Claude Renovate Review Action

Review Renovate PRs using Claude Code.

Usage

name: Claude Renovate Review

on:
  pull_request:
    types:
      - opened
      - edited

jobs:
  claude-renovate-review:
    if: github.event.pull_request.user.login == 'renovate[bot]'
    runs-on: ubuntu-latest
    permissions:
      contents: read
      pull-requests: write # for commenting on the PR
    steps:
      - uses: actions/checkout@v4
      - uses: koki-develop/claude-renovate-review@v1
        id: review
        with:
          anthropic-api-key: ${{ secrets.ANTHROPIC_API_KEY }}
          # or
          claude-code-oauth-token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}

      # Use the safety-assessment output
      - name: Check safety assessment
        run: echo "Safety Assessment: ${{ steps.review.outputs.safety-assessment }}"

Using the safety-assessment output

You can use the safety-assessment output to automate PR workflows based on the safety level.

Auto-approve safe PRs

- name: Auto-approve if safe
  if: steps.review.outputs.safety-assessment == 'safe'
  run: gh pr review "$PR_NUMBER" --approve
  env:
    GITHUB_TOKEN: ${{ github.token }}
    PR_NUMBER: ${{ github.event.pull_request.number }}

Auto-merge safe PRs

- name: Auto-merge if safe
  if: steps.review.outputs.safety-assessment == 'safe'
  run: gh pr merge "$PR_NUMBER" --auto
  env:
    GITHUB_TOKEN: ${{ github.token }}
    PR_NUMBER: ${{ github.event.pull_request.number }}

Inputs

Name	Description	Required	Default
`anthropic-api-key`	Anthropic API key for Claude Code	No*	-
`claude-code-oauth-token`	Claude Code OAuth token (alternative to anthropic-api-key)	No*	-
`github-token`	GitHub token with repo and pull request permissions	No	`${{ github.token }}`
`create-comment`	Create the review result as a comment on the pull request	No	`true`
`pull-request-number`	The number of the pull request to review. If not provided, it will use the pull request number from the event context	No	-
`allowed-tools`	Newline-separated list of allowed tools for Claude Code. Each tool should be on a separate line	No	`WebFetch(domain:github.com)` `WebFetch(domain:raw.githubusercontent.com)`

* Either anthropic-api-key or claude-code-oauth-token must be provided.

Outputs

Name	Description
`report`	The review report generated by Claude Code
`safety-assessment`	Safety assessment result: `safe`, `needs-manual-migration`, or `not-safe`

License

MIT

Name		Name	Last commit message	Last commit date
Latest commit History 84 Commits
.github/workflows		.github/workflows
.gitignore		.gitignore
.prettierignore		.prettierignore
CHANGELOG.md		CHANGELOG.md
CLAUDE.md		CLAUDE.md
LICENSE		LICENSE
README.md		README.md
action.yml		action.yml
bun.lock		bun.lock
bunfig.toml		bunfig.toml
package.json		package.json
renovate.json		renovate.json
schema.json		schema.json
screenshot.png		screenshot.png

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Claude Renovate Review Action

Usage

Using the safety-assessment output

Auto-approve safe PRs

Auto-merge safe PRs

Inputs

Outputs

License

About

Uh oh!

Releases 15

Packages

Uh oh!

Contributors 4

Uh oh!

License

koki-develop/claude-renovate-review

Folders and files

Latest commit

History

Repository files navigation

Claude Renovate Review Action

Usage

Using the safety-assessment output

Auto-approve safe PRs

Auto-merge safe PRs

Inputs

Outputs

License

About

Resources

License

Uh oh!

Stars

Watchers

Forks

Releases 15

Packages 0

Uh oh!

Contributors 4

Uh oh!

Packages