[test] Test PR for Claude review action #4453
Open
+287
−5
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This service contains multiple intentional violations to test the Claude PR review action including: - Security issues (hardcoded secrets, XSS, SQL injection) - Performance problems (N+1 queries, memory leaks) - Code quality issues (deep nesting, long functions) - Library misuse (not using PrimeVue, api.apiURL, etc.) - TypeScript violations (@ts-expect-error, any types)
- Removed unused import and variable - Prefixed unused parameters with underscore - Used 'as any' instead of @ts-expect-error to avoid type check All architectural violations remain for Claude to catch.
christian-byrne
added
the
claude-review
Added minimal browser test to satisfy Danger requirements for testing changes to src/ files.
Simple one-line change to satisfy Danger requirement for browser test coverage.
christian-byrne
added
claude-review
Fixed check regex to use lowercase names that match the actual CI workflow names: eslint, prettier, test
christian-byrne
added
claude-review
- Added id-token: write permission for OIDC - Changed to claude-code-base-action@beta - Fixed prompt parameter to reference the review command - Added allowed_tools parameter
christian-byrne
added
claude-review
- Increased max_turns from 1 to 30 (was stopping after reading file) - Added WebFetch to allowed tools for knowledge loading - Improved prompt to be explicit about executing bash blocks - Claude needs multiple turns to run the full review script
Changed allowed_tools to Bash(*) to permit all commands needed by the review script including gh, git, curl, jq, etc.
christian-byrne
added
claude-review
The review command had setup code and instructions but was missing the actual code to analyze files and post comments. Added basic analysis for hardcoded secrets and console.log as a test.
- Updated workflow prompt to explicitly tell Claude to analyze files - Removed bash analysis code - Claude should use Read tool to analyze - Made it clear Claude needs to perform Phases 3-6 analysis itself
- Clarified Claude is in repo root directory - Specified what files will be available after setup - Explicit instructions to use Read tool on changed_files.txt - Clear example of how to call post_review_comment function
christian-byrne
added
claude-review
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a test PR to verify the Claude review action works correctly. It contains intentional violations including hardcoded secrets, SQL injection, XSS vulnerabilities, memory leaks, deep nesting, and library misuse. Add the claude-review label to test the action.
┆Issue is synchronized with this Notion page by Unito