v2.6.2

Bugfix release

Fixes a relative-path resolution bug in claude-command-router that broke the action for any external consumer.

What changed

claude-command-router/action.yml previously invoked check-auth via uses: ./check-auth. When called from an external consumer's workflow, actions/checkout@v4 had populated the runner workspace with the consumer's repo, so ./check-auth resolved into the consumer's tree and failed with Can't find 'action.yml' ... under '.../check-auth'.

This release switches that reference to the absolute form glitchwerks/github-actions/check-auth@v2, which resolves from this library's tree regardless of consumer workspace state.

Validated

End-to-end from glitchwerks/claude-configs against the fix branch — run 25618698226 — check-auth resolved cleanly and the router emitted parsed outputs.

References

• Issue: #262
• PR: #263
• Original failure: https://github.com/glitchwerks/claude-configs/actions/runs/25617446089

Compatibility

Drop-in for any consumer pinned to @v2 — the floating tag has been moved to this release.

🤖 Generated by Claude Code on behalf of @cbeaulieu-gt

v2.6.1 — pr-review severity-grep filter fix

Bug fix

Fixes a false-positive in the pr-review quality gate: the resolution-narration filter introduced in #248 only stripped ### ✅ <severity> single-line headings, missing the persona's other narration style — a ### ✅ Section header plus per-finding lines ending in bold resolution suffixes (— **FIXED**).

Surfaced by glitchwerks/claude-configs#490, where a follow-up review correctly identified all prior findings as resolved but the claude-pr-review/quality-gate commit status still fired failure.

What changed

pr-review/action.yml — at all three filter callsites (authoritative gate, synthesis pre-filter, shadow gate), the pre-filter regex was extended from:

grep -v '✅'

to:

grep -vE '✅|\*\*(FIXED|ADDRESSED|RESOLVED)\*\*\s*$'

The bold-wrapped resolution suffix is anchored to end-of-line (\s*$) so it matches the persona's actual usage — a terminal — **FIXED** — without false-positive-suppressing legitimate findings that mention those words mid-line.

Issues / PRs

• Fixes #257
• Implementing PR: #258
• Triggering case: glitchwerks/claude-configs#490
• Prior fixes in the same area: #248, #242 / #247

Upgrade

The floating v2 tag has been moved to this release. Consumers pinned to glitchwerks/github-actions/pr-review@v2 get the fix automatically on their next workflow run; consumers pinned to @v2.6.0 should bump to @v2.6.1 (or @v2).

🤖 Generated by Claude Code on behalf of @cbeaulieu-gt

v2.6.0 — pr-review App-token + auth fallback

⚠️ DO NOT USE — RELEASE WITHDRAWN

v2.6.0 has been withdrawn. It introduced two interacting regressions:

1. Breaking-change via floating-tag move — moving v2 to v2.6.0 broke every consumer pinned to an older v2.x.x reusable workflow because the older wrappers do not pass the now-required app_id / app_private_key secrets. See #256.
2. API-fallback collaborator check fails with github.token — the new auth fallback added by #253 (PR #254) cannot enumerate collaborators with the bot's default scopes, so users with private org membership are still blocked. See #255.

The v2 floating tag has been rolled back to v2.5.1 (e92a334) to restore service for existing consumers.

If you have already explicitly pinned to @v2.6.0, expect failures unless you (a) supply app_id and app_private_key secrets in your caller workflow AND (b) set authorized_users to bypass the broken API fallback.

A successor release will ship after #255 and #256 are resolved. Track progress on those issues.

---

(Original release notes preserved below for the record.)

Summary

Two changes to the pr-review action shipped together. The v2 floating tag now points to this release.

What changed

feat(pr-review): switch to App-token identity (#250 → PR #252)

pr-review now resolves a GitHub App token via actions/create-github-app-token and passes it to anthropics/claude-code-action@v1 for github_token. Review comments now post under the App's [bot] identity, consistent with every other Claude-powered workflow in this library.

Breaking for consumers: the claude-pr-review.yml reusable workflow now requires app_id and app_private_key secrets.

fix(pr-review): API-fallback collaborator check + authorized_users input (#253 → PR #254)

The auth gate previously trusted pull_request.author_association exclusively. The new three-step authorization adds a CSV authorized_users allowlist and an API-fallback collaborator check.

Known broken: the API-fallback step fails with github.token (see #255).

v2.5.1 - skip resolution-narration lines in severity grep

v2.5.1 — skip resolution-narration lines in severity grep

Closes #248 (incremental-review marker reflects historical findings, not current state).

Bug

On second-pass (incremental) reviews the persona narrates resolved findings as #### ✅ 🔴 Critical (BLOCKING) - FIXED. The severity token on that line is byte-identical to a fresh finding, so the prose-regex on both the authoritative and shadow gate counted resolved findings as live ones — blocking PRs whose findings were all fixed.

Reproduction in v2.5.0: glitchwerks/claude-configs#466 — Pass 1 found 1 critical, Pass 2's fix commit was correctly characterized as "✅ FIXED" by the persona prose, but the gate still reported 1 severity marker(s) matched and blocked the PR.

Fix

Insert grep -v '✅' before the severity grep at all three callsites in pr-review/action.yml:

• Authoritative gate (BLOCKER_HITS for claude-pr-review/quality-gate)
• Shadow gate (BLOCKER_HITS for claude-pr-review/quality-gate-shadow)
• Synthesis step's per-bucket counts (build OPEN_BODY once, reuse across four bucket greps)

Lines containing the resolution checkmark (✅) are dropped before the severity regex runs. The regex itself in pr-review/lib/severity-regex.sh is unchanged.

Regression sanity-checks (verified pre-merge)

Body shape	BLOCKER_HITS	Gate result
Pass 1 fresh #### 🔴 Critical (BLOCKING)	1	failure (correct)
Pass 2 all-resolved (only #### ✅ ... - FIXED headers)	0	success (correct, was the bug)
Pass 2 mixed (1 new critical + 1 resolved)	1	failure (correct)
Synthesis per-bucket on Pass 2 all-resolved	0/0/0/0	clean marker (correct)

What this release does NOT change

A persona-side hardening — telling the persona that findings.* counts in the structured marker reflect currently-open findings (not lifetime) — is a follow-up. That change requires a runtime-overlay rebuild + image promote + workflow digest bump and ships separately.

The regex fix in v2.5.1 is sufficient to unblock the gate on its own. The persona contribution to #248 only manifests when the LLM emits a marker block AND that marker disagrees with the prose, AND the LLM-emitted-marker path is the only one that bypasses the synthesis step's regex correction (since the synthesis step's grep -qF skip-guard defers to a present LLM marker). In the actual #466 reproduction, the synthesis step DID fire (LLM omitted the marker), so the regex fix alone is sufficient for the observed reproduction.

Implementation PR

• #249 (closed #248)

Upgrade path

Consumers pinned to @v2 pick this up automatically on their next pull_request_target run. Consumers pinned to @v2.5.0 should bump to @v2.5.1 (or @v2) — note that v2.5.0 in production has the marker_missing-fix but is affected by this incremental-review regression.

🤖 Generated by Claude Code on behalf of @cbeaulieu-gt

v2.5.0 - synthesize structured marker via post-processing

v2.5.0 — synthesize structured marker via post-processing

Closes #242 (marker_missing shadow-gate failures).

What's new

pr-review/action.yml now includes a post-processing step that synthesizes the <!-- claude-pr-review-summary-v1 HTML-comment marker from the prose review body when the LLM's persona output omits it. The shadow gate (claude-pr-review/quality-gate-shadow) will now transition off error / marker_missing for runs where the LLM emits severity-tagged findings but skips the structured marker block.

Mechanism

• New pr-review/lib/severity-regex.sh — sourceable shell fragment with one canonical SEVERITY_BLOCKER_RE (combined gate class) plus four per-bucket variables (SEVERITY_CRITICAL_RE, SEVERITY_HIGH_RE, SEVERITY_MEDIUM_RE, SEVERITY_LOW_RE). Both pre-existing gate steps now source this file; zero inline regex duplication remains.
• New synthesis step inserted between the authoritative gate and the shadow gate. It selects the bot review comment via the time-filtered selector validated in PR #246's Phase 0 spike, counts per-bucket severity tokens with grep -oE | wc -l, and PATCHes the marker onto the comment body.
• Defensive corroboration: a 0/0/0/0 synthesized marker is rejected (replaced with state=error / synthesis_skipped:no_corroboration) when the body is shorter than 500 characters AND lacks recognized persona section headers (### Findings / ### Verdict). Prevents persona-tagging dropout from being silently laundered as agree:clean.
• The synthesis step writes SYNTHESIS_COMMENT_ID to $GITHUB_ENV; the shadow gate consumes that pinned ID directly to defend against API replication lag between the PATCH and the next read.

Operational notes

• The synthesis step's time-filtered selector relies on the workflow-level cancel-in-progress: true concurrency block on claude-pr-review.yml (line 50–52). Future edits that weaken concurrency re-open the prior-run-overlap race characterized as scenario S3 in the Phase 0 spike — a code comment in the synthesis step's bash block flags this dependency at the relevant location.
• This release does not introduce new GHCR image digests; the runtime overlay images bundled by claude-runtime-{review,fix,explain} are unchanged from v2.4.x.

Plan and provenance

• Plan: docs/superpowers/plans/2026-05-08-runtime-overlay-recovery.md (Phase 1 / W3)
• Phase 0 verification spike: #246 (comment)
• Issue: #242
• Implementation PR: #247

W1 (bridging baked content into the CLI discovery path) and W2 (expanding --allowedTools for Task / Skill dispatch) remain deferred under #245 pending verification of claude-code-action@v1 internals.

Upgrade path

Consumers pinned to @v2 pick this up automatically on their next pull_request_target run. Consumers pinned to @v2.4.x should bump to @v2.5.0 (or to @v2).

🤖 Generated by Claude Code on behalf of @cbeaulieu-gt

v2.4.2 — Install runtime persona at $HOME/.claude/CLAUDE.md

v2.4.2 — Install runtime persona at $HOME/.claude/CLAUDE.md

Restores the runtime overlay personas to actually being the system prompt at job time. Prior to this release, the personas baked into the runtime images were silently ignored.

What was broken

GitHub Actions overrides HOME=/github/home when starting any container job, discarding the runtime image's baked HOME=/opt/claude. The fresh CLI installed by claude-code-action@v1 then reads its user-level CLAUDE.md from $HOME/.claude/CLAUDE.md = /github/home/.claude/CLAUDE.md — a path that does not exist by default. The persona file at /opt/claude/.claude/CLAUDE.md was never read.

Net effect: the runtime overlay personas (review / fix / explain) have never actually been loaded since container jobs were introduced. The shadow claude-pr-review/quality-gate-shadow status posting marker_missing on every PR review (introduced in v2.4.0) was the first observable signal of this. The runtime-build.yml smoke tests didn't catch it because they verified the persona was baked into the image, not that it was loaded by the CLI at runtime.

Diagnosed in #242, fixed in #243.

What this release ships

A persona-install pre-step inserted immediately before every claude-code-action@v1 invocation:

- name: Install persona for claude-code-action CLI
  shell: bash
  run: |
    if [ -f /opt/claude/.claude/CLAUDE.md ]; then
      mkdir -p "$HOME/.claude"
      cp /opt/claude/.claude/CLAUDE.md "$HOME/.claude/CLAUDE.md"
    fi

Applied to:

• Composite actions: pr-review/action.yml, lint-failure/action.yml, lint-diagnose/action.yml, tag-claude/action.yml
• Reusable workflows that invoke claude-code-action@v1 directly: .github/workflows/claude-ci-failure.yml, .github/workflows/claude-tag-respond.yml

Also rolls in the auto-promote merge from #240 — fresh runtime image digests for review/fix/explain. Image content is unchanged in behavior; the persona is now actually loaded.

How to consume

External consumers pinned to @v2.4.0 or @v2.4.1 should bump to @v2.4.2 (or float on @v2):

- uses: glitchwerks/github-actions/.github/workflows/claude-pr-review.yml@v2.4.1
+ uses: glitchwerks/github-actions/.github/workflows/claude-pr-review.yml@v2.4.2

After bumping, the next claude-pr-review run should produce quality-gate-shadow with state=success (or legitimate state=failure on a review with BLOCKING/MAJOR markers) instead of state=error / marker_missing.

Notes

• This release also affects fix and explain overlays, which had the same persona-loading bug — their personas are now active for the first time. Expect behavior consistent with the persona files at runtime/overlays/{fix,explain}/CLAUDE.md.
• A follow-up hardening item: add a runtime smoke test that asserts the persona is actually loaded by the CLI in a HOME=/github/home-shaped container (not just baked into the image filesystem). Without it, this regression class can recur silently.

Closes

Fixes #242

v2.4.1 — Fix shadow quality-gate marker_missing

v2.4.1 — Fix shadow quality-gate marker_missing

Re-pins the claude-runtime-review container to the digest that actually carries the <!-- claude-pr-review-summary-v1 marker emission.

What was broken

v2.4.0 was tagged on a commit (4460d2d) whose claude-pr-review.yml pinned claude-runtime-review@sha256:6b08cb5… — an image built before #228 added the structured-marker emission directive to the review persona. As a result, every PR review on v2.4.0 posted claude-pr-review/quality-gate-shadow with state=error / description=marker_missing, even though the persona was running and the authoritative claude-pr-review/quality-gate was working correctly.

The bad pin landed because PR #238's branch was based on a pre-promote state of main. When #238 merged, it stomped a runtime promote that had landed two days earlier (the post-#228 image). main was re-promoted ~2 minutes later (c86d542), but v2.4.0 was tagged on the stale commit before the re-promote.

Diagnosed and tracked in #242.

What this release ships

• Tag retargeted to main HEAD (1e37239) — workflow now pins claude-runtime-review@sha256:0db0d558…, the correct post-#228 image that emits the marker.
• The floating v2 tag has been force-updated to the same commit.
• No code or workflow changes vs. v2.4.0 other than which commit the tag points at.

How to consume

External consumers pinned to @v2.4.0 should bump to @v2.4.1 (or float on @v2):

- uses: glitchwerks/github-actions/.github/workflows/claude-pr-review.yml@v2.4.0
+ uses: glitchwerks/github-actions/.github/workflows/claude-pr-review.yml@v2.4.1

After bumping, the next PR review run should produce claude-pr-review/quality-gate-shadow with state=success (or legitimate state=failure on a review with BLOCKING/MAJOR markers) instead of state=error / marker_missing.

Closes

Fixes #242

v2.4.0 — #185 Phase 2 shadow gate

Highlights

#185 Phase 2 — Shadow-mode quality gate

pr-review/action.yml gains a structured-marker parser that runs alongside the existing prose-regex gate. Parses the HTML-comment claude-pr-review-summary-v1 block emitted by the Phase 1 review persona, derives a verdict from per-severity counts, and posts an advisory claude-pr-review/quality-gate-shadow commit status with an agree:* / disagree:* / marker_missing / marker_invalid description.

The shadow status is advisory only — it should NOT be added to branch protection. The existing claude-pr-review/quality-gate remains authoritative until #185 Phase 4 cutover.

Ships:

• pr-review/lib/parse-marker.sh — sourceable parser (single source of truth, used by both the action step and the test driver)
• pr-review/tests/marker-cases/ — 5-fixture corpus including PR #222's pre-marker review body (the #223 false-negative regression case)
• pr-review/tests/run-marker-cases.sh — test driver, modeled on claude-command-router/tests/run-cases.sh
• .github/workflows/test.yml — runs the marker corpus on every PR
• .github/workflows/marker-emission-aggregate.yml — weekly Monday 07:00 UTC cron that surfaces marker_missing events as a deduped GitHub issue, providing the data source for verifying the Phase 3 cutover criterion

Compatibility

No breaking changes for consumers. Existing caller workflows continue to work unchanged. Consumers will see a new claude-pr-review/quality-gate-shadow status appear on PR review runs starting with this release.

Refs #185 #183 #223 #227.

🤖 Generated by Claude Code on behalf of @cbeaulieu-gt

v2.3.0 — Phase 6: promote/rollback automation

v2.3.0 — Phase 6: promote/rollback automation, freshness alarm, prune

Closes Phase 6 of the CI Claude Runtime epic (#130 → #144). Builds on Phase 5 (#188) which shipped digest-pinned consumer workflows; Phase 6 makes the digest-pin lifecycle automatic + auditable.

What's new

• STAGE 5 promote (runtime-build.yml) — atomic 7-occurrence digest bump across 5 reusable workflows, App-token authenticated so the auto-PR shows under bot identity AND merging re-triggers downstream consumer workflows
• runtime-rollback.yml — targeted digest rollback with a 5-step validation chain (shape → tag-exists → org.opencontainers.image.revision label → inventory-match.sh → smoke-test.sh); each step exits with a specific actionable error
• runtime-check-private-freshness.yml — weekly drift alarm comparing the manifest's pinned ci-v* against claude-configs main, with path-scoped denominator (spec §13 Q7) so drift on non-imported paths doesn't page
• runtime-prune-pending.yml — orphan :pending-* tag pruning with promote protection invariant (any version carrying a 40-hex pubsha tag is never deleted, even if also :pending-*) + safety threshold (refuses to delete if candidates >50)
• STAGE 4 label-shape assertion (runtime/scripts/smoke-test.sh §d.4) — asserts org.opencontainers.image.revision is 40-hex at build time, catching future Dockerfile refactors that set the label to something truthy-but-malformed

Bug fixes

• #184 — Quality-gate now picks the genuinely-latest bot comment (the GitHub API silently ignores sort=updated&direction=desc on /issues/{n}/comments; previous code picked the OLDEST). Future PRs' quality-gate behaves correctly.
• #205 — App claude-action-runner granted workflows: write permission needed by STAGE 5 + runtime-rollback to push edits to .github/workflows/**.
• #197/#199 — Container safe.directory baked into runtime base image (CVE-2022-24765 / dubious-ownership gate).

Spec resolution

• §13 Q5 (PR #208) — Marketplace SHA bump cadence formalized as manual on observed value; comment block in runtime/ci-manifest.yaml documents the policy inline.

Tracking issues

• Closes #144 (Phase 6 epic), closes #184 (quality-gate)
• Open #206 — claude-action-runner not installed on glitchwerks/claude-configs; informational, only affects Task 6.5 functional gate (the workflow exits cleanly with a clear error until the install lands)
• Open #203 — Phase 6 follow-up: auto-merge promote PRs with quality-gate self-validation (Option C; explicitly out of scope for #144)
• Open #204 — Phase 7 follow-up: heartbeat infra for SLA on freshness alarm

Path deviation from master plan

Three workflows the master plan placed under runtime/ were moved to .github/workflows/runtime-*.yml because GitHub Actions only auto-discovers workflows under .github/workflows/. Symlinks rejected (Windows checkout inconsistency).

Verifications

• STAGE 5 dry-run: PR #207 (closed unmerged) — 7-line atomic substitution verified
• App-perm probe: run 25411361926 — definitively confirmed workflows: write is effective
• Inquisitor Pass 1 + Pass 2 — both folds re-reviewed, two Critical regressions Pass 1 introduced were caught by Pass 2

Post-merge work

• Task 6.9 rollback rehearsal (happy path + deliberate-failure path) runs after this release lands; results will be appended to PR #209 body via gh pr edit.

🤖 Generated by Claude Code on behalf of @cbeaulieu-gt

v2.2.0 — runtime container hardening + digest refresh

Highlights

• Container git safety baked in (#199, #197) — runtime base image now contains git config --system --add safe.directory '*', fixing fatal: detected dubious ownership failures inside digest-pinned overlay containers (root cause: actions/checkout writes the workspace as the host runner UID, container runs as a different UID, git's CVE-2022-24765 protection refuses operations). STAGE 4 overlay smoke now asserts the bake-in is present (runtime/scripts/smoke-test.sh section d.5).
• All five reusable workflows repointed (#201) to the rebuilt overlay digests:
  • claude-runtime-base@sha256:0a1f06f1157b26fd2b93293c3b249fd778980c4ec0c273d2d6046e2ea6b4459c
  • claude-runtime-review@sha256:46d16c22e19dcd98bea17827334c28dd0d6f3a97e6c631816fe5741024081aeb
  • claude-runtime-fix@sha256:2474e5ce130dca5db44088a5cf1bc22999c0944abf065df47999b018b838b286
  • claude-runtime-explain@sha256:6eb12b4aeca5873e329b6c0542509d87b2dd17eec58ffc3fec47291954c4ff80
• Phase 3-5 cumulative since v2.1.0 — overlay images, claude-command-router (verb routing), digest-pinned reusable workflows + tag-respond dispatch, periodic overlay-pull smoke (#190).

Consumer impact

• Workflows referencing glitchwerks/github-actions/<workflow>@v2 now run against post-#200 images automatically. Re-run any failing claude-pr-review / claude-tag-respond jobs that previously hit dubious-ownership errors.
• No breaking API changes to composite action inputs or reusable workflow signatures.

Known follow-ups

• Phase 6 (#144) — STAGE 5 promotion automation (replaces the manual digest-pin bump cycle that this release performed by hand).
• The pre-existing tag-claude/ action and legacy ci-failure.yaml / apply-fix.yml are not container-pinned and remain on the unhardened path until Phase 7 cutover.

Closed in this release

• #197 — claude-code-action git fetch fails inside pull_request_target containerized review
• #199 — bake git config --system --add safe.directory '*' into Dockerfile
• #201 — pin new overlay digests in claude-*.yml workflow files
• #190 — periodic overlay-image-pull smoke test
• #194, #192 — image content + permissions hotfixes (already shipped pre-tag)

🤖 Generated by Claude Code on behalf of @cbeaulieu-gt