73 Commits

Author SHA1 Message Date
Ashwin Bhat
baf38ddaaa Fix lock-closed-issues workflow: use search API instead of offset pagination (#69470)
The workflow has been failing daily since 2026-04-27 with HTTP 422
"Pagination with the page parameter is not supported for large
datasets" at page=100. The repo now has ~58k closed issues and the
script was paging past ~10k already-locked ones every run before
reaching any candidates.

Replace listForRepo + page=N with the search API
(is:issue is:closed is:unlocked updated:<cutoff), which returns only
the issues that actually need locking. Cap at 250/run with a 1s sleep
between locks to stay under secondary rate limits.

Claude-Session: https://claude.ai/code/session_016EWY3FKCJyfUdCAZkXfi7i
2026-06-18 17:15:49 -07:00
Ashwin Bhat
5ef2f06c6a Use workload identity federation for Claude auth in CI workflows (#61584)
Replace the static ANTHROPIC_API_KEY secret with Workload Identity
Federation inputs in claude.yml, claude-issue-triage.yml, and
claude-dedupe-issues.yml. The federation rule, organization, service
account, and workspace IDs are read from repository variables.
2026-05-22 15:55:40 -07:00
jportner
52b9f247d1 Pin GitHub Actions to commit SHAs 2026-05-06 18:43:58 +00:00
orbisai0security
c128568da0 fix: yaml.github-actions.security.run-shell-injection.run-shell-injection security vulnerability (#43824)
Automated security fix generated by Orbis Security AI

Co-authored-by: Ubuntu <ubuntu@ip-172-31-32-15.us-west-2.compute.internal>
2026-04-27 14:33:15 +01:00
Octavian Guzu
4411cbae09 Read issue number from workflow event in helper scripts (#40969)
Updates edit-issue-labels.sh and comment-on-duplicates.sh to read the
issue number from GITHUB_EVENT_PATH (the workflow event payload) instead
of accepting it as a CLI argument. Simplifies the call signature and
keeps the scripts aligned with the triggering issue.

Also updates the /triage-issue and /dedupe command docs to match.

🏠 Remote-Dev: homespace
2026-03-31 12:36:59 +01:00
Claude
35b5fe658a Remove oncall triage workflow and commands
Removes the automated action that adds the "oncall" label to issues,
along with its associated slash commands.

https://claude.ai/code/session_01KdEmZZ4sqZT4d9xJm4qbnp
2026-02-28 00:33:48 +00:00
Octavian Guzu
e67079be1f Increase oncall-triage workflow timeouts
- Job timeout: 15 -> 25 minutes
- Claude Code step timeout: 10 -> 20 minutes
2026-02-26 12:05:23 +00:00
Octavian Guzu
23edca9c9b Remove unused id-token permission and migrate oncall-triage to gh.sh wrapper 2026-02-25 22:08:11 +00:00
Octavian Guzu
b2bab3b743 Add gh.sh wrapper for gh CLI commands in workflows 2026-02-25 14:35:57 +00:00
Octavian Guzu
3c917dfe50 Add non-write users check workflow 2026-02-24 18:09:41 +00:00
Octavian Guzu
3592c8be2a Use wrapper script for label operations in issue triage
Extract triage prompt into /triage-issue command and use a dedicated
edit-issue-labels.sh script for label operations instead of raw
gh issue edit. The script validates labels against the repo's existing
labels before applying them.
2026-02-23 15:11:01 +00:00
Chris Lloyd
1718a57495 Fix issues being auto-closed despite human activity (#26360)
The sweep script was closing issues based solely on when a lifecycle label
was applied, ignoring any human comments posted after the label. This caused
active issues (like #11792) to be closed even when users responded to the
stale warning.

Three changes:

1. Teach the triage bot about `stale` and `autoclose` labels so it removes
   them when a human comments on the issue.

2. Add a safety net in `closeExpired()` that checks for non-bot comments
   posted after the lifecycle label was applied — if any exist, skip closing.

3. Extend the 10-upvote protection (which previously only applied to
   enhancements) to all issue types, in both `markStale()` and
   `closeExpired()`.

Fixes #16497

## Test plan

Trace through scenarios manually:
- Issue with stale label + human comment after → triage removes label;
  sweep skips even if triage hasn't run yet (safety net)
- Issue with stale label + no human comment → closes as before
- Issue with 10+ upvotes of any type → never marked stale or closed

Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-02-17 10:53:20 -08:00
Chris Lloyd
8c09097e8c Post a comment when lifecycle labels are applied to issues (#25665)
When lifecycle labels (needs-info, needs-repro, invalid, stale, autoclose)
are applied to an issue, the author currently only sees a label change with
no explanation. They then get a closing comment days later without ever
being nudged to respond.

Add a GitHub Actions workflow that triggers on issues.labeled and runs a
new lifecycle-comment.ts script to post a comment explaining what's needed
and how long before auto-close.

Extract lifecycle config (labels, timeouts, close reasons, nudge messages)
into a shared issue-lifecycle.ts so the sweep script and comment script
stay in sync. Previously the timeouts were duplicated between the sweep
script and the comment messages.

- needs-info: asks for version, OS, error messages
- needs-repro: asks for steps to trigger the issue
- invalid: links to the Claude Code repo and Anthropic support
- stale/autoclose: explains inactivity auto-close

The script no-ops for non-lifecycle labels, so the workflow fires on every
label event and lets the script decide — single source of truth.

## Test plan

Dry-run all labels locally:
GITHUB_REPOSITORY=anthropics/claude-code LABEL=needs-info ISSUE_NUMBER=12345 bun run scripts/lifecycle-comment.ts --dry-run
GITHUB_REPOSITORY=anthropics/claude-code LABEL=needs-repro ISSUE_NUMBER=12345 bun run scripts/lifecycle-comment.ts --dry-run
GITHUB_REPOSITORY=anthropics/claude-code LABEL=invalid ISSUE_NUMBER=12345 bun run scripts/lifecycle-comment.ts --dry-run
GITHUB_REPOSITORY=anthropics/claude-code LABEL=stale ISSUE_NUMBER=12345 bun run scripts/lifecycle-comment.ts --dry-run
GITHUB_REPOSITORY=anthropics/claude-code LABEL=autoclose ISSUE_NUMBER=12345 bun run scripts/lifecycle-comment.ts --dry-run

Verified sweep.ts still works:
GITHUB_TOKEN=$(gh auth token) GITHUB_REPOSITORY_OWNER=anthropics GITHUB_REPOSITORY_NAME=claude-code bun run scripts/sweep.ts --dry-run
2026-02-13 19:39:10 -08:00
Chris Lloyd
a93966285e Unify issue lifecycle labeling and sweep into a single system (#25352)
* Unify issue lifecycle labeling and sweep into a single system

Consolidate issue triage, stale detection, and lifecycle enforcement into
two components: a Claude-powered triage workflow and a unified sweep script.

Triage workflow changes:
- Add issue_comment trigger so Claude can re-evaluate lifecycle labels when
  someone responds to a needs-repro/needs-info issue
- Add concurrency group per issue with cancel-in-progress to avoid pile-up
- Filter out bot comments to prevent sweep/dedupe triggering re-triage
- Hardcode allowed label whitelist to prevent label sprawl (was discovering
  labels via gh label list, leading to junk variants like 'needs repro' vs
  'needs-repro')
- Replace MCP GitHub server with gh CLI — simpler, no Docker dependency,
  chaining is caught by the action so permissions are equivalent
- Add lifecycle labels (needs-repro, needs-info) for bugs missing info
- Add invalid label for off-topic issues (Claude API, billing, etc.)
- Add anti-patterns to prevent false positives (don't require specific
  format, model behavior issues don't need traditional repro, etc.)

Sweep script changes:
- Absorb stale issue detection (was separate stale-issue-manager workflow)
- Mark issues as stale after 14 days of inactivity
- Skip assigned issues (team is working on it internally)
- Skip enhancements with 10+ thumbs up (community wants it)
- Add invalid label with 3-day timeout
- Add autoclose label support to drain 200+ legacy issues
- Drop needs-votes (stale handles inactive enhancements)
- Unify close messages into a single template with per-label reasons
- Run 2x daily instead of once

Delete stale-issue-manager.yml — its logic is now in sweep.ts.

## Test plan

Dry-run sweep locally:
GITHUB_TOKEN=$(gh auth token) GITHUB_REPOSITORY_OWNER=anthropics   GITHUB_REPOSITORY_NAME=claude-code bun run scripts/sweep.ts --dry-run

Triage workflow will be tested by opening a test issue after merge.

* Update .github/workflows/claude-issue-triage.yml

Co-authored-by: Ashwin Bhat <ashwin@anthropic.com>

---------

Co-authored-by: Ashwin Bhat <ashwin@anthropic.com>
2026-02-12 11:45:31 -08:00
Chris Lloyd
a17040212c Add daily sweep to enforce issue lifecycle label timeouts
Introduce a simple, mechanical daily sweep that closes issues with
lifecycle labels past their timeout:

- needs-repro: 7 days
- needs-info: 7 days
- needs-votes: 30 days
- stale: 30 days

The sweep checks when the label was last applied via the events API,
and closes the issue if the timeout has elapsed. No AI, no comment
checking — if the label is still there past its timeout, close it.
Removing a label (by a triager, slash command, or future AI retriage)
is what prevents closure.

Each close message directs the reporter to open a new issue rather
than engaging with the closed one.

The script supports --dry-run for local testing:
  GITHUB_TOKEN=$(gh auth token) \
  GITHUB_REPOSITORY_OWNER=anthropics \
  GITHUB_REPOSITORY_NAME=claude-code \
  bun run scripts/sweep.ts --dry-run

## Test plan

Ran --dry-run against anthropics/claude-code. Correctly identified 3
issues past their timeouts (1 needs-repro at 12d, 2 needs-info at
14d and 26d). No false positives.
2026-02-11 22:34:23 -08:00
JB
19a829ba68 chore: allow non-write users to trigger claude-code-action workflows
Co-Authored-By: Claude <noreply@anthropic.com>
2026-01-14 18:11:06 -05:00
JB
f77acdf149 fix: add github_token input to claude-code-action workflows 2026-01-14 14:42:11 -05:00
JB
cc70d3ab50 chore: add id-token write permission for claude-code-action workflows
The claude-code-action requires id-token: write permission for OIDC authentication.

Co-Authored-By: Claude <noreply@anthropic.com>
Claude-Generated-By: Claude Code (cli/claude-opus-4-5=100%)
Claude-Steers: 3
Claude-Permission-Prompts: 3
Claude-Escapes: 0
2026-01-14 14:16:13 -05:00
JB
dec754edc9 chore: migrate workflows from claude-code-base-action to claude-code-action
Updates GitHub workflow files to use the new claude-code-action@v1 and replaces prompt_file with inline prompt parameter.

Co-Authored-By: Claude <noreply@anthropic.com>
Claude-Generated-By: Claude Code (cli/claude-opus-4-5=100%)
Claude-Steers: 3
Claude-Permission-Prompts: 4
Claude-Escapes: 0
2026-01-14 13:12:00 -05:00
Kurt Carpenter
b8497141a5 chore: upgrade claude-code actions from @beta to @v1
- Update action references from @beta to @v1
- Move allowed_tools to --allowedTools in claude_args
- Move mcp_config to --mcp-config in claude_args
- Move claude_env to step-level env block
- Replace timeout_minutes with GitHub native timeout-minutes

Claude-Generated-By: Claude Code (cli/claude-opus-4-5=100%)
Claude-Steers: 8
Claude-Permission-Prompts: 3
Claude-Escapes: 0
2026-01-09 18:54:19 -08:00
Kurt Carpenter
9cc635aac1 ci: update claude-code-base-action and claude-code-action to v1 2026-01-09 18:24:29 -08:00
Ashwin Bhat
5e3e9408fe Revert "Revert "Add stale issue management workflows" (#9304)" (#12917)
This reverts commit a6e0921729.
2025-12-02 15:19:09 -08:00
Catherine Wu
7add6863a0 Merge pull request #10076 from anthropics/add-oncall-triage-workflow
Add oncall triage slash command for issue management
2025-10-28 20:12:35 -07:00
Cat Wu
5484a86d28 Increase oncall triage engagement threshold to 50
Updates the oncall triage automation to require 50+ engagements
(comments + reactions) before applying the oncall label, making the
criteria more conservative to focus on the most critical issues.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-10-28 20:04:53 -07:00
Catherine Wu
71bb75e3b5 Merge pull request #10023 from anthropics/add-oncall-triage-workflow
Add automated oncall triage workflow
2025-10-21 09:49:49 -07:00
Cat Wu
113ea425ac Add automated oncall triage workflow
Implements a GitHub Actions workflow that automatically identifies and labels critical blocking issues requiring oncall attention.

Features:
- Runs every 6 hours via cron schedule
- Fetches open issues updated in the last 3 days (5 per page to avoid context overflow)
- Orders by UPDATED_AT DESC and stops when hitting issues older than 3 days
- Evaluates each issue for bug status, engagement level (5+), and blocking severity
- Uses LLM comprehension to determine true blocking impact, not keyword matching
- Applies "oncall" label to qualifying issues via GitHub MCP tools
- Provides detailed summary including processed count, labeled issues, and close calls

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-10-20 23:13:36 -07:00
Claude
70cb0d1016 feat: upgrade GitHub workflows to use Claude Sonnet 4.5
Update all Claude Code GitHub Action workflows to use the latest Sonnet 4.5 model (claude-sonnet-4-5-20250929) instead of the default Sonnet 4.0 model. This provides improved performance and capabilities for:
- Issue commenting and PR reviews (claude.yml)
- Automated issue triage (claude-issue-triage.yml)
- Duplicate issue detection (claude-dedupe-issues.yml)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-10-21 05:30:35 +00:00
Ashwin Bhat
a6e0921729 Revert "Add stale issue management workflows" (#9304) 2025-10-10 09:02:03 -07:00
Daisy S. Hollman
8d1be7bc48 Merge pull request #6369 from anthropics/ashwin/taskreaper
Add stale issue management workflows
2025-10-09 09:19:00 -07:00
Boris Cherny
970758b9d2 Merge pull request #8082 from mgiovani/fix/issue-7730-broken-links
fix: broken links in issue template configuration
2025-09-29 08:34:55 -07:00
Adam Wolff
09a020096a Restore dedupe workflows
This reverts commit d81efef324.
2025-09-24 18:01:05 -07:00
Giovani Moutinho
fa55bc6eeb Fix broken links in issue template configuration
- Update all documentation URLs from docs.anthropic.com to docs.claude.com to avoid redirects
- Change Getting Started Guide URL from /getting-started to /quickstart path
- Remove Discussions link as GitHub Discussions are not enabled for this repository

Fixes #7730
2025-09-23 19:34:52 -03:00
inigo
d81efef324 cleanup
🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-19 10:39:06 -07:00
inigo
cd043128fe Update workflow 2025-09-05 15:26:12 -07:00
inigo
8fba17cb99 Fix cross-repo workflow trigger mechanism 2025-09-05 15:15:25 -07:00
inigo
1bcc5cf5bd msg 2025-09-05 09:21:33 -07:00
inigo
3e00a44590 Add workflow variable 2025-09-05 09:18:42 -07:00
inigo
542b57b9a4 Update workflow trigger method 2025-09-05 00:16:39 -07:00
inigo
156d9e9e3f feat: update issue-notify to use repository_dispatch
Switch from workflow_dispatch to repository_dispatch for cross-repo
triggering of issue-detective workflow in claude-cli-internal.

Changes:
- Use gh api with repository_dispatch endpoint
- Send issue_url in client_payload
- Support ISSUE_NOTIFY_TOKEN secret for better permissions
- Remove dependency on ISSUE_NOTIFY_WORKFLOW_NAME secret

This enables automatic issue detective analysis when issues are
opened in claude-code repository.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-04 22:24:51 -07:00
inigo
1feaffa747 Update issue templates
Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-04 17:00:14 -07:00
inigo
e66b150c0e Update issue notification workflow
- Simplify workflow to use built-in GitHub token
- Remove external dependencies
- Improve error handling and logging
2025-09-04 14:28:04 -07:00
Iñigo Beitia Arévalo
c0a28eede9 Add workflow configuration 2025-09-03 23:25:19 +00:00
Boris Cherny
d820a4dbd7 Add issue close event trigger to log-issue-events workflow
Updates the GitHub workflow to also trigger when issues are closed,
expanding event tracking beyond just issue creation.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-08-22 18:30:52 -07:00
Ashwin Bhat
87e1022e09 Add stale issue management workflows
- Add stale-issue-manager.yml to check and manage inactive issues daily
- Add remove-autoclose-label.yml to remove autoclose label when users comment
- Issues get warning after 30 days of inactivity
- Issues auto-close after 60 days (30 days after warning)
- User comments reset the stale timer by removing autoclose label

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-08-22 15:23:07 -07:00
Boris Cherny
80ceacaa78 Re-add log-issue-events workflow with security fix
Re-implements the workflow removed in #5919, but with proper security:
- All GitHub event data is now passed via environment variables
- No direct templating of values into shell commands
- Prevents remote code execution through malicious issue titles
- Still escapes quotes in JSON payload for proper formatting

This fixes the security vulnerability while maintaining the functionality
of logging issue creation events to Statsig.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-08-18 09:56:56 -07:00
Chris Lloyd
5d0b81ae41 Remove log-issue-events workflow 2025-08-16 07:26:53 -07:00
Boris Cherny
01fb7af5b3 fix: update auto-close-duplicates workflow permissions to write
Change issues permission from read to write to fix 403 Forbidden
errors when attempting to close duplicate issues.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-08-15 10:55:50 -07:00
Boris Cherny
4a04589002 Use proper 'duplicate' state_reason for issue closures
- Update auto-close script to use state_reason: 'duplicate' instead of 'not_planned'
- Simplify workflow detection logic to only check for duplicate state_reason
- Remove fallback logic for backward compatibility - use modern GitHub API

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-08-11 15:44:08 -07:00
Boris Cherny
0662600e93 Fix GitHub Actions workflow to properly escape issue titles
Prevents shell execution of backticks in issue titles by using single quotes and sed escaping.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-08-11 13:38:40 -07:00
Boris Cherny
c40c658e1f Add GitHub workflow logging for issue closure events
Extends the existing log-issue-events workflow to capture detailed metrics when issues are closed, including:
- Who closed the issue
- Whether it was closed automatically (by a bot)
- Whether it was closed as a duplicate
- Number of comments and reactions at closing time
- Issue state reason and timestamp

This provides comprehensive analytics for issue lifecycle tracking alongside the existing issue creation logging.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-08-11 13:13:52 -07:00