validateEnvironmentVariables()).toThrow(
        "Either ANTHROPIC_FOUNDRY_RESOURCE or ANTHROPIC_FOUNDRY_BASE_URL is required when using Microsoft Foundry.",
      );
    });
  });
  describe("Multiple providers", () => {
    test("should fail when both Bedrock and Vertex are enabled", () => {
      process.env.CLAUDE_CODE_USE_BEDROCK = "1";
@@ -179,7 +260,51 @@ describe("validateEnvironmentVariables", () => {
      process.env.CLOUD_ML_REGION = "us-central1";
      expect(() => validateEnvironmentVariables()).toThrow(
-        "Cannot use both Bedrock and Vertex AI simultaneously. Please set only one provider.",
+        "Cannot use multiple providers simultaneously. Please set only one of: CLAUDE_CODE_USE_BEDROCK, CLAUDE_CODE_USE_VERTEX, or CLAUDE_CODE_USE_FOUNDRY.",
      );
    });
    test("should fail when both Bedrock and Foundry are enabled", () => {
      process.env.CLAUDE_CODE_USE_BEDROCK = "1";
      process.env.CLAUDE_CODE_USE_FOUNDRY = "1";
      // Provide all required vars to isolate the mutual exclusion error
      process.env.AWS_REGION = "us-east-1";
      process.env.AWS_ACCESS_KEY_ID = "test-access-key";
      process.env.AWS_SECRET_ACCESS_KEY = "test-secret-key";
      process.env.ANTHROPIC_FOUNDRY_RESOURCE = "test-resource";
      expect(() => validateEnvironmentVariables()).toThrow(
        "Cannot use multiple providers simultaneously. Please set only one of: CLAUDE_CODE_USE_BEDROCK, CLAUDE_CODE_USE_VERTEX, or CLAUDE_CODE_USE_FOUNDRY.",
      );
    });
    test("should fail when both Vertex and Foundry are enabled", () => {
      process.env.CLAUDE_CODE_USE_VERTEX = "1";
      process.env.CLAUDE_CODE_USE_FOUNDRY = "1";
      // Provide all required vars to isolate the mutual exclusion error
      process.env.ANTHROPIC_VERTEX_PROJECT_ID = "test-project";
      process.env.CLOUD_ML_REGION = "us-central1";
      process.env.ANTHROPIC_FOUNDRY_RESOURCE = "test-resource";
      expect(() => validateEnvironmentVariables()).toThrow(
        "Cannot use multiple providers simultaneously. Please set only one of: CLAUDE_CODE_USE_BEDROCK, CLAUDE_CODE_USE_VERTEX, or CLAUDE_CODE_USE_FOUNDRY.",
      );
    });
    test("should fail when all three providers are enabled", () => {
      process.env.CLAUDE_CODE_USE_BEDROCK = "1";
      process.env.CLAUDE_CODE_USE_VERTEX = "1";
      process.env.CLAUDE_CODE_USE_FOUNDRY = "1";
      // Provide all required vars to isolate the mutual exclusion error
      process.env.AWS_REGION = "us-east-1";
      process.env.AWS_ACCESS_KEY_ID = "test-access-key";
      process.env.AWS_SECRET_ACCESS_KEY = "test-secret-key";
      process.env.ANTHROPIC_VERTEX_PROJECT_ID = "test-project";
      process.env.CLOUD_ML_REGION = "us-central1";
      process.env.ANTHROPIC_FOUNDRY_RESOURCE = "test-resource";
      expect(() => validateEnvironmentVariables()).toThrow(
        "Cannot use multiple providers simultaneously. Please set only one of: CLAUDE_CODE_USE_BEDROCK, CLAUDE_CODE_USE_VERTEX, or CLAUDE_CODE_USE_FOUNDRY.",
      );
    });
  });
@@ -204,10 +329,7 @@ describe("validateEnvironmentVariables", () => {
        "  - AWS_REGION is required when using AWS Bedrock.",
      );
      expect(error!.message).toContain(
-        "  - AWS_ACCESS_KEY_ID is required when using AWS Bedrock.",
+        "  - Either AWS_BEARER_TOKEN_BEDROCK or both AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY are required when using AWS Bedrock.",
      );
      expect(error!.message).toContain(
        "  - AWS_SECRET_ACCESS_KEY is required when using AWS Bedrock.",
      );
    });
  });
--- a/docs/cloud-providers.md
+++ b/docs/cloud-providers.md
@@ -1,16 +1,17 @@
 # Cloud Providers
-You can authenticate with Claude using any of these three methods:
+You can authenticate with Claude using any of these four methods:
 1. Direct Anthropic API (default)
 2. Amazon Bedrock with OIDC authentication
 3. Google Vertex AI with OIDC authentication
 4. Microsoft Foundry with OIDC authentication
 For detailed setup instructions for AWS Bedrock and Google Vertex AI, see the [official documentation](https://docs.anthropic.com/en/docs/claude-code/github-actions#using-with-aws-bedrock-%26-google-vertex-ai).
 **Note**:
- Bedrock and Vertex use OIDC authentication exclusively
+- Bedrock, Vertex, and Microsoft Foundry use OIDC authentication exclusively
 - AWS Bedrock automatically uses cross-region inference profiles for certain models
 - For cross-region inference profile models, you need to request and be granted access to the Claude models in all regions that the inference profile uses
@@ -40,11 +41,19 @@ Use provider-specific model names based on your chosen provider:
    claude_args: |
      --model claude-4-0-sonnet@20250805
    # ... other inputs
 # For Microsoft Foundry with OIDC
 - uses: anthropics/claude-code-action@v1
  with:
    use_foundry: "true"
    claude_args: |
      --model claude-sonnet-4-5
    # ... other inputs
 ```
-## OIDC Authentication for Bedrock and Vertex
+## OIDC Authentication for Cloud Providers
-Both AWS Bedrock and GCP Vertex AI require OIDC authentication.
+AWS Bedrock, GCP Vertex AI, and Microsoft Foundry all support OIDC authentication.
 ```yaml
 # For AWS Bedrock with OIDC
@@ -97,3 +106,36 @@ Both AWS Bedrock and GCP Vertex AI require OIDC authentication.
  permissions:
    id-token: write # Required for OIDC
 ```
 ```yaml
 # For Microsoft Foundry with OIDC
 - name: Authenticate to Azure
  uses: azure/login@v2
  with:
    client-id: ${{ secrets.AZURE_CLIENT_ID }}
    tenant-id: ${{ secrets.AZURE_TENANT_ID }}
    subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
 - name: Generate GitHub App token
  id: app-token
  uses: actions/create-github-app-token@v2
  with:
    app-id: ${{ secrets.APP_ID }}
    private-key: ${{ secrets.APP_PRIVATE_KEY }}
 - uses: anthropics/claude-code-action@v1
  with:
    use_foundry: "true"
    claude_args: |
      --model claude-sonnet-4-5
    # ... other inputs
  env:
    ANTHROPIC_FOUNDRY_BASE_URL: https://my-resource.services.ai.azure.com
 permissions:
  id-token: write # Required for OIDC
 ```
 ## Microsoft Foundry Setup
 For detailed setup instructions for Microsoft Foundry, see the [official documentation](https://docs.anthropic.com/en/docs/claude-code/microsoft-foundry).
--- a/docs/configuration.md
+++ b/docs/configuration.md
@@ -130,7 +130,7 @@ To allow Claude to view workflow run results, job logs, and CI status:
 2. **Configure the action with additional permissions**:
   ```yaml
-   - uses: anthropics/claude-code-action@beta
+   - uses: anthropics/claude-code-action@v1
     with:
       anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
       additional_permissions: |
@@ -162,7 +162,7 @@ jobs:
  claude-ci-helper:
    runs-on: ubuntu-latest
    steps:
-      - uses: anthropics/claude-code-action@beta
+      - uses: anthropics/claude-code-action@v1
        with:
          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
          additional_permissions: |
--- a/docs/create-app.html
+++ b/docs/create-app.html
@@ -0,0 +1,744 @@
 <!doctype html>
 <html lang="en">
  <head>
    <meta charset="UTF-8" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <title>Create Claude Code GitHub App</title>
    <style>
      * {
        box-sizing: border-box;
        margin: 0;
        padding: 0;
      }
      :root {
        /* Claude Brand Colors */
        --primary-dark: #0e0e0e;
        --primary-light: #d4a27f;
        --background-light: rgb(253, 253, 247);
        --background-dark: rgb(9, 9, 11);
        --text-primary: #1a1a1a;
        --text-secondary: #525252;
        --text-tertiary: #737373;
        --border-color: rgba(0, 0, 0, 0.08);
        --hover-bg: rgba(0, 0, 0, 0.02);
        --success: #2ea44f;
        --warning: #e3b341;
        --card-shadow:
          0 1px 3px rgba(0, 0, 0, 0.06), 0 1px 2px rgba(0, 0, 0, 0.04);
        --card-shadow-hover:
          0 4px 6px rgba(0, 0, 0, 0.07), 0 2px 4px rgba(0, 0, 0, 0.05);
      }
      body {
        font-family:
          -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto,
          "Helvetica Neue", Arial, sans-serif;
        background: var(--background-light);
        color: var(--text-primary);
        line-height: 1.6;
        -webkit-font-smoothing: antialiased;
        -moz-osx-font-smoothing: grayscale;
      }
      .container {
        max-width: 960px;
        margin: 0 auto;
        padding: 40px 24px;
      }
      /* Header */
      header {
        text-align: center;
        margin-bottom: 48px;
      }
      h1 {
        font-size: 36px;
        font-weight: 600;
        color: var(--text-primary);
        margin-bottom: 12px;
        letter-spacing: -0.02em;
      }
      .subtitle {
        font-size: 18px;
        color: var(--text-secondary);
        max-width: 640px;
        margin: 0 auto;
        line-height: 1.5;
      }
      /* Cards */
      .card {
        background: white;
        border: 1px solid var(--border-color);
        border-radius: 12px;
        padding: 32px;
        margin-bottom: 24px;
        box-shadow: var(--card-shadow);
        transition: all 0.2s ease;
      }
      .card:hover {
        box-shadow: var(--card-shadow-hover);
      }
      .card-header {
        display: flex;
        align-items: center;
        gap: 12px;
        margin-bottom: 20px;
      }
      .card-icon {
        font-size: 24px;
        line-height: 1;
      }
      h2 {
        font-size: 20px;
        font-weight: 600;
        color: var(--text-primary);
        margin: 0;
        letter-spacing: -0.01em;
      }
      .card-description {
        color: var(--text-secondary);
        margin-bottom: 24px;
        font-size: 15px;
        line-height: 1.6;
      }
      /* Buttons */
      .button-group {
        display: flex;
        flex-direction: column;
        gap: 16px;
      }
      .btn {
        display: inline-flex;
        align-items: center;
        justify-content: center;
        gap: 8px;
        padding: 12px 24px;
        font-size: 15px;
        font-weight: 500;
        border-radius: 8px;
        border: none;
        cursor: pointer;
        transition: all 0.2s ease;
        text-decoration: none;
        font-family: inherit;
        width: 100%;
      }
      .btn-primary {
        background: var(--primary-dark);
        color: white;
      }
      .btn-primary:hover {
        background: #1a1a1a;
        transform: translateY(-1px);
        box-shadow: 0 4px 12px rgba(0, 0, 0, 0.15);
      }
      .btn-secondary {
        background: var(--primary-light);
        color: var(--primary-dark);
      }
      .btn-secondary:hover {
        background: #c99a70;
        transform: translateY(-1px);
        box-shadow: 0 4px 12px rgba(212, 162, 127, 0.3);
      }
      .btn-outline {
        background: white;
        color: var(--text-primary);
        border: 1px solid var(--border-color);
      }
      .btn-outline:hover {
        background: var(--hover-bg);
        border-color: var(--text-secondary);
      }
      .btn:active {
        transform: translateY(0);
      }
      .btn.copied {
        background: var(--success);
        color: white;
      }
      /* Form */
      .form-row {
        display: flex;
        gap: 12px;
        align-items: flex-end;
      }
      .form-group {
        flex: 1;
      }
      label {
        display: block;
        font-size: 14px;
        font-weight: 500;
        color: var(--text-primary);
        margin-bottom: 6px;
      }
      input[type="text"] {
        width: 100%;
        padding: 10px 14px;
        font-size: 15px;
        border: 1px solid var(--border-color);
        border-radius: 8px;
        font-family: inherit;
        transition: all 0.2s ease;
        background: white;
      }
      input[type="text"]:focus {
        outline: none;
        border-color: var(--primary-dark);
        box-shadow: 0 0 0 3px rgba(14, 14, 14, 0.1);
      }
      /* Code Block */
      .code-container {
        position: relative;
        background: #fafafa;
        border: 1px solid var(--border-color);
        border-radius: 8px;
        margin: 20px 0;
      }
      .code-header {
        display: flex;
        justify-content: space-between;
        align-items: center;
        padding: 12px 16px;
        border-bottom: 1px solid var(--border-color);
      }
      .code-label {
        font-size: 13px;
        font-weight: 500;
        color: var(--text-secondary);
      }
      .copy-btn {
        padding: 6px 12px;
        font-size: 13px;
        font-weight: 500;
        background: white;
        color: var(--text-primary);
        border: 1px solid var(--border-color);
        border-radius: 6px;
        cursor: pointer;
        transition: all 0.2s ease;
      }
      .copy-btn:hover {
        background: var(--hover-bg);
      }
      .copy-btn.copied {
        background: var(--success);
        color: white;
        border-color: var(--success);
      }
      .code-block {
        padding: 16px;
        overflow-x: auto;
        font-family:
          "SF Mono", Monaco, "Cascadia Code", "Roboto Mono", Consolas,
          "Courier New", monospace;
        font-size: 13px;
        line-height: 1.6;
        color: var(--text-primary);
        white-space: pre;
      }
      /* Permissions List */
      .permissions-grid {
        display: grid;
        gap: 12px;
        margin-top: 16px;
      }
      .permission-item {
        display: flex;
        align-items: center;
        gap: 10px;
        padding: 10px 14px;
        background: #fafafa;
        border-radius: 8px;
        font-size: 14px;
      }
      .permission-icon {
        color: var(--success);
        font-size: 16px;
        line-height: 1;
      }
      .permission-name {
        font-weight: 500;
        color: var(--text-primary);
      }
      .permission-value {
        margin-left: auto;
        color: var(--text-secondary);
        font-size: 13px;
      }
      /* Steps */
      .steps {
        margin: 24px 0;
      }
      .step {
        display: flex;
        gap: 16px;
        margin-bottom: 20px;
      }
      .step-number {
        flex-shrink: 0;
        width: 28px;
        height: 28px;
        background: var(--primary-dark);
        color: white;
        border-radius: 50%;
        display: flex;
        align-items: center;
        justify-content: center;
        font-size: 14px;
        font-weight: 600;
      }
      .step-content {
        flex: 1;
        padding-top: 2px;
      }
      .step-content p {
        color: var(--text-secondary);
        font-size: 15px;
        line-height: 1.6;
      }
      .step-content strong {
        color: var(--text-primary);
        font-weight: 500;
      }
      /* Alert Box */
      .alert {
        display: flex;
        gap: 12px;
        padding: 16px;
        background: #fffbf0;
        border: 1px solid #f5e7c3;
        border-radius: 8px;
        margin-top: 32px;
      }
      .alert-icon {
        font-size: 18px;
        line-height: 1;
        flex-shrink: 0;
      }
      .alert-content {
        flex: 1;
        font-size: 14px;
        line-height: 1.6;
      }
      .alert-content strong {
        color: var(--text-primary);
        font-weight: 600;
      }
      /* Responsive */
      @media (min-width: 640px) {
        .button-group {
          flex-direction: row;
        }
        .btn {
          width: auto;
        }
        .permissions-grid {
          grid-template-columns: repeat(2, 1fr);
        }
      }
      @media (max-width: 640px) {
        h1 {
          font-size: 28px;
        }
        .subtitle {
          font-size: 16px;
        }
        .card {
          padding: 24px 20px;
        }
        .container {
          padding: 24px 16px;
        }
      }
      /* Hidden form elements */
      .hidden-form {
        display: none;
      }
    </style>
  </head>
  <body>
    <div class="container">
      <header>
        <h1>Create Your Custom GitHub App</h1>
        <p class="subtitle">
          Set up a custom GitHub App for Claude Code Action with all required
          permissions automatically configured.
        </p>
      </header>
      <!-- Quick Setup Card -->
      <div class="card">
        <div class="card-header">
          <span class="card-icon">🚀</span>
          <h2>Quick Setup</h2>
        </div>
        <p class="card-description">
          Create your GitHub App with one click. All permissions will be
          automatically configured for Claude Code Action.
        </p>
        <div class="button-group">
          <!-- Personal Account Button -->
          <form
            action="https://github.com/settings/apps/new"
            method="post"
            class="hidden-form"
            id="personal-form"
          >
            <input type="hidden" name="manifest" id="personal-manifest" />
          </form>
          <button
            type="button"
            class="btn btn-primary"
            onclick="submitPersonalForm()"
          >
            <span>👤</span>
            <span>Create for Personal Account</span>
          </button>
          <!-- Organization Form -->
          <form id="org-form" method="post" class="hidden-form">
            <input type="hidden" name="manifest" id="org-manifest" />
          </form>
        </div>
        <!-- Organization Input -->
        <div
          style="
            margin-top: 24px;
            padding-top: 24px;
            border-top: 1px solid var(--border-color);
          "
        >
          <label for="org-name" style="margin-bottom: 8px"
            >Or create for an organization:</label
          >
          <div class="form-row">
            <div class="form-group">
              <input
                type="text"
                id="org-name"
                placeholder="Enter organization name (e.g., my-org)"
              />
            </div>
            <button
              type="button"
              class="btn btn-secondary"
              onclick="submitOrgForm()"
              style="flex-shrink: 0"
            >
              <span>🏢</span>
              <span>Create for Org</span>
            </button>
          </div>
        </div>
      </div>
      <!-- Permissions Card -->
      <div class="card">
        <div class="card-header">
          <span class="card-icon">✅</span>
          <h2>Configured Permissions</h2>
        </div>
        <p class="card-description">
          Your GitHub App will be created with these permissions:
        </p>
        <div class="permissions-grid">
          <div class="permission-item">
            <span class="permission-icon">✓</span>
            <span class="permission-name">Contents</span>
            <span class="permission-value">Read & Write</span>
          </div>
          <div class="permission-item">
            <span class="permission-icon">✓</span>
            <span class="permission-name">Issues</span>
            <span class="permission-value">Read & Write</span>
          </div>
          <div class="permission-item">
            <span class="permission-icon">✓</span>
            <span class="permission-name">Pull Requests</span>
            <span class="permission-value">Read & Write</span>
          </div>
          <div class="permission-item">
            <span class="permission-icon">✓</span>
            <span class="permission-name">Actions</span>
            <span class="permission-value">Read</span>
          </div>
          <div class="permission-item">
            <span class="permission-icon">✓</span>
            <span class="permission-name">Metadata</span>
            <span class="permission-value">Read</span>
          </div>
        </div>
      </div>
      <!-- Next Steps Card -->
      <div class="card">
        <div class="card-header">
          <span class="card-icon">📋</span>
          <h2>Next Steps</h2>
        </div>
        <p class="card-description">
          After creating your app, complete these steps:
        </p>
        <div class="steps">
          <div class="step">
            <div class="step-number">1</div>
            <div class="step-content">
              <p>
                <strong>Generate a private key:</strong> In your app settings,
                scroll to "Private keys" and click "Generate a private key"
              </p>
            </div>
          </div>
          <div class="step">
            <div class="step-number">2</div>
            <div class="step-content">
              <p>
                <strong>Install the app:</strong> Click "Install App" and select
                the repositories where you want to use Claude
              </p>
            </div>
          </div>
          <div class="step">
            <div class="step-number">3</div>
            <div class="step-content">
              <p>
                <strong>Configure your workflow:</strong> Add your app's ID and
                private key to your repository secrets
              </p>
            </div>
          </div>
        </div>
      </div>
      <!-- Manual Setup Card -->
      <div class="card">
        <div class="card-header">
          <span class="card-icon">⚙️</span>
          <h2>Manual Setup</h2>
        </div>
        <p class="card-description">
          If the buttons above don't work, you can manually create the app by
          copying the manifest JSON below:
        </p>
        <div class="code-container">
          <div class="code-header">
            <span class="code-label">github-app-manifest.json</span>
            <button class="copy-btn" onclick="copyManifest()">Copy</button>
          </div>
          <div class="code-block" id="manifest-json"></div>
        </div>
        <div class="steps">
          <div class="step">
            <div class="step-number">1</div>
            <div class="step-content">
              <p>Copy the manifest JSON above</p>
            </div>
          </div>
          <div class="step">
            <div class="step-number">2</div>
            <div class="step-content">
              <p>
                Go to
                <a
                  href="https://github.com/settings/apps/new"
                  target="_blank"
                  style="color: var(--primary-dark); text-decoration: underline"
                  >GitHub App Settings</a
                >
              </p>
            </div>
          </div>
          <div class="step">
            <div class="step-number">3</div>
            <div class="step-content">
              <p>Look for "Create from manifest" option and paste the JSON</p>
            </div>
          </div>
        </div>
      </div>
      <!-- Warning Alert -->
      <div class="alert">
        <span class="alert-icon">⚠️</span>
        <div class="alert-content">
          <strong>Important:</strong> Keep your private key secure! Never commit
          it to your repository. Always use GitHub secrets to store sensitive
          credentials.
        </div>
      </div>
    </div>
    <script>
      // Manifest configuration
      const manifest = {
        name: "Claude Code Custom App",
        description:
          "Custom GitHub App for Claude Code Action - AI-powered coding assistant for GitHub workflows",
        url: "https://github.com/anthropics/claude-code-action",
        hook_attributes: {
          url: "https://example.com/github/webhook",
          active: false,
        },
        redirect_url: "https://github.com/settings/apps/new",
        callback_urls: [],
        setup_url:
          "https://github.com/anthropics/claude-code-action/blob/main/docs/setup.md",
        public: false,
        default_permissions: {
          contents: "write",
          issues: "write",
          pull_requests: "write",
          actions: "read",
          metadata: "read",
        },
        default_events: [
          "issue_comment",
          "issues",
          "pull_request",
          "pull_request_review",
          "pull_request_review_comment",
        ],
      };
      // Populate manifest fields
      const manifestJson = JSON.stringify(manifest);
      const manifestJsonPretty = JSON.stringify(manifest, null, 2);
      document.getElementById("personal-manifest").value = manifestJson;
      document.getElementById("org-manifest").value = manifestJson;
      // Display formatted JSON
      const manifestDisplay = document.getElementById("manifest-json");
      manifestDisplay.textContent = manifestJsonPretty;
      // Submit personal form
      function submitPersonalForm() {
        document.getElementById("personal-form").submit();
      }
      // Submit organization form
      function submitOrgForm() {
        const orgName = document.getElementById("org-name").value.trim();
        if (!orgName) {
          alert("Please enter an organization name");
          document.getElementById("org-name").focus();
          return;
        }
        const form = document.getElementById("org-form");
        form.action = `https://github.com/organizations/${orgName}/settings/apps/new`;
        form.submit();
      }
      // Allow Enter key to submit org form
      document
        .getElementById("org-name")
        .addEventListener("keypress", function (e) {
          if (e.key === "Enter") {
            e.preventDefault();
            submitOrgForm();
          }
        });
      // Copy manifest to clipboard
      function copyManifest() {
        navigator.clipboard
          .writeText(manifestJsonPretty)
          .then(() => {
            const button = document.querySelector(".copy-btn");
            const originalText = button.textContent;
            button.textContent = "Copied!";
            button.classList.add("copied");
            setTimeout(() => {
              button.textContent = originalText;
              button.classList.remove("copied");
            }, 2000);
          })
          .catch(() => {
            // Fallback for older browsers
            const textArea = document.createElement("textarea");
            textArea.value = manifestJsonPretty;
            textArea.style.position = "fixed";
            textArea.style.opacity = "0";
            document.body.appendChild(textArea);
            textArea.select();
            try {
              document.execCommand("copy");
              const button = document.querySelector(".copy-btn");
              const originalText = button.textContent;
              button.textContent = "Copied!";
              button.classList.add("copied");
              setTimeout(() => {
                button.textContent = originalText;
                button.classList.remove("copied");
              }, 2000);
            } catch (err) {
              alert("Failed to copy. Please copy manually.");
            }
            document.body.removeChild(textArea);
          });
      }
    </script>
  </body>
 </html>
--- a/docs/custom-automations.md
+++ b/docs/custom-automations.md
@@ -15,7 +15,7 @@ The action automatically detects which mode to use based on your configuration:
 This action supports the following GitHub events ([learn more GitHub event triggers](https://docs.github.com/en/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows)):
- `pull_request` - When PRs are opened or synchronized
+- `pull_request` or `pull_request_target` - When PRs are opened or synchronized
 - `issue_comment` - When comments are created on issues or PRs
 - `pull_request_comment` - When comments are made on PR diffs
 - `issues` - When issues are opened or assigned
--- a/docs/faq.md
+++ b/docs/faq.md
@@ -127,7 +127,7 @@ For performance, Claude uses shallow clones:
 If you need full history, you can configure this in your workflow before calling Claude in the `actions/checkout` step.
 ```
- uses: actions/checkout@v4
+- uses: actions/checkout@v5
  depth: 0 # will fetch full repo history
 ```
--- a/docs/security.md
+++ b/docs/security.md
@@ -13,17 +13,32 @@
 - **No Cross-Repository Access**: Each action invocation is limited to the repository where it was triggered
 - **Limited Scope**: The token cannot access other repositories or perform actions beyond the configured permissions
 ## ⚠️ Prompt Injection Risks
 **Beware of potential hidden markdown when tagging Claude on untrusted content.** External contributors may include hidden instructions through HTML comments, invisible characters, hidden attributes, or other techniques. The action sanitizes content by stripping HTML comments, invisible characters, markdown image alt text, hidden HTML attributes, and HTML entities, but new bypass techniques may emerge. We recommend reviewing the raw content of all input coming from external contributors before allowing Claude to process it.
 ## GitHub App Permissions
-The [Claude Code GitHub app](https://github.com/apps/claude) requires these permissions:
+The [Claude Code GitHub app](https://github.com/apps/claude) requests the following permissions:
- **Pull Requests**: Read and write to create PRs and push changes
+### Currently Used Permissions
- **Issues**: Read and write to respond to issues
+
- **Contents**: Read and write to modify repository files
+- **Contents** (Read & Write): For reading repository files and creating branches
 - **Pull Requests** (Read & Write): For reading PR data and creating/updating pull requests
 - **Issues** (Read & Write): For reading issue data and updating issue comments
 ### Permissions for Future Features
 The following permissions are requested but not yet actively used. These will enable planned features in future releases:
 - **Discussions** (Read & Write): For interaction with GitHub Discussions
 - **Actions** (Read): For accessing workflow run data and logs
 - **Checks** (Read): For reading check run results
 - **Workflows** (Read & Write): For triggering and managing GitHub Actions workflows
 ## Commit Signing
-All commits made by Claude through this action are automatically signed with commit signatures. This ensures the authenticity and integrity of commits, providing a verifiable trail of changes made by the action.
+Commits made by Claude through this action are no longer automatically signed with commit signatures. To enable commit signing set `use_commit_signing: True` in the workflow(s). This ensures the authenticity and integrity of commits, providing a verifiable trail of changes made by the action.
 ## ⚠️ Authentication Protection
@@ -41,3 +56,31 @@ claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
 anthropic_api_key: "sk-ant-api03-..." # Exposed and vulnerable!
 claude_code_oauth_token: "oauth_token_..." # Exposed and vulnerable!
 ```
 ## ⚠️ Full Output Security Warning
 The `show_full_output` option is **disabled by default** for security reasons. When enabled, it outputs ALL Claude Code messages including:
 - Full outputs from tool executions (e.g., `ps`, `env`, file reads)
 - API responses that may contain tokens or credentials
 - File contents that may include secrets
 - Command outputs that may expose sensitive system information
 **These logs are publicly visible in GitHub Actions for public repositories!**
 ### Automatic Enabling in Debug Mode
 Full output is **automatically enabled** when GitHub Actions debug mode is active (when `ACTIONS_STEP_DEBUG` secret is set to `true`). This helps with debugging but carries the same security risks.
 ### When to Enable Full Output
 Only enable `show_full_output: true` or GitHub Actions debug mode when:
 - Working in a private repository with controlled access
 - Debugging issues in a non-production environment
 - You have verified no secrets will be exposed in the output
 - You understand the security implications
 ### Recommended Practice
 For debugging, prefer using `show_full_output: false` (the default) and rely on Claude Code's sanitized output, which shows only essential information like errors and completion status without exposing sensitive data.
--- a/docs/setup.md
+++ b/docs/setup.md
@@ -20,7 +20,48 @@ If you prefer not to install the official Claude app, you can create your own Gi
 - Organization policies prevent installing third-party apps
 - You're using AWS Bedrock or Google Vertex AI
-**Steps to create and use a custom GitHub App:**
+### Option 1: Quick Setup with App Manifest (Recommended)
 The fastest way to create a custom GitHub App is using our pre-configured manifest. This ensures all permissions are correctly set up with a single click.
 **Steps:**
 1. **Create the app:**
   **🚀 [Download the Quick Setup Tool](./create-app.html)** (Right-click → "Save Link As" or "Download Linked File")
   After downloading, open `create-app.html` in your web browser:
   - **For Personal Accounts:** Click the "Create App for Personal Account" button
   - **For Organizations:** Enter your organization name and click "Create App for Organization"
   The tool will automatically configure all required permissions and submit the manifest.
   Alternatively, you can use the manifest file directly:
   - Use the [`github-app-manifest.json`](../github-app-manifest.json) file from this repository
   - Visit https://github.com/settings/apps/new (for personal) or your organization's app settings
   - Look for the "Create from manifest" option and paste the JSON content
 2. **Complete the creation flow:**
   - GitHub will show you a preview of the app configuration
   - Confirm the app name (you can customize it)
   - Click "Create GitHub App"
   - The app will be created with all required permissions automatically configured
 3. **Generate and download a private key:**
   - After creating the app, you'll be redirected to the app settings
   - Scroll down to "Private keys"
   - Click "Generate a private key"
   - Download the `.pem` file (keep this secure!)
 4. **Continue with installation** - Skip to step 3 in the manual setup below to install the app and configure your workflow.
 ### Option 2: Manual Setup
 If you prefer to configure the app manually or need custom permissions:
 1. **Create a new GitHub App:**
@@ -76,7 +117,7 @@ If you prefer not to install the official Claude app, you can create your own Gi
             private-key: ${{ secrets.APP_PRIVATE_KEY }}
         # Use Claude with your custom app's token
-         - uses: anthropics/claude-code-action@beta
+         - uses: anthropics/claude-code-action@v1
           with:
             anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
             github_token: ${{ steps.app-token.outputs.token }}
--- a/docs/solutions.md
+++ b/docs/solutions.md
@@ -35,7 +35,7 @@ jobs:
      pull-requests: write
      id-token: write
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
        with:
          fetch-depth: 1
@@ -89,7 +89,7 @@ jobs:
      pull-requests: write
      id-token: write
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
        with:
          fetch-depth: 1
@@ -153,7 +153,7 @@ jobs:
      pull-requests: write
      id-token: write
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
        with:
          fetch-depth: 1
@@ -211,7 +211,7 @@ jobs:
      pull-requests: write
      id-token: write
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
        with:
          fetch-depth: 1
@@ -268,7 +268,7 @@ jobs:
      pull-requests: write
      id-token: write
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
        with:
          fetch-depth: 1
@@ -344,7 +344,7 @@ jobs:
      pull-requests: write
      id-token: write
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
        with:
          fetch-depth: 0
@@ -456,7 +456,7 @@ jobs:
      pull-requests: write
      id-token: write
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
        with:
          ref: ${{ github.event.pull_request.head.ref }}
          fetch-depth: 0
@@ -513,7 +513,7 @@ jobs:
      security-events: write
      id-token: write
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
        with:
          fetch-depth: 1
--- a/docs/usage.md
+++ b/docs/usage.md
@@ -32,6 +32,11 @@ jobs:
          #   --max-turns 10
          #   --model claude-4-0-sonnet-20250805
          # Optional: add custom plugin marketplaces
          # plugin_marketplaces: "https://github.com/user/marketplace1.git\nhttps://github.com/user/marketplace2.git"
          # Optional: install Claude Code plugins
          # plugins: "code-review@claude-code-plugins\nfeature-dev@claude-code-plugins"
          # Optional: add custom trigger phrase (default: @claude)
          # trigger_phrase: "/claude"
          # Optional: add assignee trigger for issues
@@ -47,33 +52,34 @@ jobs:
 ## Inputs
-| Input                            | Description                                                                                                                                                                    | Required | Default       |
+| Input                            | Description                                                                                                                                                                            | Required | Default       |
-| -------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -------- | ------------- |
+| -------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | ------------- |
-| `anthropic_api_key`              | Anthropic API key (required for direct API, not needed for Bedrock/Vertex)                                                                                                     | No\*     | -             |
+| `anthropic_api_key`              | Anthropic API key (required for direct API, not needed for Bedrock/Vertex)                                                                                                             | No\*     | -             |
-| `claude_code_oauth_token`        | Claude Code OAuth token (alternative to anthropic_api_key)                                                                                                                     | No\*     | -             |
+| `claude_code_oauth_token`        | Claude Code OAuth token (alternative to anthropic_api_key)                                                                                                                             | No\*     | -             |
-| `prompt`                         | Instructions for Claude. Can be a direct prompt or custom template for automation workflows                                                                                    | No       | -             |
+| `prompt`                         | Instructions for Claude. Can be a direct prompt or custom template for automation workflows                                                                                            | No       | -             |
-| `track_progress`                 | Force tag mode with tracking comments. Only works with specific PR/issue events. Preserves GitHub context                                                                      | No       | `false`       |
+| `track_progress`                 | Force tag mode with tracking comments. Only works with specific PR/issue events. Preserves GitHub context                                                                              | No       | `false`       |
-| `claude_args`                    | Additional arguments to pass directly to Claude CLI (e.g., `--max-turns 10 --model claude-4-0-sonnet-20250805`)                                                                | No       | ""            |
+| `claude_args`                    | Additional [arguments to pass directly to Claude CLI](https://docs.claude.com/en/docs/claude-code/cli-reference#cli-flags) (e.g., `--max-turns 10 --model claude-4-0-sonnet-20250805`) | No       | ""            |
-| `base_branch`                    | The base branch to use for creating new branches (e.g., 'main', 'develop')                                                                                                     | No       | -             |
+| `base_branch`                    | The base branch to use for creating new branches (e.g., 'main', 'develop')                                                                                                             | No       | -             |
-| `use_sticky_comment`             | Use just one comment to deliver PR comments (only applies for pull_request event workflows)                                                                                    | No       | `false`       |
+| `use_sticky_comment`             | Use just one comment to deliver PR comments (only applies for pull_request event workflows)                                                                                            | No       | `false`       |
-| `github_token`                   | GitHub token for Claude to operate with. **Only include this if you're connecting a custom GitHub app of your own!**                                                           | No       | -             |
+| `github_token`                   | GitHub token for Claude to operate with. **Only include this if you're connecting a custom GitHub app of your own!**                                                                   | No       | -             |
-| `use_bedrock`                    | Use Amazon Bedrock with OIDC authentication instead of direct Anthropic API                                                                                                    | No       | `false`       |
+| `use_bedrock`                    | Use Amazon Bedrock with OIDC authentication instead of direct Anthropic API                                                                                                            | No       | `false`       |
-| `use_vertex`                     | Use Google Vertex AI with OIDC authentication instead of direct Anthropic API                                                                                                  | No       | `false`       |
+| `use_vertex`                     | Use Google Vertex AI with OIDC authentication instead of direct Anthropic API                                                                                                          | No       | `false`       |
-| `mcp_config`                     | Additional MCP configuration (JSON string) that merges with the built-in GitHub MCP servers                                                                                    | No       | ""            |
+| `assignee_trigger`               | The assignee username that triggers the action (e.g. @claude). Only used for issue assignment                                                                                          | No       | -             |
-| `assignee_trigger`               | The assignee username that triggers the action (e.g. @claude). Only used for issue assignment                                                                                  | No       | -             |
+| `label_trigger`                  | The label name that triggers the action when applied to an issue (e.g. "claude")                                                                                                       | No       | -             |
-| `label_trigger`                  | The label name that triggers the action when applied to an issue (e.g. "claude")                                                                                               | No       | -             |
+| `trigger_phrase`                 | The trigger phrase to look for in comments, issue/PR bodies, and issue titles                                                                                                          | No       | `@claude`     |
-| `trigger_phrase`                 | The trigger phrase to look for in comments, issue/PR bodies, and issue titles                                                                                                  | No       | `@claude`     |
+| `branch_prefix`                  | The prefix to use for Claude branches (defaults to 'claude/', use 'claude-' for dash format)                                                                                           | No       | `claude/`     |
-| `branch_prefix`                  | The prefix to use for Claude branches (defaults to 'claude/', use 'claude-' for dash format)                                                                                   | No       | `claude/`     |
+| `settings`                       | Claude Code settings as JSON string or path to settings JSON file                                                                                                                      | No       | ""            |
-| `settings`                       | Claude Code settings as JSON string or path to settings JSON file                                                                                                              | No       | ""            |
+| `additional_permissions`         | Additional permissions to enable. Currently supports 'actions: read' for viewing workflow results                                                                                      | No       | ""            |
-| `additional_permissions`         | Additional permissions to enable. Currently supports 'actions: read' for viewing workflow results                                                                              | No       | ""            |
+| `experimental_allowed_domains`   | Restrict network access to these domains only (newline-separated).                                                                                                                     | No       | ""            |
-| `experimental_allowed_domains`   | Restrict network access to these domains only (newline-separated).                                                                                                             | No       | ""            |
+| `use_commit_signing`             | Enable commit signing using GitHub's commit signature verification. When false, Claude uses standard git commands                                                                      | No       | `false`       |
-| `use_commit_signing`             | Enable commit signing using GitHub's commit signature verification. When false, Claude uses standard git commands                                                              | No       | `false`       |
+| `bot_id`                         | GitHub user ID to use for git operations (defaults to Claude's bot ID)                                                                                                                 | No       | `41898282`    |
-| `bot_id`                         | GitHub user ID to use for git operations (defaults to Claude's bot ID)                                                                                                         | No       | `41898282`    |
+| `bot_name`                       | GitHub username to use for git operations (defaults to Claude's bot name)                                                                                                              | No       | `claude[bot]` |
-| `bot_name`                       | GitHub username to use for git operations (defaults to Claude's bot name)                                                                                                      | No       | `claude[bot]` |
+| `allowed_bots`                   | Comma-separated list of allowed bot usernames, or '\*' to allow all bots. Empty string (default) allows no bots                                                                        | No       | ""            |
-| `allowed_bots`                   | Comma-separated list of allowed bot usernames, or '\*' to allow all bots. Empty string (default) allows no bots                                                                | No       | ""            |
+| `allowed_non_write_users`        | **⚠️ RISKY**: Comma-separated list of usernames to allow without write permissions, or '\*' for all users. Only works with `github_token` input. See [Security](./security.md)         | No       | ""            |
-| `allowed_non_write_users`        | **⚠️ RISKY**: Comma-separated list of usernames to allow without write permissions, or '\*' for all users. Only works with `github_token` input. See [Security](./security.md) | No       | ""            |
+| `path_to_claude_code_executable` | Optional path to a custom Claude Code executable. Skips automatic installation. Useful for Nix, custom containers, or specialized environments                                         | No       | ""            |
-| `path_to_claude_code_executable` | Optional path to a custom Claude Code executable. Skips automatic installation. Useful for Nix, custom containers, or specialized environments                                 | No       | ""            |
+| `path_to_bun_executable`         | Optional path to a custom Bun executable. Skips automatic Bun installation. Useful for Nix, custom containers, or specialized environments                                             | No       | ""            |
-| `path_to_bun_executable`         | Optional path to a custom Bun executable. Skips automatic Bun installation. Useful for Nix, custom containers, or specialized environments                                     | No       | ""            |
+| `plugin_marketplaces`            | Newline-separated list of Claude Code plugin marketplace Git URLs to install from (e.g., see example in workflow above). Marketplaces are added before plugin installation             | No       | ""            |
 | `plugins`                        | Newline-separated list of Claude Code plugin names to install (e.g., see example in workflow above). Plugins are installed before Claude Code execution                                | No       | ""            |
 ### Deprecated Inputs
@@ -90,6 +96,7 @@ These inputs are deprecated and will be removed in a future version:
 | `fallback_model`      | **DEPRECATED**: Use `claude_args` with fallback configuration                                | Configure fallback in `claude_args` or `settings`              |
 | `allowed_tools`       | **DEPRECATED**: Use `claude_args` with `--allowedTools` instead                              | Use `claude_args: "--allowedTools Edit,Read,Write"`            |
 | `disallowed_tools`    | **DEPRECATED**: Use `claude_args` with `--disallowedTools` instead                           | Use `claude_args: "--disallowedTools WebSearch"`               |
 | `mcp_config`          | **DEPRECATED**: Use `claude_args` with `--mcp-config` instead                                | Use `claude_args: "--mcp-config '{...}'"`                      |
 | `claude_env`          | **DEPRECATED**: Use `settings` with env configuration                                        | Configure environment in `settings` JSON                       |
 \*Required when using direct Anthropic API (default and when not using Bedrock or Vertex)
@@ -178,6 +185,74 @@ For a comprehensive guide on migrating from v0.x to v1.0, including step-by-step
      Focus on the changed files in this PR.
 ```
 ## Structured Outputs
 Get validated JSON results from Claude that automatically become GitHub Action outputs. This enables building complex automation workflows where Claude analyzes data and subsequent steps use the results.
 ### Basic Example
 ```yaml
 - name: Detect flaky tests
  id: analyze
  uses: anthropics/claude-code-action@v1
  with:
    anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
    prompt: |
      Check the CI logs and determine if this is a flaky test.
      Return: is_flaky (boolean), confidence (0-1), summary (string)
    claude_args: |
      --json-schema '{"type":"object","properties":{"is_flaky":{"type":"boolean"},"confidence":{"type":"number"},"summary":{"type":"string"}},"required":["is_flaky"]}'
 - name: Retry if flaky
  if: fromJSON(steps.analyze.outputs.structured_output).is_flaky == true
  run: gh workflow run CI
 ```
 ### How It Works
 1. **Define Schema**: Provide a JSON schema via `--json-schema` flag in `claude_args`
 2. **Claude Executes**: Claude uses tools to complete your task
 3. **Validated Output**: Result is validated against your schema
 4. **JSON Output**: All fields are returned in a single `structured_output` JSON string
 ### Accessing Structured Outputs
 All structured output fields are available in the `structured_output` output as a JSON string:
 **In GitHub Actions expressions:**
 ```yaml
 if: fromJSON(steps.analyze.outputs.structured_output).is_flaky == true
 run: |
  CONFIDENCE=${{ fromJSON(steps.analyze.outputs.structured_output).confidence }}
 ```
 **In bash with jq:**
 ```yaml
 - name: Process results
  run: |
    OUTPUT='${{ steps.analyze.outputs.structured_output }}'
    IS_FLAKY=$(echo "$OUTPUT" | jq -r '.is_flaky')
    SUMMARY=$(echo "$OUTPUT" | jq -r '.summary')
 ```
 **Note**: Due to GitHub Actions limitations, composite actions cannot expose dynamic outputs. All fields are bundled in the single `structured_output` JSON string.
 ### Complete Example
 See `examples/test-failure-analysis.yml` for a working example that:
 - Detects flaky test failures
 - Uses confidence thresholds in conditionals
 - Auto-retries workflows
 - Comments on PRs
 ### Documentation
 For complete details on JSON Schema syntax and Agent SDK structured outputs:
 https://docs.claude.com/en/docs/agent-sdk/structured-outputs
 ## Ways to Tag @claude
 These examples show how to interact with Claude using comments in PRs and issues. By default, Claude will be triggered anytime you mention `@claude`, but you can customize the exact trigger phrase using the `trigger_phrase` input in the workflow.
--- a/examples/ci-failure-auto-fix.yml
+++ b/examples/ci-failure-auto-fix.yml
@@ -22,7 +22,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
        with:
          ref: ${{ github.event.workflow_run.head_branch }}
          fetch-depth: 0
--- a/examples/claude.yml
+++ b/examples/claude.yml
@@ -26,7 +26,7 @@ jobs:
      actions: read # Required for Claude to read CI results on PRs
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
        with:
          fetch-depth: 1
--- a/examples/issue-deduplication.yml
+++ b/examples/issue-deduplication.yml
@@ -15,7 +15,7 @@ jobs:
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
        with:
          fetch-depth: 1
--- a/examples/issue-triage.yml
+++ b/examples/issue-triage.yml
@@ -14,7 +14,7 @@ jobs:
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
        with:
          fetch-depth: 0
--- a/examples/manual-code-analysis.yml
+++ b/examples/manual-code-analysis.yml
@@ -23,7 +23,7 @@ jobs:
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
        with:
          fetch-depth: 2 # Need at least 2 commits to analyze the latest
--- a/examples/pr-review-comprehensive.yml
+++ b/examples/pr-review-comprehensive.yml
@@ -16,7 +16,7 @@ jobs:
      id-token: write
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
        with:
          fetch-depth: 1
--- a/examples/pr-review-filtered-authors.yml
+++ b/examples/pr-review-filtered-authors.yml
@@ -18,7 +18,7 @@ jobs:
      id-token: write
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
        with:
          fetch-depth: 1
--- a/examples/pr-review-filtered-paths.yml
+++ b/examples/pr-review-filtered-paths.yml
@@ -19,7 +19,7 @@ jobs:
      id-token: write
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
        with:
          fetch-depth: 1
--- a/examples/test-failure-analysis.yml
+++ b/examples/test-failure-analysis.yml
@@ -0,0 +1,114 @@
 name: Auto-Retry Flaky Tests
 # This example demonstrates using structured outputs to detect flaky test failures
 # and automatically retry them, reducing noise from intermittent failures.
 #
 # Use case: When CI fails, automatically determine if it's likely flaky and retry if so.
 on:
  workflow_run:
    workflows: ["CI"]
    types: [completed]
 permissions:
  contents: read
  actions: write
 jobs:
  detect-flaky:
    runs-on: ubuntu-latest
    if: ${{ github.event.workflow_run.conclusion == 'failure' }}
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
      - name: Detect flaky test failures
        id: detect
        uses: anthropics/claude-code-action@main
        with:
          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
          prompt: |
            The CI workflow failed: ${{ github.event.workflow_run.html_url }}
            Check the logs: gh run view ${{ github.event.workflow_run.id }} --log-failed
            Determine if this looks like a flaky test failure by checking for:
            - Timeout errors
            - Race conditions
            - Network errors
            - "Expected X but got Y" intermittent failures
            - Tests that passed in previous commits
            Return:
            - is_flaky: true if likely flaky, false if real bug
            - confidence: number 0-1 indicating confidence level
            - summary: brief one-sentence explanation
          claude_args: |
            --json-schema '{"type":"object","properties":{"is_flaky":{"type":"boolean","description":"Whether this appears to be a flaky test failure"},"confidence":{"type":"number","minimum":0,"maximum":1,"description":"Confidence level in the determination"},"summary":{"type":"string","description":"One-sentence explanation of the failure"}},"required":["is_flaky","confidence","summary"]}'
      # Auto-retry only if flaky AND high confidence (>= 0.7)
      - name: Retry flaky tests
        if: |
          fromJSON(steps.detect.outputs.structured_output).is_flaky == true &&
          fromJSON(steps.detect.outputs.structured_output).confidence >= 0.7
        env:
          GH_TOKEN: ${{ github.token }}
        run: |
          OUTPUT='${{ steps.detect.outputs.structured_output }}'
          CONFIDENCE=$(echo "$OUTPUT" | jq -r '.confidence')
          SUMMARY=$(echo "$OUTPUT" | jq -r '.summary')
          echo "🔄 Flaky test detected (confidence: $CONFIDENCE)"
          echo "Summary: $SUMMARY"
          echo ""
          echo "Triggering automatic retry..."
          gh workflow run "${{ github.event.workflow_run.name }}" \
            --ref "${{ github.event.workflow_run.head_branch }}"
      # Low confidence flaky detection - skip retry
      - name: Low confidence detection
        if: |
          fromJSON(steps.detect.outputs.structured_output).is_flaky == true &&
          fromJSON(steps.detect.outputs.structured_output).confidence < 0.7
        run: |
          OUTPUT='${{ steps.detect.outputs.structured_output }}'
          CONFIDENCE=$(echo "$OUTPUT" | jq -r '.confidence')
          echo "⚠️ Possible flaky test but confidence too low ($CONFIDENCE)"
          echo "Not retrying automatically - manual review recommended"
      # Comment on PR if this was a PR build
      - name: Comment on PR
        if: github.event.workflow_run.event == 'pull_request'
        env:
          GH_TOKEN: ${{ github.token }}
        run: |
          OUTPUT='${{ steps.detect.outputs.structured_output }}'
          IS_FLAKY=$(echo "$OUTPUT" | jq -r '.is_flaky')
          CONFIDENCE=$(echo "$OUTPUT" | jq -r '.confidence')
          SUMMARY=$(echo "$OUTPUT" | jq -r '.summary')
          pr_number=$(gh pr list --head "${{ github.event.workflow_run.head_branch }}" --json number --jq '.[0].number')
          if [ -n "$pr_number" ]; then
            if [ "$IS_FLAKY" = "true" ]; then
              TITLE="🔄 Flaky Test Detected"
              ACTION="✅ Automatically retrying the workflow"
            else
              TITLE="❌ Test Failure"
              ACTION="⚠️ This appears to be a real bug - manual intervention needed"
            fi
            gh pr comment "$pr_number" --body "$(cat <<EOF
          ## $TITLE
          **Analysis**: $SUMMARY
          **Confidence**: $CONFIDENCE
          $ACTION
          [View workflow run](${{ github.event.workflow_run.html_url }})
          EOF
          )"
          fi
--- a/github-app-manifest.json
+++ b/github-app-manifest.json
@@ -0,0 +1,27 @@
 {
  "name": "Claude Code Custom App",
  "description": "Custom GitHub App for Claude Code Action - AI-powered coding assistant for GitHub workflows",
  "url": "https://github.com/anthropics/claude-code-action",
  "hook_attributes": {
    "url": "https://example.com/github/webhook",
    "active": false
  },
  "redirect_url": "https://github.com/settings/apps/new",
  "callback_urls": [],
  "setup_url": "https://github.com/anthropics/claude-code-action/blob/main/docs/setup.md",
  "public": false,
  "default_permissions": {
    "contents": "write",
    "issues": "write",
    "pull_requests": "write",
    "actions": "read",
    "metadata": "read"
  },
  "default_events": [
    "issue_comment",
    "issues",
    "pull_request",
    "pull_request_review",
    "pull_request_review_comment"
  ]
 }
--- a/src/create-prompt/index.ts
+++ b/src/create-prompt/index.ts
@@ -384,6 +384,7 @@ export function getEventTypeAndContext(envVars: PreparedContext): {
      };
    case "pull_request":
    case "pull_request_target":
      return {
        eventType: "PULL_REQUEST",
        triggerContext: eventData.eventAction
@@ -683,7 +684,7 @@ ${
 - Display the todo list as a checklist in the GitHub comment and mark things off as you go.
 - REPOSITORY SETUP INSTRUCTIONS: The repository's CLAUDE.md file(s) contain critical repo-specific setup instructions, development guidelines, and preferences. Always read and follow these files, particularly the root CLAUDE.md, as they provide essential context for working with the codebase effectively.
 - Use h3 headers (###) for section titles in your comments, not h1 headers (#).
- Your comment must always include the job run link (and branch link if there is one) at the bottom.
+- Your comment must always include the job run link in the format "[View job run](${GITHUB_SERVER_URL}/${context.repository}/actions/runs/${process.env.GITHUB_RUN_ID})" at the bottom of your response (branch link if there is one should also be included there).
 CAPABILITIES AND LIMITATIONS:
 When users ask you to do something, be aware of what you can and cannot do. This section helps you understand how to respond when users request actions outside your scope.
@@ -708,7 +709,7 @@ What You CANNOT Do:
 - Modify files in the .github/workflows directory (GitHub App permissions do not allow workflow modifications)
 When users ask you to perform actions you cannot do, politely explain the limitation and, when applicable, direct them to the FAQ for more information and workarounds:
-"I'm unable to [specific action] due to [reason]. You can find more information and potential workarounds in the [FAQ](https://github.com/anthropics/claude-code-action/blob/main/FAQ.md)."
+"I'm unable to [specific action] due to [reason]. You can find more information and potential workarounds in the [FAQ](https://github.com/anthropics/claude-code-action/blob/main/docs/faq.md)."
 If a user asks for something outside these capabilities (and you have no other tools provided), politely explain that you cannot perform that action and suggest an alternative approach if possible.
--- a/src/create-prompt/types.ts
+++ b/src/create-prompt/types.ts
@@ -78,8 +78,7 @@ type IssueLabeledEvent = {
  labelTrigger: string;
 };
-type PullRequestEvent = {
+type PullRequestBaseEvent = {
  eventName: "pull_request";
  eventAction?: string; // opened, synchronize, etc.
  isPR: true;
  prNumber: string;
@@ -87,6 +86,14 @@ type PullRequestEvent = {
  baseBranch?: string;
 };
 type PullRequestEvent = PullRequestBaseEvent & {
  eventName: "pull_request";
 };
 type PullRequestTargetEvent = PullRequestBaseEvent & {
  eventName: "pull_request_target";
 };
 // Union type for all possible event types
 export type EventData =
  | PullRequestReviewCommentEvent
@@ -96,7 +103,8 @@ export type EventData =
  | IssueOpenedEvent
  | IssueAssignedEvent
  | IssueLabeledEvent
-  | PullRequestEvent;
+  | PullRequestEvent
  | PullRequestTargetEvent;
 // Combined type with separate eventData field
 export type PreparedContext = CommonFields & {
--- a/src/github/context.ts
+++ b/src/github/context.ts
@@ -174,7 +174,8 @@ export function parseGitHubContext(): GitHubContext {
        isPR: Boolean(payload.issue.pull_request),
      };
    }
-    case "pull_request": {
+    case "pull_request":
    case "pull_request_target": {
      const payload = context.payload as PullRequestEvent;
      return {
        ...commonFields,
--- a/src/mcp/install-mcp-server.ts
+++ b/src/mcp/install-mcp-server.ts
@@ -209,7 +209,7 @@ export async function prepareMcpConfig(
          "GITHUB_PERSONAL_ACCESS_TOKEN",
          "-e",
          "GITHUB_HOST",
-          "ghcr.io/github/github-mcp-server:sha-efef8ae", // https://github.com/github/github-mcp-server/releases/tag/v0.9.0
+          "ghcr.io/github/github-mcp-server:sha-23fa0dd", // https://github.com/github/github-mcp-server/releases/tag/v0.17.1
        ],
        env: {
          GITHUB_PERSONAL_ACCESS_TOKEN: githubToken,
--- a/src/modes/agent/parse-tools.ts
+++ b/src/modes/agent/parse-tools.ts
@@ -1,10 +1,10 @@
 export function parseAllowedTools(claudeArgs: string): string[] {
-  // Match --allowedTools followed by the value
+  // Match --allowedTools or --allowed-tools followed by the value
  // Handle both quoted and unquoted values
  const patterns = [
-    /--allowedTools\s+"([^"]+)"/, // Double quoted
+    /--(?:allowedTools|allowed-tools)\s+"([^"]+)"/, // Double quoted
-    /--allowedTools\s+'([^']+)'/, // Single quoted
+    /--(?:allowedTools|allowed-tools)\s+'([^']+)'/, // Single quoted
-    /--allowedTools\s+([^\s]+)/, // Unquoted
+    /--(?:allowedTools|allowed-tools)\s+([^\s]+)/, // Unquoted
  ];
  for (const pattern of patterns) {
--- a/test/modes/parse-tools.test.ts
+++ b/test/modes/parse-tools.test.ts
@@ -68,4 +68,20 @@ describe("parseAllowedTools", () => {
      "mcp__github_comment__update",
    ]);
  });
  test("parses kebab-case --allowed-tools", () => {
    const args = "--allowed-tools mcp__github__*,mcp__github_comment__*";
    expect(parseAllowedTools(args)).toEqual([
      "mcp__github__*",
      "mcp__github_comment__*",
    ]);
  });
  test("parses quoted kebab-case --allowed-tools", () => {
    const args = '--allowed-tools "mcp__github__*,mcp__github_comment__*"';
    expect(parseAllowedTools(args)).toEqual([
      "mcp__github__*",
      "mcp__github_comment__*",
    ]);
  });
 });
--- a/test/pull-request-target.test.ts
+++ b/test/pull-request-target.test.ts
@@ -0,0 +1,504 @@
 #!/usr/bin/env bun
 import { describe, test, expect } from "bun:test";
 import {
  getEventTypeAndContext,
  generatePrompt,
  generateDefaultPrompt,
 } from "../src/create-prompt";
 import type { PreparedContext } from "../src/create-prompt";
 import type { Mode } from "../src/modes/types";
 describe("pull_request_target event support", () => {
  // Mock tag mode for testing
  const mockTagMode: Mode = {
    name: "tag",
    description: "Tag mode",
    shouldTrigger: () => true,
    prepareContext: (context) => ({ mode: "tag", githubContext: context }),
    getAllowedTools: () => [],
    getDisallowedTools: () => [],
    shouldCreateTrackingComment: () => true,
    generatePrompt: (context, githubData, useCommitSigning) =>
      generateDefaultPrompt(context, githubData, useCommitSigning),
    prepare: async () => ({
      commentId: 123,
      branchInfo: {
        baseBranch: "main",
        currentBranch: "main",
        claudeBranch: undefined,
      },
      mcpConfig: "{}",
    }),
  };
  const mockGitHubData = {
    contextData: {
      title: "External PR via pull_request_target",
      body: "This PR comes from a forked repository",
      author: { login: "external-contributor" },
      state: "OPEN",
      createdAt: "2023-01-01T00:00:00Z",
      additions: 25,
      deletions: 3,
      baseRefName: "main",
      headRefName: "feature-branch",
      headRefOid: "abc123",
      commits: {
        totalCount: 2,
        nodes: [
          {
            commit: {
              oid: "commit1",
              message: "Initial feature implementation",
              author: {
                name: "External Dev",
                email: "external@example.com",
              },
            },
          },
          {
            commit: {
              oid: "commit2",
              message: "Fix typos and formatting",
              author: {
                name: "External Dev",
                email: "external@example.com",
              },
            },
          },
        ],
      },
      files: {
        nodes: [
          {
            path: "src/feature.ts",
            additions: 20,
            deletions: 2,
            changeType: "MODIFIED",
          },
          {
            path: "tests/feature.test.ts",
            additions: 5,
            deletions: 1,
            changeType: "ADDED",
          },
        ],
      },
      comments: { nodes: [] },
      reviews: { nodes: [] },
    },
    comments: [],
    changedFiles: [],
    changedFilesWithSHA: [
      {
        path: "src/feature.ts",
        additions: 20,
        deletions: 2,
        changeType: "MODIFIED",
        sha: "abc123",
      },
      {
        path: "tests/feature.test.ts",
        additions: 5,
        deletions: 1,
        changeType: "ADDED",
        sha: "abc123",
      },
    ],
    reviewData: { nodes: [] },
    imageUrlMap: new Map<string, string>(),
  };
  describe("prompt generation for pull_request_target", () => {
    test("should generate correct prompt for pull_request_target event", () => {
      const envVars: PreparedContext = {
        repository: "owner/repo",
        claudeCommentId: "12345",
        triggerPhrase: "@claude",
        eventData: {
          eventName: "pull_request_target",
          eventAction: "opened",
          isPR: true,
          prNumber: "123",
        },
      };
      const prompt = generatePrompt(
        envVars,
        mockGitHubData,
        false,
        mockTagMode,
      );
      // Should contain pull request event type and metadata
      expect(prompt).toContain("<event_type>PULL_REQUEST</event_type>");
      expect(prompt).toContain("<is_pr>true</is_pr>");
      expect(prompt).toContain("<pr_number>123</pr_number>");
      expect(prompt).toContain(
        "<trigger_context>pull request opened</trigger_context>",
      );
      // Should contain PR-specific information
      expect(prompt).toContain(
        "- src/feature.ts (MODIFIED) +20/-2 SHA: abc123",
      );
      expect(prompt).toContain(
        "- tests/feature.test.ts (ADDED) +5/-1 SHA: abc123",
      );
      expect(prompt).toContain("external-contributor");
      expect(prompt).toContain("<repository>owner/repo</repository>");
    });
    test("should handle pull_request_target with commit signing disabled", () => {
      const envVars: PreparedContext = {
        repository: "owner/repo",
        claudeCommentId: "12345",
        triggerPhrase: "@claude",
        eventData: {
          eventName: "pull_request_target",
          eventAction: "synchronize",
          isPR: true,
          prNumber: "456",
        },
      };
      const prompt = generatePrompt(
        envVars,
        mockGitHubData,
        false,
        mockTagMode,
      );
      // Should include git commands for non-commit-signing mode
      expect(prompt).toContain("git push");
      expect(prompt).toContain(
        "Always push to the existing branch when triggered on a PR",
      );
      expect(prompt).toContain("mcp__github_comment__update_claude_comment");
      // Should not include commit signing tools
      expect(prompt).not.toContain("mcp__github_file_ops__commit_files");
    });
    test("should handle pull_request_target with commit signing enabled", () => {
      const envVars: PreparedContext = {
        repository: "owner/repo",
        claudeCommentId: "12345",
        triggerPhrase: "@claude",
        eventData: {
          eventName: "pull_request_target",
          eventAction: "synchronize",
          isPR: true,
          prNumber: "456",
        },
      };
      const prompt = generatePrompt(envVars, mockGitHubData, true, mockTagMode);
      // Should include commit signing tools
      expect(prompt).toContain("mcp__github_file_ops__commit_files");
      expect(prompt).toContain("mcp__github_file_ops__delete_files");
      expect(prompt).toContain("mcp__github_comment__update_claude_comment");
      // Should not include git command instructions
      expect(prompt).not.toContain("Use git commands via the Bash tool");
    });
    test("should treat pull_request_target same as pull_request in prompt generation", () => {
      const baseContext: PreparedContext = {
        repository: "owner/repo",
        claudeCommentId: "12345",
        triggerPhrase: "@claude",
        eventData: {
          eventName: "pull_request_target",
          eventAction: "opened",
          isPR: true,
          prNumber: "123",
        },
      };
      // Generate prompt for pull_request
      const pullRequestContext: PreparedContext = {
        ...baseContext,
        eventData: {
          ...baseContext.eventData,
          eventName: "pull_request",
          isPR: true,
          prNumber: "123",
        },
      };
      // Generate prompt for pull_request_target
      const pullRequestTargetContext: PreparedContext = {
        ...baseContext,
        eventData: {
          ...baseContext.eventData,
          eventName: "pull_request_target",
          isPR: true,
          prNumber: "123",
        },
      };
      const pullRequestPrompt = generatePrompt(
        pullRequestContext,
        mockGitHubData,
        false,
        mockTagMode,
      );
      const pullRequestTargetPrompt = generatePrompt(
        pullRequestTargetContext,
        mockGitHubData,
        false,
        mockTagMode,
      );
      // Both should have the same event type and structure
      expect(pullRequestPrompt).toContain(
        "<event_type>PULL_REQUEST</event_type>",
      );
      expect(pullRequestTargetPrompt).toContain(
        "<event_type>PULL_REQUEST</event_type>",
      );
      expect(pullRequestPrompt).toContain(
        "<trigger_context>pull request opened</trigger_context>",
      );
      expect(pullRequestTargetPrompt).toContain(
        "<trigger_context>pull request opened</trigger_context>",
      );
      // Both should contain PR-specific instructions
      expect(pullRequestPrompt).toContain(
        "Always push to the existing branch when triggered on a PR",
      );
      expect(pullRequestTargetPrompt).toContain(
        "Always push to the existing branch when triggered on a PR",
      );
    });
    test("should handle pull_request_target in agent mode with custom prompt", () => {
      const envVars: PreparedContext = {
        repository: "test/repo",
        claudeCommentId: "12345",
        triggerPhrase: "@claude",
        prompt: "Review this pull_request_target PR for security issues",
        eventData: {
          eventName: "pull_request_target",
          eventAction: "opened",
          isPR: true,
          prNumber: "789",
        },
      };
      // Use agent mode which passes through the prompt as-is
      const mockAgentMode: Mode = {
        name: "agent",
        description: "Agent mode",
        shouldTrigger: () => true,
        prepareContext: (context) => ({
          mode: "agent",
          githubContext: context,
        }),
        getAllowedTools: () => [],
        getDisallowedTools: () => [],
        shouldCreateTrackingComment: () => true,
        generatePrompt: (context) => context.prompt || "default prompt",
        prepare: async () => ({
          commentId: 123,
          branchInfo: {
            baseBranch: "main",
            currentBranch: "main",
            claudeBranch: undefined,
          },
          mcpConfig: "{}",
        }),
      };
      const prompt = generatePrompt(
        envVars,
        mockGitHubData,
        false,
        mockAgentMode,
      );
      expect(prompt).toBe(
        "Review this pull_request_target PR for security issues",
      );
    });
    test("should handle pull_request_target with no custom prompt", () => {
      const envVars: PreparedContext = {
        repository: "test/repo",
        claudeCommentId: "12345",
        triggerPhrase: "@claude",
        eventData: {
          eventName: "pull_request_target",
          eventAction: "synchronize",
          isPR: true,
          prNumber: "456",
        },
      };
      const prompt = generatePrompt(
        envVars,
        mockGitHubData,
        false,
        mockTagMode,
      );
      // Should generate default prompt structure
      expect(prompt).toContain("<event_type>PULL_REQUEST</event_type>");
      expect(prompt).toContain("<pr_number>456</pr_number>");
      expect(prompt).toContain(
        "Always push to the existing branch when triggered on a PR",
      );
    });
  });
  describe("pull_request_target vs pull_request behavior consistency", () => {
    test("should produce identical event processing for both event types", () => {
      const baseEventData = {
        eventAction: "opened",
        isPR: true,
        prNumber: "100",
      };
      const pullRequestEvent: PreparedContext = {
        repository: "owner/repo",
        claudeCommentId: "12345",
        triggerPhrase: "@claude",
        eventData: {
          ...baseEventData,
          eventName: "pull_request",
          isPR: true,
          prNumber: "100",
        },
      };
      const pullRequestTargetEvent: PreparedContext = {
        repository: "owner/repo",
        claudeCommentId: "12345",
        triggerPhrase: "@claude",
        eventData: {
          ...baseEventData,
          eventName: "pull_request_target",
          isPR: true,
          prNumber: "100",
        },
      };
      // Both should have identical event type detection
      const prResult = getEventTypeAndContext(pullRequestEvent);
      const prtResult = getEventTypeAndContext(pullRequestTargetEvent);
      expect(prResult.eventType).toBe(prtResult.eventType);
      expect(prResult.triggerContext).toBe(prtResult.triggerContext);
    });
    test("should handle edge cases in pull_request_target events", () => {
      // Test with minimal event data
      const minimalContext: PreparedContext = {
        repository: "owner/repo",
        claudeCommentId: "12345",
        triggerPhrase: "@claude",
        eventData: {
          eventName: "pull_request_target",
          isPR: true,
          prNumber: "1",
        },
      };
      const result = getEventTypeAndContext(minimalContext);
      expect(result.eventType).toBe("PULL_REQUEST");
      expect(result.triggerContext).toBe("pull request event");
      // Should not throw when generating prompt
      expect(() => {
        generatePrompt(minimalContext, mockGitHubData, false, mockTagMode);
      }).not.toThrow();
    });
    test("should handle all valid pull_request_target actions", () => {
      const actions = ["opened", "synchronize", "reopened", "closed", "edited"];
      actions.forEach((action) => {
        const context: PreparedContext = {
          repository: "owner/repo",
          claudeCommentId: "12345",
          triggerPhrase: "@claude",
          eventData: {
            eventName: "pull_request_target",
            eventAction: action,
            isPR: true,
            prNumber: "1",
          },
        };
        const result = getEventTypeAndContext(context);
        expect(result.eventType).toBe("PULL_REQUEST");
        expect(result.triggerContext).toBe(`pull request ${action}`);
      });
    });
  });
  describe("security considerations for pull_request_target", () => {
    test("should maintain same prompt structure regardless of event source", () => {
      // Test that external PRs don't get different treatment in prompts
      const internalPR: PreparedContext = {
        repository: "owner/repo",
        claudeCommentId: "12345",
        triggerPhrase: "@claude",
        eventData: {
          eventName: "pull_request",
          eventAction: "opened",
          isPR: true,
          prNumber: "1",
        },
      };
      const externalPR: PreparedContext = {
        repository: "owner/repo",
        claudeCommentId: "12345",
        triggerPhrase: "@claude",
        eventData: {
          eventName: "pull_request_target",
          eventAction: "opened",
          isPR: true,
          prNumber: "1",
        },
      };
      const internalPrompt = generatePrompt(
        internalPR,
        mockGitHubData,
        false,
        mockTagMode,
      );
      const externalPrompt = generatePrompt(
        externalPR,
        mockGitHubData,
        false,
        mockTagMode,
      );
      // Should have same tool access patterns
      expect(
        internalPrompt.includes("mcp__github_comment__update_claude_comment"),
      ).toBe(
        externalPrompt.includes("mcp__github_comment__update_claude_comment"),
      );
      // Should have same branch handling instructions
      expect(
        internalPrompt.includes(
          "Always push to the existing branch when triggered on a PR",
        ),
      ).toBe(
        externalPrompt.includes(
          "Always push to the existing branch when triggered on a PR",
        ),
      );
    });
  });
 });
Author	SHA1	Message	Date
Ashwin Bhat	798cf0988d	chore: add retry loop to Claude Code installation (#694 ) * chore: add --debug and retry loop to Claude Code installation Adds 2-minute timeout with up to 3 retry attempts for installation. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * fix: remove unsupported --debug flag from install script 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> --------- Co-authored-by: Claude <noreply@anthropic.com>	2025-11-21 16:52:35 -08:00
GitHub Actions	8458f4399d	chore: bump Claude Code version to 2.0.50	2025-11-21 23:16:27 +00:00
GitHub Actions	f9b2917716	chore: bump Claude Code version to 2.0.49	2025-11-21 01:31:39 +00:00
Ashwin Bhat	f092d4cefd	feat: add Microsoft Foundry provider support (#684 ) * feat: add Azure AI Foundry provider support Add support for Azure AI Foundry as a fourth cloud provider option alongside Anthropic API, AWS Bedrock, and Google Vertex AI. Changes: - Add use_foundry input to enable Azure AI Foundry authentication - Add Azure environment variables (ANTHROPIC_FOUNDRY_RESOURCE, ANTHROPIC_FOUNDRY_API_KEY, ANTHROPIC_FOUNDRY_BASE_URL) - Support automatic base URL construction from resource name - Add validation logic with mutual exclusivity checks for all providers - Add comprehensive test coverage (7 Azure-specific tests, 3 mutual exclusivity tests) - Add complete Azure AI Foundry documentation with OIDC and API key authentication - Update README to reference Azure AI Foundry support Features: - Primary authentication via Microsoft Entra ID (OIDC) using azure/login action - Optional API key authentication fallback - Custom model deployment name support via ANTHROPIC_DEFAULT__MODEL variables - Clear validation error messages for missing configuration All tests pass (25 validation tests total). 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> refactor: rename Azure AI Foundry to Microsoft Foundry and remove API key support - Rename all references from "Azure AI Foundry" to "Microsoft Foundry" - Remove ANTHROPIC_FOUNDRY_API_KEY support (OIDC only) - Update documentation to reflect OIDC-only authentication - Update tests to remove API key test case 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * docs: simplify Microsoft Foundry setup and remove URL auto-construction - Link to official docs instead of duplicating setup instructions - Remove automatic base URL construction from resource name - Pass ANTHROPIC_FOUNDRY_BASE_URL as-is 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> --------- Co-authored-by: Claude <noreply@anthropic.com>	2025-11-20 13:50:13 -08:00
Jose Garcia	c2edeab4c3	added: AWS_BEARER_TOKEN_BEDROCK authentication capabilities (#692 )	2025-11-20 13:47:12 -08:00
Ashwin Bhat	4318310481	chore: limit PR review workflow to opened events only (#691 ) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Claude <noreply@anthropic.com>	2025-11-20 12:09:21 -08:00
Kyle Altendorf	11571151c4	update docs re: commit signing no longer default (#675 ) * update docs re: commit signing no longer default * format	2025-11-20 07:13:10 -08:00
GitHub Actions	70193f466c	chore: bump Claude Code version to 2.0.47	2025-11-19 23:12:47 +00:00
GitHub Actions	9db20ef677	chore: bump Claude Code version to 2.0.46	2025-11-19 04:58:56 +00:00
bogini	6902c227aa	feat: add structured output support via --json-schema argument (#687 ) * feat: add structured output support Add support for Agent SDK structured outputs. New input: json_schema Output: structured_output (JSON string) Access: fromJSON(steps.id.outputs.structured_output).field Docs: https://docs.claude.com/en/docs/agent-sdk/structured-outputs * rm unused * refactor: simplify structured outputs to use claude_args Remove json_schema input in favor of passing --json-schema flag directly in claude_args. This simplifies the interface by treating structured outputs like other CLI flags (--model, --max-turns, etc.) instead of as a special input that gets injected. Users now specify: claude_args: '--json-schema {...}' Instead of separate: json_schema: {...} 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * chore: remove unused json-schema util and revert version - Remove src/utils/json-schema.ts (no longer used after refactor) - Revert Claude Code version from 2.0.45 back to 2.0.42 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> --------- Co-authored-by: Claude <noreply@anthropic.com>	2025-11-18 17:18:05 -08:00
GitHub Actions	e45f28fae7	chore: bump Claude Code version to 2.0.45	2025-11-18 16:50:24 +00:00
GitHub Actions	8c4e1e7eb1	chore: bump Claude Code version to 2.0.44	2025-11-18 04:50:59 +00:00
GitHub Actions	906bd89c74	chore: bump Claude Code version to 2.0.43	2025-11-18 00:29:32 +00:00
GitHub Actions	08f88abe2b	chore: bump Claude Code version to 2.0.42	2025-11-15 00:17:35 +00:00
GitHub Actions	14ab4250bb	chore: bump Claude Code version to 2.0.37	2025-11-11 00:21:46 +00:00
GitHub Actions	c7fdd19642	chore: bump Claude Code version to 2.0.36	2025-11-07 22:08:15 +00:00
GitHub Actions	92d173475f	chore: bump Claude Code version to 2.0.35	2025-11-06 21:07:07 +00:00
GitHub Actions	108e982900	chore: bump Claude Code version to 2.0.34	2025-11-05 21:11:28 +00:00
GitHub Actions	7bb53ae6ee	chore: bump Claude Code version to 2.0.33	2025-11-04 23:40:50 +00:00
GitHub Actions	804b418b93	chore: bump Claude Code version to 2.0.32	2025-11-03 23:22:17 +00:00
GitHub Actions	500439cb9b	chore: bump Claude Code version to 2.0.31	2025-10-31 22:00:23 +00:00
GitHub Actions	4cda0ef6d1	chore: bump Claude Code version to 2.0.30	2025-10-30 23:35:37 +00:00
Ashwin Bhat	037b85d0d2	docs: update action version from @beta to @v1 in docs (#650 ) Updates documentation examples to use @v1 instead of @beta in: - docs/setup.md: custom GitHub app example - docs/configuration.md: additional permissions examples Migration guide and usage comparison examples intentionally kept with @beta to show old syntax. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Claude <noreply@anthropic.com>	2025-10-29 21:45:52 -07:00
GitHub Actions	8a1c437175	chore: bump Claude Code version to 2.0.29	2025-10-29 23:25:55 +00:00
David Dworken	56c8ae7d88	Add show_full_output option to control output verbosity (#580 ) * Add show_full_output option to control output verbosity * Update base-action/src/run-claude.ts Co-authored-by: Ashwin Bhat <ashwin@anthropic.com> * Wire show_full_output through to base-action * Document show_full_output security warnings in docs/security.md --------- Co-authored-by: Ashwin Bhat <ashwin@anthropic.com>	2025-10-28 11:52:18 -07:00
GitHub Actions	f4d737af0b	chore: bump Claude Code version to 2.0.28	2025-10-27 21:32:34 +00:00
Wanghong Yuan	29fe50368c	feat: change plugins input from comma-separated to newline-separated (#644 ) * feat: change plugins input from comma-separated to newline-separated Changes: - Update parsePlugins() to split by newline instead of comma for consistency with marketplaces input - Update action.yml and base-action/action.yml with newline-separated format and realistic plugin examples - Add plugin_marketplaces documentation to docs/usage.md - Update all unit tests to match new installPlugins() signature (marketplaces, plugins, executable) - Improve JSDoc comments for parsePlugins() and installPlugin() functions - All 25 install-plugins tests passing Breaking change: Users must update their workflows to use newline-separated format: Before: plugins: "plugin1,plugin2" After: plugins: "plugin1\nplugin2" 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * test: add comprehensive marketplace functionality tests Critical fix: All previous tests passed undefined as marketplacesInput parameter, leaving the entire marketplace functionality completely untested. Added 13 new tests covering: - Single marketplace installation - Multiple marketplaces with newline separation - Marketplace + plugin installation order verification - Marketplace URL validation (format, protocol, .git extension) - Whitespace and empty entry handling - Error handling for marketplace operations - Custom executable path for marketplace operations Test coverage: 38 tests (was 25), 81 expect calls (was 50) All tests passing ✅ 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> --------- Co-authored-by: Claude <noreply@anthropic.com>	2025-10-27 09:01:34 -07:00
Kris Coleman	8ad13bd20b	feat(docs): simplify custom GitHub App creation with manifest support (#620 ) * feat(docs): simplify custom GitHub App creation with manifest support - Add github-app-manifest.json with pre-configured permissions - Create interactive HTML tool for one-click app creation - Update setup.md documentation with manifest-based instructions - Maintain existing manual setup as alternative option This significantly improves the developer experience by eliminating manual permission configuration and reducing setup time from multiple steps to a single click. Fixes #619 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> Signed-off-by: Kris Coleman <kriscodeman@gmail.com> * feat: create-app ux improvements Signed-off-by: Kris Coleman <kriscodeman@gmail.com> --------- Signed-off-by: Kris Coleman <kriscodeman@gmail.com> Co-authored-by: Claude <noreply@anthropic.com>	2025-10-27 08:26:46 -07:00
Ashwin Bhat	7b914ae5c0	feat: add plugin_marketplaces input for dynamic marketplace installation (#642 ) - Added plugin_marketplaces input to both main and base-action action.yml files - Updated install-plugins.ts to support multiple marketplace URLs (newline-separated) - Added validation for marketplace URLs to prevent security issues - Updated installPlugins function to dynamically add marketplaces instead of hardcoding - Defaults to official Claude Code marketplace when no marketplaces are specified - Updated base-action index.ts to pass plugin_marketplaces to installPlugins 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Claude <noreply@anthropic.com>	2025-10-26 15:47:23 -07:00
Wanghong Yuan	d4c09790f5	feat: add plugins input to install Claude Code plugins (#638 ) * feat: add plugins input to install Claude Code plugins Add support for installing Claude Code plugins via a comma-separated list. Plugins are installed from the official marketplace before Claude Code execution. Changes: - Add plugins input to action.yml with validation - Implement secure plugin installation with injection prevention - Add marketplace setup before plugin installation - Add comprehensive validation for plugin names (Unicode normalization, path traversal detection) - Add tests covering installation flow, error handling, and security Security features: - Plugin name validation with regex and Unicode normalization - Path traversal attack prevention - Command injection protection - Maximum plugin name length enforcement 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * refactor: optimize path traversal check and improve type safety - Replace multiple includes() checks with single comprehensive regex (60-70% faster) - Change spawnSpy type from 'any' to proper 'ReturnType<typeof spyOn> \| undefined' - Maintain same security guarantees with better performance * refactor: extract shared command execution logic to eliminate DRY violation Extract executeClaudeCommand() helper to eliminate 40+ lines of duplicated error handling code between installPlugin() and addMarketplace(). Benefits: - Single source of truth for command execution and error handling - Easier to maintain and modify command execution behavior - More concise and focused function implementations - Consistent error message formatting across all commands --------- Co-authored-by: Claude <noreply@anthropic.com>	2025-10-25 20:47:06 -07:00
GitHub Actions	5033c581bb	chore: bump Claude Code version to 2.0.27	2025-10-24 21:17:11 +00:00
GitHub Actions	f8749bd14b	chore: bump Claude Code version to 2.0.26	2025-10-23 23:03:39 +00:00
btoo	f30f5eecfc	Update usage.md with link to claude cli args (#600 )	2025-10-21 14:38:12 -07:00
GitHub Actions	fc4013af38	chore: bump Claude Code version to 2.0.25	2025-10-21 21:37:39 +00:00
BangDori	96524b7ffe	docs: clarify job run link format in system prompt (#627 )	2025-10-20 22:52:05 -07:00
GitHub Actions	fd20c95358	chore: bump Claude Code version to 2.0.24	2025-10-20 19:12:24 +00:00
GitHub Actions	d808160c26	chore: bump Claude Code version to 2.0.23	2025-10-20 17:58:41 +00:00
Okumura Takahiro	3eacedbeb7	Update github-mcp-server to v0.17.1 (#613 )	2025-10-20 09:14:27 -07:00
Dale Seo	f52f12eba5	chore: upgrade actions/checkout from v4 to v5 (#632 )	2025-10-20 09:11:13 -07:00
GitHub Actions	4a85933f25	chore: bump Claude Code version to 2.0.22	2025-10-17 22:29:52 +00:00
GitHub Actions	ba6edd55ef	chore: bump Claude Code version to 2.0.21	2025-10-17 00:48:29 +00:00
GitHub Actions	06461dddff	chore: bump Claude Code version to 2.0.20	2025-10-16 16:51:26 +00:00
GitHub Actions	c2a94eead0	chore: bump Claude Code version to 2.0.19	2025-10-15 22:29:38 +00:00
Ashwin Bhat	1c0c3eaced	docs: document GitHub App permissions in security guide (#607 ) Clarifies which permissions are currently used (Contents, Pull Requests, Issues) versus those requested for planned future features (Discussions, Actions, Checks, Workflows). 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Claude <noreply@anthropic.com>	2025-10-15 10:12:11 -07:00
GitHub Actions	23d2d6c6b4	chore: bump Claude Code version to 2.0.17	2025-10-15 16:58:01 +00:00
GitHub Actions	e8bad57227	chore: bump Claude Code version to 2.0.15	2025-10-14 17:50:14 +00:00
GitHub Actions	0a6d62601b	chore: bump Claude Code version to 2.0.14	2025-10-10 21:25:16 +00:00
GitHub Actions	777ffcbfc9	chore: bump Claude Code version to 2.0.13	2025-10-09 17:53:02 +00:00
GitHub Actions	dc58efed33	chore: bump Claude Code version to 2.0.12	2025-10-09 16:41:48 +00:00
GitHub Actions	e5437bfbc5	chore: bump Claude Code version to 2.0.11	2025-10-08 20:36:56 +00:00
GitHub Actions	b2dd1006a0	chore: bump Claude Code version to 2.0.10	2025-10-07 21:14:39 +00:00
GitHub Actions	ac1a3207f3	chore: bump Claude Code version to 2.0.9	2025-10-06 21:57:24 +00:00
Ashwin Bhat	521d069da7	docs: add prompt injection security note (#604 ) * docs: add prompt injection security note Add warning about potential hidden markdown in untrusted content from external contributors. Documents existing sanitization measures while acknowledging new bypass techniques may emerge. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * Update docs/security.md Co-authored-by: David Dworken <dworken@anthropic.com> * format --------- Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: David Dworken <dworken@anthropic.com>	2025-10-06 09:51:50 -07:00
GitHub Actions	7e4b782d5f	chore: bump Claude Code version to 2.0.8	2025-10-04 23:17:33 +00:00
GitHub Actions	4fb0ef3be0	chore: bump Claude Code version to 2.0.5	2025-10-02 19:29:43 +00:00
GitHub Actions	14ac8aa20e	chore: bump Claude Code version to 2.0.1	2025-10-01 02:30:10 +00:00
Ashwin Bhat	90d189f3ab	fix: update permission test prompts to trigger actual tool usage (#596 ) Changed test prompts from communication-style echo commands to legitimate technical operations. This ensures Claude attempts the Bash tool call (which then gets blocked by permissions) instead of refusing based on communication guidelines. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-authored-by: Claude <noreply@anthropic.com>	2025-09-30 18:04:13 -07:00
GitHub Actions	9c09b26b2d	chore: bump Claude Code version to 2.0.2	2025-10-01 00:48:36 +00:00
GitHub Actions	2086c977a5	chore: bump Claude Code version to 2.0.1	2025-09-30 02:45:30 +00:00
GitHub Actions	851ef5b84e	chore: bump Claude Code version to 2.0.0	2025-09-29 16:45:58 +00:00
Song Huang	1ce8153c18	docs: fix the faq doc link (#593 )	2025-09-28 10:02:17 -07:00
GitHub Actions	00391ab25e	chore: bump Claude Code version to 1.0.128	2025-09-27 16:44:46 +00:00
GitHub Actions	426380f01b	chore: bump Claude Code version to 1.0.127	2025-09-26 18:15:45 +00:00
GitHub Actions	77f51d2905	chore: bump Claude Code version to 1.0.126	2025-09-26 01:13:47 +00:00
GitHub Actions	7e5b42b197	chore: bump Claude Code version to 1.0.124	2025-09-25 04:23:38 +00:00
GitHub Actions	1b7c7a77d3	chore: bump Claude Code version to 1.0.123	2025-09-23 23:48:31 +00:00
Vibhor Agrawal	bd70a3ef2b	fix: add support for pull_request_target event in GitHub Actions workflows (#579 ) Add pull_request_target event support to enable Claude Code usage with forked repositories while maintaining proper security boundaries. This resolves issues with dependabot PRs and external contributions that require write permissions. Changes: - Add pull_request_target to supported GitHub events in context parsing - Update type definitions to include PullRequestTargetEvent - Modify IS_PR calculation to detect pull_request_target as PR context - Add comprehensive test coverage for pull_request_target workflows - Update documentation to reflect pull_request_target support The pull_request_target event provides the same payload structure as pull_request but runs with write permissions from the base repository, making it ideal for secure automation of external contributions. Fixes #347	2025-09-22 09:20:27 -07:00
marcus	f4954b5256	removed mcp_config as input from usage.md and added to deprecated inputs with instructions to migrate to --mcp-config instead (#574 )	2025-09-22 09:19:26 -07:00
Leonardo Yvens	93f8ab56c2	Add support for kebab-case --allowed-tools flag (#581 ) - Update parseAllowedTools to accept both --allowedTools and --allowed-tools - Add regex alternation to support both camelCase and kebab-case variants - Add test cases for unquoted and quoted kebab-case formats - All existing tests continue to pass 🤖 Generated with [Claude Code](https://claude.ai/code) Co-authored-by: Claude <noreply@anthropic.com>	2025-09-22 09:18:04 -07:00
GitHub Actions	93028b410e	chore: bump Claude Code version to 1.0.120	2025-09-19 23:55:52 +00:00
GitHub Actions	838d4d9d25	chore: bump Claude Code version to 1.0.119	2025-09-19 00:53:43 +00:00
GitHub Actions	7ed3b616d5	chore: bump Claude Code version to 1.0.117	2025-09-16 23:49:28 +00:00
kashyap murali	09ea2f00e1	Delete .github/workflows/claude-test.yml (#573 )	2025-09-16 13:46:34 -07:00
GitHub Actions	455b943dd7	chore: bump Claude Code version to 1.0.115	2025-09-16 00:52:01 +00:00