From 13cc5eb723f3507527081c11f092278ecd99b0e1 Mon Sep 17 00:00:00 2001 From: Claude Date: Thu, 8 Jan 2026 03:59:22 +0000 Subject: [PATCH 1/3] Change code review filter to claude/ branch prefix Instead of checking author_association (which doesn't work reliably for private org members), now only run automatic code reviews for PRs from branches starting with 'claude/'. This allows Claude-generated PRs to receive automatic reviews regardless of the author's association status. --- .github/workflows/claude-code-review.yml | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/.github/workflows/claude-code-review.yml b/.github/workflows/claude-code-review.yml index 7e13ae6..f1a73db 100644 --- a/.github/workflows/claude-code-review.yml +++ b/.github/workflows/claude-code-review.yml @@ -12,11 +12,8 @@ on: jobs: claude-review: - # Only run for organization members, owners, and collaborators - if: | - github.event.pull_request.author_association == 'OWNER' || - github.event.pull_request.author_association == 'MEMBER' || - github.event.pull_request.author_association == 'COLLABORATOR' + # Only run for branches starting with 'claude/' + if: startsWith(github.event.pull_request.head.ref, 'claude/') runs-on: ubuntu-latest permissions: From 2bf01067a2e65225a0b321b88b93f01701d1f97b Mon Sep 17 00:00:00 2001 From: Claude Date: Thu, 8 Jan 2026 04:03:51 +0000 Subject: [PATCH 2/3] Add repository check to prevent external forks from triggering reviews Only allow automatic code reviews for: - Branches starting with 'claude/' - AND from the same repository (not forks) This prevents external contributors from bypassing the filter by naming their fork branches with 'claude/' prefix. --- .github/workflows/claude-code-review.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/claude-code-review.yml b/.github/workflows/claude-code-review.yml index f1a73db..a182463 100644 --- a/.github/workflows/claude-code-review.yml +++ b/.github/workflows/claude-code-review.yml @@ -12,8 +12,10 @@ on: jobs: claude-review: - # Only run for branches starting with 'claude/' - if: startsWith(github.event.pull_request.head.ref, 'claude/') + # Only run for branches starting with 'claude/' from the same repository (not forks) + if: | + startsWith(github.event.pull_request.head.ref, 'claude/') && + github.event.pull_request.head.repo.full_name == github.repository runs-on: ubuntu-latest permissions: From 2ca509d2130545f87962de5420e621550eb6ef50 Mon Sep 17 00:00:00 2001 From: Claude Date: Thu, 8 Jan 2026 04:08:20 +0000 Subject: [PATCH 3/3] Allow both organization members and claude/ branches for code review Code review will run for: - Organization members (OWNER/MEMBER/COLLABORATOR) with any branch name - OR branches starting with 'claude/' from the same repository (not forks) This ensures: - All organization members get automatic reviews regardless of branch naming - Claude-generated PRs from the same repo also get reviews - External forks are still blocked even with claude/ prefix --- .github/workflows/claude-code-review.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/claude-code-review.yml b/.github/workflows/claude-code-review.yml index a182463..7192c6e 100644 --- a/.github/workflows/claude-code-review.yml +++ b/.github/workflows/claude-code-review.yml @@ -12,10 +12,12 @@ on: jobs: claude-review: - # Only run for branches starting with 'claude/' from the same repository (not forks) + # Run for: organization members OR claude/ prefix branches from same repo if: | - startsWith(github.event.pull_request.head.ref, 'claude/') && - github.event.pull_request.head.repo.full_name == github.repository + github.event.pull_request.author_association == 'OWNER' || + github.event.pull_request.author_association == 'MEMBER' || + github.event.pull_request.author_association == 'COLLABORATOR' || + (startsWith(github.event.pull_request.head.ref, 'claude/') && github.event.pull_request.head.repo.full_name == github.repository) runs-on: ubuntu-latest permissions: