Merge branch 'main' into main

Author: priyansh4320

.github/CODEOWNERS

@@ -0,0 +1,9 @@
+# AG2 code owners
+# About code owners https://docs.github.com/ru/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners
+
+# A2A and Remote
+/autogen/a2a/ @Lancetnik
+/autogen/remote/ @Lancetnik
+/test/a2a/ @Lancetnik
+/test/remote/ @Lancetnik
+/website/docs/user-guide/a2a/ @Lancetnik

.github/workflows/build-docs.yml

@@ -28,11 +28,11 @@ jobs:
       - uses: astral-sh/setup-uv@v6
         with:
           version: "latest"
-      - uses: actions/setup-node@v4
+      - uses: actions/setup-node@v5
         with:
           node-version: ${{ github.event.inputs.node-version }}
       - name: setup python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: ${{ github.event.inputs.python-version }}
 

.github/workflows/build-mkdocs.yml

@@ -21,7 +21,7 @@ jobs:
         with:
           version: "latest"
       - name: setup python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: ${{ github.event.inputs.python-version }}
 

.github/workflows/claude-code-review.yml

@@ -0,0 +1,130 @@
+name: Claude Code Review
+
+on:
+  # For PRs from the same repository (fast path)
+  pull_request:
+    types:
+      - opened
+      - synchronize
+      - ready_for_review
+  # For PRs from forked repositories (secure path with secrets)
+  pull_request_target:
+    types:
+      - opened
+      - synchronize
+      - ready_for_review
+
+jobs:
+  # Job for same-repo PRs (can use OIDC if needed)
+  claude-review-same-repo:
+    if: |
+      github.event_name == 'pull_request' &&
+      github.event.pull_request.head.repo.full_name == github.repository &&
+      github.event.pull_request.draft == false
+
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      pull-requests: read
+      issues: read
+      id-token: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 1
+
+      - name: Checkout PR branch
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          echo "Checking out PR #${{ github.event.pull_request.number }}"
+          gh pr checkout ${{ github.event.pull_request.number }}
+          echo "✅ PR branch checked out successfully"
+
+      - name: Run Claude Code Review
+        id: claude-review
+        uses: anthropics/claude-code-action@v1
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
+          prompt: |
+            REPO: ${{ github.repository }}
+            PR NUMBER: ${{ github.event.pull_request.number }}
+
+            Please review this pull request and provide feedback on:
+            - Code quality and best practices
+            - Potential bugs or issues
+            - Performance considerations
+            - Security concerns
+            - Test coverage
+
+            # Steps to run a Review:
+              1) Check if previous review is already done by Claude. If so, perform a re-reivew with the latest changes referring previous review.
+              2) If no previous review is found, perform a new review with the latest changes.
+
+            Use the repository's CLAUDE.md for guidance on style and conventions. Be constructive and helpful in your feedback.
+
+            Use `gh pr comment` with your Bash tool to leave your review as a comment on the PR.
+
+          claude_args: '--allowed-tools "Bash(gh issue view:*),Bash(gh search:*),Bash(gh issue list:*),Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*),Bash(gh pr list:*)"'
+
+  # Job for forked PRs (no OIDC, token-based only)
+  claude-review-forked:
+    if: |
+      github.event_name == 'pull_request_target' &&
+      github.event.pull_request.head.repo.full_name != github.repository &&
+      github.event.pull_request.draft == false
+
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      pull-requests: write
+      issues: read
+      # Explicitly disable id-token to avoid OIDC flow
+
+    steps:
+      - name: Checkout repository (no credentials persisted)
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 1
+          persist-credentials: false
+
+      - name: Checkout PR branch (forked PR)
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          echo "⚠️  Forked PR detected - running in secure mode"
+          echo "PR from: ${{ github.event.pull_request.head.repo.full_name }}"
+          echo "Base repo: ${{ github.repository }}"
+          echo "Checking out PR #${{ github.event.pull_request.number }}"
+          gh pr checkout ${{ github.event.pull_request.number }}
+          echo "✅ PR branch checked out successfully"
+
+      - name: Run Claude Code Review
+        id: claude-review
+        uses: anthropics/claude-code-action@v1
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
+          prompt: |
+            REPO: ${{ github.repository }}
+            PR NUMBER: ${{ github.event.pull_request.number }}
+
+            Please review this pull request and provide feedback on:
+            - Code quality and best practices
+            - Potential bugs or issues
+            - Performance considerations
+            - Security concerns
+            - Test coverage
+
+            # Steps to run a Review:
+              1) Check if previous review is already done by Claude. If so, perform a re-reivew with the latest changes referring previous review.
+              2) If no previous review is found, perform a new review with the latest changes.
+
+            Use the repository's CLAUDE.md for guidance on style and conventions. Be constructive and helpful in your feedback.
+
+            Use `gh pr comment` with your Bash tool to leave your review as a comment on the PR.
+
+          claude_args: '--allowed-tools "Bash(gh issue view:*),Bash(gh search:*),Bash(gh issue list:*),Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*),Bash(gh pr list:*)"'

.github/workflows/claude.yml

@@ -0,0 +1,70 @@
+name: Claude Code
+
+on:
+  issue_comment:
+    types: [created]
+  pull_request_review_comment:
+    types: [created]
+  issues:
+    types: [opened, assigned]
+  pull_request_review:
+    types: [submitted]
+
+jobs:
+  claude:
+    if: |
+      (github.event_name == 'issue_comment' && contains(github.event.comment.body, '@claude')) ||
+      (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@claude')) ||
+      (github.event_name == 'pull_request_review' && contains(github.event.review.body, '@claude')) ||
+      (github.event_name == 'issues' && (contains(github.event.issue.body, '@claude') || contains(github.event.issue.title, '@claude')))
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      pull-requests: read
+      issues: read
+      id-token: write
+      actions: read # Required for Claude to read CI results on PRs
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 1
+
+      - name: Checkout PR branch (if comment is on a PR)
+        if: github.event.issue.pull_request || github.event.pull_request
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          if [ -n "${{ github.event.issue.number }}" ]; then
+            PR_NUMBER="${{ github.event.issue.number }}"
+          elif [ -n "${{ github.event.pull_request.number }}" ]; then
+            PR_NUMBER="${{ github.event.pull_request.number }}"
+          fi
+
+          if [ -n "$PR_NUMBER" ]; then
+            echo "Detected comment on PR #$PR_NUMBER"
+
+            # Check if it's a forked PR
+            PR_INFO=$(gh pr view $PR_NUMBER --json isCrossRepository,headRepositoryOwner 2>/dev/null || echo '{}')
+            IS_FORK=$(echo "$PR_INFO" | jq -r '.isCrossRepository // false')
+
+            if [ "$IS_FORK" = "true" ]; then
+              echo "⚠️  Forked PR detected - running in secure mode"
+              FORK_OWNER=$(echo "$PR_INFO" | jq -r '.headRepositoryOwner.login')
+              echo "PR from: $FORK_OWNER"
+            fi
+
+            echo "Checking out PR #$PR_NUMBER"
+            gh pr checkout $PR_NUMBER
+            echo "✅ PR branch checked out successfully"
+          fi
+
+      - name: Run Claude Code
+        id: claude
+        uses: anthropics/claude-code-action@v1
+        with:
+          claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
+
+          # This is an optional setting that allows Claude to read CI results on PRs
+          additional_permissions: |
+            actions: read

.github/workflows/contrib-graph-rag-tests.yml

@@ -63,7 +63,7 @@ jobs:
         with:
           version: "latest"
       - name: Set up Python ${{ matrix.python-version }}
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: ${{ matrix.python-version }}
       - name: Install FalkorDB SDK when on linux
@@ -136,7 +136,7 @@ jobs:
         with:
           version: "latest"
       - name: Set up Python ${{ matrix.python-version }}
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: ${{ matrix.python-version }}
       - name: Install Neo4j and Llama-index when on linux
@@ -185,7 +185,7 @@ jobs:
   #       with:
   #         version: "latest"
   #     - name: Set up Python ${{ matrix.python-version }}
-  #       uses: actions/setup-python@v5
+  #       uses: actions/setup-python@v6
   #       with:
   #         python-version: ${{ matrix.python-version }}
   #     - name: Install Neo4j and Llama-index when on linux

.github/workflows/contrib-llm-test.yml

@@ -54,7 +54,7 @@ jobs:
         with:
           version: "latest"
       - name: Set up Python ${{ matrix.python-version }}
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: ${{ matrix.python-version }}
       - name: Install packages and dependencies
@@ -112,13 +112,19 @@ jobs:
         with:
           version: "latest"
       - name: Set up Python ${{ matrix.python-version }}
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: ${{ matrix.python-version }}
       - name: Install packages and dependencies
         run: |
           docker --version
-          uv pip install --system -e ".[test,openai,autobuild,captainagent]"
+          uv pip install --system -e ".[test,openai,autobuild,captainagent,gemini]"
+      - name: Create OAI_CONFIG_LIST from Secret
+        run: |
+          cat > OAI_CONFIG_LIST << 'EOF'
+          ${{ secrets.OAI_CONFIG_LIST }}
+          EOF
+        shell: bash
       - name: Run tests
         env:
           OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
@@ -170,7 +176,7 @@ jobs:
         with:
           version: "latest"
       - name: Set up Python ${{ matrix.python-version }}
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: ${{ matrix.python-version }}
       - name: Install packages and dependencies