Add workflow configuration

feat: update dedupe backfill script to filter by issue number

.devcontainer/Dockerfile

@@ -65,8 +65,8 @@ ENV PATH=$PATH:/usr/local/share/npm-global/bin
 ENV SHELL=/bin/zsh
 
 # Set the default editor and visual
-ENV EDITOR nano
-ENV VISUAL nano
+ENV EDITOR=nano
+ENV VISUAL=nano
 
 # Default powerline10k theme
 ARG ZSH_IN_DOCKER_VERSION=1.2.0

.devcontainer/devcontainer.json

@@ -16,6 +16,7 @@
   "customizations": {
     "vscode": {
       "extensions": [
+        "anthropic.claude-code",
         "dbaeumer.vscode-eslint",
         "esbenp.prettier-vscode",
         "eamodio.gitlens"
@@ -51,5 +52,6 @@
   },
   "workspaceMount": "source=${localWorkspaceFolder},target=/workspace,type=bind,consistency=delegated",
   "workspaceFolder": "/workspace",
-  "postCreateCommand": "sudo /usr/local/bin/init-firewall.sh"
+  "postStartCommand": "sudo /usr/local/bin/init-firewall.sh",
+  "waitFor": "postStartCommand"
 }

.devcontainer/init-firewall.sh

@@ -69,7 +69,10 @@ for domain in \
     "api.anthropic.com" \
     "sentry.io" \
     "statsig.anthropic.com" \
-    "statsig.com"; do
+    "statsig.com" \
+    "marketplace.visualstudio.com" \
+    "vscode.blob.core.windows.net" \
+    "update.code.visualstudio.com"; do
     echo "Resolving $domain..."
     ips=$(dig +noall +answer A "$domain" | awk '$4 == "A" {print $5}')
     if [ -z "$ips" ]; then
@@ -113,6 +116,9 @@ iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
 # Then allow only specific outbound traffic to allowed domains
 iptables -A OUTPUT -m set --match-set allowed-domains dst -j ACCEPT
 
+# Explicitly REJECT all other outbound traffic for immediate feedback
+iptables -A OUTPUT -j REJECT --reject-with icmp-admin-prohibited
+
 echo "Firewall configuration complete"
 echo "Verifying firewall rules..."
 if curl --connect-timeout 5 https://example.com >/dev/null 2>&1; then

.github/workflows/issue-notify.yml

@@ -0,0 +1,59 @@
+name: Issue Notification
+
+on:
+  issues:
+    types: [opened]
+
+permissions:
+  issues: read
+
+jobs:
+  notify:
+    runs-on: ubuntu-latest
+    timeout-minutes: 5
+    steps:
+      - name: Send notification
+        env:
+          ISSUE_NUMBER: ${{ github.event.issue.number }}
+          ISSUE_TITLE: ${{ github.event.issue.title }}
+          ISSUE_BODY: ${{ github.event.issue.body }}
+          ISSUE_AUTHOR: ${{ github.event.issue.user.login }}
+          ISSUE_LABELS: ${{ toJSON(github.event.issue.labels) }}
+          ISSUE_URL: ${{ github.event.issue.html_url }}
+          ISSUE_CREATED_AT: ${{ github.event.issue.created_at }}
+          REPOSITORY: ${{ github.repository }}
+          DISPATCH_TOKEN: ${{ secrets.CROSS_REPO_TOKEN_CLAUDE_CODE }}
+          DISPATCH_ENDPOINT: ${{ secrets.DISPATCH_ENDPOINT }}
+        run: |          
+          if [ -z "$DISPATCH_TOKEN" ] || [ -z "$DISPATCH_ENDPOINT" ]; then
+            echo "Dispatch configuration not complete, skipping notification"
+            exit 0
+          fi
+          
+          # Prepare payload with issue metadata
+          PAYLOAD=$(cat <<EOF
+          {
+            "event_type": "issue_event",
+            "client_payload": {
+              "source_repo": "$REPOSITORY",
+              "issue_number": "$ISSUE_NUMBER",
+              "issue_title": $(echo "$ISSUE_TITLE" | jq -Rs .),
+              "issue_body": $(echo "$ISSUE_BODY" | jq -Rs .),
+              "issue_author": "$ISSUE_AUTHOR",
+              "issue_labels": $ISSUE_LABELS,
+              "issue_url": "$ISSUE_URL",
+              "issue_created_at": "$ISSUE_CREATED_AT",
+              "timestamp": "$(date -u +"%Y-%m-%dT%H:%M:%SZ")"
+            }
+          }
+          EOF
+          )
+          
+          # Send notification to configured endpoint
+          curl -X POST \
+            -H "Accept: application/vnd.github.v3+json" \
+            -H "Authorization: token $DISPATCH_TOKEN" \
+            -H "Content-Type: application/json" \
+            "$DISPATCH_ENDPOINT" \
+            -d "$PAYLOAD" \
+            --fail-with-body || echo "Notification sent"

CHANGELOG.md

@@ -1,5 +1,25 @@
 # Changelog
 
+## 1.0.97
+
+- Settings: /doctor now validates permission rule syntax and suggests corrections
+
+## 1.0.94
+
+- Vertex: add support for global endpoints for supported models
+- /memory command now allows direct editing of all imported memory files
+- SDK: Add custom tools as callbacks
+- Added /todos command to list current todo items
+
+## 1.0.93
+
+- Windows: Add alt + v shortcut for pasting images from clipboard
+- Support NO_PROXY environment variable to bypass proxy for specified hostnames and IPs
+
+## 1.0.90
+
+- Settings file changes take effect immediately - no restart required
+
 ## 1.0.88
 
 - Fixed issue causing "OAuth authentication is currently not supported"

Script/run_devcontainer_claude_code.ps1

@@ -40,14 +40,18 @@ Write-Host "Using backend: $($Backend)"
 # --- Prerequisite Check ---
 Write-Host "Checking for required commands..."
 try {
-    Get-Command $Backend -ErrorAction Stop | Out-Null
+    if (-not (Get-Command $Backend -ErrorAction SilentlyContinue)) {
+        throw "Required command '$($Backend)' not found."
+    }
     Write-Host "- $($Backend) command found."
-    Get-Command devcontainer -ErrorAction Stop | Out-Null
+    if (-not (Get-Command devcontainer -ErrorAction SilentlyContinue)) {
+        throw "Required command 'devcontainer' not found."
+    }
     Write-Host "- devcontainer command found."
 }
 catch {
-    Write-Error "A required command is not installed or not in your PATH."
-    Write-Error "Please ensure '$($_.Exception.Message.Split(':')[0])' and 'devcontainer' are installed and accessible."
+    Write-Error "A required command is not installed or not in your PATH. $($_.Exception.Message)"
+    Write-Error "Please ensure both '$Backend' and 'devcontainer' are installed and accessible in your system's PATH."
     exit 1
 }
 

scripts/backfill-duplicate-comments.ts

@@ -82,46 +82,61 @@ Usage:
 Environment Variables:
   GITHUB_TOKEN - GitHub personal access token with repo and actions permissions (required)
   DRY_RUN - Set to "false" to actually trigger workflows (default: true for safety)
-  DAYS_BACK - How many days back to look for old issues (default: 90)`);
+  MAX_ISSUE_NUMBER - Only process issues with numbers less than this value (default: 4050)`);
   }
   console.log("[DEBUG] GitHub token found");
 
   const owner = "anthropics";
   const repo = "claude-code";
   const dryRun = process.env.DRY_RUN !== "false";
-  const daysBack = parseInt(process.env.DAYS_BACK || "90", 10);
+  const maxIssueNumber = parseInt(process.env.MAX_ISSUE_NUMBER || "4050", 10);
+  const minIssueNumber = parseInt(process.env.MIN_ISSUE_NUMBER || "1", 10);
   
   console.log(`[DEBUG] Repository: ${owner}/${repo}`);
   console.log(`[DEBUG] Dry run mode: ${dryRun}`);
-  console.log(`[DEBUG] Looking back ${daysBack} days`);
+  console.log(`[DEBUG] Looking at issues between #${minIssueNumber} and #${maxIssueNumber}`);
 
-  const cutoffDate = new Date();
-  cutoffDate.setDate(cutoffDate.getDate() - daysBack);
-
-  console.log(`[DEBUG] Fetching issues created since ${cutoffDate.toISOString()}...`);
+  console.log(`[DEBUG] Fetching issues between #${minIssueNumber} and #${maxIssueNumber}...`);
   const allIssues: GitHubIssue[] = [];
   let page = 1;
   const perPage = 100;
   
   while (true) {
     const pageIssues: GitHubIssue[] = await githubRequest(
-      `/repos/${owner}/${repo}/issues?state=all&per_page=${perPage}&page=${page}&since=${cutoffDate.toISOString()}`,
+      `/repos/${owner}/${repo}/issues?state=all&per_page=${perPage}&page=${page}&sort=created&direction=desc`,
       token
     );
     
     if (pageIssues.length === 0) break;
     
-    allIssues.push(...pageIssues);
+    // Filter to only include issues within the specified range
+    const filteredIssues = pageIssues.filter(issue => 
+      issue.number >= minIssueNumber && issue.number < maxIssueNumber
+    );
+    allIssues.push(...filteredIssues);
+    
+    // If the oldest issue in this page is still above our minimum, we need to continue
+    // but if the oldest issue is below our minimum, we can stop
+    const oldestIssueInPage = pageIssues[pageIssues.length - 1];
+    if (oldestIssueInPage && oldestIssueInPage.number >= maxIssueNumber) {
+      console.log(`[DEBUG] Oldest issue in page #${page} is #${oldestIssueInPage.number}, continuing...`);
+    } else if (oldestIssueInPage && oldestIssueInPage.number < minIssueNumber) {
+      console.log(`[DEBUG] Oldest issue in page #${page} is #${oldestIssueInPage.number}, below minimum, stopping`);
+      break;
+    } else if (filteredIssues.length === 0 && pageIssues.length > 0) {
+      console.log(`[DEBUG] No issues in page #${page} are in range #${minIssueNumber}-#${maxIssueNumber}, continuing...`);
+    }
+    
     page++;
     
     // Safety limit to avoid infinite loops
-    if (page > 100) {
+    if (page > 200) {
       console.log("[DEBUG] Reached page limit, stopping pagination");
       break;
     }
   }
   
-  console.log(`[DEBUG] Found ${allIssues.length} issues from the last ${daysBack} days`);
+  console.log(`[DEBUG] Found ${allIssues.length} issues between #${minIssueNumber} and #${maxIssueNumber}`);
 
   let processedCount = 0;
   let candidateCount = 0;