fix(claude-command-router): use absolute ref for check-auth (#262)

[cbeaulieu-gt]

Problem

claude-command-router/action.yml referenced check-auth via a relative path:

uses: ./check-auth

When an external consumer invokes glitchwerks/github-actions/claude-command-router@v2 as a reusable workflow step, actions/checkout@v4 puts the consumer's repo into the runner workspace. ./check-auth then resolves into the consumer's tree — which has no such directory — and the action fails.

Real-world failure: https://github.com/glitchwerks/claude-configs/actions/runs/25617446089

This footgun is documented in this repo's own CLAUDE.md under "Why absolute refs, not relative paths" — composite actions calling sibling composite actions must use absolute refs.

Fix

Changed the uses: reference to the absolute form:

uses: glitchwerks/github-actions/check-auth@v2

GitHub resolves this directly from this library's tree regardless of what repo the consumer has checked out.

Audit

Grepped all action.yml files in the repo for remaining uses: ./ references. No other composite action files contain relative sibling references — this was the only instance.

Workflow files under .github/workflows/ were excluded from flagging; relative ./ refs there (e.g. apply-fix.yml → ./apply-fix) are correct because reusable workflows operate within a single checkout context.

CI note

Due to the dogfooding limitation noted in CLAUDE.md, CI on this PR tests check-auth at the released @v2 tag, not the branch's composite action changes. The bug only manifests when invoked from an external consumer repo. The fix is verified by inspection.

Closes #262

---

🤖 Generated by Claude Code on behalf of @cbeaulieu-gt

[claude-action-runner]

Claude finished @cbeaulieu-gt's task in 2m 53s —— View job

---

PR Review Complete

I've completed a comprehensive review of PR #263 across code quality, security, performance, test coverage, and documentation dimensions.

Summary

This PR fixes a real bug where claude-command-router/action.yml used a relative path (./check-auth) that breaks for external consumers. The fix changes it to an absolute reference (glitchwerks/github-actions/check-auth@v2), aligning with the established pattern used by other composite actions in this repo.

Analysis

What I verified:

1. ✅ The change is correct: line 33 now uses glitchwerks/github-actions/check-auth@v2
2. ✅ Audit claim verified: No other action.yml files contain relative path references (uses: ./)
3. ✅ Consistency check: tag-claude/action.yml already uses this same absolute reference pattern (line 48)
4. ✅ All other uses: references in composite actions are either external (actions/checkout, etc.) or use absolute refs
5. ✅ Workflow files correctly continue to use relative paths (e.g., apply-fix.yml → ./apply-fix), which is appropriate for reusable workflows per CLAUDE.md
6. ✅ The fix aligns with the documented pattern in CLAUDE.md under "Why absolute refs, not relative paths"
7. ✅ Real-world failure documented: https://github.com/glitchwerks/claude-configs/actions/runs/25617446089

Code quality: The change is minimal (+1/-1), focused, and follows established conventions. The @v2 floating tag is the correct choice here, matching the pattern used throughout the codebase.

Security: No security implications. This is a path reference update with no changes to logic or data handling.

Performance: No performance impact. Action resolution happens once at job setup.

Test coverage: The existing test suite in .github/workflows/test.yml runs claude-command-router/tests/run-cases.sh, which exercises the bash parsing logic. The dogfooding limitation (CI tests at @v2 tag, not branch changes) is acknowledged and acceptable for this type of fix.

Documentation: Already documented in CLAUDE.md. No additional documentation needed.

Findings

No issues found. This is a correct, minimal fix that addresses a real bug and brings the code in line with established patterns.

Verdict: APPROVE

[cbeaulieu-gt]

External-consumer validation: passing

Validated this branch end-to-end from glitchwerks/claude-configs (the repo where the original failure surfaced). Tracking issue: glitchwerks/claude-configs#508.

A throwaway workflow on a claude-configs test branch invoked glitchwerks/github-actions/claude-command-router@issue-262-absolute-check-auth-ref directly after actions/checkout@v4 populated the runner workspace with the consumer repo — reproducing the exact failure condition of run 25617446089.

Result: run 25618698226 succeeded. The fixed uses: glitchwerks/github-actions/check-auth@v2 resolved correctly, check-auth ran its bash logic, and the router emitted parsed outputs (status=unauthorized — correct for a push-triggered run with no comment context; orthogonal to the bug).

Under the unfixed @v2, the same job would have died at the Run glitchwerks/github-actions/check-auth@v2 step with Can't find 'action.yml' ... under '.../claude-configs/check-auth'.

Safe to merge and re-tag v2 / v2.x.x. The claude-configs test branch is being cleaned up.

🤖 Generated by Claude Code on behalf of @cbeaulieu-gt