From 5501f08ac5d0f101049f329f26738818c4d39e3c Mon Sep 17 00:00:00 2001
From: Daniel Haag <daniel.haag@tum.de>
Date: Mon, 7 Jul 2025 14:51:09 +0200
Subject: [PATCH 01/10] Make token an input for update workflow

---
 .github/workflows/reusable-mqt-core-update.yml | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/reusable-mqt-core-update.yml b/.github/workflows/reusable-mqt-core-update.yml
index 56dc652..9013381 100644
--- a/.github/workflows/reusable-mqt-core-update.yml
+++ b/.github/workflows/reusable-mqt-core-update.yml
@@ -11,10 +11,14 @@ on:
   workflow_call:
     inputs:
       update-to-head:
-        description: "Whether to update to the latest commit on the main branch or the latest release"
+        description: Whether to update to the latest commit on the main branch or the latest release
         default: false
         type: boolean
         required: false
+      token:
+        description: Token with permissions to create and update pull requests
+        type: string
+        required: true
 jobs:
   update-mqt-core:
     name: ⬆️ Update MQT Core
@@ -147,17 +151,13 @@ jobs:
         if: steps.compare-versions.outputs.update == 'true'
         uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7
         with:
-          token: ${{ github.token }}
+          token: ${{ inputs.token }}
           commit-message: "⬆️ Update `munich-quantum-toolkit/core`"
           title: "⬆️ Update `munich-quantum-toolkit/core`"
           body: |
             This pull request updates the [munich-quantum-toolkit/core](https://github.com/munich-quantum-toolkit/core) dependency from munich-quantum-toolkit/core@${{ steps.get-used-version.outputs.revision }} (version v${{ steps.get-used-version.outputs.version }}) to munich-quantum-toolkit/core@${{ steps.determine-new-version-and-revision.outputs.new_revision }} (version v${{ steps.determine-new-version-and-revision.outputs.new_version }}).
 
             **Full Changelog**: https://github.com/munich-quantum-toolkit/core/compare/${{ steps.get-used-version.outputs.revision }}...${{ steps.determine-new-version-and-revision.outputs.new_revision }}
-
-            > [!NOTE]
-            > This pull request was automatically created by a GitHub Actions workflow, which does not have permissions to trigger other workflows.
-            > Manually close and reopen this pull request to trigger the dependent workflows.
           branch: "update-mqt-core-${{ steps.determine-new-version-and-revision.outputs.new_revision }}"
           labels: "dependencies,c++"
           base: "main"

From 1c7c41fee6d73e7a37a7c7712d191eb835fafc82 Mon Sep 17 00:00:00 2001
From: Daniel Haag <daniel.haag@tum.de>
Date: Mon, 7 Jul 2025 19:15:36 +0200
Subject: [PATCH 02/10] Add step creating a GitHub App token

---
 .github/workflows/reusable-mqt-core-update.yml | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/reusable-mqt-core-update.yml b/.github/workflows/reusable-mqt-core-update.yml
index 9013381..e2993fd 100644
--- a/.github/workflows/reusable-mqt-core-update.yml
+++ b/.github/workflows/reusable-mqt-core-update.yml
@@ -15,9 +15,12 @@ on:
         default: false
         type: boolean
         required: false
-      token:
-        description: Token with permissions to create and update pull requests
-        type: string
+    secrets:    
+      APP_ID:
+        description: ID of the GitHub App with permission to create and update pull requests
+        required: true
+      APP_PRIVATE_KEY:
+        description: Private key of the GitHub App with permission to create and update pull requests
         required: true
 jobs:
   update-mqt-core:
@@ -27,6 +30,12 @@ jobs:
       contents: write
       pull-requests: write
     steps:
+      # Create a GitHub App token
+      - id: create-token
+        uses: actions/create-github-app-token@v1
+        with:
+          app-id: ${{ secrets.APP_ID }}
+          private-key: ${{ secrets.APP_PRIVATE_KEY }}
       # Check out the repository
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
         with:

From 0f4863a7f678a3759088fb25b087eeab5dc4375f Mon Sep 17 00:00:00 2001
From: "pre-commit-ci[bot]"
 <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Date: Mon, 7 Jul 2025 17:26:43 +0000
Subject: [PATCH 03/10] =?UTF-8?q?=F0=9F=8E=A8=20pre-commit=20fixes?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .github/workflows/reusable-mqt-core-update.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/reusable-mqt-core-update.yml b/.github/workflows/reusable-mqt-core-update.yml
index e2993fd..3112015 100644
--- a/.github/workflows/reusable-mqt-core-update.yml
+++ b/.github/workflows/reusable-mqt-core-update.yml
@@ -15,7 +15,7 @@ on:
         default: false
         type: boolean
         required: false
-    secrets:    
+    secrets:
       APP_ID:
         description: ID of the GitHub App with permission to create and update pull requests
         required: true

From a06b63ab4550d73c9a3aae4feeef9ce60dcfede8 Mon Sep 17 00:00:00 2001
From: Daniel Haag <daniel.haag@tum.de>
Date: Mon, 7 Jul 2025 19:28:22 +0200
Subject: [PATCH 04/10] Fix token

---
 .github/workflows/reusable-mqt-core-update.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/reusable-mqt-core-update.yml b/.github/workflows/reusable-mqt-core-update.yml
index 3112015..aa5827f 100644
--- a/.github/workflows/reusable-mqt-core-update.yml
+++ b/.github/workflows/reusable-mqt-core-update.yml
@@ -160,7 +160,7 @@ jobs:
         if: steps.compare-versions.outputs.update == 'true'
         uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7
         with:
-          token: ${{ inputs.token }}
+          token: ${{ steps.create-token.outputs.token }}
           commit-message: "⬆️ Update `munich-quantum-toolkit/core`"
           title: "⬆️ Update `munich-quantum-toolkit/core`"
           body: |

From 193e1c2ddc54de745f6570afb79945b842b010d7 Mon Sep 17 00:00:00 2001
From: Daniel Haag <daniel.haag@tum.de>
Date: Tue, 8 Jul 2025 09:34:08 +0200
Subject: [PATCH 05/10] Update changelog and upgrade guide

---
 CHANGELOG.md | 3 +++
 UPGRADING.md | 4 ++++
 2 files changed, 7 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 124cd31..912fdc6 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -15,6 +15,7 @@ This project adheres to [Semantic Versioning], with the exception that minor rel
 
 ### Changed
 
+- 👷 Use GitHub App token for workflow that updates MQT Core ([#142]) ([**@denialhaag**])
 - 🐍🚨 Update `reusable-python-linter.yml` to allow disabling the `mypy` type checker ([#128]) ([**@burgholzer**])
 
 ## [1.11.0] - 2025-06-15
@@ -65,6 +66,7 @@ _📚 Refer to the [GitHub Release Notes] for previous changelogs._
 
 <!-- PR links -->
 
+[#142]: https://github.com/munich-quantum-toolkit/workflows/pull/142
 [#126]: https://github.com/munich-quantum-toolkit/workflows/pull/126
 [#119]: https://github.com/munich-quantum-toolkit/workflows/pull/119
 [#114]: https://github.com/munich-quantum-toolkit/workflows/pull/114
@@ -77,6 +79,7 @@ _📚 Refer to the [GitHub Release Notes] for previous changelogs._
 
 [**@burgholzer**]: https://github.com/burgholzer
 [**@ystade**]: https://github.com/ystade
+[**@denialhaag**]: https://github.com/denialhaag
 
 <!-- General links -->
 
diff --git a/UPGRADING.md b/UPGRADING.md
index 7e13e3c..28813cf 100644
--- a/UPGRADING.md
+++ b/UPGRADING.md
@@ -16,6 +16,10 @@ Project may want to add `ty` to their development dependencies to ensure that th
 uv add --dev ty
 ```
 
+Furthermore, this release changes the `reusable-mqt-core-update.yml` workflow to use a GitHub App token for creating and editing pull requests.
+This token has permissions to the trigger workflows in the created pull requests, which was not the case for the previously used token.
+When using the `reusable-mqt-core-update.yml` workflow, it is now necessary to pass the `APP_ID` and `APP_PRIVATE_KEY` as secrets.
+
 ## [1.11.0]
 
 This release adapts the file filter for the change detection to the new project structure regarding the Python bindings.

From 7f2be597549e2984747a43d4b6f7efac88ebbc42 Mon Sep 17 00:00:00 2001
From: Lukas Burgholzer <burgholzer@me.com>
Date: Tue, 8 Jul 2025 10:06:08 +0200
Subject: [PATCH 06/10] Update UPGRADING.md

Signed-off-by: Lukas Burgholzer <burgholzer@me.com>
---
 UPGRADING.md | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/UPGRADING.md b/UPGRADING.md
index 28813cf..c8b9926 100644
--- a/UPGRADING.md
+++ b/UPGRADING.md
@@ -17,8 +17,21 @@ uv add --dev ty
 ```
 
 Furthermore, this release changes the `reusable-mqt-core-update.yml` workflow to use a GitHub App token for creating and editing pull requests.
-This token has permissions to the trigger workflows in the created pull requests, which was not the case for the previously used token.
-When using the `reusable-mqt-core-update.yml` workflow, it is now necessary to pass the `APP_ID` and `APP_PRIVATE_KEY` as secrets.
+This token has permissions to trigger workflows in the created pull requests, which is not the case for the default GitHub token used previously.
+When using the `reusable-mqt-core-update.yml` workflow, it is now necessary to pass the `APP_ID` and `APP_PRIVATE_KEY` as secrets. 
+
+```yaml
+update-mqt-core:
+    name: ⬆️ Update MQT Core
+    uses: munich-quantum-toolkit/workflows/.github/workflows/reusable-mqt-core-update.yml@v1.12
+    with:
+      update-to-head: ${{ github.event.inputs.update-to-head == 'true' }}
+    secrets:
+      APP_ID: ${{ secrets.APP_ID }}
+      APP_PRIVATE_KEY: ${{ secrets.APP_PRIVATE_KEY }}
+```
+
+Both variables are stored as organization wide secrets and do not need to be explicitly added to each repository.
 
 ## [1.11.0]
 

From 7cb94923c7dfeaf826e56e19e79679a93b76bf9b Mon Sep 17 00:00:00 2001
From: "pre-commit-ci[bot]"
 <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Date: Tue, 8 Jul 2025 08:08:12 +0000
Subject: [PATCH 07/10] =?UTF-8?q?=F0=9F=8E=A8=20pre-commit=20fixes?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 UPGRADING.md | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/UPGRADING.md b/UPGRADING.md
index c8b9926..9c98b50 100644
--- a/UPGRADING.md
+++ b/UPGRADING.md
@@ -18,17 +18,17 @@ uv add --dev ty
 
 Furthermore, this release changes the `reusable-mqt-core-update.yml` workflow to use a GitHub App token for creating and editing pull requests.
 This token has permissions to trigger workflows in the created pull requests, which is not the case for the default GitHub token used previously.
-When using the `reusable-mqt-core-update.yml` workflow, it is now necessary to pass the `APP_ID` and `APP_PRIVATE_KEY` as secrets. 
+When using the `reusable-mqt-core-update.yml` workflow, it is now necessary to pass the `APP_ID` and `APP_PRIVATE_KEY` as secrets.
 
 ```yaml
 update-mqt-core:
-    name: ⬆️ Update MQT Core
-    uses: munich-quantum-toolkit/workflows/.github/workflows/reusable-mqt-core-update.yml@v1.12
-    with:
-      update-to-head: ${{ github.event.inputs.update-to-head == 'true' }}
-    secrets:
-      APP_ID: ${{ secrets.APP_ID }}
-      APP_PRIVATE_KEY: ${{ secrets.APP_PRIVATE_KEY }}
+  name: ⬆️ Update MQT Core
+  uses: munich-quantum-toolkit/workflows/.github/workflows/reusable-mqt-core-update.yml@v1.12
+  with:
+    update-to-head: ${{ github.event.inputs.update-to-head == 'true' }}
+  secrets:
+    APP_ID: ${{ secrets.APP_ID }}
+    APP_PRIVATE_KEY: ${{ secrets.APP_PRIVATE_KEY }}
 ```
 
 Both variables are stored as organization wide secrets and do not need to be explicitly added to each repository.

From 15c4e9e38e8c075c49c91eb9a6e5dfbcd38e54d8 Mon Sep 17 00:00:00 2001
From: Daniel Haag <daniel.haag@tum.de>
Date: Tue, 8 Jul 2025 12:37:06 +0200
Subject: [PATCH 08/10] Prepare release

---
 CHANGELOG.md | 7 ++++++-
 UPGRADING.md | 2 ++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 912fdc6..9de964d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -9,6 +9,10 @@ This project adheres to [Semantic Versioning], with the exception that minor rel
 
 ## [Unreleased]
 
+## [1.12.0] - 2025-07-08
+
+_If you are upgrading: please see [`UPGRADING.md`](UPGRADING.md#1120)._
+
 ### Added
 
 - 🐍🚨 Add support for running Astral's `ty` type checker as part of the `reusable-python-linter.yml` workflow ([#128]) ([**@burgholzer**])
@@ -58,7 +62,8 @@ _📚 Refer to the [GitHub Release Notes] for previous changelogs._
 
 <!-- Version links -->
 
-[unreleased]: https://github.com/munich-quantum-toolkit/workflows/compare/v1.11.0...HEAD
+[unreleased]: https://github.com/munich-quantum-toolkit/workflows/compare/v1.12.0...HEAD
+[1.12.0]: https://github.com/munich-quantum-toolkit/workflows/releases/tag/v1.12.0
 [1.11.0]: https://github.com/munich-quantum-toolkit/workflows/releases/tag/v1.11.0
 [1.10.0]: https://github.com/munich-quantum-toolkit/workflows/releases/tag/v1.10.0
 [1.9.0]: https://github.com/munich-quantum-toolkit/workflows/releases/tag/v1.9.0
diff --git a/UPGRADING.md b/UPGRADING.md
index 9c98b50..d530333 100644
--- a/UPGRADING.md
+++ b/UPGRADING.md
@@ -4,6 +4,8 @@ This document describes breaking changes and how to upgrade. For a complete list
 
 ## [Unreleased]
 
+## [1.12.0]
+
 This release adds support for running Astral's `ty` type checker as part of the `reusable-python-linter.yml` workflow.
 To enable this, you can set the `run-ty` option to `true` in the workflow configuration.
 Additionally, the `mypy` type checker can now be disabled by setting the `run-mypy` option to `false`.

From 22b38c5b9c17752a086f2aeba3bed0fa2b09e799 Mon Sep 17 00:00:00 2001
From: Daniel Haag <daniel.haag@tum.de>
Date: Tue, 8 Jul 2025 12:39:43 +0200
Subject: [PATCH 09/10] Also add version link for upgrade guide

---
 UPGRADING.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/UPGRADING.md b/UPGRADING.md
index d530333..796d5ce 100644
--- a/UPGRADING.md
+++ b/UPGRADING.md
@@ -94,7 +94,8 @@ While initial testing has shown minimal impact, this is still a breaking change.
 For example, it seems like using Ninja as a generator will lead to the wrong compiler being used.
 Consider removing any `-G Ninja` flags from your CMake invocations under Windows.
 
-[unreleased]: https://github.com/munich-quantum-toolkit/workflows/compare/v1.11.0...HEAD
+[unreleased]: https://github.com/munich-quantum-toolkit/workflows/compare/v1.12.0...HEAD
+[1.12.0]: https://github.com/munich-quantum-toolkit/workflows/compare/v1.11.0...v1.12.0
 [1.11.0]: https://github.com/munich-quantum-toolkit/workflows/compare/v1.10.0...v1.11.0
 [1.10.0]: https://github.com/munich-quantum-toolkit/workflows/compare/v1.9.0...v1.10.0
 [1.9.0]: https://github.com/munich-quantum-toolkit/workflows/compare/v1.8.1...v1.9.0

From fcd05a964cf06891d800ec57540390d78990f44c Mon Sep 17 00:00:00 2001
From: Daniel Haag <daniel.haag@tum.de>
Date: Tue, 8 Jul 2025 12:41:10 +0200
Subject: [PATCH 10/10] Fix typo

---
 UPGRADING.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/UPGRADING.md b/UPGRADING.md
index 796d5ce..15759de 100644
--- a/UPGRADING.md
+++ b/UPGRADING.md
@@ -33,7 +33,7 @@ update-mqt-core:
     APP_PRIVATE_KEY: ${{ secrets.APP_PRIVATE_KEY }}
 ```
 
-Both variables are stored as organization wide secrets and do not need to be explicitly added to each repository.
+Both variables are stored as organization-wide secrets and do not need to be explicitly added to each repository.
 
 ## [1.11.0]