nikolay-e/treemapper-claude-code-review-action
GitHub: nikolay-e/treemapper-claude-code-review-action
结合 TreeMapper 结构化上下文提取与 Claude AI 的 GitHub Action,实现基于调用图和 PageRank 排序的智能 PR 代码审查。
Stars: 0 | Forks: 0
# TreeMapper + Claude 代码审查
[](https://github.com/marketplace/actions/treemapper-claude-code-review)
[](LICENSE)
由 [TreeMapper](https://github.com/nikolay-e/treemapper) 上下文提取和 [Claude Code](https://github.com/anthropics/claude-code-action) 驱动的自动化 PR 审查。
TreeMapper 从 git diff 构建调用图,根据 [PageRank](https://github.com/nikolay-e/treemapper#how-it-works) 对代码片段进行排序,并将它们与原始 diff 一起提供给 Claude —— 从而为审查者提供普通 diff 无法提供的结构化上下文。
## 快速开始
```
name: Code Review
on: [pull_request]
permissions:
contents: read
pull-requests: write
id-token: write
jobs:
review:
uses: nikolay-e/treemapper-claude-code-review-action/.github/workflows/claude-code-review.yml@v1
secrets:
anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
```
如果没有 `anthropic_api_key`,则仅运行 TreeMapper 提取(生成 artifact + 可选的指标评论)。
## 配置
### 输入
| 输入 | 默认值 | 描述 |
|-------|---------|-------------|
| `budget` | `50000` | TreeMapper 的 Token 预算(参见 [TreeMapper 文档](https://github.com/nikolay-e/treemapper#usage)) |
| `format` | `yaml` | TreeMapper 输出格式:`yaml`、`json`、`txt`、`md` |
| `model` | _(action 默认值)_ | 用于审查的 Claude 模型 |
| `max_turns` | `10` | Claude 代理的最大轮次 |
| `review_prompt` | _(空)_ | 附加到内置审查提示词的自定义指令 |
| `max_diff_lines` | `5000` | 如果 diff 超过此行数,则检查失败 |
| `treemapper_comment` | `true` | 在 PR 上发布固定的 TreeMapper 指标评论 |
### Secrets
| Secret | 必需 | 描述 |
|--------|----------|-------------|
| `anthropic_api_key` | 否 | Anthropic API 密钥 —— 启用 Claude 审查 |
| `treemapper_issues_token` | 否 | 用于在 [nikolay-e/treemapper](https://github.com/nikolay-e/treemapper) 上提交 TreeMapper 上下文质量问题的 GitHub PAT |
### 权限
```
permissions:
contents: read # read repository
pull-requests: write # post review comments
id-token: write # required by claude-code-action
```
## 工作原理
```
PR opened / updated
-> Job 1: TreeMapper extracts ranked code fragments (call graph + PageRank)
-> Job 2: Claude reviews using structural context + raw diff
-> Posts findings as PR comment (security > bugs > architecture > quality)
```
Claude 会在每次审查中评估 TreeMapper 的上下文质量。如果提供了 `treemapper_issues_token`,重大的上下文问题将直接提交到 [TreeMapper 仓库](https://github.com/nikolay-e/treemapper/issues)。
## 独立 TreeMapper 提取
直接使用 Docker action 而不进行 Claude 审查:
```
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: nikolay-e/treemapper-claude-code-review-action@v1
id: ctx
with:
budget: '25000'
- uses: actions/upload-artifact@v4
with:
name: diff-context
path: ${{ steps.ctx.outputs.context-file }}
```
| 输出 | 描述 |
|--------|-------------|
| `context` | 提取的上下文内容 |
| `context-file` | 输出文件路径 |
| `fragment-count` | 代码片段数量 |
| `token-count` | 大约 Token 数量 |
| `size` | 输出文件大小 |
## 许可证
[Apache 2.0](LICENSE)
标签:Anthropic, API 集成, CIS基准, Claude, CVE检测, DLL 劫持, Git Diff, GitHub Action, PageRank, Pull Request, SOC Prime, TreeMapper, YAML, 上下文提取, 云安全监控, 人工智能, 代码审查, 可组合工作流, 大语言模型, 安全库, 开发工具, 用户模式Hook绕过, 自动化审查, 请求拦截, 调用图, 静态分析