From 85fc1d48bde12f9934c9724dfbedec44e8a88463 Mon Sep 17 00:00:00 2001
From: Kros Dai <xdanger@gmail.com>
Date: Sun, 29 Mar 2026 07:42:18 -0400
Subject: [PATCH 1/2] =?UTF-8?q?=F0=9F=94=A7=20chore(ci):=20enhance=20Claud?=
 =?UTF-8?q?e=20Code=20review=20configuration?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- :wrench: use Opus model with explicit allowed tools whitelist
- :key: move `ANTHROPIC_BASE_URL` from secrets to vars
- :sparkles: enable context-1m and interleaved-thinking betas
- :lock: add `actions: read` and `issues: write` permissions
---
 .github/workflows/code-review.yml | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/code-review.yml b/.github/workflows/code-review.yml
index d529936..f60e3d4 100644
--- a/.github/workflows/code-review.yml
+++ b/.github/workflows/code-review.yml
@@ -11,9 +11,11 @@ on:
         required: false
 
 permissions:
+  actions: read
   contents: read
-  pull-requests: write
   id-token: write
+  issues: write
+  pull-requests: write
 
 concurrency:
   group: claude-review-${{ github.event.pull_request.number || github.run_id }}
@@ -44,6 +46,10 @@ jobs:
             Analyze the diff in the context of the full codebase.
             Post your findings as review comments on the specific lines where issues are found.
             Follow the guidelines in REVIEW.md if present.
-          claude_args: "--max-turns 5"
+          claude_args: ｜
+            --model opus
+            --max-turns 5
+            --allowedTools "WebSearch,WebFetch,mcp__github_inline_comment__create_inline_comment,Bash(gh api:*),Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*),Bash(gh pr checks:*),Bash(git log:*),Bash(git blame:*),Bash(git diff:*),"
         env:
-          ANTHROPIC_BASE_URL: ${{ secrets.ANTHROPIC_BASE_URL }}
+          ANTHROPIC_BASE_URL: ${{ vars.ANTHROPIC_BASE_URL }}
+          ANTHROPIC_CUSTOM_HEADERS: '{"anthropic-beta": "context-1m-2025-08-07,interleaved-thinking-2025-05-14"}'

From bb69ee6d0882f1351e233f7057a7f4f239bf38eb Mon Sep 17 00:00:00 2001
From: Kros Dai <xdanger@gmail.com>
Date: Sun, 29 Mar 2026 07:46:44 -0400
Subject: [PATCH 2/2] =?UTF-8?q?=F0=9F=90=9B=20fix(ci):=20replace=20full-wi?=
 =?UTF-8?q?dth=20pipe=20with=20ASCII=20pipe=20in=20claude=5Fargs?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- YAML block scalar requires ASCII `|` (U+007C), not `｜` (U+FF5C)
---
 .github/workflows/code-review.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/code-review.yml b/.github/workflows/code-review.yml
index f60e3d4..0546e22 100644
--- a/.github/workflows/code-review.yml
+++ b/.github/workflows/code-review.yml
@@ -46,7 +46,7 @@ jobs:
             Analyze the diff in the context of the full codebase.
             Post your findings as review comments on the specific lines where issues are found.
             Follow the guidelines in REVIEW.md if present.
-          claude_args: ｜
+          claude_args: |
             --model opus
             --max-turns 5
             --allowedTools "WebSearch,WebFetch,mcp__github_inline_comment__create_inline_comment,Bash(gh api:*),Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*),Bash(gh pr checks:*),Bash(git log:*),Bash(git blame:*),Bash(git diff:*),"