Initial commit

2025-11-30 08:56:32 +08:00
commit 35aff94595
5 changed files with 196 additions and 0 deletions
--- a/.claude-plugin/plugin.json
+++ b/.claude-plugin/plugin.json
@@ -0,0 +1,15 @@
+{
+  "name": "mcp-github",
+  "description": "GitHub repository, issue, and pull request management with PR review analysis",
+  "version": "1.1.5",
+  "author": {
+    "name": "shavakan",
+    "email": "cs.changwon.lee@gmail.com"
+  },
+  "commands": [
+    "./commands/pr-review-analyze.md"
+  ],
+  "mcp": [
+    "./.mcp.json"
+  ]
+}
--- a/.mcp.json
+++ b/.mcp.json
@@ -0,0 +1,10 @@
+{
+  "github": {
+    "type": "stdio",
+    "command": "docker",
+    "args": ["run", "-i", "--rm", "-e", "GITHUB_PERSONAL_ACCESS_TOKEN", "ghcr.io/github/github-mcp-server"],
+    "env": {
+      "GITHUB_PERSONAL_ACCESS_TOKEN": "${GITHUB_PERSONAL_ACCESS_TOKEN}"
+    }
+  }
+}
--- a/README.md
+++ b/README.md
@@ -0,0 +1,3 @@
+# mcp-github
+
+GitHub repository, issue, and pull request management with PR review analysis
--- a/commands/pr-review-analyze.md
+++ b/commands/pr-review-analyze.md
@@ -0,0 +1,119 @@
+---
+description: Analyze PR review comments and generate fix summary for another Claude instance
+---
+
+# PR Review Analysis
+
+Fetch GitHub PR review comments, categorize by severity, generate actionable fix summary for another Claude Code instance.
+
+## User Input
+
+You MUST consider the user input in `$ARGUMENTS`: PR URL or number.
+
+If empty, abort: "Usage: /pr-review-analyze <PR_URL or PR_NUMBER>"
+
+## Severity Classification
+
+**Blocking:** Security vulnerabilities, data corruption risks, breaking API changes, critical logic errors
+
+**High Priority:** Performance bugs, race conditions, incomplete error handling, correctness issues
+
+**Medium Priority:** Code quality improvements, refactoring opportunities, minor optimizations
+
+**Low Priority:** Style suggestions, documentation improvements, code deduplication
+
+## Execution
+
+**Phase 1: Parse Input**
+
+Parse PR identifier from $ARGUMENTS
+
+**Gate:** Confirm PR identifier. Proceed to fetch data? (y/n)
+
+**Phase 2: Fetch Data**
+
+Fetch PR data (prefer GitHub MCP, fallback to gh CLI if unavailable):
+- Extract review threads with: comments, file paths, line numbers, reviewer names, text
+- For each comment, MUST capture: `path` (file path), `line` (specific line number), `body` (comment text)
+- For each comment, get: `outdated` flag (code changed) and thread `isResolved` status (manually resolved)
+- Store location data with each comment for Phase 5 reporting
+- If both fail, abort: "Unable to fetch PR data. Install gh CLI or configure GitHub MCP"
+
+**Phase 3: Report Outdated Bot Comments**
+
+Report outdated bot comments (already fixed by code changes):
+- Identify comments from Claude (username contains "claude") or Copilot (username "github-copilot")
+- For bot comments where `outdated: true` AND `isResolved: false`, list them separately
+- Report: "Found N outdated unresolved bot comments (already fixed by code changes but not manually resolved)"
+- Note: GitHub API doesn't support auto-resolving threads programmatically
+
+**Phase 4: Categorize**
+
+Categorize active unresolved comments:
+- Only categorize comments where `outdated: false` AND `isResolved: false`
+- Skip outdated comments (already reported in Phase 3) and resolved comments
+- Analyze content and context of active unresolved comments
+- Apply severity definitions above based on actual impact
+- Flag ambiguous comments as "Needs Severity Review"
+
+**Gate:** Found N comments (X blocking, Y high priority). Generate summary? (y/n)
+
+**Phase 5: Generate Summary**
+
+Generate summary with blocking issues first, lower priority after
+
+**Critical:** Every issue MUST include exact file location in `**file:line**` format:
+- Extract `path` and `line` from comment metadata (captured in Phase 2)
+- Format as `**{path}:{line}**` (e.g., `**auth.py:127**`)
+- If line number unavailable, use `**{path}**` only
+- Never omit location data - it's required for developers to locate issues
+
+## Fix Summary Format
+
+```markdown
+## Context
+PR: https://github.com/org/repo/pull/42
+Branch: fix/auth-validation
+
+## Outdated Comments (Already Fixed)
+N bot comments are outdated (code changed) but not manually resolved. No action needed.
+
+## Blocking Issues
+
+1. **auth.py:127** - SQL injection vulnerability
+   - Problem: User input in f-string query
+   - Risk: Arbitrary SQL execution
+   - Fix: Use parameterized query with $1, $2 placeholders
+
+2. **session.py:89** - API key logged in exception handler
+   - Problem: Exception traceback includes API key from config dict
+   - Risk: Credentials exposed in error logs
+   - Fix: Redact api_key before client initialization
+
+## High Priority
+
+1. **cache.py:203** - Redis KEYS blocks event loop [Copilot]
+   - Problem: KEYS is O(n) and blocks Redis
+   - Risk: Performance degradation on large keyspaces
+   - Fix: Replace `redis.keys(pattern)` with `redis.scan_iter(match=pattern)`
+
+## Instructions
+1. Fix all blocking issues
+2. Run test suite to verify no regressions
+3. Commit: "fix: address security and performance review findings"
+4. Push to same branch
+```
+
+## Edge Cases
+
+- **No review comments:** Output "No review comments found"
+- **All comments outdated or resolved:** Output "No active unresolved comments requiring attention"
+- **No blocking issues:** State explicitly in summary
+- **Unclassifiable comments:** Separate "Needs Severity Review" section
+- **Invalid PR:** Abort with tool error message
+
+## Constraints
+
+- Preserve exact technical terms from comments
+- Don't fabricate fixes not mentioned by reviewers
+- Keep each issue to 3-5 sentences max
--- a/plugin.lock.json
+++ b/plugin.lock.json
@@ -0,0 +1,49 @@
+{
+  "$schema": "internal://schemas/plugin.lock.v1.json",
+  "pluginId": "gh:Shavakan/claude-marketplace:mcps/github",
+  "normalized": {
+    "repo": null,
+    "ref": "refs/tags/v20251128.0",
+    "commit": "0466fa92727988ecf996f7f387326084a62f2e71",
+    "treeHash": "a2e686198dbdd6afdbf658d5ea40f4f74729d78af21691bd41901775981d34b9",
+    "generatedAt": "2025-11-28T10:12:48.299859Z",
+    "toolVersion": "publish_plugins.py@0.2.0"
+  },
+  "origin": {
+    "remote": "git@github.com:zhongweili/42plugin-data.git",
+    "branch": "master",
+    "commit": "aa1497ed0949fd50e99e70d6324a29c5b34f9390",
+    "repoRoot": "/Users/zhongweili/projects/openmind/42plugin-data"
+  },
+  "manifest": {
+    "name": "mcp-github",
+    "description": "GitHub repository, issue, and pull request management with PR review analysis",
+    "version": "1.1.5"
+  },
+  "content": {
+    "files": [
+      {
+        "path": ".mcp.json",
+        "sha256": "5f111950aba53f9e58b80bb10b36390b13a942ed1feafb020c1a251f7fe98940"
+      },
+      {
+        "path": "README.md",
+        "sha256": "fe80515d7634990837ecf6a4f36396971ad512231200791b4d8044236972a982"
+      },
+      {
+        "path": ".claude-plugin/plugin.json",
+        "sha256": "1d3fbb08f1762c167f1ff995b224a92a9c0f4df2ffddce0a75f8aa1a5888c04e"
+      },
+      {
+        "path": "commands/pr-review-analyze.md",
+        "sha256": "e5087e53adc7903444f2991d4f14f5f2a9579dd81b9c8156469c5dc4010c85a0"
+      }
+    ],
+    "dirSha256": "a2e686198dbdd6afdbf658d5ea40f4f74729d78af21691bd41901775981d34b9"
+  },
+  "security": {
+    "scannedAt": null,
+    "scannerVersion": null,
+    "flags": []
+  }
+}