From ab4b22e3477180227c2a3a3816493fce2ae72779 Mon Sep 17 00:00:00 2001 From: Dimitrios Vasilas Date: Fri, 20 Mar 2026 16:41:07 +0200 Subject: [PATCH 01/13] fix: Checkout PR head commit in dependency review pull_request_target checks out the base branch by default. Use ref in actions/checkout so that the dependency review can analyze the PR's changes and not the target branch. --- .github/workflows/claude-code-dependency-review.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/claude-code-dependency-review.yml b/.github/workflows/claude-code-dependency-review.yml index 45ed9ed..d96221b 100644 --- a/.github/workflows/claude-code-dependency-review.yml +++ b/.github/workflows/claude-code-dependency-review.yml @@ -28,6 +28,7 @@ jobs: steps: - uses: actions/checkout@v6 with: + ref: ${{ github.event.pull_request.head.sha }} fetch-depth: 1 - name: Install dependencies From defab3fc1dba1539684103b48447262ce548ea85 Mon Sep 17 00:00:00 2001 From: Dimitrios Vasilas Date: Fri, 20 Mar 2026 16:44:05 +0200 Subject: [PATCH 02/13] fix: Allow Dependabot as bot actor in dependency review claude-code-action rejects bot-initiated triggers by default. Add dependabot[bot] to allowed_bots since this workflow is specifically for reviewing Dependabot PRs. --- .github/workflows/claude-code-dependency-review.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/claude-code-dependency-review.yml b/.github/workflows/claude-code-dependency-review.yml index d96221b..e7d368f 100644 --- a/.github/workflows/claude-code-dependency-review.yml +++ b/.github/workflows/claude-code-dependency-review.yml @@ -54,6 +54,7 @@ jobs: with: github_token: ${{ github.token }} use_vertex: "true" + allowed_bots: "dependabot[bot]" plugin_marketplaces: https://github.com/scality/agent-hub plugins: scality-skills@scality-agent-hub prompt: "/review-dependency-bump REPO: ${{ github.repository }} PR_NUMBER: ${{ github.event.pull_request.number }}" From 2838ffb41082f93c5bab5df128ba6e9aa4725648 Mon Sep 17 00:00:00 2001 From: Dimitrios Vasilas Date: Fri, 20 Mar 2026 16:45:51 +0200 Subject: [PATCH 03/13] fix: Add .git suffix to plugin marketplace URL claude-code-action validates that marketplace URLs end with .git. --- .github/workflows/claude-code-dependency-review.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/claude-code-dependency-review.yml b/.github/workflows/claude-code-dependency-review.yml index e7d368f..4ccc874 100644 --- a/.github/workflows/claude-code-dependency-review.yml +++ b/.github/workflows/claude-code-dependency-review.yml @@ -55,7 +55,7 @@ jobs: github_token: ${{ github.token }} use_vertex: "true" allowed_bots: "dependabot[bot]" - plugin_marketplaces: https://github.com/scality/agent-hub + plugin_marketplaces: https://github.com/scality/agent-hub.git plugins: scality-skills@scality-agent-hub prompt: "/review-dependency-bump REPO: ${{ github.repository }} PR_NUMBER: ${{ github.event.pull_request.number }}" claude_args: | From 7e4a433684d8bebdc769f0d7f2e255cac3d3aa70 Mon Sep 17 00:00:00 2001 From: Dimitrios Vasilas Date: Fri, 20 Mar 2026 16:46:41 +0200 Subject: [PATCH 04/13] fix: Configure git credentials for private org repositories Accept an optional GIT_ACCESS_TOKEN secret and configure git to use it for github.com URLs. This allows yarn install to fetch private Scality dependencies and the claude-code-action to clone the private agent-hub plugin marketplace. --- .github/workflows/claude-code-dependency-review.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/.github/workflows/claude-code-dependency-review.yml b/.github/workflows/claude-code-dependency-review.yml index 4ccc874..58a4d6a 100644 --- a/.github/workflows/claude-code-dependency-review.yml +++ b/.github/workflows/claude-code-dependency-review.yml @@ -15,6 +15,9 @@ on: CLOUD_ML_REGION: required: true description: GCP region for Vertex AI + GIT_ACCESS_TOKEN: + required: false + description: Token for accessing private Git repositories in the same org jobs: dependency-review: @@ -24,6 +27,8 @@ jobs: contents: read pull-requests: write id-token: write + env: + GIT_ACCESS_TOKEN: ${{ secrets.GIT_ACCESS_TOKEN }} steps: - uses: actions/checkout@v6 @@ -31,6 +36,10 @@ jobs: ref: ${{ github.event.pull_request.head.sha }} fetch-depth: 1 + - name: Configure git for private repositories + if: env.GIT_ACCESS_TOKEN != '' + run: git config --global url."https://x-access-token:${GIT_ACCESS_TOKEN}@github.com/".insteadOf "https://github.com/" + - name: Install dependencies id: install-deps if: hashFiles('yarn.lock') != '' From 5a57ee09256434fc8faf24cee5d554147a443353 Mon Sep 17 00:00:00 2001 From: Dimitrios Vasilas Date: Fri, 20 Mar 2026 17:11:25 +0200 Subject: [PATCH 05/13] fix: Scope GIT_ACCESS_TOKEN to only the steps that need it Move the token from job-level env to step-level env on the git config step only, preventing unnecessary exposure to other steps. Use a shell conditional instead of a step-level if condition since secrets context is not available in step conditions. --- .github/workflows/claude-code-dependency-review.yml | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/.github/workflows/claude-code-dependency-review.yml b/.github/workflows/claude-code-dependency-review.yml index 58a4d6a..1f44f91 100644 --- a/.github/workflows/claude-code-dependency-review.yml +++ b/.github/workflows/claude-code-dependency-review.yml @@ -27,8 +27,6 @@ jobs: contents: read pull-requests: write id-token: write - env: - GIT_ACCESS_TOKEN: ${{ secrets.GIT_ACCESS_TOKEN }} steps: - uses: actions/checkout@v6 @@ -37,8 +35,12 @@ jobs: fetch-depth: 1 - name: Configure git for private repositories - if: env.GIT_ACCESS_TOKEN != '' - run: git config --global url."https://x-access-token:${GIT_ACCESS_TOKEN}@github.com/".insteadOf "https://github.com/" + run: | + if [ -n "$GIT_ACCESS_TOKEN" ]; then + git config --global url."https://x-access-token:${GIT_ACCESS_TOKEN}@github.com/".insteadOf "https://github.com/" + fi + env: + GIT_ACCESS_TOKEN: ${{ secrets.GIT_ACCESS_TOKEN }} - name: Install dependencies id: install-deps From 39f501f4f69bd4e241780d4198b9f39600a51a5a Mon Sep 17 00:00:00 2001 From: Dimitrios Vasilas Date: Fri, 20 Mar 2026 17:30:15 +0200 Subject: [PATCH 06/13] fix: Harden dependency review against untrusted PR code Use --local instead of --global for git config to limit token exposure to the checkout directory. Add --ignore-scripts to yarn install to prevent lifecycle scripts from untrusted PR code from running in the pull_request_target context, which has write permissions and access to credentials. --- .github/workflows/claude-code-dependency-review.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/claude-code-dependency-review.yml b/.github/workflows/claude-code-dependency-review.yml index 1f44f91..ae0c92a 100644 --- a/.github/workflows/claude-code-dependency-review.yml +++ b/.github/workflows/claude-code-dependency-review.yml @@ -37,7 +37,7 @@ jobs: - name: Configure git for private repositories run: | if [ -n "$GIT_ACCESS_TOKEN" ]; then - git config --global url."https://x-access-token:${GIT_ACCESS_TOKEN}@github.com/".insteadOf "https://github.com/" + git config --local url."https://x-access-token:${GIT_ACCESS_TOKEN}@github.com/".insteadOf "https://github.com/" fi env: GIT_ACCESS_TOKEN: ${{ secrets.GIT_ACCESS_TOKEN }} @@ -46,7 +46,7 @@ jobs: id: install-deps if: hashFiles('yarn.lock') != '' continue-on-error: true - run: yarn install --frozen-lockfile + run: yarn install --frozen-lockfile --ignore-scripts - name: Warn on failed dependency install if: steps.install-deps.outcome == 'failure' From f962f44083bda0cfee9d802b6427658bdafd12fe Mon Sep 17 00:00:00 2001 From: Dimitrios Vasilas Date: Fri, 20 Mar 2026 17:56:50 +0200 Subject: [PATCH 07/13] Revert "fix: use --local git config" The marketplace clone runs outside the checkout directory, so --local git config doesn't apply. Revert to --global. --- .github/workflows/claude-code-dependency-review.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/claude-code-dependency-review.yml b/.github/workflows/claude-code-dependency-review.yml index ae0c92a..7483261 100644 --- a/.github/workflows/claude-code-dependency-review.yml +++ b/.github/workflows/claude-code-dependency-review.yml @@ -37,7 +37,7 @@ jobs: - name: Configure git for private repositories run: | if [ -n "$GIT_ACCESS_TOKEN" ]; then - git config --local url."https://x-access-token:${GIT_ACCESS_TOKEN}@github.com/".insteadOf "https://github.com/" + git config --global url."https://x-access-token:${GIT_ACCESS_TOKEN}@github.com/".insteadOf "https://github.com/" fi env: GIT_ACCESS_TOKEN: ${{ secrets.GIT_ACCESS_TOKEN }} From e61c4f4e4d0efb8694ea8e8abd52e2764e970d4b Mon Sep 17 00:00:00 2001 From: Dimitrios Vasilas Date: Fri, 20 Mar 2026 18:27:07 +0200 Subject: [PATCH 08/13] fix: Add checks:read permission for CI status verification Without this permission the reviewer cannot query check run results and reports "Unable to verify" CI status. --- .github/workflows/claude-code-dependency-review.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/claude-code-dependency-review.yml b/.github/workflows/claude-code-dependency-review.yml index 7483261..1a74dc1 100644 --- a/.github/workflows/claude-code-dependency-review.yml +++ b/.github/workflows/claude-code-dependency-review.yml @@ -27,6 +27,7 @@ jobs: contents: read pull-requests: write id-token: write + checks: read steps: - uses: actions/checkout@v6 From c76c3851375fea516ea5f80fd136f6672d6d0b1a Mon Sep 17 00:00:00 2001 From: Dimitrios Vasilas Date: Mon, 23 Mar 2026 10:04:32 +0200 Subject: [PATCH 09/13] fix: Replace GIT_ACCESS_TOKEN with GitHub App token Use actions/create-github-app-token@v1 instead of the GIT_ACCESS_TOKEN secret. --- .../claude-code-dependency-review.yml | 20 +++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/.github/workflows/claude-code-dependency-review.yml b/.github/workflows/claude-code-dependency-review.yml index 1a74dc1..9bed797 100644 --- a/.github/workflows/claude-code-dependency-review.yml +++ b/.github/workflows/claude-code-dependency-review.yml @@ -15,9 +15,9 @@ on: CLOUD_ML_REGION: required: true description: GCP region for Vertex AI - GIT_ACCESS_TOKEN: + ACTIONS_APP_PRIVATE_KEY: required: false - description: Token for accessing private Git repositories in the same org + description: Private key for the GitHub App used to access private repositories jobs: dependency-review: @@ -35,13 +35,21 @@ jobs: ref: ${{ github.event.pull_request.head.sha }} fetch-depth: 1 + - name: Generate token for private repositories + if: vars.ACTIONS_APP_ID != '' + uses: actions/create-github-app-token@v1 + id: app-token + with: + app-id: ${{ vars.ACTIONS_APP_ID }} + private-key: ${{ secrets.ACTIONS_APP_PRIVATE_KEY }} + owner: ${{ github.repository_owner }} + - name: Configure git for private repositories + if: steps.app-token.outputs.token != '' run: | - if [ -n "$GIT_ACCESS_TOKEN" ]; then - git config --global url."https://x-access-token:${GIT_ACCESS_TOKEN}@github.com/".insteadOf "https://github.com/" - fi + git config --global url."https://x-access-token:${GIT_ACCESS_TOKEN}@github.com/".insteadOf "https://github.com/" env: - GIT_ACCESS_TOKEN: ${{ secrets.GIT_ACCESS_TOKEN }} + GIT_ACCESS_TOKEN: ${{ steps.app-token.outputs.token }} - name: Install dependencies id: install-deps From 5f8e59b3df9ec2d5a1fdfb90af1dd7b8bf56c51c Mon Sep 17 00:00:00 2001 From: Thomas Carmet <8408330+tcarmet@users.noreply.github.com> Date: Mon, 23 Mar 2026 10:06:08 -0700 Subject: [PATCH 10/13] Try as claude code app to approve --- .github/workflows/claude-code-dependency-review.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/claude-code-dependency-review.yml b/.github/workflows/claude-code-dependency-review.yml index 9bed797..84b51d6 100644 --- a/.github/workflows/claude-code-dependency-review.yml +++ b/.github/workflows/claude-code-dependency-review.yml @@ -27,7 +27,7 @@ jobs: contents: read pull-requests: write id-token: write - checks: read + actions: read steps: - uses: actions/checkout@v6 @@ -72,11 +72,14 @@ jobs: continue-on-error: true uses: anthropics/claude-code-action@v1 with: - github_token: ${{ github.token }} use_vertex: "true" allowed_bots: "dependabot[bot]" plugin_marketplaces: https://github.com/scality/agent-hub.git plugins: scality-skills@scality-agent-hub + additional_permissions: | + contents: read + actions: read + pull-requests: write prompt: "/review-dependency-bump REPO: ${{ github.repository }} PR_NUMBER: ${{ github.event.pull_request.number }}" claude_args: | --allowedTools "Read" "Grep" "WebFetch" "Bash(gh repo view *)" "Bash(gh pr view *)" "Bash(gh pr comment *)" "Bash(gh pr review *)" "Bash(gh api *)" From 12c7ab9b5107c9ed9dae51d356efb0b9a1873855 Mon Sep 17 00:00:00 2001 From: Thomas Carmet <8408330+tcarmet@users.noreply.github.com> Date: Mon, 23 Mar 2026 10:44:52 -0700 Subject: [PATCH 11/13] try with only additional --- .github/workflows/claude-code-dependency-review.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/claude-code-dependency-review.yml b/.github/workflows/claude-code-dependency-review.yml index 84b51d6..3ee0ec9 100644 --- a/.github/workflows/claude-code-dependency-review.yml +++ b/.github/workflows/claude-code-dependency-review.yml @@ -77,7 +77,6 @@ jobs: plugin_marketplaces: https://github.com/scality/agent-hub.git plugins: scality-skills@scality-agent-hub additional_permissions: | - contents: read actions: read pull-requests: write prompt: "/review-dependency-bump REPO: ${{ github.repository }} PR_NUMBER: ${{ github.event.pull_request.number }}" From 4c18085641ad39ecf2466373a5e6f61591199361 Mon Sep 17 00:00:00 2001 From: Thomas Carmet <8408330+tcarmet@users.noreply.github.com> Date: Mon, 23 Mar 2026 10:47:32 -0700 Subject: [PATCH 12/13] add anthropic key --- .github/workflows/claude-code-dependency-review.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/claude-code-dependency-review.yml b/.github/workflows/claude-code-dependency-review.yml index 3ee0ec9..daf7db2 100644 --- a/.github/workflows/claude-code-dependency-review.yml +++ b/.github/workflows/claude-code-dependency-review.yml @@ -73,6 +73,7 @@ jobs: uses: anthropics/claude-code-action@v1 with: use_vertex: "true" + anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} allowed_bots: "dependabot[bot]" plugin_marketplaces: https://github.com/scality/agent-hub.git plugins: scality-skills@scality-agent-hub From ed2f2b9e676863ef6c74f4b60c0b44e47b469bf1 Mon Sep 17 00:00:00 2001 From: Thomas Carmet <8408330+tcarmet@users.noreply.github.com> Date: Mon, 23 Mar 2026 10:52:05 -0700 Subject: [PATCH 13/13] try without extra permissions --- .github/workflows/claude-code-dependency-review.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/claude-code-dependency-review.yml b/.github/workflows/claude-code-dependency-review.yml index daf7db2..b7e6968 100644 --- a/.github/workflows/claude-code-dependency-review.yml +++ b/.github/workflows/claude-code-dependency-review.yml @@ -77,9 +77,9 @@ jobs: allowed_bots: "dependabot[bot]" plugin_marketplaces: https://github.com/scality/agent-hub.git plugins: scality-skills@scality-agent-hub - additional_permissions: | - actions: read - pull-requests: write + # additional_permissions: | + # actions: read + # pull-requests: write prompt: "/review-dependency-bump REPO: ${{ github.repository }} PR_NUMBER: ${{ github.event.pull_request.number }}" claude_args: | --allowedTools "Read" "Grep" "WebFetch" "Bash(gh repo view *)" "Bash(gh pr view *)" "Bash(gh pr comment *)" "Bash(gh pr review *)" "Bash(gh api *)"