marketing-shibata50/claude-code-ultimate-guide
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

docs: add GitHub Actions workflow guide + desloppify + threat-db v2.7.0

Browse source 
- guide/workflows/github-actions.md (new): 5 production patterns with
  claude-code-action (on-demand @claude, auto push review, issue triage,
  security review, scheduled maintenance), auth alternatives, cost control
- guide/ultimate-guide.md: GitHub Actions cross-ref + desloppify tool
  (vibe code quality fix-loop, community tool, ~2K stars, Feb 2026)
- examples/commands/resources/threat-db.yaml: v2.7.0, +5 threat sources
  (Azure MCP SSRF CVE-2026-26118, OpenClaw, Taskflow, Codex Security,
  DryRun Security 87% vulnerability stat)
- CLAUDE.md: Behavioral Rules section (5 rules from observed friction)
- guide/workflows/README.md: github-actions entry + quick selection row
- IDEAS.md: CI/CD Workflows Gallery marked complete
- CHANGELOG.md: [Unreleased] entries for all items

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Florian BRUNIAUX 2026-03-13 17:19:18 +01:00
parent aafb412fa4
commit b0698bfb39
7 changed files with 564 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

19
guide/workflows/README.md
View file

@ -91,6 +91,25 @@ Build features in three locked phases: Research feasibility first, plan the impl
**When to use**: Features with unclear feasibility, more than a day of work, unknown technical territory, or anywhere discovering a wrong assumption late is costly
### [GitHub Actions Workflows](./github-actions.md) ⭐ NEW
**5 production-ready patterns for automating PR reviews, issue triage, and quality gates**
Connect Claude directly to your GitHub workflow via the official `claude-code-action`. Two modes: interactive (`@claude` mentions) and fully automated (push/schedule triggers).
**Key Topics**:
- Setup via `/install-github-app` (30-second quickstart)
- Pattern 1: On-demand PR review via `@claude` mention
- Pattern 2: Automatic review on every push
- Pattern 3: Issue triage and labeling
- Pattern 4: Security-focused review on sensitive paths
- Pattern 5: Scheduled weekly repo health check
- Cost control, concurrency, fork safety
**When to use**: Any team wanting AI-powered code review without managing infrastructure
---
### [Cognitive Mode Switching](./gstack-workflow.md) ⭐ NEW
Switch between specialist roles across your ship cycle: strategic product gate, architecture review, paranoid code review, automated release, native browser QA, and retrospective.