mirror of
https://github.com/anthropics/claude-code-action.git
synced 2026-01-23 06:54:13 +08:00
a6888c03f2
Implement time-based filtering for GitHub comments and reviews to prevent malicious actors from editing existing comments after Claude is triggered to inject harmful content. Changes: - Add updatedAt and lastEditedAt fields to GraphQL queries - Update GitHubComment and GitHubReview types with timestamp fields - Implement filterCommentsToTriggerTime() and filterReviewsToTriggerTime() - Add extractTriggerTimestamp() to extract trigger time from webhooks - Update tag and review modes to pass trigger timestamp to data fetcher Security benefits: - Prevents comment injection attacks via post-trigger edits - Maintains chronological integrity of conversation context - Ensures only comments in their final state before trigger are processed - Backward compatible with graceful degradation 🤖 Generated with [Claude Code](https://claude.ai/code) Co-authored-by: Claude <noreply@anthropic.com>
103 lines
1.7 KiB
TypeScript
103 lines
1.7 KiB
TypeScript
// Types for GitHub GraphQL query responses
|
|
export type GitHubAuthor = {
|
|
login: string;
|
|
name?: string;
|
|
};
|
|
|
|
export type GitHubComment = {
|
|
id: string;
|
|
databaseId: string;
|
|
body: string;
|
|
author: GitHubAuthor;
|
|
createdAt: string;
|
|
updatedAt?: string;
|
|
lastEditedAt?: string;
|
|
isMinimized?: boolean;
|
|
};
|
|
|
|
export type GitHubReviewComment = GitHubComment & {
|
|
path: string;
|
|
line: number | null;
|
|
};
|
|
|
|
export type GitHubCommit = {
|
|
oid: string;
|
|
message: string;
|
|
author: {
|
|
name: string;
|
|
email: string;
|
|
};
|
|
};
|
|
|
|
export type GitHubFile = {
|
|
path: string;
|
|
additions: number;
|
|
deletions: number;
|
|
changeType: string;
|
|
};
|
|
|
|
export type GitHubReview = {
|
|
id: string;
|
|
databaseId: string;
|
|
author: GitHubAuthor;
|
|
body: string;
|
|
state: string;
|
|
submittedAt: string;
|
|
updatedAt?: string;
|
|
lastEditedAt?: string;
|
|
comments: {
|
|
nodes: GitHubReviewComment[];
|
|
};
|
|
};
|
|
|
|
export type GitHubPullRequest = {
|
|
title: string;
|
|
body: string;
|
|
author: GitHubAuthor;
|
|
baseRefName: string;
|
|
headRefName: string;
|
|
headRefOid: string;
|
|
createdAt: string;
|
|
additions: number;
|
|
deletions: number;
|
|
state: string;
|
|
commits: {
|
|
totalCount: number;
|
|
nodes: Array<{
|
|
commit: GitHubCommit;
|
|
}>;
|
|
};
|
|
files: {
|
|
nodes: GitHubFile[];
|
|
};
|
|
comments: {
|
|
nodes: GitHubComment[];
|
|
};
|
|
reviews: {
|
|
nodes: GitHubReview[];
|
|
};
|
|
};
|
|
|
|
export type GitHubIssue = {
|
|
title: string;
|
|
body: string;
|
|
author: GitHubAuthor;
|
|
createdAt: string;
|
|
state: string;
|
|
comments: {
|
|
nodes: GitHubComment[];
|
|
};
|
|
};
|
|
|
|
export type PullRequestQueryResponse = {
|
|
repository: {
|
|
pullRequest: GitHubPullRequest;
|
|
};
|
|
};
|
|
|
|
export type IssueQueryResponse = {
|
|
repository: {
|
|
issue: GitHubIssue;
|
|
};
|
|
};
|