From de98cf60ae74d861dd0cfa3c04389235047e7a3f Mon Sep 17 00:00:00 2001 From: "dayuan.jiang" Date: Sat, 29 Nov 2025 00:29:56 +0900 Subject: [PATCH 01/12] Add Claude Code GitHub Actions with Bedrock and auto PR review --- .github/workflows/claude-code.yml | 80 +++++++++++++++++++++++++++++++ 1 file changed, 80 insertions(+) create mode 100644 .github/workflows/claude-code.yml diff --git a/.github/workflows/claude-code.yml b/.github/workflows/claude-code.yml new file mode 100644 index 0000000..91f86b2 --- /dev/null +++ b/.github/workflows/claude-code.yml @@ -0,0 +1,80 @@ +name: Claude Code + +on: + issue_comment: + types: [created] + pull_request_review_comment: + types: [created] + issues: + types: [opened, assigned] + pull_request_review: + types: [submitted] + pull_request: + types: [opened, synchronize] + +jobs: + claude: + if: | + (github.event_name == 'issue_comment' && contains(github.event.comment.body, '@claude')) || + (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@claude')) || + (github.event_name == 'pull_request_review' && contains(github.event.review.body, '@claude')) || + (github.event_name == 'issues' && contains(github.event.issue.body, '@claude')) + runs-on: ubuntu-latest + permissions: + contents: write + pull-requests: write + issues: write + id-token: write + steps: + - name: Checkout repository + uses: actions/checkout@v4 + with: + fetch-depth: 1 + + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} + aws-region: us-east-1 + + - name: Run Claude Code + uses: anthropics/claude-code-action@beta + with: + use_bedrock: "true" + bedrock_model_id: "us.anthropic.claude-sonnet-4-5-20250929-v1:0" + github_token: ${{ secrets.GITHUB_TOKEN }} + + pr-review: + if: github.event_name == 'pull_request' + runs-on: ubuntu-latest + permissions: + contents: read + pull-requests: write + id-token: write + steps: + - name: Checkout repository + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} + aws-region: us-east-1 + + - name: Run Claude Code PR Review + uses: anthropics/claude-code-action@beta + with: + use_bedrock: "true" + bedrock_model_id: "us.anthropic.claude-sonnet-4-5-20250929-v1:0" + github_token: ${{ secrets.GITHUB_TOKEN }} + direct_prompt: | + Review this PR and provide feedback on: + 1. Code quality and best practices + 2. Potential bugs or issues + 3. Security concerns + 4. Performance implications + 5. Suggestions for improvement + + Be concise and actionable. Focus on important issues rather than nitpicking style. From 794826550d2038b8473ed163fe85ebc3a8440a11 Mon Sep 17 00:00:00 2001 From: "dayuan.jiang" Date: Sat, 29 Nov 2025 00:44:58 +0900 Subject: [PATCH 02/12] Use stable v1 instead of beta for claude-code-action --- .github/workflows/claude-code.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/claude-code.yml b/.github/workflows/claude-code.yml index 91f86b2..f8c4184 100644 --- a/.github/workflows/claude-code.yml +++ b/.github/workflows/claude-code.yml @@ -38,7 +38,7 @@ jobs: aws-region: us-east-1 - name: Run Claude Code - uses: anthropics/claude-code-action@beta + uses: anthropics/claude-code-action@v1 with: use_bedrock: "true" bedrock_model_id: "us.anthropic.claude-sonnet-4-5-20250929-v1:0" @@ -64,7 +64,7 @@ jobs: aws-region: us-east-1 - name: Run Claude Code PR Review - uses: anthropics/claude-code-action@beta + uses: anthropics/claude-code-action@v1 with: use_bedrock: "true" bedrock_model_id: "us.anthropic.claude-sonnet-4-5-20250929-v1:0" From 68824bc951000debcdf6839ceb743232b1e2fcef Mon Sep 17 00:00:00 2001 From: "dayuan.jiang" Date: Sat, 29 Nov 2025 00:52:57 +0900 Subject: [PATCH 03/12] Enable inline code review comments like Vercel bot --- .github/workflows/claude-code.yml | 22 +++++++++++++++------- 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/.github/workflows/claude-code.yml b/.github/workflows/claude-code.yml index f8c4184..a8ddba5 100644 --- a/.github/workflows/claude-code.yml +++ b/.github/workflows/claude-code.yml @@ -70,11 +70,19 @@ jobs: bedrock_model_id: "us.anthropic.claude-sonnet-4-5-20250929-v1:0" github_token: ${{ secrets.GITHUB_TOKEN }} direct_prompt: | - Review this PR and provide feedback on: - 1. Code quality and best practices - 2. Potential bugs or issues - 3. Security concerns - 4. Performance implications - 5. Suggestions for improvement + Review this PR by examining the diff carefully. For each issue you find: - Be concise and actionable. Focus on important issues rather than nitpicking style. + 1. Use the GitHub inline comment tool to add comments directly on the specific lines of code that have issues + 2. Include code suggestions using GitHub's suggestion syntax when appropriate: + ```suggestion + // corrected code here + ``` + + Focus on: + - Bugs and logic errors + - Security vulnerabilities + - Performance issues + - Code quality problems + + Be concise. Only comment on significant issues, not style nitpicks. + After adding inline comments, provide a brief summary of your review. From efebcea3ba9823380b95d146c5f3aa6e29c90810 Mon Sep 17 00:00:00 2001 From: "dayuan.jiang" Date: Sat, 29 Nov 2025 00:58:02 +0900 Subject: [PATCH 04/12] Fix PR review: use correct params and enable inline comments --- .github/workflows/claude-code.yml | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/.github/workflows/claude-code.yml b/.github/workflows/claude-code.yml index a8ddba5..d16eb0f 100644 --- a/.github/workflows/claude-code.yml +++ b/.github/workflows/claude-code.yml @@ -29,7 +29,7 @@ jobs: - name: Checkout repository uses: actions/checkout@v4 with: - fetch-depth: 1 + fetch-depth: 0 - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v4 @@ -41,7 +41,6 @@ jobs: uses: anthropics/claude-code-action@v1 with: use_bedrock: "true" - bedrock_model_id: "us.anthropic.claude-sonnet-4-5-20250929-v1:0" github_token: ${{ secrets.GITHUB_TOKEN }} pr-review: @@ -67,12 +66,14 @@ jobs: uses: anthropics/claude-code-action@v1 with: use_bedrock: "true" - bedrock_model_id: "us.anthropic.claude-sonnet-4-5-20250929-v1:0" github_token: ${{ secrets.GITHUB_TOKEN }} - direct_prompt: | + prompt: | + REPO: ${{ github.repository }} + PR NUMBER: ${{ github.event.pull_request.number }} + Review this PR by examining the diff carefully. For each issue you find: - 1. Use the GitHub inline comment tool to add comments directly on the specific lines of code that have issues + 1. Use `mcp__github_inline_comment__create_inline_comment` to add comments directly on specific lines of code 2. Include code suggestions using GitHub's suggestion syntax when appropriate: ```suggestion // corrected code here @@ -85,4 +86,6 @@ jobs: - Code quality problems Be concise. Only comment on significant issues, not style nitpicks. - After adding inline comments, provide a brief summary of your review. + After adding inline comments, provide a brief summary. + claude_args: | + --allowedTools "mcp__github_inline_comment__create_inline_comment,Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*)" From 3e2dbbb5416b2c989c9afba6ddb8414194f5842f Mon Sep 17 00:00:00 2001 From: "dayuan.jiang" Date: Sat, 29 Nov 2025 01:14:36 +0900 Subject: [PATCH 05/12] Improve PR review prompt: add project context, narrow scope to real bugs only --- .github/workflows/claude-code.yml | 31 +++++++++++++++++-------------- 1 file changed, 17 insertions(+), 14 deletions(-) diff --git a/.github/workflows/claude-code.yml b/.github/workflows/claude-code.yml index d16eb0f..03cf601 100644 --- a/.github/workflows/claude-code.yml +++ b/.github/workflows/claude-code.yml @@ -44,7 +44,7 @@ jobs: github_token: ${{ secrets.GITHUB_TOKEN }} pr-review: - if: github.event_name == 'pull_request' + if: github.event_name == 'pull_request' && github.event.action == 'opened' runs-on: ubuntu-latest permissions: contents: read @@ -71,21 +71,24 @@ jobs: REPO: ${{ github.repository }} PR NUMBER: ${{ github.event.pull_request.number }} - Review this PR by examining the diff carefully. For each issue you find: + This is a personal project - an AI-powered draw.io diagram generator built with: + - Next.js 15 with React 19 + - Vercel AI SDK (streamText, useChat, tool calling) + - Multiple AI providers: Bedrock, Anthropic, OpenAI, Google, Azure, OpenRouter, Ollama - 1. Use `mcp__github_inline_comment__create_inline_comment` to add comments directly on specific lines of code - 2. Include code suggestions using GitHub's suggestion syntax when appropriate: - ```suggestion - // corrected code here - ``` + Review this PR for ONLY these issues: + 1. Bugs that would cause runtime errors or broken functionality + 2. Security issues (exposed secrets, API key leaks) + 3. AI SDK misuse (wrong patterns for streamText, tool definitions, message handling) - Focus on: - - Bugs and logic errors - - Security vulnerabilities - - Performance issues - - Code quality problems + DO NOT comment on: + - Performance optimizations + - Code style or formatting + - "Best practices" suggestions + - Type safety improvements + - Error handling additions - Be concise. Only comment on significant issues, not style nitpicks. - After adding inline comments, provide a brief summary. + Use `mcp__github_inline_comment__create_inline_comment` for inline comments. + Be very selective - if there are no real bugs, just say "LGTM" in a PR comment. claude_args: | --allowedTools "mcp__github_inline_comment__create_inline_comment,Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*)" From 56167d363c0e89ee7e682607953f1c6f70be19b5 Mon Sep 17 00:00:00 2001 From: "dayuan.jiang" Date: Sat, 29 Nov 2025 01:18:25 +0900 Subject: [PATCH 06/12] Add specific AI SDK patterns to PR review prompt --- .github/workflows/claude-code.yml | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/.github/workflows/claude-code.yml b/.github/workflows/claude-code.yml index 03cf601..7436bc1 100644 --- a/.github/workflows/claude-code.yml +++ b/.github/workflows/claude-code.yml @@ -79,12 +79,18 @@ jobs: Review this PR for ONLY these issues: 1. Bugs that would cause runtime errors or broken functionality 2. Security issues (exposed secrets, API key leaks) - 3. AI SDK misuse (wrong patterns for streamText, tool definitions, message handling) + 3. AI SDK misuse - specifically check for: + - Client-side: Should use useChat/useCompletion/useObject hooks, NOT raw fetch() + - Server-side: Should use streamText/generateText/streamObject/generateObject + - Message handling: Access message.parts array, not legacy content property + - Tool definitions: Must use Zod schemas for inputSchema + - Status handling: Check status (submitted/streaming/ready/error) before actions + - Stream cleanup: Call stop() when aborting streams DO NOT comment on: - Performance optimizations - Code style or formatting - - "Best practices" suggestions + - "Best practices" that don't affect functionality - Type safety improvements - Error handling additions From 50d16cbe47d5508f4bea1e4bc8012243531bf7ff Mon Sep 17 00:00:00 2001 From: "dayuan.jiang" Date: Sat, 29 Nov 2025 01:20:20 +0900 Subject: [PATCH 07/12] Allow Claude to fetch AI SDK docs during PR review --- .github/workflows/claude-code.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/claude-code.yml b/.github/workflows/claude-code.yml index 7436bc1..7101be1 100644 --- a/.github/workflows/claude-code.yml +++ b/.github/workflows/claude-code.yml @@ -87,6 +87,9 @@ jobs: - Status handling: Check status (submitted/streaming/ready/error) before actions - Stream cleanup: Call stop() when aborting streams + When reviewing AI SDK usage, fetch https://ai-sdk.dev/docs/ to verify correct patterns. + Key doc pages: /docs/ai-sdk-ui/chatbot, /docs/ai-sdk-core/generating-text, /docs/ai-sdk-core/tools-and-tool-calling + DO NOT comment on: - Performance optimizations - Code style or formatting @@ -97,4 +100,4 @@ jobs: Use `mcp__github_inline_comment__create_inline_comment` for inline comments. Be very selective - if there are no real bugs, just say "LGTM" in a PR comment. claude_args: | - --allowedTools "mcp__github_inline_comment__create_inline_comment,Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*)" + --allowedTools "mcp__github_inline_comment__create_inline_comment,Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*),WebFetch(domain:ai-sdk.dev)" From caf7ffe56cf21314e67826ec91468bbff73fcb4d Mon Sep 17 00:00:00 2001 From: "dayuan.jiang" Date: Sat, 29 Nov 2025 01:21:44 +0900 Subject: [PATCH 08/12] Clean up outdated review comments before new review --- .github/workflows/claude-code.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/.github/workflows/claude-code.yml b/.github/workflows/claude-code.yml index 7101be1..cec5505 100644 --- a/.github/workflows/claude-code.yml +++ b/.github/workflows/claude-code.yml @@ -62,6 +62,15 @@ jobs: role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} aws-region: us-east-1 + - name: Clean up outdated review comments + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + # Delete all previous review comments from github-actions bot + gh api repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/comments \ + --jq '.[] | select(.user.login == "github-actions[bot]") | .id' | \ + xargs -I {} gh api repos/${{ github.repository }}/pulls/comments/{} -X DELETE 2>/dev/null || true + - name: Run Claude Code PR Review uses: anthropics/claude-code-action@v1 with: From b00579b257cac97993c6d557a94cad564b5affbf Mon Sep 17 00:00:00 2001 From: "dayuan.jiang" Date: Sat, 29 Nov 2025 01:23:01 +0900 Subject: [PATCH 09/12] Remove automatic comment cleanup - GitHub handles outdated comments --- .github/workflows/claude-code.yml | 9 --------- 1 file changed, 9 deletions(-) diff --git a/.github/workflows/claude-code.yml b/.github/workflows/claude-code.yml index cec5505..7101be1 100644 --- a/.github/workflows/claude-code.yml +++ b/.github/workflows/claude-code.yml @@ -62,15 +62,6 @@ jobs: role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} aws-region: us-east-1 - - name: Clean up outdated review comments - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - # Delete all previous review comments from github-actions bot - gh api repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/comments \ - --jq '.[] | select(.user.login == "github-actions[bot]") | .id' | \ - xargs -I {} gh api repos/${{ github.repository }}/pulls/comments/{} -X DELETE 2>/dev/null || true - - name: Run Claude Code PR Review uses: anthropics/claude-code-action@v1 with: From 4f4aae0e396099407945e497a146809899a129d0 Mon Sep 17 00:00:00 2001 From: "dayuan.jiang" Date: Sat, 29 Nov 2025 01:25:15 +0900 Subject: [PATCH 10/12] Check previous comments and mark resolved if fixed --- .github/workflows/claude-code.yml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/.github/workflows/claude-code.yml b/.github/workflows/claude-code.yml index 7101be1..0543fc5 100644 --- a/.github/workflows/claude-code.yml +++ b/.github/workflows/claude-code.yml @@ -76,6 +76,13 @@ jobs: - Vercel AI SDK (streamText, useChat, tool calling) - Multiple AI providers: Bedrock, Anthropic, OpenAI, Google, Azure, OpenRouter, Ollama + First, check previous review comments from github-actions bot using `gh api repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/comments`. + For each previous comment: + - If the issue is fixed in the current code, reply "Resolved ✓" to that comment + - If the issue still exists, leave it alone + + Then review the current diff for NEW issues only: + Review this PR for ONLY these issues: 1. Bugs that would cause runtime errors or broken functionality 2. Security issues (exposed secrets, API key leaks) @@ -100,4 +107,4 @@ jobs: Use `mcp__github_inline_comment__create_inline_comment` for inline comments. Be very selective - if there are no real bugs, just say "LGTM" in a PR comment. claude_args: | - --allowedTools "mcp__github_inline_comment__create_inline_comment,Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*),WebFetch(domain:ai-sdk.dev)" + --allowedTools "mcp__github_inline_comment__create_inline_comment,Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*),Bash(gh api:*),WebFetch(domain:ai-sdk.dev)" From 9d248e25adefc0ef342a7bc83ed046be9c5120eb Mon Sep 17 00:00:00 2001 From: "dayuan.jiang" Date: Sat, 29 Nov 2025 01:26:00 +0900 Subject: [PATCH 11/12] Resolve/collapse comment threads when issues are fixed --- .github/workflows/claude-code.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/claude-code.yml b/.github/workflows/claude-code.yml index 0543fc5..092fd2d 100644 --- a/.github/workflows/claude-code.yml +++ b/.github/workflows/claude-code.yml @@ -78,7 +78,9 @@ jobs: First, check previous review comments from github-actions bot using `gh api repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/comments`. For each previous comment: - - If the issue is fixed in the current code, reply "Resolved ✓" to that comment + - If the issue is fixed in the current code, resolve the comment thread using: + `gh api graphql -f query='mutation { resolveReviewThread(input: {threadId: "THREAD_ID"}) { thread { isResolved } } }'` + Get the thread ID from the comment's node_id field. - If the issue still exists, leave it alone Then review the current diff for NEW issues only: From c03c41d320f9e44b76496929eed9b03d90278af3 Mon Sep 17 00:00:00 2001 From: "dayuan.jiang" Date: Sat, 29 Nov 2025 01:29:25 +0900 Subject: [PATCH 12/12] Run PR review on both opened and synchronize events --- .github/workflows/claude-code.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/claude-code.yml b/.github/workflows/claude-code.yml index 092fd2d..2f0dcc4 100644 --- a/.github/workflows/claude-code.yml +++ b/.github/workflows/claude-code.yml @@ -44,7 +44,7 @@ jobs: github_token: ${{ secrets.GITHUB_TOKEN }} pr-review: - if: github.event_name == 'pull_request' && github.event.action == 'opened' + if: github.event_name == 'pull_request' runs-on: ubuntu-latest permissions: contents: read