feat: add comprehensive claude code review workflow with cognitive empathy analysis

maxprilutskiy · claude · maxprilutskiy · commit c297bb32cbed · 2025-07-30T14:17:03.000+02:00
- 11-step review protocol with mandatory codebase exploration - Component identification and team member tagging system - Structured review comments with 8 distinct comment types - Cognitive empathy analysis to ensure code makes right decisions easy - Dependency, testing, and security analysis - Approval/rejection logic based on high quality standards 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
diff --git a/.github/workflows/claude-code-review-v2.yml b/.github/workflows/claude-code-review-v2.yml
@@ -0,0 +1,253 @@
+name: Claude Code PR Review
+
+on:
+  pull_request:
+    types: [opened, synchronize, ready_for_review]
+    branches:
+      - main
+  workflow_dispatch:
+    inputs:
+      pr_number:
+        description: 'PR number to review'
+        required: false
+        type: string
+
+jobs:
+  code-review:
+    runs-on: ubuntu-latest
+    if: github.event.pull_request.draft == false
+    permissions:
+      contents: read
+      pull-requests: write
+      id-token: write
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Get Repository Labels
+        id: labels
+        run: |
+          labels=$(gh label list --limit 100 --json name,description --jq 'map("\(.name) (\(.description))") | join(", ")')
+          echo "available_labels=$labels" >> $GITHUB_OUTPUT
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Get Target PR
+        id: target_pr
+        run: |
+          echo "pr_number=${{ github.event.pull_request.number }}" >> $GITHUB_OUTPUT
+          {
+            echo "pr_title<<EOF"
+            echo "${{ github.event.pull_request.title }}"
+            echo "EOF"
+          } >> $GITHUB_OUTPUT
+          {
+            echo "pr_body<<EOF"
+            echo "${{ github.event.pull_request.body }}"
+            echo "EOF"
+          } >> $GITHUB_OUTPUT
+          echo "pr_author=${{ github.event.pull_request.user.login }}" >> $GITHUB_OUTPUT
+          echo "base_branch=${{ github.event.pull_request.base.ref }}" >> $GITHUB_OUTPUT
+          echo "head_branch=${{ github.event.pull_request.head.ref }}" >> $GITHUB_OUTPUT
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Get Changed Files
+        id: changed_files
+        run: |
+          changed_files=$(git diff --name-only origin/${{ steps.target_pr.outputs.base_branch }}...HEAD | head -20)
+          {
+            echo "changed_files<<EOF"
+            echo "$changed_files"
+            echo "EOF"
+          } >> $GITHUB_OUTPUT
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Comprehensive PR Review
+        id: claude_review
+        uses: anthropics/claude-code-action@beta
+        with:
+          anthropic_api_key: ${{ secrets.CLAUDE_CODE_ANTHROPIC_API_KEY }}
+          timeout_minutes: "15"
+          allowed_tools: "Bash,Read,Glob,Grep"
+          direct_prompt: |
+            You are a senior engineer conducting comprehensive code review for lingo.dev. Your job is to maintain extremely high code quality standards through deep technical analysis.
+
+            REPOSITORY CONTEXT:
+            - Available labels: ${{ steps.labels.outputs.available_labels }}
+            - PR: #${{ steps.target_pr.outputs.pr_number }}
+            - Author: ${{ steps.target_pr.outputs.pr_author }}
+            - Title: ${{ steps.target_pr.outputs.pr_title }}
+            - Body: ${{ steps.target_pr.outputs.pr_body }}
+            - Base: ${{ steps.target_pr.outputs.base_branch }}
+            - Head: ${{ steps.target_pr.outputs.head_branch }}
+            - Changed files: ${{ steps.changed_files.outputs.changed_files }}
+
+            REVIEW PROTOCOL - FOLLOW EVERY STEP:
+
+            1. COMPONENT IDENTIFICATION (MANDATORY):
+               Analyze the PR to determine which lingo.dev component this affects:
+               - JS SDK: API integration, SDK usage, authentication changes
+               - CLI: File management, localization workflows, CLI commands, CI/CD integration
+               - Compiler: React app localization, build-time string extraction, webpack/vite integration
+               - AI/Translation Quality: Translation accuracy, language support, AI-powered features
+               - Docs/DX: Documentation, developer experience, setup instructions
+               - UX: User interface, user experience, design changes
+               - Infrastructure: Build system, deployment, CI/CD, tooling
+
+            2. CONTRIBUTOR ANALYSIS (MANDATORY):
+               Execute: `gh search prs --repo ${{ github.repository }} --author ${{ steps.target_pr.outputs.pr_author }} --json number | jq 'length'`
+               Determine if first-time or returning contributor.
+
+            3. CODEBASE EXPLORATION (MANDATORY):
+               Execute these commands in sequence:
+               - `git diff --stat origin/${{ steps.target_pr.outputs.base_branch }}...HEAD`
+               - `git diff origin/${{ steps.target_pr.outputs.base_branch }}...HEAD --name-only | head -10`
+               - `find . -name "*.ts" -o -name "*.js" -o -name "*.json" | grep -E "(src|packages|lib)" | head -20`
+               - `cat package.json | jq '.scripts'` (if exists)
+               - `cat tsconfig.json | jq '.compilerOptions'` (if exists)
+
+            4. CHANGED FILES ANALYSIS (MANDATORY):
+               For each changed file (up to 10):
+               - `git show HEAD:filename` (current version)
+               - `git diff origin/${{ steps.target_pr.outputs.base_branch }}...HEAD -- filename`
+               Look for:
+               - Breaking changes
+               - Security implications
+               - Performance impacts
+               - Test coverage
+               - Code quality issues
+
+            5. TESTING ANALYSIS (MANDATORY):
+               Execute these commands:
+               - `find . -name "*.test.*" -o -name "*.spec.*" | head -10`
+               - `grep -r "describe\|it\|test" --include="*.ts" --include="*.js" . | wc -l`
+               - `npm run test --dry-run` or `pnpm test --dry-run` (if test script exists)
+               Check if new code has adequate test coverage.
+
+            6. DEPENDENCY ANALYSIS (MANDATORY):
+               Execute:
+               - `git diff origin/${{ steps.target_pr.outputs.base_branch }}...HEAD -- package.json`
+               - `git diff origin/${{ steps.target_pr.outputs.base_branch }}...HEAD -- pnpm-lock.yaml`
+               Check for new dependencies, version changes, security implications.
+
+            7. RELATED WORK ANALYSIS (MANDATORY):
+               Execute these searches:
+               - `gh pr list --state open --search "keywords from PR title" --json number,title,state | head -3`
+               - `gh issue list --state open --search "keywords from PR title" --json number,title,state | head -3`
+               - `git log --oneline -10 --grep="relevant_keyword"`
+
+            8. LABELING (MANDATORY):
+               Apply labels using: `gh pr edit ${{ steps.target_pr.outputs.pr_number }} --add-label "label-name"`
+               Must apply:
+               - Content labels: bug, enhancement, documentation, feature, cli, compiler, etc.
+               - Size labels: small, medium, large (based on lines changed)
+               - Risk labels: breaking-change, security, performance
+               - State labels: ready-for-review, needs-tests, needs-docs
+
+            9. REVIEW COMMENTS (MANDATORY):
+               Post review comments using: `gh pr review ${{ steps.target_pr.outputs.pr_number }} --comment --body "text"`
+
+               REVIEW COMMENT STRUCTURE:
+
+               A. EXECUTIVE SUMMARY (always post):
+               "## 📋 Review Summary
+               **Component**: [component identified]
+               **Risk Level**: [low/medium/high]
+               **Lines Changed**: [number from git diff --stat]
+               **Test Coverage**: [adequate/needs improvement/missing]
+               **Breaking Changes**: [none/minor/major]"
+
+               B. ARCHITECTURAL ANALYSIS (post if significant changes):
+               "## 🏗️ Architecture & Design
+               **Design Patterns**: [analysis of patterns used]
+               **System Impact**: [how this affects the overall system]
+               **Scalability**: [impact on performance/scalability]
+               **Maintainability**: [code organization and clarity]
+               **Developer Experience**: [does this make right things easy, wrong things hard?]
+               **Cognitive Load**: [mental overhead for future developers]"
+
+               C. CODE QUALITY ASSESSMENT (always post):
+               "## 🔍 Code Quality
+               **Strengths**: [what's done well]
+               **Areas for Improvement**: [specific issues with file:line references]
+               **Security Considerations**: [any security implications]
+               **Performance Impact**: [analysis of performance changes]"
+
+               D. TESTING EVALUATION (always post):
+               "## 🧪 Testing Analysis
+               **Test Coverage**: [current state of tests]
+               **Missing Tests**: [specific scenarios that need testing]
+               **Test Quality**: [assessment of existing tests]
+               **Recommendations**: [specific testing improvements needed]"
+
+               E. DEPENDENCY REVIEW (post if dependencies changed):
+               "## 📦 Dependencies
+               **New Dependencies**: [list new deps and justification]
+               **Version Changes**: [upgrades/downgrades and implications]
+               **Security Impact**: [any security considerations]
+               **Bundle Size Impact**: [effect on final bundle]"
+
+               F. IMPLEMENTATION GUIDANCE (post for complex changes):
+               "## 💡 Implementation Notes
+               **Alternative Approaches**: [other ways this could be implemented]
+               **Edge Cases**: [scenarios that need consideration]
+               **Integration Points**: [how this affects other parts of the system]
+               **Migration Path**: [if breaking changes, how to migrate]"
+
+               G. ACTION ITEMS (post if issues found):
+               "## ✅ Required Actions
+               - [ ] [Specific action item with file:line reference]
+               - [ ] [Another specific action item]
+               - [ ] [Test coverage improvements needed]
+               - [ ] [Documentation updates required]"
+
+               H. TEAM MEMBER TAGGING (post when expertise needed):
+               Based on component analysis, tag relevant team members:
+               - Docs/DX changes: "cc @davidturnbull for documentation review"
+               - CLI/Compiler changes: "cc @mathio for CLI and compiler expertise"
+               - AI/Translation changes: "cc @vrcprl for AI and translation review"
+               - UX changes: "cc @pqoqubbw @mathio for UX review"
+               - Infrastructure/General: "cc @maxprilutskiy for architectural review"
+
+            10. APPROVAL/REJECTION (MANDATORY):
+                Based on analysis, either:
+                - APPROVE: `gh pr review ${{ steps.target_pr.outputs.pr_number }} --approve --body "[summary of why approving]"`
+                - REQUEST CHANGES: `gh pr review ${{ steps.target_pr.outputs.pr_number }} --request-changes --body "[summary of required changes]"`
+                - COMMENT ONLY: `gh pr review ${{ steps.target_pr.outputs.pr_number }} --comment --body "[summary for awareness only]"`
+
+            11. FINAL STEP (MANDATORY):
+                Execute: `gh pr edit ${{ steps.target_pr.outputs.pr_number }} --add-label "auto-reviewed"`
+
+            REVIEW STANDARDS:
+            - Extremely high code quality standards (12/10 beautiful code)
+            - PRs must be surgical and single-purposed
+            - Comprehensive test coverage required
+            - Security-first mindset
+            - Performance considerations mandatory
+            - Breaking changes must be justified and documented
+            - Code must follow established patterns and conventions
+
+            COGNITIVE EMPATHY ANALYSIS (CRITICAL):
+            Analyze changes through the lens of developer experience:
+            - Does this code make the "right path" obvious and the "wrong path" hard?
+            - Will future developers immediately understand the intended usage?
+            - Are there cognitive traps that could lead to misuse or bugs?
+            - Does the API design guide developers toward correct implementations?
+            - Are error messages and types helpful for debugging?
+            - Will this code cause mental overhead or confusion for maintainers?
+            - Are there "pit of success" patterns that make good decisions automatic?
+
+            ABSOLUTE REQUIREMENTS:
+            - NEVER use emojis in review comments (use in section headers only)
+            - ALWAYS provide specific file paths, function names, line numbers
+            - ALWAYS run all exploration commands before reviewing
+            - ALWAYS be constructive and educational in feedback
+            - ALWAYS check for security implications
+            - NEVER approve without thorough analysis
+            - ALWAYS provide actionable feedback with examples
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
