netwrix · jth-nw · Feb 12, 2026 · Feb 10, 2026 · Feb 10, 2026 · Feb 10, 2026
diff --git a/.github/workflows/claude-issue-labeler.yml b/.github/workflows/claude-issue-labeler.yml
@@ -2,7 +2,7 @@ name: Claude Issue Labeler
 
 on:
   issues:
-    types: [opened]
+    types: []  # Disabled - replaced by claude-issue-processor.yml
 
 jobs:
   label-issue:

diff --git a/.github/workflows/claude-issue-processor.yml b/.github/workflows/claude-issue-processor.yml
@@ -0,0 +1,220 @@
+name: Claude Issue Processor
+
+on:
+  issues:
+    types: [opened]
+
+jobs:
+  template-validation:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      issues: write
+      id-token: write
+    outputs:
+      template_type: ${{ steps.validate.outputs.template_type }}
+      validation_failed: ${{ steps.validate.outputs.validation_failed }}
+
+    steps:
+      - name: Checkout repository (Issue templates only)
+        uses: actions/checkout@v4
+        with:
+          sparse-checkout: |
+            .github/ISSUE_TEMPLATE
+          sparse-checkout-cone-mode: false
+
+      - name: Validate and correct template usage
+        id: validate
+        uses: anthropics/claude-code-action@v1
+        with:
+          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          prompt: |
+            REPO: ${{ github.repository }}
+            ISSUE NUMBER: ${{ github.event.issue.number }}
+
+            A new issue has been opened. Your task is to validate that the correct issue template was used.
+
+            STEPS:
+            1. Read the issue using `gh issue view ${{ github.event.issue.number }} --json title,body,labels`
+            2. Read the available issue templates from .github/ISSUE_TEMPLATE/ directory
+            3. Analyze the issue content to determine which template SHOULD have been used:
+               - Keywords "site", "navigation", "docusaurus", "search", "layout", "menu" → site templates
+               - Keywords "documentation", "content", "tutorial", "guide", "missing", "incorrect" → content templates
+               - Labels or title containing "fix", "bug", "broken", "error" → fix templates
+               - Labels or title containing "add", "feature", "enhancement", "new" → add templates
+            4. Compare the issue structure to the templates to see which was actually used
+            5. If the wrong template was used:
+               - Extract the user's information from the current issue body
+               - Map it to the correct template structure
+               - Update the issue body using `gh issue edit ${{ github.event.issue.number }} --body "..."`
+               - Add a comment explaining the correction
+            6. Output the template type by running:
+               echo "template_type=[content_fix|content_add|site_fix|site_add]" >> $GITHUB_OUTPUT
+               echo "validation_failed=[true|false]" >> $GITHUB_OUTPUT
+
+            IMPORTANT:
+            - Preserve all user-provided information during template correction
+            - Be conservative - only change the template if it's clearly wrong
+            - Always set both output variables
+          claude_args: '--allowed-tools "Bash(gh issue:*),Read,Grep,Glob"'
+
+  primary-labeling:
+    runs-on: ubuntu-latest
+    needs: template-validation
+    permissions:
+      contents: read
+      issues: write
+      id-token: write
+    outputs:
+      primary_label: ${{ steps.label.outputs.primary_label }}
+      should_continue: ${{ steps.label.outputs.should_continue }}
+
+    steps:
+      - name: Assign primary AI label
+        id: label
+        uses: anthropics/claude-code-action@v1
+        with:
+          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          prompt: |
+            REPO: ${{ github.repository }}
+            ISSUE NUMBER: ${{ github.event.issue.number }}
+            TEMPLATE TYPE: ${{ needs.template-validation.outputs.template_type }}
+
+            Your task is to assign the primary "AI:" label to this issue.
+
+            STEPS:
+            1. Read the issue using `gh issue view ${{ github.event.issue.number }} --json title,body,labels`
+            2. Analyze the issue to determine the primary label:
+
+               DECISION TREE:
+               a) If TEMPLATE_TYPE contains "site" → Assign "AI:docusaurus"
+               b) Else if TEMPLATE_TYPE contains "content" → Assign "AI:docs"
+               c) Else check for SPECIAL CASES:
+
+                  DUPLICATE: Search for similar issues
+                  - Run: gh search issues --repo ${{ github.repository }} --match title --state all --limit 5 --json number,title,state,url --jq '.[] | select(.number != ${{ github.event.issue.number }})'
+                  - If similar issue found:
+                    * Add label "duplicate"
+                    * Comment: "This appears to be a duplicate of #[NUMBER]. Please see that issue for discussion."
+                    * Close: gh issue close ${{ github.event.issue.number }} --reason "not planned"
+                    * Set should_continue=false
+
+                  PRODUCT BUG: Keywords "crash", "error code", "software bug", "application error" AND mentions specific product behavior
+                  - Add label "bug"
+                  - Comment: "This appears to be a product bug rather than a documentation issue. Please report this to Netwrix Support: https://netwrix.com/en/support/"
+                  - Close: gh issue close ${{ github.event.issue.number }} --reason "not planned"
+                  - Set should_continue=false
+
+                  FEATURE PROPOSAL: Keywords "should add", "feature request", "enhancement", "please implement"
+                  - Add label "proposal"
+                  - Comment: "This appears to be a feature request. Please share your ideas on the Netwrix Community: https://community.netwrix.com/"
+                  - Close: gh issue close ${{ github.event.issue.number }} --reason "not planned"
+                  - Set should_continue=false
+
+            3. If NOT a special case, assign the appropriate AI label:
+               - gh issue edit ${{ github.event.issue.number }} --add-label "[AI:docs|AI:docusaurus]"
+               - Set should_continue=true
+
+            4. Output the results:
+               echo "primary_label=[LABEL]" >> $GITHUB_OUTPUT
+               echo "should_continue=[true|false]" >> $GITHUB_OUTPUT
+
+            IMPORTANT:
+            - Only close issues for special cases (duplicate, bug, proposal)
+            - For normal documentation issues, just add the AI label and continue
+            - Always set both output variables
+          claude_args: '--allowed-tools "Bash(gh issue:*),Bash(gh search:*),Read"'
+
+  secondary-labeling:
+    runs-on: ubuntu-latest
+    needs: [template-validation, primary-labeling]
+    if: needs.primary-labeling.outputs.should_continue == 'true'
+    permissions:
+      contents: read
+      issues: write
+      id-token: write
+
+    steps:
+      - name: Checkout repository (CODEOWNERS only)
+        uses: actions/checkout@v4
+        with:
+          sparse-checkout: |
+            .github/CODEOWNERS
+          sparse-checkout-cone-mode: false
+
+      - name: Assign product labels and notify teams
+        uses: anthropics/claude-code-action@v1
+        with:
+          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          prompt: |
+            REPO: ${{ github.repository }}
+            ISSUE NUMBER: ${{ github.event.issue.number }}
+
+            Your task is to identify relevant product(s) and notify the appropriate teams.
+
+            STEPS:
+            1. Read the issue using `gh issue view ${{ github.event.issue.number }} --json body`
+            2. Read .github/CODEOWNERS to understand product-to-team mappings
+            3. Parse CODEOWNERS to extract product-team relationships:
+               - Look for lines like: /docs/productname/ @netwrix/team-docs
+               - Extract the product directory name and team handle
+            4. Analyze the issue body for product mentions:
+               - Check for product names in dropdown selections (if preserved in body)
+               - Scan for product names mentioned in text
+               - Common products: Password Secure, Auditor, Access Analyzer, Privilege Secure, etc.
+            5. For each detected product:
+               a) Normalize product name to label format:
+                  - "Password Secure 9.3" → "password-secure"
+                  - "Access Analyzer 12.0" → "access-analyzer"
+                  - "Auditor 10.8" → "auditor"
+                  - Remove spaces, convert to lowercase, keep hyphens
+               b) Add product label: gh issue edit ${{ github.event.issue.number }} --add-label "PRODUCT_LABEL"
+               c) Look up team from CODEOWNERS:
+                  - Normalize label for directory match (remove hyphens): "password-secure" → "passwordsecure"
+                  - Find line in CODEOWNERS: /docs/passwordsecure/ @netwrix/passwordsecure-docs
+                  - Extract team handle
+               d) Notify team with comment:
+                  gh issue comment ${{ github.event.issue.number }} --body "This issue appears to be related to [PRODUCT NAME]. Notifying [TEAM] for review."
+
+            6. Handle multiple products (repeat step 5 for each)
+
+            PRODUCT NAME NORMALIZATION:
+            - "1Secure" → "1secure"
+            - "Access Analyzer" → "access-analyzer" (directory: accessanalyzer)
+            - "Access Information Center" → "access-information-center" (directory: accessinformationcenter)
+            - "Activity Monitor" → "activity-monitor" (directory: activitymonitor)
+            - "Auditor" → "auditor"
+            - "Change Tracker" → "change-tracker" (directory: changetracker)
+            - "Data Classification" → "data-classification" (directory: dataclassification)
+            - "Directory Manager" → "directory-manager" (directory: directorymanager)
+            - "Endpoint Policy Manager" → "endpoint-policy-manager" (directory: endpointpolicymanager)
+            - "Endpoint Protector" → "endpoint-protector" (directory: endpointprotector)
+            - "Identity Manager" → "identity-manager" (directory: identitymanager)
+            - "Identity Recovery" → "identity-recovery" (directory: identityrecovery)
+            - "Password Policy Enforcer" → "password-policy-enforcer" (directory: passwordpolicyenforcer)
+            - "Password Reset" → "password-reset" (directory: passwordreset)
+            - "Password Secure" → "password-secure" (directory: passwordsecure)
+            - "PingCastle" → "pingcastle"
+            - "Platform Governance for NetSuite" → "platform-governance-netsuite" (directory: platgovnetsuite)
+            - "Privilege Secure" → "privilege-secure" (directory: privilegesecure)
+            - "Recovery for Active Directory" → "recovery-for-active-directory" (directory: recoveryforactivedirectory)
+            - "Threat Manager" → "threat-manager" (directory: threatmanager)
+            - "Threat Prevention" → "threat-prevention" (directory: threatprevention)
+
+            IMPORTANT:
+            - Multiple products may be mentioned - handle all of them
+            - Be case-insensitive when matching product names
+            - If no products are clearly identified, skip labeling (don't guess)
+          claude_args: '--allowed-tools "Bash(gh issue:*),Read,Grep"'
+
+      - name: Handle labeling failures
+        if: failure()
+        run: |
+          gh issue comment ${{ github.event.issue.number }} \
+            --body "⚠️ Automated product labeling failed. Manual review may be needed."
+          gh issue edit ${{ github.event.issue.number }} --add-label "automation-failed"
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md
@@ -0,0 +1,128 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+We as members, contributors, and leaders pledge to make participation in our
+community a harassment-free experience for everyone, regardless of age, body
+size, visible or invisible disability, ethnicity, sex characteristics, gender
+identity and expression, level of experience, education, socio-economic status,
+nationality, personal appearance, race, religion, or sexual identity
+and orientation.
+
+We pledge to act and interact in ways that contribute to an open, welcoming,
+diverse, inclusive, and healthy community.
+
+## Our Standards
+
+Examples of behavior that contributes to a positive environment for our
+community include:
+
+* Demonstrating empathy and kindness toward other people
+* Being respectful of differing opinions, viewpoints, and experiences
+* Giving and gracefully accepting constructive feedback
+* Accepting responsibility and apologizing to those affected by our mistakes,
+  and learning from the experience
+* Focusing on what is best not just for us as individuals, but for the
+  overall community
+
+Examples of unacceptable behavior include:
+
+* The use of sexualized language or imagery, and sexual attention or
+  advances of any kind
+* Trolling, insulting or derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or email
+  address, without their explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Enforcement Responsibilities
+
+Community leaders are responsible for clarifying and enforcing our standards of
+acceptable behavior and will take appropriate and fair corrective action in
+response to any behavior that they deem inappropriate, threatening, offensive,
+or harmful.
+
+Community leaders have the right and responsibility to remove, edit, or reject
+comments, commits, code, wiki edits, issues, and other contributions that are
+not aligned to this Code of Conduct, and will communicate reasons for moderation
+decisions when appropriate.
+
+## Scope
+
+This Code of Conduct applies within all community spaces, and also applies when
+an individual is officially representing the community in public spaces.
+Examples of representing our community include using an official e-mail address,
+posting via an official social media account, or acting as an appointed
+representative at an online or offline event.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported to the community leaders responsible for enforcement at
+.
+All complaints will be reviewed and investigated promptly and fairly.
+
+All community leaders are obligated to respect the privacy and security of the
+reporter of any incident.
+
+## Enforcement Guidelines
+
+Community leaders will follow these Community Impact Guidelines in determining
+the consequences for any action they deem in violation of this Code of Conduct:
+
+### 1. Correction
+
+**Community Impact**: Use of inappropriate language or other behavior deemed
+unprofessional or unwelcome in the community.
+
+**Consequence**: A private, written warning from community leaders, providing
+clarity around the nature of the violation and an explanation of why the
+behavior was inappropriate. A public apology may be requested.
+
+### 2. Warning
+
+**Community Impact**: A violation through a single incident or series
+of actions.
+
+**Consequence**: A warning with consequences for continued behavior. No
+interaction with the people involved, including unsolicited interaction with
+those enforcing the Code of Conduct, for a specified period of time. This
+includes avoiding interactions in community spaces as well as external channels
+like social media. Violating these terms may lead to a temporary or
+permanent ban.
+
+### 3. Temporary Ban
+
+**Community Impact**: A serious violation of community standards, including
+sustained inappropriate behavior.
+
+**Consequence**: A temporary ban from any sort of interaction or public
+communication with the community for a specified period of time. No public or
+private interaction with the people involved, including unsolicited interaction
+with those enforcing the Code of Conduct, is allowed during this period.
+Violating these terms may lead to a permanent ban.
+
+### 4. Permanent Ban
+
+**Community Impact**: Demonstrating a pattern of violation of community
+standards, including sustained inappropriate behavior,  harassment of an
+individual, or aggression toward or disparagement of classes of individuals.
+
+**Consequence**: A permanent ban from any sort of public interaction within
+the community.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage],
+version 2.0, available at
+https://www.contributor-covenant.org/version/2/0/code_of_conduct.html.
+
+Community Impact Guidelines were inspired by [Mozilla's code of conduct
+enforcement ladder](https://github.com/mozilla/diversity).
+
+[homepage]: https://www.contributor-covenant.org
+
+For answers to common questions about this code of conduct, see the FAQ at
+https://www.contributor-covenant.org/faq. Translations are available at
+https://www.contributor-covenant.org/translations.
-Original file line number
+Diff line change
@@ Expand Up / @@ -2,7 +2,7 @@ name: Claude Issue Labeler @@
     on:
       issues:
-        types: [opened]
+        types: []  # Disabled - replaced by claude-issue-processor.yml
     jobs:
       label-issue:
@@ Expand Down @@