commit 35aff94595ff1b1800436e4cb5648ced6ca46414 Author: Zhongwei Li Date: Sun Nov 30 08:56:32 2025 +0800 Initial commit diff --git a/.claude-plugin/plugin.json b/.claude-plugin/plugin.json new file mode 100644 index 0000000..9121b81 --- /dev/null +++ b/.claude-plugin/plugin.json @@ -0,0 +1,15 @@ +{ + "name": "mcp-github", + "description": "GitHub repository, issue, and pull request management with PR review analysis", + "version": "1.1.5", + "author": { + "name": "shavakan", + "email": "cs.changwon.lee@gmail.com" + }, + "commands": [ + "./commands/pr-review-analyze.md" + ], + "mcp": [ + "./.mcp.json" + ] +} \ No newline at end of file diff --git a/.mcp.json b/.mcp.json new file mode 100644 index 0000000..e49b91a --- /dev/null +++ b/.mcp.json @@ -0,0 +1,10 @@ +{ + "github": { + "type": "stdio", + "command": "docker", + "args": ["run", "-i", "--rm", "-e", "GITHUB_PERSONAL_ACCESS_TOKEN", "ghcr.io/github/github-mcp-server"], + "env": { + "GITHUB_PERSONAL_ACCESS_TOKEN": "${GITHUB_PERSONAL_ACCESS_TOKEN}" + } + } +} diff --git a/README.md b/README.md new file mode 100644 index 0000000..c078f89 --- /dev/null +++ b/README.md @@ -0,0 +1,3 @@ +# mcp-github + +GitHub repository, issue, and pull request management with PR review analysis diff --git a/commands/pr-review-analyze.md b/commands/pr-review-analyze.md new file mode 100644 index 0000000..584d752 --- /dev/null +++ b/commands/pr-review-analyze.md @@ -0,0 +1,119 @@ +--- +description: Analyze PR review comments and generate fix summary for another Claude instance +--- + +# PR Review Analysis + +Fetch GitHub PR review comments, categorize by severity, generate actionable fix summary for another Claude Code instance. + +## User Input + +You MUST consider the user input in `$ARGUMENTS`: PR URL or number. + +If empty, abort: "Usage: /pr-review-analyze " + +## Severity Classification + +**Blocking:** Security vulnerabilities, data corruption risks, breaking API changes, critical logic errors + +**High Priority:** Performance bugs, race conditions, incomplete error handling, correctness issues + +**Medium Priority:** Code quality improvements, refactoring opportunities, minor optimizations + +**Low Priority:** Style suggestions, documentation improvements, code deduplication + +## Execution + +**Phase 1: Parse Input** + +Parse PR identifier from $ARGUMENTS + +**Gate:** Confirm PR identifier. Proceed to fetch data? (y/n) + +**Phase 2: Fetch Data** + +Fetch PR data (prefer GitHub MCP, fallback to gh CLI if unavailable): +- Extract review threads with: comments, file paths, line numbers, reviewer names, text +- For each comment, MUST capture: `path` (file path), `line` (specific line number), `body` (comment text) +- For each comment, get: `outdated` flag (code changed) and thread `isResolved` status (manually resolved) +- Store location data with each comment for Phase 5 reporting +- If both fail, abort: "Unable to fetch PR data. Install gh CLI or configure GitHub MCP" + +**Phase 3: Report Outdated Bot Comments** + +Report outdated bot comments (already fixed by code changes): +- Identify comments from Claude (username contains "claude") or Copilot (username "github-copilot") +- For bot comments where `outdated: true` AND `isResolved: false`, list them separately +- Report: "Found N outdated unresolved bot comments (already fixed by code changes but not manually resolved)" +- Note: GitHub API doesn't support auto-resolving threads programmatically + +**Phase 4: Categorize** + +Categorize active unresolved comments: +- Only categorize comments where `outdated: false` AND `isResolved: false` +- Skip outdated comments (already reported in Phase 3) and resolved comments +- Analyze content and context of active unresolved comments +- Apply severity definitions above based on actual impact +- Flag ambiguous comments as "Needs Severity Review" + +**Gate:** Found N comments (X blocking, Y high priority). Generate summary? (y/n) + +**Phase 5: Generate Summary** + +Generate summary with blocking issues first, lower priority after + +**Critical:** Every issue MUST include exact file location in `**file:line**` format: +- Extract `path` and `line` from comment metadata (captured in Phase 2) +- Format as `**{path}:{line}**` (e.g., `**auth.py:127**`) +- If line number unavailable, use `**{path}**` only +- Never omit location data - it's required for developers to locate issues + +## Fix Summary Format + +```markdown +## Context +PR: https://github.com/org/repo/pull/42 +Branch: fix/auth-validation + +## Outdated Comments (Already Fixed) +N bot comments are outdated (code changed) but not manually resolved. No action needed. + +## Blocking Issues + +1. **auth.py:127** - SQL injection vulnerability + - Problem: User input in f-string query + - Risk: Arbitrary SQL execution + - Fix: Use parameterized query with $1, $2 placeholders + +2. **session.py:89** - API key logged in exception handler + - Problem: Exception traceback includes API key from config dict + - Risk: Credentials exposed in error logs + - Fix: Redact api_key before client initialization + +## High Priority + +1. **cache.py:203** - Redis KEYS blocks event loop [Copilot] + - Problem: KEYS is O(n) and blocks Redis + - Risk: Performance degradation on large keyspaces + - Fix: Replace `redis.keys(pattern)` with `redis.scan_iter(match=pattern)` + +## Instructions +1. Fix all blocking issues +2. Run test suite to verify no regressions +3. Commit: "fix: address security and performance review findings" +4. Push to same branch +``` + +## Edge Cases + +- **No review comments:** Output "No review comments found" +- **All comments outdated or resolved:** Output "No active unresolved comments requiring attention" +- **No blocking issues:** State explicitly in summary +- **Unclassifiable comments:** Separate "Needs Severity Review" section +- **Invalid PR:** Abort with tool error message + +## Constraints + +- Preserve exact technical terms from comments +- Don't fabricate fixes not mentioned by reviewers +- Keep each issue to 3-5 sentences max diff --git a/plugin.lock.json b/plugin.lock.json new file mode 100644 index 0000000..08c8b50 --- /dev/null +++ b/plugin.lock.json @@ -0,0 +1,49 @@ +{ + "$schema": "internal://schemas/plugin.lock.v1.json", + "pluginId": "gh:Shavakan/claude-marketplace:mcps/github", + "normalized": { + "repo": null, + "ref": "refs/tags/v20251128.0", + "commit": "0466fa92727988ecf996f7f387326084a62f2e71", + "treeHash": "a2e686198dbdd6afdbf658d5ea40f4f74729d78af21691bd41901775981d34b9", + "generatedAt": "2025-11-28T10:12:48.299859Z", + "toolVersion": "publish_plugins.py@0.2.0" + }, + "origin": { + "remote": "git@github.com:zhongweili/42plugin-data.git", + "branch": "master", + "commit": "aa1497ed0949fd50e99e70d6324a29c5b34f9390", + "repoRoot": "/Users/zhongweili/projects/openmind/42plugin-data" + }, + "manifest": { + "name": "mcp-github", + "description": "GitHub repository, issue, and pull request management with PR review analysis", + "version": "1.1.5" + }, + "content": { + "files": [ + { + "path": ".mcp.json", + "sha256": "5f111950aba53f9e58b80bb10b36390b13a942ed1feafb020c1a251f7fe98940" + }, + { + "path": "README.md", + "sha256": "fe80515d7634990837ecf6a4f36396971ad512231200791b4d8044236972a982" + }, + { + "path": ".claude-plugin/plugin.json", + "sha256": "1d3fbb08f1762c167f1ff995b224a92a9c0f4df2ffddce0a75f8aa1a5888c04e" + }, + { + "path": "commands/pr-review-analyze.md", + "sha256": "e5087e53adc7903444f2991d4f14f5f2a9579dd81b9c8156469c5dc4010c85a0" + } + ], + "dirSha256": "a2e686198dbdd6afdbf658d5ea40f4f74729d78af21691bd41901775981d34b9" + }, + "security": { + "scannedAt": null, + "scannerVersion": null, + "flags": [] + } +} \ No newline at end of file