Skip to content

ci: Use GitHub App token for release PR creation #30

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
roottool merged 1 commit into from
Dec 30, 2025
Merged

ci: Use GitHub App token for release PR creation #30

roottool merged 1 commit into from
Dec 30, 2025

Conversation

@roottool
Copy link
Owner

@roottool roottool commented Dec 30, 2025

Description

This PR improves the release workflow by using a GitHub App token instead of the default GITHUB_TOKEN. This enables release PRs to trigger other workflows and ensures proper permissions for automated release processes.

Key changes:

  • Add token generation step using actions/create-github-app-token action
  • Update git config to use safe-formdata[bot] identity for better tracking
  • Reorder workflow steps: checkout branch after git config setup
  • Add assignee to PR creation for improved visibility
  • Replace GITHUB_TOKEN with generated token in PR creation step

Boundary Checklist (Required)

safe-formdata enforces a strict trust boundary for FormData.
If any item below does not apply, this change likely does not belong here.

  • No interpretation

    • Key names are treated as opaque strings
    • No structural inference ([], ., brackets, paths, etc.)

  • No silent behavior

    • No merging, overwriting, auto-fixing, or implicit resolution
    • All boundary violations are reported explicitly

  • Boundary respected

    • No validation, coercion, schema, framework conventions, or business logic

📘 Boundary rules & non-goals:
https://github.com/roottool/safe-formdata/blob/main/AGENTS.md

Type of Change

  • Bug fix
  • Security fix
  • Documentation
  • Refactoring (no behavior change)
  • Tests
  • Tooling / CI

Testing

The workflow changes will be tested in the next release preparation workflow run. The token generation and PR creation steps should work correctly with the GitHub App credentials configured in repository settings.

🤖 Generated with Claude Code

Co-Authored-By: Claude [email protected]

@roottool @claude
ci: Use GitHub App token for release PR creation
72e6f7e 
- Add token generation step using create-github-app-token action
- Update git config to use safe-formdata[bot] identity
- Reorder steps: checkout branch after git config setup
- Add assignee to PR creation for better tracking
- Use generated token instead of GITHUB_TOKEN for PR creation

This ensures release PRs can trigger other workflows and have
proper permissions for automated release processes.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude Sonnet 4.5 <[email protected]>
@roottool roottool self-assigned this Dec 30, 2025
@roottool roottool added the ci Some changes have been changed to CI. label Dec 30, 2025
@codecov
Copy link

codecov bot commented Dec 30, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 100.00%. Comparing base (0c4fe0a) to head (72e6f7e).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff            @@
##              main       #30   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files            3         3           
  Lines           22        22           
  Branches         6         6           
=========================================
  Hits            22        22
🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@roottool roottool merged commit 2a07067 into main Dec 30, 2025
12 checks passed
@roottool roottool deleted the ci/improve-release-workflow-token branch December 30, 2025 09:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@roottool roottool

Labels

ci Some changes have been changed to CI.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@roottool