Rename GITHUB_PERSONAL_ACCESS_TOKEN to GH_TOKEN #13
+21
−21
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
kevinbackhouse
requested review from
JarLob,
m-y-mo,
p- and
sylwia-budzynska
as code owners
Contributor
There was a problem hiding this comment.
Pull request overview
This PR renames the environment variable GITHUB_PERSONAL_ACCESS_TOKEN to GH_TOKEN across the entire codebase to comply with GitHub Codespaces naming restrictions that prohibit secret names starting with "GITHUB".
- Renamed environment variable from
GITHUB_PERSONAL_ACCESS_TOKENtoGH_TOKENacross all MCP servers, toolbox configurations, scripts, and documentation - Updated Python code to read the new
GH_TOKENenvironment variable - Updated shell scripts and devcontainer configuration to use the new variable name
Reviewed changes
Copilot reviewed 12 out of 12 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| src/seclab_taskflows/toolboxes/local_gh_resources.yaml | Updated env variable reference from GITHUB_PERSONAL_ACCESS_TOKEN to GH_TOKEN |
| src/seclab_taskflows/toolboxes/ghsa.yaml | Updated env variable reference from GITHUB_PERSONAL_ACCESS_TOKEN to GH_TOKEN |
| src/seclab_taskflows/toolboxes/gh_file_viewer.yaml | Updated env variable reference from GITHUB_PERSONAL_ACCESS_TOKEN to GH_TOKEN |
| src/seclab_taskflows/toolboxes/gh_code_scanning.yaml | Updated env variable reference from GITHUB_PERSONAL_ACCESS_TOKEN to GH_TOKEN |
| src/seclab_taskflows/toolboxes/gh_actions.yaml | Updated env variable reference from GITHUB_PERSONAL_ACCESS_TOKEN to GH_TOKEN |
| src/seclab_taskflows/mcp_servers/local_gh_resources.py | Renamed Python variable and updated all references in authorization headers |
| src/seclab_taskflows/mcp_servers/gh_file_viewer.py | Renamed Python variable and updated all references in authorization headers |
| src/seclab_taskflows/mcp_servers/gh_code_scanning.py | Renamed Python variable and updated all references in authorization headers |
| src/seclab_taskflows/mcp_servers/gh_actions.py | Renamed Python variable and updated all references in authorization headers |
| src/seclab_taskflows/mcp_servers/codeql_python/README.md | Updated documentation to reference GH_TOKEN instead of GITHUB_PERSONAL_ACCESS_TOKEN |
| src/run_seclab_agent.sh | Updated shell script to pass GH_TOKEN environment variable to Docker container |
| .devcontainer/post-attach.sh | Updated Codespaces warning message to reference GH_TOKEN |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
p-
approved these changes
Dec 8, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Codespace secrets are not allowed to have a name that starts with "GITHUB".
I ran this command to replace the name everywhere:
I've made the same change in the other repo: GitHubSecurityLab/seclab-taskflow-agent#114