Skip to content

Allow Claude to code review PRs from forks #1001

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
olaservo merged 4 commits into from
Jan 6, 2026
Merged

Allow Claude to code review PRs from forks #1001

olaservo merged 4 commits into from
Jan 6, 2026
+35 −1

Conversation

@cliffhall
Copy link
Member

@cliffhall cliffhall commented Jan 6, 2026
edited
Loading

Summary

Allow Claude to do code reviews safely from forks.

Type of Change

  • Bug fix (non-breaking change that fixes an issue)
  • New feature (non-breaking change that adds functionality)
  • Documentation update
  • Refactoring (no functional changes)
  • Test updates
  • Build/CI improvements

Changes Made

Modified claude.yml

  1. Added "Get PR details" step (NEW - lines 28-51)
    This new step runs ONLY when the trigger is a PR-related comment. It:
  • Detects if it's a PR comment vs regular issue
  • Fetches the PR information using GitHub API
  • Extracts the fork's repository name and commit SHA
  • Sets them as outputs (steps.pr.outputs.sha and steps.pr.outputs.repo)

Why? The original workflow couldn't see fork PR code because it only checked out the main repo.

  1. Split checkout into TWO conditional steps (CHANGED - lines 53-62)
    Before: One checkout step that always checked out main repo with fetch-depth: 1
    After: Two checkout steps:
  • "Checkout PR branch" - Runs if PR details were fetched successfully, checks out the fork's PR branch
  • "Checkout repository" - Runs otherwise (for regular issues), checks out main repo

Why? Need different checkout behavior for PRs (checkout fork) vs issues (checkout main).

  1. Changed fetch-depth from 1 to 0 (CHANGED)
    Before: fetch-depth: 1 (only latest commit)
    After: fetch-depth: 0 (full git history)

Why? Claude Code needs more context to understand the codebase and provide better reviews.

Summary

The original workflow could only see the main repo's code. When you commented @claude on a fork PR, it would review the wrong code! These changes make it check out the actual PR branch from the fork when reviewing PRs, while keeping the original behavior for regular issues.

Related Issues

Fixes #1000

Testing

  • Tested in UI mode
  • Tested in CLI mode
  • Tested with STDIO transport
  • Tested with SSE transport
  • Tested with Streamable HTTP transport
  • Added/updated automated tests
  • Manual testing performed

Test Results and/or Instructions

Screenshots are encouraged to share your testing results for this change.

Checklist

  • Code follows the style guidelines (ran npm run prettier-fix)
  • Self-review completed
  • Code is commented where necessary
  • Documentation updated (README, comments, etc.)

Breaking Changes

Nope.

@cliffhall
Allow Claude to safely do code review automatically and from forks. D…
33b7199 
…oesn't change the existing Claude workflow.

* Added claude_pr_review.yml
@cliffhall
Change instructions to prompt in claude_pr_review.yml
7e6cc16
@cliffhall
Remove claude_pr_review.yml as it turns out there is a GitHub restric…
1c265b9 
…tion that keeps secrets from being accessed on PRs from forks. We will have to request reviews manually.

* Modify claude.yml

1. Added "Get PR details" step (NEW - lines 28-51)
This new step runs ONLY when the trigger is a PR-related comment. It:

- Detects if it's a PR comment vs regular issue
- Fetches the PR information using GitHub API
- Extracts the fork's repository name and commit SHA
- Sets them as outputs (steps.pr.outputs.sha and steps.pr.outputs.repo)

Why? The original workflow couldn't see fork PR code because it only checked out the main repo.

2. Split checkout into TWO conditional steps (CHANGED - lines 53-62)
Before: One checkout step that always checked out main repo with fetch-depth: 1
After: Two checkout steps:

- "Checkout PR branch" - Runs if PR details were fetched successfully, checks out the fork's PR branch
- "Checkout repository" - Runs otherwise (for regular issues), checks out main repo

Why? Need different checkout behavior for PRs (checkout fork) vs issues (checkout main).

3. Changed fetch-depth from 1 to 0 (CHANGED)
Before: fetch-depth: 1 (only latest commit)
After: fetch-depth: 0 (full git history)
Why? Claude Code needs more context to understand the codebase and provide better reviews.

Summary
The original workflow could only see the main repo's code. When you commented @claude on a fork PR, it would review the wrong code!
These changes make it check out the actual PR branch from the fork when reviewing PRs, while keeping the original behavior for regular issues.
@cliffhall cliffhall changed the title Safe, automatic Claude code review Allow Claude to code review PRs from forks Jan 6, 2026
@modelcontextprotocol modelcontextprotocol deleted a comment from claude bot Jan 6, 2026
olaservo
olaservo approved these changes Jan 6, 2026
View reviewed changes
Copy link
Member

@olaservo olaservo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, looking forward to trying this out.

@olaservo olaservo merged commit 82067f3 into modelcontextprotocol:main Jan 6, 2026
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@olaservo olaservo olaservo approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Claude can't do code review from forks

2 participants

@cliffhall @olaservo