Bump senzing-factory/build-resources/.github/workflows/claude-pull-request-review.yaml from 3 to 4

[dependabot]

Bumps senzing-factory/build-resources/.github/workflows/claude-pull-request-review.yaml from 3 to 4.

Release notes

Sourced from senzing-factory/build-resources/.github/workflows/claude-pull-request-review.yaml's releases.

4.0.0

What's Changed

• #260 make shared workflows generic, misc cleanup by @​kernelsam in senzing-factory/build-resources#261

Full Changelog: senzing-factory/build-resources@v3...4.0.0

3.0.31

What's Changed

• Bump super-linter/super-linter from 8.4.0 to 8.5.0 by @​dependabot[bot] in senzing-factory/build-resources#257
• if the PR's REFRESHED_AT matches main's value, it only passes if that… by @​kernelsam in senzing-factory/build-resources#259

Full Changelog: senzing-factory/build-resources@v3...3.0.31

3.0.30

What's Changed

• Bump super-linter/super-linter from 8.3.1 to 8.3.2 by @​dependabot[bot] in senzing-factory/build-resources#254
• Bump actions/download-artifact from 6 to 7 by @​dependabot[bot] in senzing-factory/build-resources#250
• Bump super-linter/super-linter from 8.3.2 to 8.4.0 by @​dependabot[bot] in senzing-factory/build-resources#255
• Bump actions/upload-artifact from 5 to 6 by @​dependabot[bot] in senzing-factory/build-resources#249
• Fix regex for filtering GitHub workflows by @​kernelsam in senzing-factory/build-resources#256

Full Changelog: senzing-factory/build-resources@v3...3.0.30

3.0.29

What's Changed

• Bump super-linter/super-linter from 8.3.0 to 8.3.1 by @​dependabot[bot] in senzing-factory/build-resources#252
• Remove validation for natural language in workflows by @​kernelsam in senzing-factory/build-resources#253

Full Changelog: senzing-factory/build-resources@v3...3.0.29

3.0.28

What's Changed

• Add Markdown formatting guidelines to PR template by @​kernelsam in senzing-factory/build-resources#244
• Enhance PR review instructions for local and GitHub by @​kernelsam in senzing-factory/build-resources#246
• 247 dockter 1 by @​docktermj in senzing-factory/build-resources#248

New Contributors

• @​docktermj made their first contribution in senzing-factory/build-resources#248

Full Changelog: senzing-factory/build-resources@v3...3.0.28

3.0.27

Full Changelog: senzing-factory/build-resources@v3...3.0.27

3.0.26

Full Changelog: senzing-factory/build-resources@v3...3.0.26

... (truncated)

Changelog

Sourced from senzing-factory/build-resources/.github/workflows/claude-pull-request-review.yaml's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, markdownlint, and this project adheres to Semantic Versioning.

[Unreleased]

• Thing 5
• Thing 4

[1.0.1] - yyyy-mm-dd

Added to 1.0.1

• Thing 3

Fixed in 1.0.1

• Thing 2

[1.0.0] - yyyy-mm-dd

Added to 1.0.0

• Thing 2
• Thing 1

Commits

• 52eb86b bump tags to v4, slack channel override, missing claude settings (#262)
• 08fb769 #260 make shared workflows generic, misc cleanup (#261)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

---

Resolves #260
Resolves #262
Resolves #261
Resolves senzing-factory/build-resources#261
Resolves senzing-factory/build-resources#257
Resolves senzing-factory/build-resources#259
Resolves senzing-factory/build-resources#254
Resolves senzing-factory/build-resources#250
Resolves senzing-factory/build-resources#255
Resolves senzing-factory/build-resources#249
Resolves senzing-factory/build-resources#256
Resolves senzing-factory/build-resources#252
Resolves senzing-factory/build-resources#253
Resolves senzing-factory/build-resources#244
Resolves senzing-factory/build-resources#246
Resolves senzing-factory/build-resources#248

[github-actions]

🤖 Claude Code Review

Code Review Analysis

Review Results

Code Quality ✅

• ✅ Code follows style guide: This is a simple version bump in a GitHub Actions workflow file. No style guide violations.
• ✅ No commented-out code: None present.
• ✅ Meaningful variable names: N/A - this is a workflow configuration change.
• ✅ DRY principle followed: N/A - single line change.
• ✅ Defects identification: No bugs, logic errors, or security vulnerabilities introduced. This is a straightforward version bump from v3 to v4 of the reusable workflow.
• ✅ Project memory consideration: No .claude/CLAUDE.md file present in the repository to consider.

Location: .github/workflows/claude-pr-review.yaml:15

Testing ⚠️

• ⚠️ Unit tests: N/A - This is infrastructure configuration, not application code.
• ⚠️ Integration tests: Not applicable for workflow version bumps, but the change should be verified by running the workflow.
• ⚠️ Edge cases: N/A
• ⚠️ Test coverage: N/A

Note: While automated tests aren't applicable here, this change should be validated by ensuring the v4 version of the reusable workflow exists and functions correctly.

Documentation ⚠️

• ⚠️ README updated: No README changes needed - this is an internal workflow update.
• ⚠️ API docs: N/A
• ⚠️ Inline comments: None needed for this simple change.
• ❌ CHANGELOG.md updated: No CHANGELOG.md update included. If this project maintains a changelog, this version bump should be documented.
• ✅ Markdown formatting: The existing YAML file maintains proper formatting.

Recommendation: If the project maintains a CHANGELOG.md, consider adding an entry like:

### Changed
- Updated claude-pr-review workflow to use v4 of reusable workflow

Security ✅

• ✅ No hardcoded credentials: None present.
• ✅ Input validation: N/A
• ✅ Proper error handling: N/A
• ✅ No sensitive data in logs: None.
• ✅ No license files: No .lic files or AQAAAD strings detected.

---

Summary

Overall Assessment: ✅ APPROVED WITH MINOR RECOMMENDATIONS

This is a low-risk change that updates the reusable workflow version from v3 to v4. The change is clean and straightforward.

Recommendations:

1. Optional: Add a CHANGELOG.md entry if the project maintains one
2. Before merging: Verify that senzing-factory/build-resources/.github/workflows/claude-pull-request-review.yaml@v4 exists and review its changes compared to v3 to understand what improvements or breaking changes are included

No blocking issues identified.

Automated code review analyzing defects and coding standards

[github-actions]

🤖 Claude Code Review

Code Review Analysis

Code Quality

✅ Code follows style guide - The change is a simple version bump in a GitHub Actions workflow file. This type of change doesn't have style considerations beyond YAML formatting, which is correct.

✅ No commented-out code - No commented code present.

✅ Meaningful variable names - N/A for this change (workflow reference only).

✅ DRY principle followed - N/A for this change.

✅ Identify Defects - No bugs, logic errors, or security vulnerabilities identified. The change updates the reusable workflow reference from @v3 to @v4. This is a standard version bump pattern for GitHub Actions.

⚠️ Project memory configuration - No .claude/CLAUDE.md file found in the repository, so nothing to evaluate.

Testing

⚠️ Testing considerations - This is a workflow configuration change that references an external reusable workflow. Testing recommendations:

• Verify that senzing-factory/build-resources/.github/workflows/claude-pull-request-review.yaml@v4 exists and is compatible
• Consider reviewing the changelog/release notes for v4 to understand what changed from v3
• The workflow will be tested when it runs on this or subsequent PRs

Since this is infrastructure-as-code for CI/CD, traditional unit/integration tests don't apply. The "test" is whether the workflow executes successfully.

Documentation

✅ Readme updated if needed - N/A - This is a minor version bump that doesn't require README updates.

✅ API docs updated - N/A for workflow changes.

✅ Inline comments for complex logic - N/A - The change is self-documenting (version bump).

❌ CHANGELOG.md updated - The CHANGELOG.md should be updated to document this workflow version bump from v3 to v4. Location: ./CHANGELOG.md should include an entry explaining what changed in the v4 workflow.

✅ Markdown formatting - No markdown files were modified in this diff.

Security

✅ No hardcoded credentials - None present.

✅ Input validation implemented - N/A for this change.

✅ Proper error handling - N/A for this change.

✅ No sensitive data in logs - None present.

✅ No license files (.lic) or AQAAAD strings - None detected.

---

Summary

Overall Assessment: Approved with minor recommendation

This is a straightforward version bump of a reusable workflow reference. The change appears safe and follows standard practices for updating GitHub Actions workflows.

Required Action:

• Consider updating CHANGELOG.md to document this workflow version change (.github/workflows/claude-pr-review.yaml:15)

Recommendations:

• Verify the v4 workflow exists and review its changes compared to v3 before merging
• Monitor the first PR where this v4 workflow runs to ensure compatibility

---

Automated code review analyzing defects and coding standards

[github-actions]

🤖 Claude Code Review

❌ CHANGELOG.md not updated - (CHANGELOG.md:9) - The repository has a CHANGELOG.md with an [Unreleased] section that should document this workflow version update. The change should be added under ### Changed in the Unreleased section.

✅ README update - N/A, this is an internal workflow change that doesn't affect user-facing documentation.

✅ API docs - N/A, no API changes.

✅ Inline comments - N/A, the change is self-explanatory.

✅ Markdown formatting - The workflow file itself is YAML, not Markdown. The CHANGELOG.md that needs updating follows proper CommonMark format.

Security

✅ No hardcoded credentials - The workflow properly uses GitHub secrets via ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}.

✅ Input validation - N/A for this change.

✅ Proper error handling - N/A, this is delegated to the reusable workflow.

✅ No sensitive data in logs - No logging changes.

✅ No license files - No .lic files or AQAAAD strings detected in the diff.

Summary

Overall Assessment: The change is straightforward and appears safe - it's a version bump of a reusable GitHub Actions workflow dependency.

Required Actions:

1. ❌ Update CHANGELOG.md - Add an entry under [Unreleased] → ### Changed documenting the workflow version update from v3 to v4.

Recommended Actions:

1. ⚠️ Verify that the @v4 version exists in the upstream senzing-factory/build-resources repository.
2. ⚠️ Review the upstream changelog/release notes for v4 to ensure no breaking changes affect this implementation.
3. ⚠️ Monitor the first workflow run after merge to confirm proper operation.

---

Automated code review analyzing defects and coding standards