7.3 自动代码审查

每个 PR 自动获得 AI Review

配置好之后，每次有人开 PR 或者往 PR 里 push 新 commit，Claude Code 就会自动运行 review，结果以 PR 评论的形式出现。

不需要任何人手动触发，不需要排队等 reviewer 有空。

---

完整的自动 Review Workflow

# .github/workflows/claude-review.yml
name: Claude Code Review

on:
  pull_request:
    types: [opened, synchronize, reopened]

permissions:
  contents: read
  pull-requests: write

jobs:
  review:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0   # 需要完整历史才能 diff

      - uses: anthropics/claude-code-action@v1
        with:
          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
          prompt: |
            Review this pull request for code quality, correctness, and security.

            Analyze the diff carefully, then post your findings as review comments.

            Structure your review as:
            ## Summary
            Brief description of what this PR does.

            ## 🔴 Critical Issues (must fix before merge)
            Issues that could cause bugs, security vulnerabilities, or data loss.

            ## 🟡 Suggestions (should consider)
            Improvements that would make the code better but aren't blockers.

            ## 🔵 Nitpicks (optional)
            Minor style or naming suggestions.

            ## ✅ Overall Assessment
            Approve / Request Changes / Needs Discussion

            Be specific: include file names and line numbers for each issue.
            If the PR looks good, say so clearly.
          claude_args: "--max-turns 5"

---

让 Review 遵守你的团队规范

在 prompt 里引用 CLAUDE.md 里的规范：

prompt: |
  Review this PR following the standards in CLAUDE.md.

  Pay special attention to:
  - TypeScript strict mode compliance (no implicit any)
  - All async functions have proper error handling
  - New API endpoints have corresponding tests
  - Database queries go through the service layer, not directly in controllers

  Post findings as inline review comments on the specific lines,
  plus an overall summary comment.

或者直接让它读 CLAUDE.md（它在 checkout 后能访问）：

prompt: |
  First read CLAUDE.md to understand our team standards.
  Then review this PR against those standards.
  Report any violations, plus general code quality issues.

---

只 Review 特定类型的变更

不是所有 PR 都需要完整 review。可以用条件过滤：

on:
  pull_request:
    types: [opened, synchronize]
    paths:
      - 'src/**'          # 只在 src 目录有改动时触发
      - '!src/**/*.test.ts'  # 排除测试文件的变更

或者只对特定标签的 PR 触发：

on:
  pull_request:
    types: [labeled]

jobs:
  review:
    if: contains(github.event.label.name, 'needs-review')
    # ...

---

处理 Review 结果

Claude Code 的 review 结果以评论形式出现，不会自动 approve 或 request changes——最终决定还是由人来做。

这是设计如此，不是缺陷。AI review 是第一道过滤，帮你发现低级错误和明显问题；人工 review 聚焦在业务逻辑、架构决策这类需要领域知识的地方。

一个推荐的工作流：

1. PR 打开 → Claude 自动 review
2. 作者看 Claude 的反馈，修复明显问题
3. 人工 reviewer 聚焦 Claude 没有发现（或者 Claude 认为没问题）的地方
4. Approve 后 merge

这样人工 review 的质量更高，时间更短。

---

关于 GitHub Code Review 功能

Anthropic 还提供了一个独立的 GitHub Code Review 功能（不同于上面讲的 GitHub Actions），可以给每个 PR 自动添加详细的 review comments，包括内联评论。

开启方式：在 Claude Code 会话里运行：

/install-github-app

在安装流程里选择开启 Code Review 功能。它会在每个 PR 里自动留下比 Actions 更细粒度的行内评论。

---

下一节，让 Claude Code 直接从 Issue 生成代码，开发一个完整功能。