Skip to content

chore: update cagent-action to v1.4.1 #13745

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
derekmisler wants to merge 3 commits into
base: main
Choose a base branch
from
+9 −19
Open

chore: update cagent-action to v1.4.1 #13745

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
163db4a
chore: update cagent-action to v1.4.1
derekmisler Apr 16, 2026
5fcf059
Update pr-review.yml
derekmisler Apr 16, 2026
f9a4a46
Merge branch 'main' into auto/update-cagent-action
derekmisler Apr 16, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
28 changes: 9 additions & 19 deletions .github/workflows/pr-review.yml
View file
Open in desktop
Copy link
Copy Markdown
Contributor Author

@derekmisler derekmisler Apr 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All of the protections below have been added to the PR reviewer.

Original file line number Diff line number Diff line change
@@ -1,30 +1,20 @@
name: PR Review
on:
issue_comment: # Enables /review command in PR comments
pull_request:
types: [opened, ready_for_review]
issue_comment:
types: [created]
pull_request_review_comment: # Captures feedback on review comments for learning
types: [created]
pull_request: # Triggers auto-review on PR open (same-repo branches only; fork PRs use /review)
types: [ready_for_review, opened]

permissions:
contents: read # Required at top level so `GITHUB_TOKEN` for `issue_comment` events can read repository contents.

jobs:
review:
if: >-
github.event_name == 'issue_comment' ||
github.event_name == 'pull_request_review_comment' ||
github.event.pull_request.user.login != 'dependabot[bot]'
uses: docker/cagent-action/.github/workflows/review-pr.yml@dba0ca51938c78afb363625363c50582243218d6 # v1.3.1
# Scoped to the job so other jobs in this workflow aren't over-permissioned
uses: docker/cagent-action/.github/workflows/review-pr.yml@d98096f432f2aea5091c811852c4da804e60623a # v1.4.1
permissions:
contents: read # Read repository files and PR diffs
pull-requests: write # Post review comments and approve/request changes
issues: write # Create security incident issues if secrets are detected in output
checks: write # (Optional) Show review progress as a check run on the PR
secrets:
ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
CAGENT_ORG_MEMBERSHIP_TOKEN: ${{ secrets.CAGENT_ORG_MEMBERSHIP_TOKEN }} # PAT with read:org scope; gates auto-reviews to org members only
CAGENT_REVIEWER_APP_ID: ${{ secrets.CAGENT_REVIEWER_APP_ID }} # GitHub App ID; reviews appear as your app instead of github-actions[bot]
CAGENT_REVIEWER_APP_PRIVATE_KEY: ${{ secrets.CAGENT_REVIEWER_APP_PRIVATE_KEY }} # GitHub App private key; paired with App ID above
contents: read # to fetch code
pull-requests: write # to post review comments
issues: write # to reply to issue/PR comments
checks: write # to update check statuses
id-token: write # Required for OIDC authentication to AWS Secrets Manager
Loading