Accept multiline input for allowed_tools and disallowed_tools

2026-01-23 15:04:13 +08:00 · 2025-06-13 09:04:08 +09:00
10 changed files with 8 additions and 206 deletions
--- a/.github/workflows/issue-triage.yml
+++ b/.github/workflows/issue-triage.yml
@@ -32,7 +32,7 @@ jobs:
                  "--rm",
                  "-e",
                  "GITHUB_PERSONAL_ACCESS_TOKEN",
-                  "ghcr.io/github/github-mcp-server:sha-6d69797"
+                  "ghcr.io/github/github-mcp-server:sha-7aced2b"
                ],
                "env": {
                  "GITHUB_PERSONAL_ACCESS_TOKEN": "${{ secrets.GITHUB_TOKEN }}"
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -1,138 +0,0 @@
-name: Create Release
-
-on:
-  workflow_dispatch:
-    inputs:
-      dry_run:
-        description: "Dry run (only show what would be created)"
-        required: false
-        type: boolean
-        default: false
-
-jobs:
-  create-release:
-    runs-on: ubuntu-latest
-    permissions:
-      contents: write
-    outputs:
-      next_version: ${{ steps.next_version.outputs.next_version }}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      - name: Get latest tag
-        id: get_latest_tag
-        run: |
-          # Get only version tags (v + number pattern)
-          latest_tag=$(git tag -l 'v[0-9]*' | sort -V | tail -1 || echo "v0.0.0")
-          if [ -z "$latest_tag" ]; then
-            latest_tag="v0.0.0"
-          fi
-          echo "latest_tag=$latest_tag" >> $GITHUB_OUTPUT
-          echo "Latest tag: $latest_tag"
-
-      - name: Calculate next version
-        id: next_version
-        run: |
-          latest_tag="${{ steps.get_latest_tag.outputs.latest_tag }}"
-          # Remove 'v' prefix and split by dots
-          version=${latest_tag#v}
-          IFS='.' read -ra VERSION_PARTS <<< "$version"
-
-          # Increment patch version
-          major=${VERSION_PARTS[0]:-0}
-          minor=${VERSION_PARTS[1]:-0}
-          patch=${VERSION_PARTS[2]:-0}
-          patch=$((patch + 1))
-
-          next_version="v${major}.${minor}.${patch}"
-          echo "next_version=$next_version" >> $GITHUB_OUTPUT
-          echo "Next version: $next_version"
-
-      - name: Display dry run info
-        if: ${{ inputs.dry_run }}
-        run: |
-          echo "🔍 DRY RUN MODE"
-          echo "Would create tag: ${{ steps.next_version.outputs.next_version }}"
-          echo "From commit: ${{ github.sha }}"
-          echo "Previous tag: ${{ steps.get_latest_tag.outputs.latest_tag }}"
-
-      - name: Create and push tag
-        if: ${{ !inputs.dry_run }}
-        run: |
-          next_version="${{ steps.next_version.outputs.next_version }}"
-          git config user.name "github-actions[bot]"
-          git config user.email "github-actions[bot]@users.noreply.github.com"
-
-          git tag -a "$next_version" -m "Release $next_version"
-          git push origin "$next_version"
-
-      - name: Create Release
-        if: ${{ !inputs.dry_run }}
-        env:
-          GH_TOKEN: ${{ github.token }}
-        run: |
-          next_version="${{ steps.next_version.outputs.next_version }}"
-
-          gh release create "$next_version" \
-            --title "$next_version" \
-            --generate-notes \
-            --latest=false # We want to keep beta as the latest
-
-  update-beta-tag:
-    needs: create-release
-    if: ${{ !inputs.dry_run }}
-    runs-on: ubuntu-latest
-    permissions:
-      contents: write
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      - name: Update beta tag
-        run: |
-          # Get the latest version tag
-          VERSION=$(git tag -l 'v[0-9]*' | sort -V | tail -1)
-
-          # Update the beta tag to point to this release
-          git config user.name "github-actions[bot]"
-          git config user.email "github-actions[bot]@users.noreply.github.com"
-          git tag -fa beta -m "Update beta tag to ${VERSION}"
-          git push origin beta --force
-
-      - name: Update beta release to be latest
-        env:
-          GH_TOKEN: ${{ github.token }}
-        run: |
-          # Update beta release to be marked as latest
-          gh release edit beta --latest
-
-  update-major-tag:
-    needs: create-release
-    if: ${{ !inputs.dry_run }}
-    runs-on: ubuntu-latest
-    permissions:
-      contents: write
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      - name: Update major version tag
-        run: |
-          next_version="${{ needs.create-release.outputs.next_version }}"
-          # Extract major version (e.g., v0 from v0.0.20)
-          major_version=$(echo "$next_version" | cut -d. -f1)
-
-          # Update the major version tag to point to this release
-          git config user.name "github-actions[bot]"
-          git config user.email "github-actions[bot]@users.noreply.github.com"
-          git tag -fa "$major_version" -m "Update $major_version tag to $next_version"
-          git push origin "$major_version" --force
-
-          echo "Updated $major_version tag to point to $next_version"
--- a/README.md
+++ b/README.md
@@ -149,40 +149,6 @@ For MCP servers that require sensitive information like API keys or tokens, use
    # ... other inputs
 ```

-#### Using Python MCP Servers with uv
-
-For Python-based MCP servers managed with `uv`, you need to specify the directory containing your server:
-
-```yaml
- uses: anthropics/claude-code-action@beta
-  with:
-    anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
-    mcp_config: |
-      {
-        "mcpServers": {
-          "my-python-server": {
-            "type": "stdio",
-            "command": "uv",
-            "args": [
-              "--directory",
-              "${{ github.workspace }}/path/to/server/",
-              "run",
-              "server_file.py"
-            ]
-          }
-        }
-      }
-    allowed_tools: "my-python-server__<tool_name>" # Replace <tool_name> with your server's tool names
-    # ... other inputs
-```
-
-For example, if your Python MCP server is at `mcp_servers/weather.py`, you would use:
-
-```yaml
-"args":
-  ["--directory", "${{ github.workspace }}/mcp_servers/", "run", "weather.py"]
-```
-
 **Important**:

 - Always use GitHub Secrets (`${{ secrets.SECRET_NAME }}`) for sensitive values like API keys, tokens, or passwords. Never hardcode secrets directly in the workflow file.
--- a/action.yml
+++ b/action.yml
@@ -110,7 +110,7 @@ runs:
    - name: Run Claude Code
      id: claude-code
      if: steps.prepare.outputs.contains_trigger == 'true'
-      uses: anthropics/claude-code-base-action@bb2ef1d9768b9e94083d377778120f8f27958a72 # v0.0.22
+      uses: anthropics/claude-code-base-action@ebd8558e902b3db132e89863de49565fcb9aec46 # v0.0.19
      with:
        prompt_file: ${{ runner.temp }}/claude-prompts/claude-prompt.txt
        allowed_tools: ${{ env.ALLOWED_TOOLS }}
--- a/src/github/context.ts
+++ b/src/github/context.ts
@@ -1,7 +1,6 @@
 import * as github from "@actions/github";
 import type {
  IssuesEvent,
-  IssuesAssignedEvent,
  IssueCommentEvent,
  PullRequestEvent,
  PullRequestReviewEvent,
@@ -148,9 +147,3 @@ export function isPullRequestReviewCommentEvent(
 ): context is ParsedGitHubContext & { payload: PullRequestReviewCommentEvent } {
  return context.eventName === "pull_request_review_comment";
 }
-
-export function isIssuesAssignedEvent(
-  context: ParsedGitHubContext,
-): context is ParsedGitHubContext & { payload: IssuesAssignedEvent } {
-  return isIssuesEvent(context) && context.eventAction === "assigned";
-}
--- a/src/github/operations/branch.ts
+++ b/src/github/operations/branch.ts
@@ -45,16 +45,9 @@ export async function setupBranch(

      const branchName = prData.headRefName;

-      // Determine optimal fetch depth based on PR commit count, with a minimum of 20
-      const commitCount = prData.commits.totalCount;
-      const fetchDepth = Math.max(commitCount, 20);
-
-      console.log(
-        `PR #${entityNumber}: ${commitCount} commits, using fetch depth ${fetchDepth}`,
-      );
-
-      // Execute git commands to checkout PR branch (dynamic depth based on PR size)
-      await $`git fetch origin --depth=${fetchDepth} ${branchName}`;
+      // Execute git commands to checkout PR branch (shallow fetch for performance)
+      // Fetch the branch with a depth of 20 to avoid fetching too much history, while still allowing for some context
+      await $`git fetch origin --depth=20 ${branchName}`;
      await $`git checkout ${branchName}`;

      console.log(`Successfully checked out PR branch for PR #${entityNumber}`);
--- a/src/github/validation/trigger.ts
+++ b/src/github/validation/trigger.ts
@@ -3,7 +3,6 @@
 import * as core from "@actions/core";
 import {
  isIssuesEvent,
-  isIssuesAssignedEvent,
  isIssueCommentEvent,
  isPullRequestEvent,
  isPullRequestReviewEvent,
@@ -23,10 +22,10 @@ export function checkContainsTrigger(context: ParsedGitHubContext): boolean {
  }

  // Check for assignee trigger
-  if (isIssuesAssignedEvent(context)) {
+  if (isIssuesEvent(context) && context.eventAction === "assigned") {
    // Remove @ symbol from assignee_trigger if present
    let triggerUser = assigneeTrigger.replace(/^@/, "");
-    const assigneeUsername = context.payload.assignee?.login || "";
+    const assigneeUsername = context.payload.issue.assignee?.login || "";

    if (triggerUser && assigneeUsername === triggerUser) {
      console.log(`Issue assigned to trigger user '${triggerUser}'`);
--- a/src/mcp/install-mcp-server.ts
+++ b/src/mcp/install-mcp-server.ts
@@ -62,7 +62,7 @@ export async function prepareMcpConfig(
          "--rm",
          "-e",
          "GITHUB_PERSONAL_ACCESS_TOKEN",
-          "ghcr.io/github/github-mcp-server:sha-6d69797", // https://github.com/github/github-mcp-server/releases/tag/v0.5.0
+          "ghcr.io/github/github-mcp-server:sha-e9f748f", // https://github.com/github/github-mcp-server/releases/tag/v0.4.0
        ],
        env: {
          GITHUB_PERSONAL_ACCESS_TOKEN: githubToken,
--- a/test/mockContext.ts
+++ b/test/mockContext.ts
@@ -91,12 +91,6 @@ export const mockIssueAssignedContext: ParsedGitHubContext = {
  actor: "admin-user",
  payload: {
    action: "assigned",
-    assignee: {
-      login: "claude-bot",
-      id: 11111,
-      avatar_url: "https://avatars.githubusercontent.com/u/11111",
-      html_url: "https://github.com/claude-bot",
-    },
    issue: {
      number: 123,
      title: "Feature: Add dark mode support",
--- a/test/trigger-validation.test.ts
+++ b/test/trigger-validation.test.ts
@@ -87,11 +87,6 @@ describe("checkContainsTrigger", () => {
        ...mockIssueAssignedContext,
        payload: {
          ...mockIssueAssignedContext.payload,
-          assignee: {
-            ...(mockIssueAssignedContext.payload as IssuesAssignedEvent)
-              .assignee,
-            login: "otherUser",
-          },
          issue: {
            ...(mockIssueAssignedContext.payload as IssuesAssignedEvent).issue,
            assignee: {