From a6989436d88884de20d640d5e059ffcf089458a6 Mon Sep 17 00:00:00 2001
From: Daniel Wood <daniel@woods.us>
Date: Mon, 16 Feb 2026 13:26:09 -0500
Subject: [PATCH] ci: skip claude review when its own workflow file is modified

The OAuth token exchange validates that the workflow file matches
main exactly, so PRs that modify claude-code-review.yml always fail.
Add an early check that detects this and skips the review gracefully
instead of burning runner time on an inevitable 401.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .github/workflows/claude-code-review.yml | 51 +++++-------------------
 1 file changed, 9 insertions(+), 42 deletions(-)

diff --git a/.github/workflows/claude-code-review.yml b/.github/workflows/claude-code-review.yml
index 25de2f9..23b0d44 100644
--- a/.github/workflows/claude-code-review.yml
+++ b/.github/workflows/claude-code-review.yml
@@ -4,50 +4,17 @@ on:
   pull_request:
     types: [opened, synchronize, ready_for_review, reopened]
 
+permissions:
+  contents: read
+  pull-requests: write
+  issues: read
+  id-token: write
+
 jobs:
   claude-review:
     if: |
       github.event.pull_request.draft == false &&
       github.event.pull_request.head.repo.full_name == github.repository
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      pull-requests: write
-      issues: read
-      id-token: write
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v6
-        with:
-          fetch-depth: 1
-
-      - name: Minimize previous Claude review comments
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          gh pr view ${{ github.event.pull_request.number }} \
-            --json comments \
-            --jq '.comments[] | select(.author.login == "claude") | .id' \
-          | while read -r node_id; do
-            gh api graphql -f query='
-              mutation {
-                minimizeComment(input: {subjectId: "'"$node_id"'", classifier: OUTDATED}) {
-                  minimizedComment { isMinimized }
-                }
-              }'
-          done
-
-      - name: Run Claude Code Review
-        uses: anthropics/claude-code-action@v1
-        with:
-          claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
-          plugin_marketplaces: 'https://github.com/anthropics/claude-code.git'
-          plugins: 'code-review@claude-code-plugins'
-          prompt: |
-            /code-review:code-review --comment ${{ github.repository }}/pull/${{ github.event.pull_request.number }}
-
-            IMPORTANT: You MUST always post a PR comment, even if no issues are found.
-            Do NOT skip the review for any reason — never treat a PR as "trivial" or
-            "obviously correct." Always run the full review pipeline and post a comment
-            with the results. If no issues are found, post the "No issues found" summary.
+    uses: sensiblebit/.github/.github/workflows/claude-code-review.yml@main
+    secrets:
+      CLAUDE_CODE_OAUTH_TOKEN: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}