From 50659cc805015abae7d829bb7c23eaa713fc647c Mon Sep 17 00:00:00 2001
From: Daniel Chalef <131175+danielchalef@users.noreply.github.com>
Date: Wed, 5 Nov 2025 08:31:06 -0800
Subject: [PATCH] Disable fork PR comment job in workflow (#1047)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Disable fork PR comment job in Claude Code review workflow

The notify-external-contributor job fails with "Resource not accessible by integration" error when triggered by PRs from forks. GitHub security restrictions limit fork PRs to read-only GITHUB_TOKEN, preventing comment creation despite having pull-requests:write permissions.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-authored-by: Claude <noreply@anthropic.com>
---
 .github/workflows/claude-code-review.yml | 51 +++++++++++++-----------
 1 file changed, 27 insertions(+), 24 deletions(-)

diff --git a/.github/workflows/claude-code-review.yml b/.github/workflows/claude-code-review.yml
index 47c714ee..032dace6 100644
--- a/.github/workflows/claude-code-review.yml
+++ b/.github/workflows/claude-code-review.yml
@@ -77,27 +77,30 @@ jobs:
             --allowedTools "mcp__github_inline_comment__create_inline_comment,Bash(gh pr comment:*), Bash(gh pr diff:*), Bash(gh pr view:*)"
             --model claude-sonnet-4-5-20250929
 
-  notify-external-contributor:
-    needs: check-fork
-    if: needs.check-fork.outputs.is_fork == 'true'
-    runs-on: ubuntu-latest
-    permissions:
-      pull-requests: write
-    steps:
-      - name: Add comment for external contributors
-        uses: actions/github-script@v7
-        with:
-          script: |
-            const comment = `👋 Thanks for your contribution!
-
-            This PR is from a fork, so automated Claude Code reviews are not run for security reasons.
-            A maintainer will manually trigger a review after an initial security check.
-
-            You can expect feedback soon!`;
-
-            github.rest.issues.createComment({
-              issue_number: context.issue.number,
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              body: comment
-            });
+  # Disabled: This job fails with "Resource not accessible by integration" error
+  # when triggered by pull_request events from forks due to GitHub security restrictions.
+  # Fork PRs run with read-only GITHUB_TOKEN and cannot post comments.
+  # notify-external-contributor:
+  #   needs: check-fork
+  #   if: needs.check-fork.outputs.is_fork == 'true'
+  #   runs-on: ubuntu-latest
+  #   permissions:
+  #     pull-requests: write
+  #   steps:
+  #     - name: Add comment for external contributors
+  #       uses: actions/github-script@v7
+  #       with:
+  #         script: |
+  #           const comment = `👋 Thanks for your contribution!
+  #
+  #           This PR is from a fork, so automated Claude Code reviews are not run for security reasons.
+  #           A maintainer will manually trigger a review after an initial security check.
+  #
+  #           You can expect feedback soon!`;
+  #
+  #           github.rest.issues.createComment({
+  #             issue_number: context.issue.number,
+  #             owner: context.repo.owner,
+  #             repo: context.repo.repo,
+  #             body: comment
+  #           });