Commit edaffab
authored
fix(release): pass GITHUB_TOKEN to the Homebrew bump step (#2466)
`mislav/bump-homebrew-formula-action` uses two tokens:
```js
const internalToken = process.env.GITHUB_TOKEN || process.env.COMMITTER_TOKEN || ''
const externalToken = process.env.COMMITTER_TOKEN || ''
```
The internal token reads the source repo (release tag lookup, tarball
checksum); the external one writes to the tap. Our step only set
`COMMITTER_TOKEN`, so the action fell back to it for source-repo calls.
`HOMEBREW_TOKEN` is a fine-grained PAT scoped to
`dunglas/homebrew-frankenphp` only (fine-grained PATs have no implicit
public-repo access), so every call against `php/frankenphp` failed with
`unexpected HTTP 403 response`. This broke the "Bump Homebrew formula"
step of the v1.12.4 release runs.
Setting `GITHUB_TOKEN` restores the intended split: workflow token for
reads here, tap-scoped PAT for the formula commit.1 parent 8c9e331 commit edaffab
1 file changed
Lines changed: 4 additions & 0 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
384 | 384 | | |
385 | 385 | | |
386 | 386 | | |
| 387 | + | |
| 388 | + | |
| 389 | + | |
| 390 | + | |
0 commit comments