mirror of
https://github.com/anthropics/claude-code.git
synced 2026-04-19 10:02:42 +00:00
Compare commits
2 Commits
inigo/tria
...
claude/sla
| Author | SHA1 | Date | |
|---|---|---|---|
|
34994ca273 | ||
|
|
ea2608cf85 |
@@ -1,5 +1,5 @@
|
||||
---
|
||||
allowed-tools: Bash(./scripts/gh.sh:*), Bash(./scripts/comment-on-duplicates.sh:*)
|
||||
allowed-tools: Bash(gh issue view:*), Bash(gh search:*), Bash(gh issue list:*), Bash(gh api:*), Bash(gh issue comment:*)
|
||||
description: Find duplicate GitHub issues
|
||||
---
|
||||
|
||||
@@ -11,17 +11,28 @@ To do this, follow these steps precisely:
|
||||
2. Use an agent to view a Github issue, and ask the agent to return a summary of the issue
|
||||
3. Then, launch 5 parallel agents to search Github for duplicates of this issue, using diverse keywords and search approaches, using the summary from #1
|
||||
4. Next, feed the results from #1 and #2 into another agent, so that it can filter out false positives, that are likely not actually duplicates of the original issue. If there are no duplicates remaining, do not proceed.
|
||||
5. Finally, use the comment script to post duplicates:
|
||||
```
|
||||
./scripts/comment-on-duplicates.sh --potential-duplicates <dup1> <dup2> <dup3>
|
||||
```
|
||||
5. Finally, comment back on the issue with a list of up to three duplicate issues (or zero, if there are no likely duplicates)
|
||||
|
||||
Notes (be sure to tell this to your agents, too):
|
||||
|
||||
- Use `./scripts/gh.sh` to interact with Github, rather than web fetch or raw `gh`. Examples:
|
||||
- `./scripts/gh.sh issue view 123` — view an issue
|
||||
- `./scripts/gh.sh issue view 123 --comments` — view with comments
|
||||
- `./scripts/gh.sh issue list --state open --limit 20` — list issues
|
||||
- `./scripts/gh.sh search issues "query" --limit 10` — search for issues
|
||||
- Do not use other tools, beyond `./scripts/gh.sh` and the comment script (eg. don't use other MCP servers, file edit, etc.)
|
||||
- Use `gh` to interact with Github, rather than web fetch
|
||||
- Do not use other tools, beyond `gh` (eg. don't use other MCP servers, file edit, etc.)
|
||||
- Make a todo list first
|
||||
- For your comment, follow the following format precisely (assuming for this example that you found 3 suspected duplicates):
|
||||
|
||||
---
|
||||
|
||||
Found 3 possible duplicate issues:
|
||||
|
||||
1. <link to issue>
|
||||
2. <link to issue>
|
||||
3. <link to issue>
|
||||
|
||||
This issue will be automatically closed as a duplicate in 3 days.
|
||||
|
||||
- If your issue is a duplicate, please close it and 👍 the existing issue instead
|
||||
- To prevent auto-closure, add a comment or 👎 this comment
|
||||
|
||||
🤖 Generated with [Claude Code](https://claude.ai/code)
|
||||
|
||||
---
|
||||
|
||||
40
.claude/commands/oncall-triage.md
Normal file
40
.claude/commands/oncall-triage.md
Normal file
@@ -0,0 +1,40 @@
|
||||
---
|
||||
allowed-tools: Bash(gh issue list:*), Bash(gh issue view:*), Bash(gh issue edit:*), TodoWrite
|
||||
description: Triage GitHub issues and label critical ones for oncall
|
||||
---
|
||||
|
||||
You're an oncall triage assistant for GitHub issues. Your task is to identify critical issues that require immediate oncall attention and apply the "oncall" label.
|
||||
|
||||
Repository: anthropics/claude-code
|
||||
|
||||
Task overview:
|
||||
|
||||
1. First, get all open bugs updated in the last 3 days with at least 50 engagements:
|
||||
```bash
|
||||
gh issue list --repo anthropics/claude-code --state open --label bug --limit 1000 --json number,title,updatedAt,comments,reactions | jq -r '.[] | select((.updatedAt >= (now - 259200 | strftime("%Y-%m-%dT%H:%M:%SZ"))) and ((.comments | length) + ([.reactions[].content] | length) >= 50)) | "\(.number)"'
|
||||
```
|
||||
|
||||
2. Save the list of issue numbers and create a TODO list with ALL of them. This ensures you process every single one.
|
||||
|
||||
3. For each issue in your TODO list:
|
||||
- Use `gh issue view <number> --repo anthropics/claude-code --json title,body,labels,comments` to get full details
|
||||
- Read and understand the full issue content and comments to determine actual user impact
|
||||
- Evaluate: Is this truly blocking users from using Claude Code?
|
||||
- Consider: "crash", "stuck", "frozen", "hang", "unresponsive", "cannot use", "blocked", "broken"
|
||||
- Does it prevent core functionality? Can users work around it?
|
||||
- Be conservative - only flag issues that truly prevent users from getting work done
|
||||
|
||||
4. For issues that are truly blocking and don't already have the "oncall" label:
|
||||
- Use `gh issue edit <number> --repo anthropics/claude-code --add-label "oncall"`
|
||||
- Mark the issue as complete in your TODO list
|
||||
|
||||
5. After processing all issues, provide a summary:
|
||||
- List each issue number that received the "oncall" label
|
||||
- Include the issue title and brief reason why it qualified
|
||||
- If no issues qualified, state that clearly
|
||||
|
||||
Important:
|
||||
- Process ALL issues in your TODO list systematically
|
||||
- Don't post any comments to issues
|
||||
- Only add the "oncall" label, never remove it
|
||||
- Use individual `gh issue view` commands instead of bash for loops to avoid approval prompts
|
||||
@@ -1,74 +0,0 @@
|
||||
---
|
||||
allowed-tools: Bash(./scripts/gh.sh:*),Bash(./scripts/edit-issue-labels.sh:*)
|
||||
description: Triage GitHub issues by analyzing and applying labels
|
||||
---
|
||||
|
||||
You're an issue triage assistant. Analyze the issue and manage labels.
|
||||
|
||||
IMPORTANT: Don't post any comments or messages to the issue. Your only actions are adding or removing labels.
|
||||
|
||||
Context:
|
||||
|
||||
$ARGUMENTS
|
||||
|
||||
TOOLS:
|
||||
- `./scripts/gh.sh` — wrapper for `gh` CLI. Only supports these subcommands and flags:
|
||||
- `./scripts/gh.sh label list` — fetch all available labels
|
||||
- `./scripts/gh.sh label list --limit 100` — fetch with limit
|
||||
- `./scripts/gh.sh issue view 123` — read issue title, body, and labels
|
||||
- `./scripts/gh.sh issue view 123 --comments` — read the conversation
|
||||
- `./scripts/gh.sh issue list --state open --limit 20` — list issues
|
||||
- `./scripts/gh.sh search issues "query"` — find similar or duplicate issues
|
||||
- `./scripts/gh.sh search issues "query" --limit 10` — search with limit
|
||||
- `./scripts/edit-issue-labels.sh --add-label LABEL --remove-label LABEL` — add or remove labels (issue number is read from the workflow event)
|
||||
|
||||
TASK:
|
||||
|
||||
1. Run `./scripts/gh.sh label list` to fetch the available labels. You may ONLY use labels from this list. Never invent new labels.
|
||||
2. Run `./scripts/gh.sh issue view ISSUE_NUMBER` to read the issue details.
|
||||
3. Run `./scripts/gh.sh issue view ISSUE_NUMBER --comments` to read the conversation.
|
||||
|
||||
**If EVENT is "issues" (new issue):**
|
||||
|
||||
4. First, check if this issue is actually about Claude Code.
|
||||
- Look for Claude Code signals in the issue BODY: a `Claude Code Version` field or `claude --version` output, references to the `claude` CLI command, terminal sessions, the VS Code/JetBrains extensions, `CLAUDE.md` files, `.claude/` directories, MCP servers, Cowork, Remote Control, or the web UI at claude.ai/code. If ANY such signal is present, this IS a Claude Code issue — proceed to step 5.
|
||||
- Only if NO Claude Code signals are present: check whether a different Anthropic product (claude.ai chat, Claude Desktop/Mobile apps, the raw Anthropic API/SDK, or account billing with no CLI involvement) is the *subject* of the complaint, not merely mentioned for context. If so, apply `invalid` and stop. If ambiguous, proceed to step 5 WITHOUT applying `invalid`.
|
||||
- The body text is authoritative. If a form dropdown (e.g. Platform) contradicts evidence in the body, trust the body — dropdowns are often mis-selected.
|
||||
|
||||
5. Analyze and apply category labels:
|
||||
- Type (bug, enhancement, question, etc.)
|
||||
- Technical areas and platform
|
||||
- Check for duplicates with `./scripts/gh.sh search issues`. Only mark as duplicate of OPEN issues.
|
||||
|
||||
6. Evaluate lifecycle labels:
|
||||
- `needs-repro` (bugs only, 7 days): Bug reports without clear steps to reproduce. A good repro has specific, followable steps that someone else could use to see the same issue.
|
||||
Do NOT apply if the user already provided error messages, logs, file paths, or a description of what they did. Don't require a specific format — narrative descriptions count.
|
||||
For model behavior issues (e.g. "Claude does X when it should do Y"), don't require traditional repro steps — examples and patterns are sufficient.
|
||||
- `needs-info` (bugs only, 7 days): The issue needs something from the community before it can progress — e.g. error messages, versions, environment details, or answers to follow-up questions. Don't apply to questions or enhancements.
|
||||
Do NOT apply if the user already provided version, environment, and error details. If the issue just needs engineering investigation, that's not `needs-info`.
|
||||
|
||||
Issues with these labels are automatically closed after the timeout if there's no response.
|
||||
The goal is to avoid issues lingering without a clear next step.
|
||||
|
||||
7. Apply all selected labels:
|
||||
`./scripts/edit-issue-labels.sh --add-label "label1" --add-label "label2"`
|
||||
|
||||
**If EVENT is "issue_comment" (comment on existing issue):**
|
||||
|
||||
4. Evaluate lifecycle labels based on the full conversation:
|
||||
- If the issue has `stale` or `autoclose`, remove the label — a new human comment means the issue is still active:
|
||||
`./scripts/edit-issue-labels.sh --remove-label "stale" --remove-label "autoclose"`
|
||||
- If the issue has `needs-repro` or `needs-info` and the missing information has now been provided, remove the label:
|
||||
`./scripts/edit-issue-labels.sh --remove-label "needs-repro"`
|
||||
- If the issue doesn't have lifecycle labels but clearly needs them (e.g., a maintainer asked for repro steps or more details), add the appropriate label.
|
||||
- Comments like "+1", "me too", "same here", or emoji reactions are NOT the missing information. Only remove `needs-repro` or `needs-info` when substantive details are actually provided.
|
||||
- Do NOT add or remove category labels (bug, enhancement, etc.) on comment events.
|
||||
|
||||
GUIDELINES:
|
||||
- ONLY use labels from `./scripts/gh.sh label list` — never create or guess label names
|
||||
- DO NOT post any comments to the issue
|
||||
- Be conservative with lifecycle labels — only apply when clearly warranted
|
||||
- Only apply lifecycle labels (`needs-repro`, `needs-info`) to bugs — never to questions or enhancements
|
||||
- When in doubt, don't apply a lifecycle label — false positives are worse than missing labels
|
||||
- On new issues (EVENT "issues"), always apply exactly one of `bug`, `enhancement`, `question`, `invalid`, or `duplicate`. If unsure, pick the closest fit — an imperfect category label is better than none.
|
||||
- On comment events, it's okay to make no changes if nothing applies.
|
||||
9
.github/workflows/claude-dedupe-issues.yml
vendored
9
.github/workflows/claude-dedupe-issues.yml
vendored
@@ -23,16 +23,13 @@ jobs:
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Run Claude Code slash command
|
||||
uses: anthropics/claude-code-action@v1
|
||||
env:
|
||||
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
CLAUDE_CODE_SCRIPT_CAPS: '{"comment-on-duplicates.sh":1}'
|
||||
uses: anthropics/claude-code-base-action@beta
|
||||
with:
|
||||
github_token: ${{ secrets.GITHUB_TOKEN }}
|
||||
allowed_non_write_users: "*"
|
||||
prompt: "/dedupe ${{ github.repository }}/issues/${{ github.event.issue.number || inputs.issue_number }}"
|
||||
anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
|
||||
claude_args: "--model claude-sonnet-4-5-20250929"
|
||||
claude_env: |
|
||||
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
- name: Log duplicate comment event to Statsig
|
||||
if: always()
|
||||
|
||||
106
.github/workflows/claude-issue-triage.yml
vendored
106
.github/workflows/claude-issue-triage.yml
vendored
@@ -1,20 +1,13 @@
|
||||
name: Claude Issue Triage
|
||||
description: Automatically triage GitHub issues using Claude Code
|
||||
on:
|
||||
issues:
|
||||
types: [opened]
|
||||
issue_comment:
|
||||
types: [created]
|
||||
|
||||
jobs:
|
||||
triage-issue:
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 10
|
||||
if: >-
|
||||
github.event_name == 'issues' ||
|
||||
(github.event_name == 'issue_comment' && !github.event.issue.pull_request && github.event.comment.user.type != 'Bot')
|
||||
concurrency:
|
||||
group: issue-triage-${{ github.event.issue.number }}
|
||||
cancel-in-progress: true
|
||||
permissions:
|
||||
contents: read
|
||||
issues: write
|
||||
@@ -23,17 +16,92 @@ jobs:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Create triage prompt
|
||||
run: |
|
||||
mkdir -p /tmp/claude-prompts
|
||||
cat > /tmp/claude-prompts/triage-prompt.txt << 'EOF'
|
||||
You're an issue triage assistant for GitHub issues. Your task is to analyze the issue and select appropriate labels from the provided list.
|
||||
|
||||
IMPORTANT: Don't post any comments or messages to the issue. Your only action should be to apply labels.
|
||||
|
||||
Issue Information:
|
||||
- REPO: ${{ github.repository }}
|
||||
- ISSUE_NUMBER: ${{ github.event.issue.number }}
|
||||
|
||||
TASK OVERVIEW:
|
||||
|
||||
1. First, fetch the list of labels available in this repository by running: `gh label list`. Run exactly this command with nothing else.
|
||||
|
||||
2. Next, use the GitHub tools to get context about the issue:
|
||||
- You have access to these tools:
|
||||
- mcp__github__get_issue: Use this to retrieve the current issue's details including title, description, and existing labels
|
||||
- mcp__github__get_issue_comments: Use this to read any discussion or additional context provided in the comments
|
||||
- mcp__github__update_issue: Use this to apply labels to the issue (do not use this for commenting)
|
||||
- mcp__github__search_issues: Use this to find similar issues that might provide context for proper categorization and to identify potential duplicate issues
|
||||
- mcp__github__list_issues: Use this to understand patterns in how other issues are labeled
|
||||
- Start by using mcp__github__get_issue to get the issue details
|
||||
|
||||
3. Analyze the issue content, considering:
|
||||
- The issue title and description
|
||||
- The type of issue (bug report, feature request, question, etc.)
|
||||
- Technical areas mentioned
|
||||
- Severity or priority indicators
|
||||
- User impact
|
||||
- Components affected
|
||||
|
||||
4. Select appropriate labels from the available labels list provided above:
|
||||
- Choose labels that accurately reflect the issue's nature
|
||||
- Be specific but comprehensive
|
||||
- Select priority labels if you can determine urgency (high-priority, med-priority, or low-priority)
|
||||
- Consider platform labels (android, ios) if applicable
|
||||
- If you find similar issues using mcp__github__search_issues, consider using a "duplicate" label if appropriate. Only do so if the issue is a duplicate of another OPEN issue.
|
||||
|
||||
5. Apply the selected labels:
|
||||
- Use mcp__github__update_issue to apply your selected labels
|
||||
- DO NOT post any comments explaining your decision
|
||||
- DO NOT communicate directly with users
|
||||
- If no labels are clearly applicable, do not apply any labels
|
||||
|
||||
IMPORTANT GUIDELINES:
|
||||
- Be thorough in your analysis
|
||||
- Only select labels from the provided list above
|
||||
- DO NOT post any comments to the issue
|
||||
- Your ONLY action should be to apply labels using mcp__github__update_issue
|
||||
- It's okay to not add any labels if none are clearly applicable
|
||||
EOF
|
||||
|
||||
- name: Setup GitHub MCP Server
|
||||
run: |
|
||||
mkdir -p /tmp/mcp-config
|
||||
cat > /tmp/mcp-config/mcp-servers.json << 'EOF'
|
||||
{
|
||||
"mcpServers": {
|
||||
"github": {
|
||||
"command": "docker",
|
||||
"args": [
|
||||
"run",
|
||||
"-i",
|
||||
"--rm",
|
||||
"-e",
|
||||
"GITHUB_PERSONAL_ACCESS_TOKEN",
|
||||
"ghcr.io/github/github-mcp-server:sha-7aced2b"
|
||||
],
|
||||
"env": {
|
||||
"GITHUB_PERSONAL_ACCESS_TOKEN": "${{ secrets.GITHUB_TOKEN }}"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
EOF
|
||||
|
||||
- name: Run Claude Code for Issue Triage
|
||||
timeout-minutes: 5
|
||||
uses: anthropics/claude-code-action@v1
|
||||
env:
|
||||
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
GH_REPO: ${{ github.repository }}
|
||||
CLAUDE_CODE_SCRIPT_CAPS: '{"edit-issue-labels.sh":2}'
|
||||
uses: anthropics/claude-code-base-action@beta
|
||||
with:
|
||||
github_token: ${{ secrets.GITHUB_TOKEN }}
|
||||
allowed_non_write_users: "*"
|
||||
prompt: "/triage-issue REPO: ${{ github.repository }} ISSUE_NUMBER: ${{ github.event.issue.number }} EVENT: ${{ github.event_name }}"
|
||||
prompt_file: /tmp/claude-prompts/triage-prompt.txt
|
||||
allowed_tools: "Bash(gh label list),mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__update_issue,mcp__github__search_issues,mcp__github__list_issues"
|
||||
timeout_minutes: "5"
|
||||
anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
|
||||
claude_args: |
|
||||
--model claude-opus-4-6
|
||||
mcp_config: /tmp/mcp-config/mcp-servers.json
|
||||
claude_args: "--model claude-sonnet-4-5-20250929"
|
||||
claude_env: |
|
||||
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
2
.github/workflows/claude.yml
vendored
2
.github/workflows/claude.yml
vendored
@@ -31,7 +31,7 @@ jobs:
|
||||
|
||||
- name: Run Claude Code
|
||||
id: claude
|
||||
uses: anthropics/claude-code-action@v1
|
||||
uses: anthropics/claude-code-action@beta
|
||||
with:
|
||||
anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
|
||||
claude_args: "--model claude-sonnet-4-5-20250929"
|
||||
|
||||
27
.github/workflows/issue-lifecycle-comment.yml
vendored
27
.github/workflows/issue-lifecycle-comment.yml
vendored
@@ -1,27 +0,0 @@
|
||||
name: "Issue Lifecycle Comment"
|
||||
|
||||
on:
|
||||
issues:
|
||||
types: [labeled]
|
||||
|
||||
permissions:
|
||||
issues: write
|
||||
|
||||
jobs:
|
||||
comment:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Setup Bun
|
||||
uses: oven-sh/setup-bun@v2
|
||||
with:
|
||||
bun-version: latest
|
||||
|
||||
- name: Post lifecycle comment
|
||||
run: bun run scripts/lifecycle-comment.ts
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
LABEL: ${{ github.event.label.name }}
|
||||
ISSUE_NUMBER: ${{ github.event.issue.number }}
|
||||
47
.github/workflows/non-write-users-check.yml
vendored
47
.github/workflows/non-write-users-check.yml
vendored
@@ -1,47 +0,0 @@
|
||||
name: Non-write Users Check
|
||||
on:
|
||||
pull_request:
|
||||
paths:
|
||||
- ".github/**"
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
pull-requests: write
|
||||
|
||||
jobs:
|
||||
allowed-non-write-check:
|
||||
runs-on: ubuntu-latest
|
||||
env:
|
||||
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
steps:
|
||||
- run: |
|
||||
DIFF=$(gh pr diff "$PR_NUMBER" -R "$REPO" || true)
|
||||
|
||||
if ! echo "$DIFF" | grep -qE '^diff --git a/\.github/.*\.ya?ml'; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
MATCHES=$(echo "$DIFF" | grep "^+.*allowed_non_write_users" || true)
|
||||
|
||||
if [ -z "$MATCHES" ]; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
EXISTING=$(gh pr view "$PR_NUMBER" -R "$REPO" --json comments --jq '.comments[].body' \
|
||||
| grep -c "<!-- non-write-users-check -->" || true)
|
||||
|
||||
if [ "$EXISTING" -gt 0 ]; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
gh pr comment "$PR_NUMBER" -R "$REPO" --body '<!-- non-write-users-check -->
|
||||
**`allowed_non_write_users` detected**
|
||||
|
||||
This PR adds or modifies `allowed_non_write_users`, which allows users without write access to trigger Claude Code Action workflows. This can introduce security risks.
|
||||
|
||||
If this is a new flow, please make sure you actually need `allowed_non_write_users`. If you are editing an existing workflow, double check that you are not adding new Claude permissions which might lead to a vulnerability.
|
||||
|
||||
See existing workflows in this repo for safe usage examples, or contact the AppSec team.'
|
||||
env:
|
||||
PR_NUMBER: ${{ github.event.pull_request.number }}
|
||||
REPO: ${{ github.repository }}
|
||||
120
.github/workflows/oncall-triage.yml
vendored
Normal file
120
.github/workflows/oncall-triage.yml
vendored
Normal file
@@ -0,0 +1,120 @@
|
||||
name: Oncall Issue Triage
|
||||
description: Automatically identify and label critical blocking issues requiring oncall attention
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- add-oncall-triage-workflow # Temporary: for testing only
|
||||
schedule:
|
||||
# Run every 6 hours
|
||||
- cron: '0 */6 * * *'
|
||||
workflow_dispatch: # Allow manual trigger
|
||||
|
||||
jobs:
|
||||
oncall-triage:
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 15
|
||||
permissions:
|
||||
contents: read
|
||||
issues: write
|
||||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Create oncall triage prompt
|
||||
run: |
|
||||
mkdir -p /tmp/claude-prompts
|
||||
cat > /tmp/claude-prompts/oncall-triage-prompt.txt << 'EOF'
|
||||
You're an oncall triage assistant for GitHub issues. Your task is to identify critical issues that require immediate oncall attention.
|
||||
|
||||
Important: Don't post any comments or messages to the issues. Your only action should be to apply the "oncall" label to qualifying issues.
|
||||
|
||||
Repository: ${{ github.repository }}
|
||||
|
||||
Task overview:
|
||||
1. Fetch all open issues updated in the last 3 days:
|
||||
- Use mcp__github__list_issues with:
|
||||
- state="open"
|
||||
- first=5 (fetch only 5 issues per page)
|
||||
- orderBy="UPDATED_AT"
|
||||
- direction="DESC"
|
||||
- This will give you the most recently updated issues first
|
||||
- For each page of results, check the updatedAt timestamp of each issue
|
||||
- Add issues updated within the last 3 days (72 hours) to your TODO list as you go
|
||||
- Keep paginating using the 'after' parameter until you encounter issues older than 3 days
|
||||
- Once you hit issues older than 3 days, you can stop fetching (no need to fetch all open issues)
|
||||
|
||||
2. Build your TODO list incrementally as you fetch:
|
||||
- As you fetch each page, immediately add qualifying issues to your TODO list
|
||||
- One TODO item per issue number (e.g., "Evaluate issue #123")
|
||||
- This allows you to start processing while still fetching more pages
|
||||
|
||||
3. For each issue in your TODO list:
|
||||
- Use mcp__github__get_issue to read the issue details (title, body, labels)
|
||||
- Use mcp__github__get_issue_comments to read all comments
|
||||
- Evaluate whether this issue needs the oncall label:
|
||||
a) Is it a bug? (has "bug" label or describes bug behavior)
|
||||
b) Does it have at least 50 engagements? (count comments + reactions)
|
||||
c) Is it truly blocking? Read and understand the full content to determine:
|
||||
- Does this prevent core functionality from working?
|
||||
- Can users work around it?
|
||||
- Consider severity indicators: "crash", "stuck", "frozen", "hang", "unresponsive", "cannot use", "blocked", "broken"
|
||||
- Be conservative - only flag issues that truly prevent users from getting work done
|
||||
|
||||
4. For issues that meet all criteria and do not already have the "oncall" label:
|
||||
- Use mcp__github__update_issue to add the "oncall" label
|
||||
- Do not post any comments
|
||||
- Do not remove any existing labels
|
||||
- Do not remove the "oncall" label from issues that already have it
|
||||
|
||||
Important guidelines:
|
||||
- Use the TODO list to track your progress through ALL candidate issues
|
||||
- Process issues efficiently - don't read every single issue upfront, work through your TODO list systematically
|
||||
- Be conservative in your assessment - only flag truly critical blocking issues
|
||||
- Do not post any comments to issues
|
||||
- Your only action should be to add the "oncall" label using mcp__github__update_issue
|
||||
- Mark each issue as complete in your TODO list as you process it
|
||||
|
||||
7. After processing all issues in your TODO list, provide a summary of your actions:
|
||||
- Total number of issues processed (candidate issues evaluated)
|
||||
- Number of issues that received the "oncall" label
|
||||
- For each issue that got the label: list issue number, title, and brief reason why it qualified
|
||||
- Close calls: List any issues that almost qualified but didn't quite meet the criteria (e.g., borderline blocking, had workarounds)
|
||||
- If no issues qualified, state that clearly
|
||||
- Format the summary clearly for easy reading
|
||||
EOF
|
||||
|
||||
- name: Setup GitHub MCP Server
|
||||
run: |
|
||||
mkdir -p /tmp/mcp-config
|
||||
cat > /tmp/mcp-config/mcp-servers.json << 'EOF'
|
||||
{
|
||||
"mcpServers": {
|
||||
"github": {
|
||||
"command": "docker",
|
||||
"args": [
|
||||
"run",
|
||||
"-i",
|
||||
"--rm",
|
||||
"-e",
|
||||
"GITHUB_PERSONAL_ACCESS_TOKEN",
|
||||
"ghcr.io/github/github-mcp-server:sha-7aced2b"
|
||||
],
|
||||
"env": {
|
||||
"GITHUB_PERSONAL_ACCESS_TOKEN": "${{ secrets.GITHUB_TOKEN }}"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
EOF
|
||||
|
||||
- name: Run Claude Code for Oncall Triage
|
||||
uses: anthropics/claude-code-base-action@beta
|
||||
with:
|
||||
prompt_file: /tmp/claude-prompts/oncall-triage-prompt.txt
|
||||
allowed_tools: "mcp__github__list_issues,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__update_issue"
|
||||
timeout_minutes: "10"
|
||||
anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
|
||||
mcp_config: /tmp/mcp-config/mcp-servers.json
|
||||
claude_env: |
|
||||
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
157
.github/workflows/stale-issue-manager.yml
vendored
Normal file
157
.github/workflows/stale-issue-manager.yml
vendored
Normal file
@@ -0,0 +1,157 @@
|
||||
name: "Manage Stale Issues"
|
||||
|
||||
on:
|
||||
schedule:
|
||||
# 2am Pacific = 9am UTC (10am UTC during DST)
|
||||
- cron: "0 10 * * *"
|
||||
workflow_dispatch:
|
||||
|
||||
permissions:
|
||||
issues: write
|
||||
|
||||
concurrency:
|
||||
group: stale-issue-manager
|
||||
|
||||
jobs:
|
||||
manage-stale-issues:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Manage stale issues
|
||||
uses: actions/github-script@v7
|
||||
with:
|
||||
script: |
|
||||
const oneMonthAgo = new Date();
|
||||
oneMonthAgo.setDate(oneMonthAgo.getDate() - 30);
|
||||
|
||||
const twoMonthsAgo = new Date();
|
||||
twoMonthsAgo.setDate(twoMonthsAgo.getDate() - 60);
|
||||
|
||||
const warningComment = `This issue has been inactive for 30 days. If the issue is still occurring, please comment to let us know. Otherwise, this issue will be automatically closed in 30 days for housekeeping purposes.`;
|
||||
|
||||
const closingComment = `This issue has been automatically closed due to 60 days of inactivity. If you're still experiencing this issue, please open a new issue with updated information.`;
|
||||
|
||||
let page = 1;
|
||||
let hasMore = true;
|
||||
let totalWarned = 0;
|
||||
let totalClosed = 0;
|
||||
let totalLabeled = 0;
|
||||
|
||||
while (hasMore) {
|
||||
// Get open issues sorted by last updated (oldest first)
|
||||
const { data: issues } = await github.rest.issues.listForRepo({
|
||||
owner: context.repo.owner,
|
||||
repo: context.repo.repo,
|
||||
state: 'open',
|
||||
sort: 'updated',
|
||||
direction: 'asc',
|
||||
per_page: 100,
|
||||
page: page
|
||||
});
|
||||
|
||||
if (issues.length === 0) {
|
||||
hasMore = false;
|
||||
break;
|
||||
}
|
||||
|
||||
for (const issue of issues) {
|
||||
// Skip if already locked
|
||||
if (issue.locked) continue;
|
||||
|
||||
// Skip pull requests
|
||||
if (issue.pull_request) continue;
|
||||
|
||||
// Check if updated more recently than 30 days ago
|
||||
const updatedAt = new Date(issue.updated_at);
|
||||
if (updatedAt > oneMonthAgo) {
|
||||
// Since issues are sorted by updated_at ascending,
|
||||
// once we hit a recent issue, all remaining will be recent too
|
||||
hasMore = false;
|
||||
break;
|
||||
}
|
||||
|
||||
// Check if issue has autoclose label
|
||||
const hasAutocloseLabel = issue.labels.some(label =>
|
||||
typeof label === 'object' && label.name === 'autoclose'
|
||||
);
|
||||
|
||||
try {
|
||||
// Get comments to check for existing warning
|
||||
const { data: comments } = await github.rest.issues.listComments({
|
||||
owner: context.repo.owner,
|
||||
repo: context.repo.repo,
|
||||
issue_number: issue.number,
|
||||
per_page: 100
|
||||
});
|
||||
|
||||
// Find the last comment from github-actions bot
|
||||
const botComments = comments.filter(comment =>
|
||||
comment.user && comment.user.login === 'github-actions[bot]' &&
|
||||
comment.body && comment.body.includes('inactive for 30 days')
|
||||
);
|
||||
|
||||
const lastBotComment = botComments[botComments.length - 1];
|
||||
|
||||
if (lastBotComment) {
|
||||
// Check if the bot comment is older than 30 days (total 60 days of inactivity)
|
||||
const botCommentDate = new Date(lastBotComment.created_at);
|
||||
if (botCommentDate < oneMonthAgo) {
|
||||
// Close the issue - it's been stale for 60+ days
|
||||
console.log(`Closing issue #${issue.number} (stale for 60+ days): ${issue.title}`);
|
||||
|
||||
// Post closing comment
|
||||
await github.rest.issues.createComment({
|
||||
owner: context.repo.owner,
|
||||
repo: context.repo.repo,
|
||||
issue_number: issue.number,
|
||||
body: closingComment
|
||||
});
|
||||
|
||||
// Close the issue
|
||||
await github.rest.issues.update({
|
||||
owner: context.repo.owner,
|
||||
repo: context.repo.repo,
|
||||
issue_number: issue.number,
|
||||
state: 'closed',
|
||||
state_reason: 'not_planned'
|
||||
});
|
||||
|
||||
totalClosed++;
|
||||
}
|
||||
// If bot comment exists but is recent, issue already has warning
|
||||
} else if (updatedAt < oneMonthAgo) {
|
||||
// No bot warning yet, issue is 30+ days old
|
||||
console.log(`Warning issue #${issue.number} (stale for 30+ days): ${issue.title}`);
|
||||
|
||||
// Post warning comment
|
||||
await github.rest.issues.createComment({
|
||||
owner: context.repo.owner,
|
||||
repo: context.repo.repo,
|
||||
issue_number: issue.number,
|
||||
body: warningComment
|
||||
});
|
||||
|
||||
totalWarned++;
|
||||
|
||||
// Add autoclose label if not present
|
||||
if (!hasAutocloseLabel) {
|
||||
await github.rest.issues.addLabels({
|
||||
owner: context.repo.owner,
|
||||
repo: context.repo.repo,
|
||||
issue_number: issue.number,
|
||||
labels: ['autoclose']
|
||||
});
|
||||
totalLabeled++;
|
||||
}
|
||||
}
|
||||
} catch (error) {
|
||||
console.error(`Failed to process issue #${issue.number}: ${error.message}`);
|
||||
}
|
||||
}
|
||||
|
||||
page++;
|
||||
}
|
||||
|
||||
console.log(`Summary:`);
|
||||
console.log(`- Issues warned (30 days stale): ${totalWarned}`);
|
||||
console.log(`- Issues labeled with autoclose: ${totalLabeled}`);
|
||||
console.log(`- Issues closed (60 days stale): ${totalClosed}`);
|
||||
31
.github/workflows/sweep.yml
vendored
31
.github/workflows/sweep.yml
vendored
@@ -1,31 +0,0 @@
|
||||
name: "Issue Sweep"
|
||||
|
||||
on:
|
||||
schedule:
|
||||
- cron: "0 10,22 * * *"
|
||||
workflow_dispatch:
|
||||
|
||||
permissions:
|
||||
issues: write
|
||||
|
||||
concurrency:
|
||||
group: daily-issue-sweep
|
||||
|
||||
jobs:
|
||||
sweep:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Setup Bun
|
||||
uses: oven-sh/setup-bun@v2
|
||||
with:
|
||||
bun-version: latest
|
||||
|
||||
- name: Enforce lifecycle timeouts
|
||||
run: bun run scripts/sweep.ts
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
GITHUB_REPOSITORY_OWNER: ${{ github.repository_owner }}
|
||||
GITHUB_REPOSITORY_NAME: ${{ github.event.repository.name }}
|
||||
3
.gitignore
vendored
3
.gitignore
vendored
@@ -1,2 +1,3 @@
|
||||
.DS_Store
|
||||
|
||||
__pycache__/
|
||||
*.pyc
|
||||
|
||||
1702
CHANGELOG.md
1702
CHANGELOG.md
File diff suppressed because it is too large
Load Diff
45
README.md
45
README.md
@@ -6,42 +6,35 @@
|
||||
|
||||
Claude Code is an agentic coding tool that lives in your terminal, understands your codebase, and helps you code faster by executing routine tasks, explaining complex code, and handling git workflows -- all through natural language commands. Use it in your terminal, IDE, or tag @claude on Github.
|
||||
|
||||
**Learn more in the [official documentation](https://code.claude.com/docs/en/overview)**.
|
||||
**Learn more in the [official documentation](https://docs.anthropic.com/en/docs/claude-code/overview)**.
|
||||
|
||||
<img src="./demo.gif" />
|
||||
|
||||
## Get started
|
||||
> [!NOTE]
|
||||
> Installation via npm is deprecated. Use one of the recommended methods below.
|
||||
|
||||
For more installation options, uninstall steps, and troubleshooting, see the [setup documentation](https://code.claude.com/docs/en/setup).
|
||||
|
||||
1. Install Claude Code:
|
||||
|
||||
**MacOS/Linux (Recommended):**
|
||||
```bash
|
||||
curl -fsSL https://claude.ai/install.sh | bash
|
||||
```
|
||||
**MacOS/Linux:**
|
||||
```bash
|
||||
curl -fsSL https://claude.ai/install.sh | bash
|
||||
```
|
||||
|
||||
**Homebrew (MacOS/Linux):**
|
||||
```bash
|
||||
brew install --cask claude-code
|
||||
```
|
||||
**Homebrew (MacOS):**
|
||||
```bash
|
||||
brew install --cask claude-code
|
||||
```
|
||||
|
||||
**Windows (Recommended):**
|
||||
```powershell
|
||||
irm https://claude.ai/install.ps1 | iex
|
||||
```
|
||||
**Windows:**
|
||||
```powershell
|
||||
irm https://claude.ai/install.ps1 | iex
|
||||
```
|
||||
|
||||
**WinGet (Windows):**
|
||||
```powershell
|
||||
winget install Anthropic.ClaudeCode
|
||||
```
|
||||
**NPM:**
|
||||
```bash
|
||||
npm install -g @anthropic-ai/claude-code
|
||||
```
|
||||
|
||||
**NPM (Deprecated):**
|
||||
```bash
|
||||
npm install -g @anthropic-ai/claude-code
|
||||
```
|
||||
NOTE: If installing with NPM, you also need to install [Node.js 18+](https://nodejs.org/en/download/)
|
||||
|
||||
2. Navigate to your project directory and run `claude`.
|
||||
|
||||
@@ -63,7 +56,7 @@ When you use Claude Code, we collect feedback, which includes usage data (such a
|
||||
|
||||
### How we use your data
|
||||
|
||||
See our [data usage policies](https://code.claude.com/docs/en/data-usage).
|
||||
See our [data usage policies](https://docs.anthropic.com/en/docs/claude-code/data-usage).
|
||||
|
||||
### Privacy safeguards
|
||||
|
||||
|
||||
163
examples/hooks/fix_file_permissions_example.py
Executable file
163
examples/hooks/fix_file_permissions_example.py
Executable file
@@ -0,0 +1,163 @@
|
||||
#!/usr/bin/env python3
|
||||
"""
|
||||
Claude Code Hook: Fix File Permissions After Write
|
||||
===================================================
|
||||
This hook runs as a PostToolUse hook for the Write and Edit tools.
|
||||
It fixes file permissions to respect the system's umask setting.
|
||||
|
||||
This addresses the issue where Claude Code's Write tool creates files with
|
||||
restrictive 0600 permissions, ignoring the user's umask setting.
|
||||
|
||||
Read more about hooks here: https://docs.anthropic.com/en/docs/claude-code/hooks
|
||||
|
||||
Configuration example for ~/.claude/settings.json or .claude/settings.local.json:
|
||||
|
||||
{
|
||||
"hooks": {
|
||||
"PostToolUse": [
|
||||
{
|
||||
"matcher": "Write|Edit",
|
||||
"hooks": [
|
||||
{
|
||||
"type": "command",
|
||||
"command": "python3 /path/to/claude-code/examples/hooks/fix_file_permissions_example.py"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
|
||||
How it works:
|
||||
- After Write or Edit tool completes, this hook runs
|
||||
- Gets the file path from the tool input
|
||||
- Calculates the correct permissions based on the current umask
|
||||
- Applies the umask-respecting permissions to the file
|
||||
|
||||
For example:
|
||||
- With umask 022: files become 0644 (rw-r--r--)
|
||||
- With umask 002: files become 0664 (rw-rw-r--)
|
||||
- With umask 077: files remain 0600 (rw-------)
|
||||
"""
|
||||
|
||||
import json
|
||||
import os
|
||||
import stat
|
||||
import sys
|
||||
|
||||
|
||||
def get_umask() -> int:
|
||||
"""Get the current umask value.
|
||||
|
||||
We temporarily set umask to get the current value, then restore it.
|
||||
This is the standard way to read umask in Python.
|
||||
"""
|
||||
current_umask = os.umask(0)
|
||||
os.umask(current_umask)
|
||||
return current_umask
|
||||
|
||||
|
||||
def calculate_file_permissions(umask_value: int) -> int:
|
||||
"""Calculate file permissions based on umask.
|
||||
|
||||
Standard Unix behavior: new files start with 0666 base permissions,
|
||||
then umask is applied to remove bits.
|
||||
|
||||
Args:
|
||||
umask_value: The current umask value (e.g., 0o022)
|
||||
|
||||
Returns:
|
||||
The file permissions after applying umask (e.g., 0o644)
|
||||
"""
|
||||
base_permissions = 0o666 # rw-rw-rw-
|
||||
return base_permissions & ~umask_value
|
||||
|
||||
|
||||
def fix_file_permissions(file_path: str) -> dict:
|
||||
"""Fix permissions for a file to respect umask.
|
||||
|
||||
Args:
|
||||
file_path: Path to the file to fix
|
||||
|
||||
Returns:
|
||||
Dict with status information
|
||||
"""
|
||||
if not file_path:
|
||||
return {"status": "skipped", "reason": "no file path provided"}
|
||||
|
||||
if not os.path.exists(file_path):
|
||||
return {"status": "skipped", "reason": "file does not exist"}
|
||||
|
||||
if not os.path.isfile(file_path):
|
||||
return {"status": "skipped", "reason": "path is not a file"}
|
||||
|
||||
try:
|
||||
# Get current permissions
|
||||
current_mode = stat.S_IMODE(os.stat(file_path).st_mode)
|
||||
|
||||
# Calculate expected permissions based on umask
|
||||
umask_value = get_umask()
|
||||
expected_mode = calculate_file_permissions(umask_value)
|
||||
|
||||
# Only change if current permissions are more restrictive than expected
|
||||
# This handles the case where Write tool sets 0600 instead of umask-based perms
|
||||
if current_mode == 0o600 and expected_mode != 0o600:
|
||||
os.chmod(file_path, expected_mode)
|
||||
return {
|
||||
"status": "fixed",
|
||||
"file": file_path,
|
||||
"old_mode": oct(current_mode),
|
||||
"new_mode": oct(expected_mode),
|
||||
"umask": oct(umask_value),
|
||||
}
|
||||
else:
|
||||
return {
|
||||
"status": "unchanged",
|
||||
"file": file_path,
|
||||
"current_mode": oct(current_mode),
|
||||
"expected_mode": oct(expected_mode),
|
||||
}
|
||||
|
||||
except PermissionError as e:
|
||||
return {"status": "error", "reason": f"permission denied: {e}"}
|
||||
except OSError as e:
|
||||
return {"status": "error", "reason": f"OS error: {e}"}
|
||||
|
||||
|
||||
def main():
|
||||
"""Main entry point for the PostToolUse hook."""
|
||||
try:
|
||||
input_data = json.load(sys.stdin)
|
||||
except json.JSONDecodeError as e:
|
||||
# Exit 0 - don't block on invalid input, just log to stderr
|
||||
print(f"Warning: Invalid JSON input: {e}", file=sys.stderr)
|
||||
sys.exit(0)
|
||||
|
||||
tool_name = input_data.get("tool_name", "")
|
||||
|
||||
# Only process Write and Edit tools
|
||||
if tool_name not in ("Write", "Edit"):
|
||||
sys.exit(0)
|
||||
|
||||
tool_input = input_data.get("tool_input", {})
|
||||
file_path = tool_input.get("file_path", "")
|
||||
|
||||
if not file_path:
|
||||
sys.exit(0)
|
||||
|
||||
result = fix_file_permissions(file_path)
|
||||
|
||||
# Output result as JSON for logging/debugging
|
||||
# This will appear in the transcript when running with --debug
|
||||
if result.get("status") == "fixed":
|
||||
output = {
|
||||
"systemMessage": f"Fixed file permissions for {file_path}: {result['old_mode']} -> {result['new_mode']} (umask: {result['umask']})"
|
||||
}
|
||||
print(json.dumps(output))
|
||||
|
||||
# Always exit 0 - this is a PostToolUse hook, we don't want to block
|
||||
sys.exit(0)
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
main()
|
||||
278
examples/hooks/test_fix_file_permissions.py
Executable file
278
examples/hooks/test_fix_file_permissions.py
Executable file
@@ -0,0 +1,278 @@
|
||||
#!/usr/bin/env python3
|
||||
"""
|
||||
Tests for the fix_file_permissions_example.py hook.
|
||||
|
||||
Run these tests with:
|
||||
python3 examples/hooks/test_fix_file_permissions.py
|
||||
|
||||
Or with pytest:
|
||||
pytest examples/hooks/test_fix_file_permissions.py -v
|
||||
"""
|
||||
|
||||
import json
|
||||
import os
|
||||
import stat
|
||||
import subprocess
|
||||
import sys
|
||||
import tempfile
|
||||
import unittest
|
||||
from pathlib import Path
|
||||
|
||||
# Path to the hook script
|
||||
HOOK_SCRIPT = Path(__file__).parent / "fix_file_permissions_example.py"
|
||||
|
||||
|
||||
class TestFixFilePermissionsHook(unittest.TestCase):
|
||||
"""Test cases for the file permissions fix hook."""
|
||||
|
||||
def setUp(self):
|
||||
"""Set up test fixtures."""
|
||||
self.temp_dir = tempfile.mkdtemp()
|
||||
self.test_file = os.path.join(self.temp_dir, "test_file.txt")
|
||||
|
||||
def tearDown(self):
|
||||
"""Clean up test files."""
|
||||
if os.path.exists(self.test_file):
|
||||
os.remove(self.test_file)
|
||||
if os.path.exists(self.temp_dir):
|
||||
os.rmdir(self.temp_dir)
|
||||
|
||||
def run_hook(self, tool_name: str, file_path: str) -> subprocess.CompletedProcess:
|
||||
"""Run the hook script with given input."""
|
||||
input_data = {
|
||||
"tool_name": tool_name,
|
||||
"tool_input": {"file_path": file_path},
|
||||
"session_id": "test-session",
|
||||
"cwd": os.getcwd(),
|
||||
}
|
||||
|
||||
result = subprocess.run(
|
||||
[sys.executable, str(HOOK_SCRIPT)],
|
||||
input=json.dumps(input_data),
|
||||
capture_output=True,
|
||||
text=True,
|
||||
)
|
||||
return result
|
||||
|
||||
def create_file_with_permissions(self, path: str, mode: int) -> None:
|
||||
"""Create a test file with specific permissions."""
|
||||
with open(path, "w") as f:
|
||||
f.write("test content")
|
||||
os.chmod(path, mode)
|
||||
|
||||
def get_file_permissions(self, path: str) -> int:
|
||||
"""Get the permission bits of a file."""
|
||||
return stat.S_IMODE(os.stat(path).st_mode)
|
||||
|
||||
def test_fixes_restrictive_permissions_with_umask_022(self):
|
||||
"""Test that 0600 permissions are fixed to 0644 with umask 022."""
|
||||
# Save and set umask
|
||||
old_umask = os.umask(0o022)
|
||||
try:
|
||||
# Create file with restrictive permissions (simulating Write tool bug)
|
||||
self.create_file_with_permissions(self.test_file, 0o600)
|
||||
self.assertEqual(self.get_file_permissions(self.test_file), 0o600)
|
||||
|
||||
# Run the hook
|
||||
result = self.run_hook("Write", self.test_file)
|
||||
self.assertEqual(result.returncode, 0)
|
||||
|
||||
# Check permissions were fixed
|
||||
expected_mode = 0o644 # 0666 & ~0022
|
||||
self.assertEqual(
|
||||
self.get_file_permissions(self.test_file),
|
||||
expected_mode,
|
||||
f"Expected {oct(expected_mode)}, got {oct(self.get_file_permissions(self.test_file))}",
|
||||
)
|
||||
finally:
|
||||
os.umask(old_umask)
|
||||
|
||||
def test_fixes_restrictive_permissions_with_umask_002(self):
|
||||
"""Test that 0600 permissions are fixed to 0664 with umask 002."""
|
||||
# Save and set umask
|
||||
old_umask = os.umask(0o002)
|
||||
try:
|
||||
# Create file with restrictive permissions
|
||||
self.create_file_with_permissions(self.test_file, 0o600)
|
||||
self.assertEqual(self.get_file_permissions(self.test_file), 0o600)
|
||||
|
||||
# Run the hook
|
||||
result = self.run_hook("Write", self.test_file)
|
||||
self.assertEqual(result.returncode, 0)
|
||||
|
||||
# Check permissions were fixed
|
||||
expected_mode = 0o664 # 0666 & ~0002
|
||||
self.assertEqual(
|
||||
self.get_file_permissions(self.test_file),
|
||||
expected_mode,
|
||||
f"Expected {oct(expected_mode)}, got {oct(self.get_file_permissions(self.test_file))}",
|
||||
)
|
||||
finally:
|
||||
os.umask(old_umask)
|
||||
|
||||
def test_preserves_permissions_matching_umask(self):
|
||||
"""Test that permissions already matching umask are not changed."""
|
||||
old_umask = os.umask(0o022)
|
||||
try:
|
||||
# Create file with correct permissions already
|
||||
self.create_file_with_permissions(self.test_file, 0o644)
|
||||
|
||||
# Run the hook
|
||||
result = self.run_hook("Write", self.test_file)
|
||||
self.assertEqual(result.returncode, 0)
|
||||
|
||||
# Permissions should be unchanged
|
||||
self.assertEqual(self.get_file_permissions(self.test_file), 0o644)
|
||||
finally:
|
||||
os.umask(old_umask)
|
||||
|
||||
def test_respects_umask_077(self):
|
||||
"""Test that umask 077 results in 0600 (no change needed)."""
|
||||
old_umask = os.umask(0o077)
|
||||
try:
|
||||
# Create file with 0600 permissions
|
||||
self.create_file_with_permissions(self.test_file, 0o600)
|
||||
|
||||
# Run the hook
|
||||
result = self.run_hook("Write", self.test_file)
|
||||
self.assertEqual(result.returncode, 0)
|
||||
|
||||
# With umask 077, 0600 is correct - should remain unchanged
|
||||
self.assertEqual(self.get_file_permissions(self.test_file), 0o600)
|
||||
finally:
|
||||
os.umask(old_umask)
|
||||
|
||||
def test_handles_edit_tool(self):
|
||||
"""Test that the hook also works for the Edit tool."""
|
||||
old_umask = os.umask(0o022)
|
||||
try:
|
||||
self.create_file_with_permissions(self.test_file, 0o600)
|
||||
|
||||
result = self.run_hook("Edit", self.test_file)
|
||||
self.assertEqual(result.returncode, 0)
|
||||
|
||||
self.assertEqual(self.get_file_permissions(self.test_file), 0o644)
|
||||
finally:
|
||||
os.umask(old_umask)
|
||||
|
||||
def test_ignores_other_tools(self):
|
||||
"""Test that the hook ignores non-Write/Edit tools."""
|
||||
old_umask = os.umask(0o022)
|
||||
try:
|
||||
self.create_file_with_permissions(self.test_file, 0o600)
|
||||
|
||||
result = self.run_hook("Read", self.test_file)
|
||||
self.assertEqual(result.returncode, 0)
|
||||
|
||||
# Permissions should be unchanged for Read tool
|
||||
self.assertEqual(self.get_file_permissions(self.test_file), 0o600)
|
||||
finally:
|
||||
os.umask(old_umask)
|
||||
|
||||
def test_handles_nonexistent_file(self):
|
||||
"""Test that the hook handles non-existent files gracefully."""
|
||||
result = self.run_hook("Write", "/nonexistent/path/file.txt")
|
||||
self.assertEqual(result.returncode, 0)
|
||||
|
||||
def test_handles_empty_file_path(self):
|
||||
"""Test that the hook handles empty file path gracefully."""
|
||||
input_data = {
|
||||
"tool_name": "Write",
|
||||
"tool_input": {},
|
||||
"session_id": "test-session",
|
||||
}
|
||||
|
||||
result = subprocess.run(
|
||||
[sys.executable, str(HOOK_SCRIPT)],
|
||||
input=json.dumps(input_data),
|
||||
capture_output=True,
|
||||
text=True,
|
||||
)
|
||||
self.assertEqual(result.returncode, 0)
|
||||
|
||||
def test_handles_invalid_json(self):
|
||||
"""Test that the hook handles invalid JSON input gracefully."""
|
||||
result = subprocess.run(
|
||||
[sys.executable, str(HOOK_SCRIPT)],
|
||||
input="not valid json",
|
||||
capture_output=True,
|
||||
text=True,
|
||||
)
|
||||
# Should exit 0 even with invalid input (don't block the workflow)
|
||||
self.assertEqual(result.returncode, 0)
|
||||
self.assertIn("Invalid JSON", result.stderr)
|
||||
|
||||
def test_handles_directory_path(self):
|
||||
"""Test that the hook ignores directory paths."""
|
||||
result = self.run_hook("Write", self.temp_dir)
|
||||
self.assertEqual(result.returncode, 0)
|
||||
|
||||
def test_outputs_system_message_on_fix(self):
|
||||
"""Test that the hook outputs a systemMessage when fixing permissions."""
|
||||
old_umask = os.umask(0o022)
|
||||
try:
|
||||
self.create_file_with_permissions(self.test_file, 0o600)
|
||||
|
||||
result = self.run_hook("Write", self.test_file)
|
||||
self.assertEqual(result.returncode, 0)
|
||||
|
||||
# Check that stdout contains the systemMessage JSON
|
||||
if result.stdout.strip():
|
||||
output = json.loads(result.stdout)
|
||||
self.assertIn("systemMessage", output)
|
||||
self.assertIn("Fixed file permissions", output["systemMessage"])
|
||||
finally:
|
||||
os.umask(old_umask)
|
||||
|
||||
|
||||
class TestCalculateFilePermissions(unittest.TestCase):
|
||||
"""Test the calculate_file_permissions function directly."""
|
||||
|
||||
def test_umask_022(self):
|
||||
"""Test permission calculation with umask 022."""
|
||||
# Import the function from the hook script
|
||||
import importlib.util
|
||||
|
||||
spec = importlib.util.spec_from_file_location("hook", HOOK_SCRIPT)
|
||||
hook = importlib.util.module_from_spec(spec)
|
||||
spec.loader.exec_module(hook)
|
||||
|
||||
result = hook.calculate_file_permissions(0o022)
|
||||
self.assertEqual(result, 0o644)
|
||||
|
||||
def test_umask_002(self):
|
||||
"""Test permission calculation with umask 002."""
|
||||
import importlib.util
|
||||
|
||||
spec = importlib.util.spec_from_file_location("hook", HOOK_SCRIPT)
|
||||
hook = importlib.util.module_from_spec(spec)
|
||||
spec.loader.exec_module(hook)
|
||||
|
||||
result = hook.calculate_file_permissions(0o002)
|
||||
self.assertEqual(result, 0o664)
|
||||
|
||||
def test_umask_077(self):
|
||||
"""Test permission calculation with umask 077."""
|
||||
import importlib.util
|
||||
|
||||
spec = importlib.util.spec_from_file_location("hook", HOOK_SCRIPT)
|
||||
hook = importlib.util.module_from_spec(spec)
|
||||
spec.loader.exec_module(hook)
|
||||
|
||||
result = hook.calculate_file_permissions(0o077)
|
||||
self.assertEqual(result, 0o600)
|
||||
|
||||
def test_umask_000(self):
|
||||
"""Test permission calculation with umask 000."""
|
||||
import importlib.util
|
||||
|
||||
spec = importlib.util.spec_from_file_location("hook", HOOK_SCRIPT)
|
||||
hook = importlib.util.module_from_spec(spec)
|
||||
spec.loader.exec_module(hook)
|
||||
|
||||
result = hook.calculate_file_permissions(0o000)
|
||||
self.assertEqual(result, 0o666)
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
unittest.main()
|
||||
@@ -1,31 +0,0 @@
|
||||
# Settings Examples
|
||||
|
||||
Example Claude Code settings files, primarily intended for organization-wide deployments. Use these are starting points — adjust them to fit your needs.
|
||||
|
||||
These may be applied at any level of the [settings hierarchy](https://code.claude.com/docs/en/settings#settings-files), though certain properties only take effect if specified in enterprise settings (e.g. `strictKnownMarketplaces`, `allowManagedHooksOnly`, `allowManagedPermissionRulesOnly`).
|
||||
|
||||
|
||||
## Configuration Examples
|
||||
|
||||
> [!WARNING]
|
||||
> These examples are community-maintained snippets which may be unsupported or incorrect. You are responsible for the correctness of your own settings configuration.
|
||||
|
||||
| Setting | [`settings-lax.json`](./settings-lax.json) | [`settings-strict.json`](./settings-strict.json) | [`settings-bash-sandbox.json`](./settings-bash-sandbox.json) |
|
||||
|---------|:---:|:---:|:---:|
|
||||
| Disable `--dangerously-skip-permissions` | ✅ | ✅ | |
|
||||
| Block plugin marketplaces | ✅ | ✅ | |
|
||||
| Block user and project-defined permission `allow` / `ask` / `deny` | | ✅ | ✅ |
|
||||
| Block user and project-defined hooks | | ✅ | |
|
||||
| Deny web fetch and search tools | | ✅ | |
|
||||
| Bash tool requires approval | | ✅ | |
|
||||
| Bash tool must run inside of sandbox | | | ✅ |
|
||||
|
||||
## Tips
|
||||
- Consider merging snippets of the above examples to reach your desired configuration
|
||||
- Settings files must be valid JSON
|
||||
- Before deploying configuration files to your organization, test them locally by applying to `managed-settings.json`, `settings.json` or `settings.local.json`
|
||||
- The `sandbox` property only applies to the `Bash` tool; it does not apply to other tools (like Read, Write, WebSearch, WebFetch, MCPs), hooks, or internal commands
|
||||
|
||||
## Full Documentation
|
||||
|
||||
See https://code.claude.com/docs/en/settings for complete documentation on all available managed settings.
|
||||
@@ -1,18 +0,0 @@
|
||||
{
|
||||
"allowManagedPermissionRulesOnly": true,
|
||||
"sandbox": {
|
||||
"enabled": true,
|
||||
"autoAllowBashIfSandboxed": false,
|
||||
"allowUnsandboxedCommands": false,
|
||||
"excludedCommands": [],
|
||||
"network": {
|
||||
"allowUnixSockets": [],
|
||||
"allowAllUnixSockets": false,
|
||||
"allowLocalBinding": false,
|
||||
"allowedDomains": [],
|
||||
"httpProxyPort": null,
|
||||
"socksProxyPort": null
|
||||
},
|
||||
"enableWeakerNestedSandbox": false
|
||||
}
|
||||
}
|
||||
@@ -1,6 +0,0 @@
|
||||
{
|
||||
"permissions": {
|
||||
"disableBypassPermissionsMode": "disable"
|
||||
},
|
||||
"strictKnownMarketplaces": []
|
||||
}
|
||||
@@ -1,28 +0,0 @@
|
||||
{
|
||||
"permissions": {
|
||||
"disableBypassPermissionsMode": "disable",
|
||||
"ask": [
|
||||
"Bash"
|
||||
],
|
||||
"deny": [
|
||||
"WebSearch",
|
||||
"WebFetch"
|
||||
]
|
||||
},
|
||||
"allowManagedPermissionRulesOnly": true,
|
||||
"allowManagedHooksOnly": true,
|
||||
"strictKnownMarketplaces": [],
|
||||
"sandbox": {
|
||||
"autoAllowBashIfSandboxed": false,
|
||||
"excludedCommands": [],
|
||||
"network": {
|
||||
"allowUnixSockets": [],
|
||||
"allowAllUnixSockets": false,
|
||||
"allowLocalBinding": false,
|
||||
"allowedDomains": [],
|
||||
"httpProxyPort": null,
|
||||
"socksProxyPort": null
|
||||
},
|
||||
"enableWeakerNestedSandbox": false
|
||||
}
|
||||
}
|
||||
@@ -1,21 +1,17 @@
|
||||
---
|
||||
allowed-tools: Bash(gh issue view:*), Bash(gh search:*), Bash(gh issue list:*), Bash(gh pr comment:*), Bash(gh pr diff:*), Bash(gh pr view:*), Bash(gh pr list:*), mcp__github_inline_comment__create_inline_comment
|
||||
allowed-tools: Bash(gh issue view:*), Bash(gh search:*), Bash(gh issue list:*), Bash(gh pr comment:*), Bash(gh pr diff:*), Bash(gh pr view:*), Bash(gh pr list:*)
|
||||
description: Code review a pull request
|
||||
---
|
||||
|
||||
Provide a code review for the given pull request.
|
||||
|
||||
**Agent assumptions (applies to all agents and subagents):**
|
||||
- All tools are functional and will work without error. Do not test tools or make exploratory calls. Make sure this is clear to every subagent that is launched.
|
||||
- Only call a tool if it is required to complete the task. Every tool call should have a clear purpose.
|
||||
|
||||
To do this, follow these steps precisely:
|
||||
|
||||
1. Launch a haiku agent to check if any of the following are true:
|
||||
- The pull request is closed
|
||||
- The pull request is a draft
|
||||
- The pull request does not need code review (e.g. automated PR, trivial change that is obviously correct)
|
||||
- Claude has already commented on this PR (check `gh pr view <PR> --comments` for comments left by claude)
|
||||
- You have already submitted a code review on this pull request
|
||||
|
||||
If any condition is true, stop and do not proceed.
|
||||
|
||||
@@ -38,15 +34,15 @@ Note: Still review Claude generated PR's.
|
||||
Agent 4: Opus bug agent (parallel subagent with agent 3)
|
||||
Look for problems that exist in the introduced code. This could be security issues, incorrect logic, etc. Only look for issues that fall within the changed code.
|
||||
|
||||
**CRITICAL: We only want HIGH SIGNAL issues.** Flag issues where:
|
||||
- The code will fail to compile or parse (syntax errors, type errors, missing imports, unresolved references)
|
||||
- The code will definitely produce wrong results regardless of inputs (clear logic errors)
|
||||
**CRITICAL: We only want HIGH SIGNAL issues.** This means:
|
||||
- Objective bugs that will cause incorrect behavior at runtime
|
||||
- Clear, unambiguous CLAUDE.md violations where you can quote the exact rule being broken
|
||||
|
||||
Do NOT flag:
|
||||
- Code style or quality concerns
|
||||
- Potential issues that depend on specific inputs or state
|
||||
- Subjective suggestions or improvements
|
||||
We do NOT want:
|
||||
- Subjective concerns or "suggestions"
|
||||
- Style preferences not explicitly required by CLAUDE.md
|
||||
- Potential issues that "might" be problems
|
||||
- Anything requiring interpretation or judgment calls
|
||||
|
||||
If you are not certain an issue is real, do not flag it. False positives erode trust and waste reviewer time.
|
||||
|
||||
@@ -56,25 +52,14 @@ Note: Still review Claude generated PR's.
|
||||
|
||||
6. Filter out any issues that were not validated in step 5. This step will give us our list of high signal issues for our review.
|
||||
|
||||
7. Output a summary of the review findings to the terminal:
|
||||
- If issues were found, list each issue with a brief description.
|
||||
- If no issues were found, state: "No issues found. Checked for bugs and CLAUDE.md compliance."
|
||||
|
||||
If `--comment` argument was NOT provided, stop here. Do not post any GitHub comments.
|
||||
|
||||
If `--comment` argument IS provided and NO issues were found, post a summary comment using `gh pr comment` and stop.
|
||||
|
||||
If `--comment` argument IS provided and issues were found, continue to step 8.
|
||||
|
||||
8. Create a list of all comments that you plan on leaving. This is only for you to make sure you are comfortable with the comments. Do not post this list anywhere.
|
||||
|
||||
9. Post inline comments for each issue using `mcp__github_inline_comment__create_inline_comment` with `confirmed: true`. For each comment:
|
||||
- Provide a brief description of the issue
|
||||
- For small, self-contained fixes, include a committable suggestion block
|
||||
- For larger fixes (6+ lines, structural changes, or changes spanning multiple locations), describe the issue and suggested fix without a suggestion block
|
||||
- Never post a committable suggestion UNLESS committing the suggestion fixes the issue entirely. If follow up steps are required, do not leave a committable suggestion.
|
||||
|
||||
**IMPORTANT: Only post ONE comment per unique issue. Do not post duplicate comments.**
|
||||
7. Finally, output the review.
|
||||
- If the `--comment` argument is provided, post the review as a comment on the pull request using `gh pr comment`
|
||||
- Otherwise (default), output the review directly to the terminal for local viewing
|
||||
When writing your comment, follow these guidelines:
|
||||
a. Keep your output brief
|
||||
b. Avoid emojis
|
||||
c. Link and cite relevant code, files, and URLs for each issue
|
||||
d. When citing CLAUDE.md violations, you MUST quote the exact text from CLAUDE.md that is being violated (e.g., CLAUDE.md says: "Use snake_case for variable names")
|
||||
|
||||
Use this list when evaluating issues in Steps 4 and 5 (these are false positives, do NOT flag):
|
||||
|
||||
@@ -89,18 +74,40 @@ Notes:
|
||||
|
||||
- Use gh CLI to interact with GitHub (e.g., fetch pull requests, create comments). Do not use web fetch.
|
||||
- Create a todo list before starting.
|
||||
- You must cite and link each issue in inline comments (e.g., if referring to a CLAUDE.md, include a link to it).
|
||||
- If no issues are found and `--comment` argument is provided, post a comment with the following format:
|
||||
- You must cite and link each issue (e.g., if referring to a CLAUDE.md, include a link to it).
|
||||
- For your final comment, follow the following format precisely (assuming for this example that you found 3 issues):
|
||||
|
||||
---
|
||||
|
||||
## Code review
|
||||
|
||||
Found 3 issues:
|
||||
|
||||
1. <brief description of bug> (CLAUDE.md says: "<exact quote from CLAUDE.md>")
|
||||
|
||||
<link to file and line with full sha1 + line range for context, eg. https://github.com/anthropics/claude-code/blob/1d54823877c4de72b2316a64032a54afc404e619/README.md#L13-L17>
|
||||
|
||||
2. <brief description of bug> (some/other/CLAUDE.md says: "<exact quote from CLAUDE.md>")
|
||||
|
||||
<link to file and line with full sha1 + line range for context>
|
||||
|
||||
3. <brief description of bug> (bug due to <file and code snippet>)
|
||||
|
||||
<link to file and line with full sha1 + line range for context>
|
||||
|
||||
---
|
||||
|
||||
- Or, if you found no issues:
|
||||
|
||||
---
|
||||
|
||||
## Auto code review
|
||||
|
||||
No issues found. Checked for bugs and CLAUDE.md compliance.
|
||||
|
||||
---
|
||||
|
||||
- When linking to code in inline comments, follow the following format precisely, otherwise the Markdown preview won't render correctly: https://github.com/anthropics/claude-code/blob/c21d3c10bc8e898b7ac1a2d745bdc9bc4e423afe/package.json#L10-L15
|
||||
- When linking to code, follow the following format precisely, otherwise the Markdown preview won't render correctly: https://github.com/anthropics/claude-code/blob/c21d3c10bc8e898b7ac1a2d745bdc9bc4e423afe/package.json#L10-L15
|
||||
- Requires full git sha
|
||||
- You must provide the full sha. Commands like `https://github.com/owner/repo/blob/$(git rev-parse HEAD)/foo/bar` will not work, since your comment will be directly rendered in Markdown.
|
||||
- Repo name must match the repo you're code reviewing
|
||||
|
||||
@@ -1,18 +1,26 @@
|
||||
---
|
||||
description: "Cancel active Ralph Wiggum loop"
|
||||
allowed-tools: ["Bash(test -f .claude/ralph-loop.local.md:*)", "Bash(rm .claude/ralph-loop.local.md)", "Read(.claude/ralph-loop.local.md)"]
|
||||
allowed-tools: ["Bash"]
|
||||
hide-from-slash-command-tool: "true"
|
||||
---
|
||||
|
||||
# Cancel Ralph
|
||||
|
||||
To cancel the Ralph loop:
|
||||
```!
|
||||
if [[ -f .claude/ralph-loop.local.md ]]; then
|
||||
ITERATION=$(grep '^iteration:' .claude/ralph-loop.local.md | sed 's/iteration: *//')
|
||||
echo "FOUND_LOOP=true"
|
||||
echo "ITERATION=$ITERATION"
|
||||
else
|
||||
echo "FOUND_LOOP=false"
|
||||
fi
|
||||
```
|
||||
|
||||
1. Check if `.claude/ralph-loop.local.md` exists using Bash: `test -f .claude/ralph-loop.local.md && echo "EXISTS" || echo "NOT_FOUND"`
|
||||
Check the output above:
|
||||
|
||||
2. **If NOT_FOUND**: Say "No active Ralph loop found."
|
||||
1. **If FOUND_LOOP=false**:
|
||||
- Say "No active Ralph loop found."
|
||||
|
||||
3. **If EXISTS**:
|
||||
- Read `.claude/ralph-loop.local.md` to get the current iteration number from the `iteration:` field
|
||||
- Remove the file using Bash: `rm .claude/ralph-loop.local.md`
|
||||
- Report: "Cancelled Ralph loop (was at iteration N)" where N is the iteration value
|
||||
2. **If FOUND_LOOP=true**:
|
||||
- Use Bash: `rm .claude/ralph-loop.local.md`
|
||||
- Report: "Cancelled Ralph loop (was at iteration N)" where N is the ITERATION value from above.
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
---
|
||||
description: "Start Ralph Wiggum loop in current session"
|
||||
argument-hint: "PROMPT [--max-iterations N] [--completion-promise TEXT]"
|
||||
allowed-tools: ["Bash(${CLAUDE_PLUGIN_ROOT}/scripts/setup-ralph-loop.sh:*)"]
|
||||
allowed-tools: ["Bash(${CLAUDE_PLUGIN_ROOT}/scripts/setup-ralph-loop.sh)"]
|
||||
hide-from-slash-command-tool: "true"
|
||||
---
|
||||
|
||||
@@ -11,6 +11,36 @@ Execute the setup script to initialize the Ralph loop:
|
||||
|
||||
```!
|
||||
"${CLAUDE_PLUGIN_ROOT}/scripts/setup-ralph-loop.sh" $ARGUMENTS
|
||||
|
||||
# Extract and display completion promise if set
|
||||
if [ -f .claude/ralph-loop.local.md ]; then
|
||||
PROMISE=$(grep '^completion_promise:' .claude/ralph-loop.local.md | sed 's/completion_promise: *//' | sed 's/^"\(.*\)"$/\1/')
|
||||
if [ -n "$PROMISE" ] && [ "$PROMISE" != "null" ]; then
|
||||
echo ""
|
||||
echo "═══════════════════════════════════════════════════════════"
|
||||
echo "CRITICAL - Ralph Loop Completion Promise"
|
||||
echo "═══════════════════════════════════════════════════════════"
|
||||
echo ""
|
||||
echo "To complete this loop, output this EXACT text:"
|
||||
echo " <promise>$PROMISE</promise>"
|
||||
echo ""
|
||||
echo "STRICT REQUIREMENTS (DO NOT VIOLATE):"
|
||||
echo " ✓ Use <promise> XML tags EXACTLY as shown above"
|
||||
echo " ✓ The statement MUST be completely and unequivocally TRUE"
|
||||
echo " ✓ Do NOT output false statements to exit the loop"
|
||||
echo " ✓ Do NOT lie even if you think you should exit"
|
||||
echo ""
|
||||
echo "IMPORTANT - Do not circumvent the loop:"
|
||||
echo " Even if you believe you're stuck, the task is impossible,"
|
||||
echo " or you've been running too long - you MUST NOT output a"
|
||||
echo " false promise statement. The loop is designed to continue"
|
||||
echo " until the promise is GENUINELY TRUE. Trust the process."
|
||||
echo ""
|
||||
echo " If the loop should stop, the promise statement will become"
|
||||
echo " true naturally. Do not force it by lying."
|
||||
echo "═══════════════════════════════════════════════════════════"
|
||||
fi
|
||||
fi
|
||||
```
|
||||
|
||||
Please work on the task. When you try to exit, the Ralph loop will feed the SAME PROMPT back to you for the next iteration. You'll see your previous work in files and git history, allowing you to iterate and improve.
|
||||
|
||||
@@ -174,30 +174,3 @@ if [[ -n "$PROMPT" ]]; then
|
||||
echo ""
|
||||
echo "$PROMPT"
|
||||
fi
|
||||
|
||||
# Display completion promise requirements if set
|
||||
if [[ "$COMPLETION_PROMISE" != "null" ]]; then
|
||||
echo ""
|
||||
echo "═══════════════════════════════════════════════════════════"
|
||||
echo "CRITICAL - Ralph Loop Completion Promise"
|
||||
echo "═══════════════════════════════════════════════════════════"
|
||||
echo ""
|
||||
echo "To complete this loop, output this EXACT text:"
|
||||
echo " <promise>$COMPLETION_PROMISE</promise>"
|
||||
echo ""
|
||||
echo "STRICT REQUIREMENTS (DO NOT VIOLATE):"
|
||||
echo " ✓ Use <promise> XML tags EXACTLY as shown above"
|
||||
echo " ✓ The statement MUST be completely and unequivocally TRUE"
|
||||
echo " ✓ Do NOT output false statements to exit the loop"
|
||||
echo " ✓ Do NOT lie even if you think you should exit"
|
||||
echo ""
|
||||
echo "IMPORTANT - Do not circumvent the loop:"
|
||||
echo " Even if you believe you're stuck, the task is impossible,"
|
||||
echo " or you've been running too long - you MUST NOT output a"
|
||||
echo " false promise statement. The loop is designed to continue"
|
||||
echo " until the promise is GENUINELY TRUE. Trust the process."
|
||||
echo ""
|
||||
echo " If the loop should stop, the promise statement will become"
|
||||
echo " true naturally. Do not force it by lying."
|
||||
echo "═══════════════════════════════════════════════════════════"
|
||||
fi
|
||||
|
||||
@@ -1,95 +0,0 @@
|
||||
#!/usr/bin/env bash
|
||||
#
|
||||
# Comments on a GitHub issue with a list of potential duplicates.
|
||||
# Usage: ./comment-on-duplicates.sh --potential-duplicates 456 789 101
|
||||
#
|
||||
# The base issue number is read from the workflow event payload.
|
||||
#
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
REPO="anthropics/claude-code"
|
||||
|
||||
# Read from event payload so the issue number is bound to the triggering event.
|
||||
# Falls back to workflow_dispatch inputs for manual runs.
|
||||
BASE_ISSUE=$(jq -r '.issue.number // .inputs.issue_number // empty' "${GITHUB_EVENT_PATH:?GITHUB_EVENT_PATH not set}")
|
||||
if ! [[ "$BASE_ISSUE" =~ ^[0-9]+$ ]]; then
|
||||
echo "Error: no issue number in event payload" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
DUPLICATES=()
|
||||
|
||||
# Parse arguments
|
||||
while [[ $# -gt 0 ]]; do
|
||||
case $1 in
|
||||
--potential-duplicates)
|
||||
shift
|
||||
while [[ $# -gt 0 && ! "$1" =~ ^-- ]]; do
|
||||
DUPLICATES+=("$1")
|
||||
shift
|
||||
done
|
||||
;;
|
||||
*)
|
||||
echo "Error: unknown argument (only --potential-duplicates is accepted)" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
||||
# Validate duplicates
|
||||
if [[ ${#DUPLICATES[@]} -eq 0 ]]; then
|
||||
echo "Error: --potential-duplicates requires at least one issue number" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [[ ${#DUPLICATES[@]} -gt 3 ]]; then
|
||||
echo "Error: --potential-duplicates accepts at most 3 issues" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
for dup in "${DUPLICATES[@]}"; do
|
||||
if ! [[ "$dup" =~ ^[0-9]+$ ]]; then
|
||||
echo "Error: duplicate issue must be a number, got: $dup" >&2
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
|
||||
# Validate that base issue exists
|
||||
if ! gh issue view "$BASE_ISSUE" --repo "$REPO" &>/dev/null; then
|
||||
echo "Error: issue #$BASE_ISSUE does not exist in $REPO" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Validate that all duplicate issues exist
|
||||
for dup in "${DUPLICATES[@]}"; do
|
||||
if ! gh issue view "$dup" --repo "$REPO" &>/dev/null; then
|
||||
echo "Error: issue #$dup does not exist in $REPO" >&2
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
|
||||
# Build comment body
|
||||
COUNT=${#DUPLICATES[@]}
|
||||
if [[ $COUNT -eq 1 ]]; then
|
||||
HEADER="Found 1 possible duplicate issue:"
|
||||
else
|
||||
HEADER="Found $COUNT possible duplicate issues:"
|
||||
fi
|
||||
|
||||
BODY="$HEADER"$'\n\n'
|
||||
INDEX=1
|
||||
for dup in "${DUPLICATES[@]}"; do
|
||||
BODY+="$INDEX. https://github.com/$REPO/issues/$dup"$'\n'
|
||||
((INDEX++))
|
||||
done
|
||||
|
||||
BODY+=$'\n'"This issue will be automatically closed as a duplicate in 3 days."$'\n\n'
|
||||
BODY+="- If your issue is a duplicate, please close it and 👍 the existing issue instead"$'\n'
|
||||
BODY+="- To prevent auto-closure, add a comment or 👎 this comment"$'\n\n'
|
||||
BODY+="🤖 Generated with [Claude Code](https://claude.ai/code)"
|
||||
|
||||
# Post the comment
|
||||
gh issue comment "$BASE_ISSUE" --repo "$REPO" --body "$BODY"
|
||||
|
||||
echo "Posted duplicate comment on issue #$BASE_ISSUE"
|
||||
@@ -1,84 +0,0 @@
|
||||
#!/usr/bin/env bash
|
||||
#
|
||||
# Edits labels on a GitHub issue.
|
||||
# Usage: ./edit-issue-labels.sh --add-label bug --add-label needs-triage --remove-label untriaged
|
||||
#
|
||||
# The issue number is read from the workflow event payload.
|
||||
#
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
# Read from event payload so the issue number is bound to the triggering event.
|
||||
# Falls back to workflow_dispatch inputs for manual runs.
|
||||
ISSUE=$(jq -r '.issue.number // .inputs.issue_number // empty' "${GITHUB_EVENT_PATH:?GITHUB_EVENT_PATH not set}")
|
||||
if ! [[ "$ISSUE" =~ ^[0-9]+$ ]]; then
|
||||
echo "Error: no issue number in event payload" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
ADD_LABELS=()
|
||||
REMOVE_LABELS=()
|
||||
|
||||
# Parse arguments
|
||||
while [[ $# -gt 0 ]]; do
|
||||
case $1 in
|
||||
--add-label)
|
||||
ADD_LABELS+=("$2")
|
||||
shift 2
|
||||
;;
|
||||
--remove-label)
|
||||
REMOVE_LABELS+=("$2")
|
||||
shift 2
|
||||
;;
|
||||
*)
|
||||
echo "Error: unknown argument (only --add-label and --remove-label are accepted)" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
||||
if [[ ${#ADD_LABELS[@]} -eq 0 && ${#REMOVE_LABELS[@]} -eq 0 ]]; then
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Fetch valid labels from the repo
|
||||
VALID_LABELS=$(gh label list --limit 500 --json name --jq '.[].name')
|
||||
|
||||
# Filter to only labels that exist in the repo
|
||||
FILTERED_ADD=()
|
||||
for label in "${ADD_LABELS[@]}"; do
|
||||
if echo "$VALID_LABELS" | grep -qxF "$label"; then
|
||||
FILTERED_ADD+=("$label")
|
||||
fi
|
||||
done
|
||||
|
||||
FILTERED_REMOVE=()
|
||||
for label in "${REMOVE_LABELS[@]}"; do
|
||||
if echo "$VALID_LABELS" | grep -qxF "$label"; then
|
||||
FILTERED_REMOVE+=("$label")
|
||||
fi
|
||||
done
|
||||
|
||||
if [[ ${#FILTERED_ADD[@]} -eq 0 && ${#FILTERED_REMOVE[@]} -eq 0 ]]; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
# Build gh command arguments
|
||||
GH_ARGS=("issue" "edit" "$ISSUE")
|
||||
|
||||
for label in "${FILTERED_ADD[@]}"; do
|
||||
GH_ARGS+=("--add-label" "$label")
|
||||
done
|
||||
|
||||
for label in "${FILTERED_REMOVE[@]}"; do
|
||||
GH_ARGS+=("--remove-label" "$label")
|
||||
done
|
||||
|
||||
gh "${GH_ARGS[@]}"
|
||||
|
||||
if [[ ${#FILTERED_ADD[@]} -gt 0 ]]; then
|
||||
echo "Added: ${FILTERED_ADD[*]}"
|
||||
fi
|
||||
if [[ ${#FILTERED_REMOVE[@]} -gt 0 ]]; then
|
||||
echo "Removed: ${FILTERED_REMOVE[*]}"
|
||||
fi
|
||||
@@ -1,96 +0,0 @@
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
# Wrapper around gh CLI that only allows specific subcommands and flags.
|
||||
# All commands are scoped to the current repository via GH_REPO or GITHUB_REPOSITORY.
|
||||
#
|
||||
# Usage:
|
||||
# ./scripts/gh.sh issue view 123
|
||||
# ./scripts/gh.sh issue view 123 --comments
|
||||
# ./scripts/gh.sh issue list --state open --limit 20
|
||||
# ./scripts/gh.sh search issues "search query" --limit 10
|
||||
# ./scripts/gh.sh label list --limit 100
|
||||
|
||||
export GH_HOST=github.com
|
||||
|
||||
REPO="${GH_REPO:-${GITHUB_REPOSITORY:-}}"
|
||||
if [[ -z "$REPO" || "$REPO" == */*/* || "$REPO" != */* ]]; then
|
||||
echo "Error: GH_REPO or GITHUB_REPOSITORY must be set to owner/repo format (e.g., GITHUB_REPOSITORY=anthropics/claude-code)" >&2
|
||||
exit 1
|
||||
fi
|
||||
export GH_REPO="$REPO"
|
||||
|
||||
ALLOWED_FLAGS=(--comments --state --limit --label)
|
||||
FLAGS_WITH_VALUES=(--state --limit --label)
|
||||
|
||||
SUB1="${1:-}"
|
||||
SUB2="${2:-}"
|
||||
CMD="$SUB1 $SUB2"
|
||||
case "$CMD" in
|
||||
"issue view"|"issue list"|"search issues"|"label list")
|
||||
;;
|
||||
*)
|
||||
echo "Error: only 'issue view', 'issue list', 'search issues', 'label list' are allowed (e.g., ./scripts/gh.sh issue view 123)" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
shift 2
|
||||
|
||||
# Separate flags from positional arguments
|
||||
POSITIONAL=()
|
||||
FLAGS=()
|
||||
skip_next=false
|
||||
for arg in "$@"; do
|
||||
if [[ "$skip_next" == true ]]; then
|
||||
FLAGS+=("$arg")
|
||||
skip_next=false
|
||||
elif [[ "$arg" == -* ]]; then
|
||||
flag="${arg%%=*}"
|
||||
matched=false
|
||||
for allowed in "${ALLOWED_FLAGS[@]}"; do
|
||||
if [[ "$flag" == "$allowed" ]]; then
|
||||
matched=true
|
||||
break
|
||||
fi
|
||||
done
|
||||
if [[ "$matched" == false ]]; then
|
||||
echo "Error: only --comments, --state, --limit, --label flags are allowed (e.g., ./scripts/gh.sh issue list --state open --limit 20)" >&2
|
||||
exit 1
|
||||
fi
|
||||
FLAGS+=("$arg")
|
||||
# If flag expects a value and isn't using = syntax, skip next arg
|
||||
if [[ "$arg" != *=* ]]; then
|
||||
for vflag in "${FLAGS_WITH_VALUES[@]}"; do
|
||||
if [[ "$flag" == "$vflag" ]]; then
|
||||
skip_next=true
|
||||
break
|
||||
fi
|
||||
done
|
||||
fi
|
||||
else
|
||||
POSITIONAL+=("$arg")
|
||||
fi
|
||||
done
|
||||
|
||||
if [[ "$CMD" == "search issues" ]]; then
|
||||
QUERY="${POSITIONAL[0]:-}"
|
||||
QUERY_LOWER=$(echo "$QUERY" | tr '[:upper:]' '[:lower:]')
|
||||
if [[ "$QUERY_LOWER" == *"repo:"* || "$QUERY_LOWER" == *"org:"* || "$QUERY_LOWER" == *"user:"* ]]; then
|
||||
echo "Error: search query must not contain repo:, org:, or user: qualifiers (e.g., ./scripts/gh.sh search issues \"bug report\" --limit 10)" >&2
|
||||
exit 1
|
||||
fi
|
||||
gh "$SUB1" "$SUB2" "$QUERY" --repo "$REPO" "${FLAGS[@]}"
|
||||
elif [[ "$CMD" == "issue view" ]]; then
|
||||
if [[ ${#POSITIONAL[@]} -ne 1 ]] || ! [[ "${POSITIONAL[0]}" =~ ^[0-9]+$ ]]; then
|
||||
echo "Error: issue view requires exactly one numeric issue number (e.g., ./scripts/gh.sh issue view 123)" >&2
|
||||
exit 1
|
||||
fi
|
||||
gh "$SUB1" "$SUB2" "${POSITIONAL[0]}" "${FLAGS[@]}"
|
||||
else
|
||||
if [[ ${#POSITIONAL[@]} -ne 0 ]]; then
|
||||
echo "Error: issue list and label list do not accept positional arguments (e.g., ./scripts/gh.sh issue list --state open, ./scripts/gh.sh label list --limit 100)" >&2
|
||||
exit 1
|
||||
fi
|
||||
gh "$SUB1" "$SUB2" "${FLAGS[@]}"
|
||||
fi
|
||||
@@ -1,38 +0,0 @@
|
||||
// Single source of truth for issue lifecycle labels, timeouts, and messages.
|
||||
|
||||
export const lifecycle = [
|
||||
{
|
||||
label: "invalid",
|
||||
days: 3,
|
||||
reason: "this doesn't appear to be about Claude Code",
|
||||
nudge: "This doesn't appear to be about [Claude Code](https://github.com/anthropics/claude-code). For general Anthropic support, visit [support.anthropic.com](https://support.anthropic.com).",
|
||||
},
|
||||
{
|
||||
label: "needs-repro",
|
||||
days: 7,
|
||||
reason: "we still need reproduction steps to investigate",
|
||||
nudge: "We weren't able to reproduce this. Could you provide steps to trigger the issue — what you ran, what happened, and what you expected?",
|
||||
},
|
||||
{
|
||||
label: "needs-info",
|
||||
days: 7,
|
||||
reason: "we still need a bit more information to move forward",
|
||||
nudge: "We need more information to continue investigating. Can you make sure to include your Claude Code version (`claude --version`), OS, and any error messages or logs?",
|
||||
},
|
||||
{
|
||||
label: "stale",
|
||||
days: 14,
|
||||
reason: "inactive for too long",
|
||||
nudge: "This issue has been automatically marked as stale due to inactivity.",
|
||||
},
|
||||
{
|
||||
label: "autoclose",
|
||||
days: 14,
|
||||
reason: "inactive for too long",
|
||||
nudge: "This issue has been marked for automatic closure.",
|
||||
},
|
||||
] as const;
|
||||
|
||||
export type LifecycleLabel = (typeof lifecycle)[number]["label"];
|
||||
|
||||
export const STALE_UPVOTE_THRESHOLD = 10;
|
||||
@@ -1,53 +0,0 @@
|
||||
#!/usr/bin/env bun
|
||||
|
||||
// Posts a comment when a lifecycle label is applied to an issue,
|
||||
// giving the author a heads-up and a chance to respond before auto-close.
|
||||
|
||||
import { lifecycle } from "./issue-lifecycle.ts";
|
||||
|
||||
const DRY_RUN = process.argv.includes("--dry-run");
|
||||
const token = process.env.GITHUB_TOKEN;
|
||||
const repo = process.env.GITHUB_REPOSITORY; // owner/repo
|
||||
const label = process.env.LABEL;
|
||||
const issueNumber = process.env.ISSUE_NUMBER;
|
||||
|
||||
if (!DRY_RUN && !token) throw new Error("GITHUB_TOKEN required");
|
||||
if (!repo) throw new Error("GITHUB_REPOSITORY required");
|
||||
if (!label) throw new Error("LABEL required");
|
||||
if (!issueNumber) throw new Error("ISSUE_NUMBER required");
|
||||
|
||||
const entry = lifecycle.find((l) => l.label === label);
|
||||
if (!entry) {
|
||||
console.log(`No lifecycle entry for label "${label}", skipping`);
|
||||
process.exit(0);
|
||||
}
|
||||
|
||||
const body = `${entry.nudge} This issue will be closed automatically if there's no activity within ${entry.days} days.`;
|
||||
|
||||
// --
|
||||
|
||||
if (DRY_RUN) {
|
||||
console.log(`Would comment on #${issueNumber} for label "${label}":\n\n${body}`);
|
||||
process.exit(0);
|
||||
}
|
||||
|
||||
const response = await fetch(
|
||||
`https://api.github.com/repos/${repo}/issues/${issueNumber}/comments`,
|
||||
{
|
||||
method: "POST",
|
||||
headers: {
|
||||
Authorization: `Bearer ${token}`,
|
||||
Accept: "application/vnd.github.v3+json",
|
||||
"Content-Type": "application/json",
|
||||
"User-Agent": "lifecycle-comment",
|
||||
},
|
||||
body: JSON.stringify({ body }),
|
||||
}
|
||||
);
|
||||
|
||||
if (!response.ok) {
|
||||
const text = await response.text();
|
||||
throw new Error(`GitHub API ${response.status}: ${text}`);
|
||||
}
|
||||
|
||||
console.log(`Commented on #${issueNumber} for label "${label}"`);
|
||||
168
scripts/sweep.ts
168
scripts/sweep.ts
@@ -1,168 +0,0 @@
|
||||
#!/usr/bin/env bun
|
||||
|
||||
import { lifecycle, STALE_UPVOTE_THRESHOLD } from "./issue-lifecycle.ts";
|
||||
|
||||
// --
|
||||
|
||||
const NEW_ISSUE = "https://github.com/anthropics/claude-code/issues/new/choose";
|
||||
const DRY_RUN = process.argv.includes("--dry-run");
|
||||
|
||||
const CLOSE_MESSAGE = (reason: string) =>
|
||||
`Closing for now — ${reason}. Please [open a new issue](${NEW_ISSUE}) if this is still relevant.`;
|
||||
|
||||
// --
|
||||
|
||||
async function githubRequest<T>(
|
||||
endpoint: string,
|
||||
method = "GET",
|
||||
body?: unknown
|
||||
): Promise<T> {
|
||||
const token = process.env.GITHUB_TOKEN;
|
||||
if (!token) throw new Error("GITHUB_TOKEN required");
|
||||
|
||||
const response = await fetch(`https://api.github.com${endpoint}`, {
|
||||
method,
|
||||
headers: {
|
||||
Authorization: `Bearer ${token}`,
|
||||
Accept: "application/vnd.github.v3+json",
|
||||
"User-Agent": "sweep",
|
||||
...(body && { "Content-Type": "application/json" }),
|
||||
},
|
||||
...(body && { body: JSON.stringify(body) }),
|
||||
});
|
||||
|
||||
if (!response.ok) {
|
||||
if (response.status === 404) return {} as T;
|
||||
const text = await response.text();
|
||||
throw new Error(`GitHub API ${response.status}: ${text}`);
|
||||
}
|
||||
|
||||
return response.json();
|
||||
}
|
||||
|
||||
// --
|
||||
|
||||
async function markStale(owner: string, repo: string) {
|
||||
const staleDays = lifecycle.find((l) => l.label === "stale")!.days;
|
||||
const cutoff = new Date();
|
||||
cutoff.setDate(cutoff.getDate() - staleDays);
|
||||
|
||||
let labeled = 0;
|
||||
|
||||
console.log(`\n=== marking stale (${staleDays}d inactive) ===`);
|
||||
|
||||
for (let page = 1; page <= 10; page++) {
|
||||
const issues = await githubRequest<any[]>(
|
||||
`/repos/${owner}/${repo}/issues?state=open&sort=updated&direction=asc&per_page=100&page=${page}`
|
||||
);
|
||||
if (issues.length === 0) break;
|
||||
|
||||
for (const issue of issues) {
|
||||
if (issue.pull_request) continue;
|
||||
if (issue.locked) continue;
|
||||
if (issue.assignees?.length > 0) continue;
|
||||
|
||||
const updatedAt = new Date(issue.updated_at);
|
||||
if (updatedAt > cutoff) return labeled;
|
||||
|
||||
const alreadyStale = issue.labels?.some(
|
||||
(l: any) => l.name === "stale" || l.name === "autoclose"
|
||||
);
|
||||
if (alreadyStale) continue;
|
||||
|
||||
const thumbsUp = issue.reactions?.["+1"] ?? 0;
|
||||
if (thumbsUp >= STALE_UPVOTE_THRESHOLD) continue;
|
||||
|
||||
const base = `/repos/${owner}/${repo}/issues/${issue.number}`;
|
||||
|
||||
if (DRY_RUN) {
|
||||
const age = Math.floor((Date.now() - updatedAt.getTime()) / 86400000);
|
||||
console.log(`#${issue.number}: would label stale (${age}d inactive) — ${issue.title}`);
|
||||
} else {
|
||||
await githubRequest(`${base}/labels`, "POST", { labels: ["stale"] });
|
||||
console.log(`#${issue.number}: labeled stale — ${issue.title}`);
|
||||
}
|
||||
labeled++;
|
||||
}
|
||||
}
|
||||
|
||||
return labeled;
|
||||
}
|
||||
|
||||
async function closeExpired(owner: string, repo: string) {
|
||||
let closed = 0;
|
||||
|
||||
for (const { label, days, reason } of lifecycle) {
|
||||
const cutoff = new Date();
|
||||
cutoff.setDate(cutoff.getDate() - days);
|
||||
console.log(`\n=== ${label} (${days}d timeout) ===`);
|
||||
|
||||
for (let page = 1; page <= 10; page++) {
|
||||
const issues = await githubRequest<any[]>(
|
||||
`/repos/${owner}/${repo}/issues?state=open&labels=${label}&sort=updated&direction=asc&per_page=100&page=${page}`
|
||||
);
|
||||
if (issues.length === 0) break;
|
||||
|
||||
for (const issue of issues) {
|
||||
if (issue.pull_request) continue;
|
||||
if (issue.locked) continue;
|
||||
|
||||
const thumbsUp = issue.reactions?.["+1"] ?? 0;
|
||||
if (thumbsUp >= STALE_UPVOTE_THRESHOLD) continue;
|
||||
|
||||
const base = `/repos/${owner}/${repo}/issues/${issue.number}`;
|
||||
|
||||
const events = await githubRequest<any[]>(`${base}/events?per_page=100`);
|
||||
|
||||
const labeledAt = events
|
||||
.filter((e) => e.event === "labeled" && e.label?.name === label)
|
||||
.map((e) => new Date(e.created_at))
|
||||
.pop();
|
||||
|
||||
if (!labeledAt || labeledAt > cutoff) continue;
|
||||
|
||||
// Skip if a non-bot user commented after the label was applied.
|
||||
// The triage workflow should remove lifecycle labels on human
|
||||
// activity, but check here too as a safety net.
|
||||
const comments = await githubRequest<any[]>(
|
||||
`${base}/comments?since=${labeledAt.toISOString()}&per_page=100`
|
||||
);
|
||||
const hasHumanComment = comments.some(
|
||||
(c) => c.user && c.user.type !== "Bot"
|
||||
);
|
||||
if (hasHumanComment) {
|
||||
console.log(
|
||||
`#${issue.number}: skipping (human activity after ${label} label)`
|
||||
);
|
||||
continue;
|
||||
}
|
||||
|
||||
if (DRY_RUN) {
|
||||
const age = Math.floor((Date.now() - labeledAt.getTime()) / 86400000);
|
||||
console.log(`#${issue.number}: would close (${label}, ${age}d old) — ${issue.title}`);
|
||||
} else {
|
||||
await githubRequest(`${base}/comments`, "POST", { body: CLOSE_MESSAGE(reason) });
|
||||
await githubRequest(base, "PATCH", { state: "closed", state_reason: "not_planned" });
|
||||
console.log(`#${issue.number}: closed (${label})`);
|
||||
}
|
||||
closed++;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return closed;
|
||||
}
|
||||
|
||||
// --
|
||||
|
||||
const owner = process.env.GITHUB_REPOSITORY_OWNER;
|
||||
const repo = process.env.GITHUB_REPOSITORY_NAME;
|
||||
if (!owner || !repo)
|
||||
throw new Error("GITHUB_REPOSITORY_OWNER and GITHUB_REPOSITORY_NAME required");
|
||||
|
||||
if (DRY_RUN) console.log("DRY RUN — no changes will be made\n");
|
||||
|
||||
const labeled = await markStale(owner, repo);
|
||||
const closed = await closeExpired(owner, repo);
|
||||
|
||||
console.log(`\nDone: ${labeled} ${DRY_RUN ? "would be labeled" : "labeled"} stale, ${closed} ${DRY_RUN ? "would be closed" : "closed"}`);
|
||||
Reference in New Issue
Block a user