From eaffced1622b10f02b80bb76e190bfe2975132c4 Mon Sep 17 00:00:00 2001 From: phpstan-bot <79867460+phpstan-bot@users.noreply.github.com> Date: Thu, 19 Feb 2026 07:23:48 +0000 Subject: [PATCH 1/3] Switch org-wide workflow to Claude CLI and fix issue.opened trigger MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Replace `anthropics/claude-code-action` with direct Claude CLI usage (`npm install -g @anthropic-ai/claude-code`) in the org-wide workflow. The CLI is invoked with `claude -p` passing a prompt that includes the repository name and the issue comment body. - Add `github.event.issue.body` to the COMMENT_BODY fallback chain in the react-on-comment workflow so that `issues.opened` events are handled correctly (the issue body is in a different field than comment/review body). Closes #9 Co-authored-by: Ondřej Mirtes --- .github/workflows/claude-org-wide.yml | 45 ++++++++++++------- .github/workflows/claude-react-on-comment.yml | 2 +- 2 files changed, 31 insertions(+), 16 deletions(-) diff --git a/.github/workflows/claude-org-wide.yml b/.github/workflows/claude-org-wide.yml index 3722e70..dbb1a90 100644 --- a/.github/workflows/claude-org-wide.yml +++ b/.github/workflows/claude-org-wide.yml @@ -82,19 +82,34 @@ jobs: ref: ${{ steps.default-branch.outputs.branch }} token: ${{ secrets.PHPSTAN_BOT_TOKEN }} - - name: "Run Claude Code on repository" - uses: anthropics/claude-code-action@v1 + - name: "Setup Node.js" + uses: actions/setup-node@v4 with: - claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }} - github_token: ${{ secrets.PHPSTAN_BOT_TOKEN }} - trigger_phrase: "@phpstan-bot" - base_branch: ${{ steps.default-branch.outputs.branch }} - claude_args: >- - --model claude-opus-4-6 - --custom-instructions "You are working on the repository ${{ matrix.repo }}. - After making changes, you must create a pull request (not a draft) with your changes. - Do not just push a branch — always open a real, non-draft pull request so the changes can be reviewed and merged." - bot_name: "phpstan-bot" - bot_id: "79867460" - additional_permissions: | - actions: read + node-version: '20' + + - name: "Install Claude CLI" + run: npm install -g @anthropic-ai/claude-code + + - name: "Configure git" + run: | + git config user.name "phpstan-bot[bot]" + git config user.email "79867460+phpstan-bot[bot]@users.noreply.github.com" + + - name: "Run Claude Code on repository" + env: + CLAUDE_CODE_OAUTH_TOKEN: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }} + GH_TOKEN: ${{ secrets.PHPSTAN_BOT_TOKEN }} + COMMENT_BODY: ${{ github.event.comment.body }} + REPO_NAME: ${{ matrix.repo }} + run: | + PROMPT="You are working on the repository ${REPO_NAME}. + + Here is the request from the issue comment: + ${COMMENT_BODY} + + After making changes, you must create a pull request (not a draft) with your changes. + Do not just push a branch — always open a real, non-draft pull request so the changes can be reviewed and merged." + + claude -p "$PROMPT" \ + --model claude-opus-4-6 \ + --dangerously-skip-permissions diff --git a/.github/workflows/claude-react-on-comment.yml b/.github/workflows/claude-react-on-comment.yml index 67d25d3..88a6ff1 100644 --- a/.github/workflows/claude-react-on-comment.yml +++ b/.github/workflows/claude-react-on-comment.yml @@ -31,7 +31,7 @@ jobs: - name: "Check for trigger phrase" id: check env: - COMMENT_BODY: ${{ github.event.comment.body || github.event.review.body || '' }} + COMMENT_BODY: ${{ github.event.comment.body || github.event.review.body || github.event.issue.body || '' }} run: | if echo "$COMMENT_BODY" | grep -qF "@phpstan-bot"; then echo "triggered=true" >> "$GITHUB_OUTPUT" From 752aebfddc2fd688edceceec562fe88ad04a2e1e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Mirtes?= Date: Thu, 19 Feb 2026 07:29:36 +0000 Subject: [PATCH 2/3] Apply suggestions from code review --- .github/workflows/claude-org-wide.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/claude-org-wide.yml b/.github/workflows/claude-org-wide.yml index dbb1a90..47e83ec 100644 --- a/.github/workflows/claude-org-wide.yml +++ b/.github/workflows/claude-org-wide.yml @@ -92,8 +92,8 @@ jobs: - name: "Configure git" run: | - git config user.name "phpstan-bot[bot]" - git config user.email "79867460+phpstan-bot[bot]@users.noreply.github.com" + git config user.name "phpstan-bot" + git config user.email "phpstan-bot " - name: "Run Claude Code on repository" env: From aa33fca0230fb7dba9255f3991446459a55e8180 Mon Sep 17 00:00:00 2001 From: phpstan-bot <79867460+phpstan-bot@users.noreply.github.com> Date: Thu, 19 Feb 2026 07:40:10 +0000 Subject: [PATCH 3/3] Improve org-wide workflow prompt based on claude-code-action MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Extract meaningful prompt structure from anthropics/claude-code-action's prompt template and apply it to the org-wide workflow: - Strip trigger phrase from comment body before passing to Claude - Add CLAUDE.md awareness (check and follow repo-specific instructions) - Add read-before-modify discipline - Add minimal/focused change guidelines (no over-engineering) - Add security awareness (no secrets, no force push) - Add structured PR creation instructions with descriptive messages Co-authored-by: Ondřej Mirtes --- .github/workflows/claude-org-wide.yml | 38 +++++++++++++++++++++++---- 1 file changed, 33 insertions(+), 5 deletions(-) diff --git a/.github/workflows/claude-org-wide.yml b/.github/workflows/claude-org-wide.yml index 47e83ec..573f526 100644 --- a/.github/workflows/claude-org-wide.yml +++ b/.github/workflows/claude-org-wide.yml @@ -101,14 +101,42 @@ jobs: GH_TOKEN: ${{ secrets.PHPSTAN_BOT_TOKEN }} COMMENT_BODY: ${{ github.event.comment.body }} REPO_NAME: ${{ matrix.repo }} + TRIGGER_PHRASE: "@phpstan-bot" run: | - PROMPT="You are working on the repository ${REPO_NAME}. + # Strip the trigger phrase from the comment to get the actual request + REQUEST=$(echo "$COMMENT_BODY" | sed "s|${TRIGGER_PHRASE}||g" | sed 's/^[[:space:]]*//') - Here is the request from the issue comment: - ${COMMENT_BODY} + PROMPT="You are an AI assistant working on the repository ${REPO_NAME}. - After making changes, you must create a pull request (not a draft) with your changes. - Do not just push a branch — always open a real, non-draft pull request so the changes can be reviewed and merged." + You are being triggered by an issue comment in the phpstan/.github repository. The comment contains a request that should be applied to this repository. + + Here is the request: + ${REQUEST} + + Follow these steps: + + 1. First, check if there is a CLAUDE.md file in the repository root. If it exists, read and follow its instructions and guidelines. + + 2. Understand the request carefully. Read any relevant code before making changes. Do not modify code you have not read. + + 3. Implement the requested changes: + - Keep changes focused and minimal — only make what was requested. + - Do not add unnecessary features, refactoring, or documentation beyond what was asked. + - Be careful not to introduce security vulnerabilities. + - Do not over-engineer the solution. + + 4. After making changes, commit and create a pull request: + - Stage your changes with git add. + - Write a clear, descriptive commit message that explains why the change was made. + - Push your branch and create a non-draft pull request using gh pr create. + - The PR title should be concise and descriptive. + - The PR body should clearly describe what was changed and why. + - Do not just push a branch — always open a real, non-draft pull request so the changes can be reviewed and merged. + + Important: + - Never force push or use destructive git commands. + - Never commit files that may contain secrets (.env, credentials, etc.). + - Only make changes that are directly requested or clearly necessary." claude -p "$PROMPT" \ --model claude-opus-4-6 \