Conversation
There was a problem hiding this comment.
Pull request overview
This PR updates the GITHUB_TOKEN handling to use secrets.GITHUB_TOKEN instead of github.token. The changes improve clarity in error messaging and align the workflow configuration with the updated guidance.
- Updated the informational message in
src/index.tsto specify usingsecrets.GITHUB_TOKENin the env - Modified the workflow file to use
secrets.GITHUB_TOKENinstead ofgithub.token
Reviewed changes
Copilot reviewed 2 out of 3 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| src/index.ts | Updated error message to specify secrets.GITHUB_TOKEN syntax |
| .github/workflows/market-place-test.yml | Changed token reference from github.token to secrets.GITHUB_TOKEN |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| - uses: tombi-toml/setup-tombi@v1.0.4 | ||
| env: | ||
| GITHUB_TOKEN: ${{ github.token }} | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |
There was a problem hiding this comment.
Using secrets.GITHUB_TOKEN requires the token to be explicitly configured as a repository secret. The github.token context provides an automatically generated token for workflow runs. Unless there's a specific reason to use a custom token, github.token is the recommended approach as it works without additional configuration.
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| GITHUB_TOKEN: ${{ github.token }} |
No description provided.