chore(deps): update dependency form-data to v4.0.4 [security] #77
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Claude Code security configuration: | |
| # 1. Prompt injection is mitigated by: | |
| # - [x] include_comments_by_actor limits comment ingestion to allowlisted team members | |
| # - [x] `gh pr view` is excluded from allowedTools so Claude cannot fetch comments independently | |
| # - [x] Fork PRs are skipped entirely (if condition on head repo) | |
| # 2. Secret exfiltration is mitigated by: | |
| # - [x] Claude cannot run arbitrary Bash (only specific gh/git patterns) | |
| # - [x] OIDC validates workflow file matches the default branch | |
| # - [x] pull_request trigger (not pull_request_target) ensures GitHub withholds secrets from fork PRs | |
| # 3. Production deployments are protected: | |
| # - [x] main branch protection requires PR approval | |
| # - [x] Claude can't merge or approve PRs; allowedTools does not include `gh pr merge` or `gh pr review` | |
| # - [x] Claude's commits can't be merged; main require signed commits, and use_commit_signing is disabled | |
| # 4. Known limitations: | |
| # - [ ] track_progress adds Edit/Write/git push tools (anthropics/claude-code-action#860); mitigated by #3 | |
| # - [ ] Only OIDC auth is well-supported; use_sticky_comment breaks with github_token (anthropics/claude-code-action#960) | |
| name: Claude PR Review | |
| on: | |
| pull_request: | |
| # Cancel in-progress reviews for the same PR when a new push arrives. | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number }} | |
| cancel-in-progress: true | |
| jobs: | |
| claude-review: | |
| name: Claude PR Review | |
| runs-on: ubuntu-latest | |
| # Prevent running on fork PRs where secrets are unavailable | |
| if: ${{ github.event.pull_request.head.repo.full_name == github.repository }} | |
| permissions: | |
| contents: read | |
| pull-requests: write | |
| id-token: write # OIDC token for Claude GitHub App auth | |
| steps: | |
| - uses: actions/checkout@v4 | |
| # Getting started docs: https://code.claude.com/docs/en/github-actions | |
| # Detailed usage docs: https://github.com/anthropics/claude-code-action/blob/main/docs/usage.md | |
| - uses: anthropics/claude-code-action@v1 | |
| with: | |
| anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} | |
| prompt: "/review" | |
| # Pre-loads full PR context and shows a progress tracker. | |
| # Without this, the review is buried in the Actions step summary instead of posted on the PR. | |
| track_progress: true | |
| # Prompt injection mitigation: only include comments from allowlisted team members in Claude's context. | |
| # Empty (default) includes all actors. https://github.com/anthropics/claude-code-action/blob/main/action.yml | |
| include_comments_by_actor: "mmiermans,jpetto,Herraj" | |
| # Update the same comment on each push instead of creating new ones. | |
| use_sticky_comment: true | |
| # Make inline code comments, PR comments, reading PR diffs, and git log for commit messages. | |
| # Note: track_progress also grants Edit/Write/git push tools (see known limitations above). | |
| claude_args: | | |
| --allowedTools "mcp__github_inline_comment__create_inline_comment,Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(git log:*)" |