mirror of
https://github.com/browseros-ai/BrowserOS.git
synced 2026-05-18 11:06:19 +00:00
ad4c0af4fe
* fix: limit claude code review to PR creation and @claude comments Reduces unnecessary action runs and token usage by only triggering the review on initial PR open, and re-running when @claude is mentioned. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: restrict @claude trigger to trusted contributors Only repo owners, org members, and collaborators can invoke the review via @claude comments, preventing external users from consuming token quota. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: consolidate claude workflows and auto-run on PR creation Remove separate claude-code-review.yml and add pull_request trigger to claude.yml so it runs automatically on PR open without needing @claude in the body. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: restore author_association guard on issue_comment trigger The consolidation commit dropped the author_association check from the issue_comment condition. Without it, any external commenter could invoke Claude and consume token quota. Restores the guard to limit triggers to OWNER, MEMBER, and COLLABORATOR. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: apply author_association guard to review comment triggers Extends the OWNER/MEMBER/COLLABORATOR check to pull_request_review_comment and pull_request_review events, preventing external users from triggering Claude via review comments. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>