mirror of
https://github.com/goreleaser/goreleaser-action
synced 2026-06-29 22:37:30 +00:00
Carlos Alexandro Becker
a4f614e65e
* ci: use a GitHub App token to rebuild dist on dependabot PRs Replaces GH_PAT (a broad org PAT) with a GitHub App token for pushing the rebuilt dist/ back to Dependabot PR branches. An App token is scoped to this repo with minimal permissions and is short-lived, so it is much safer to expose on the (semi-trusted) Dependabot PR build than a wide PAT. The job stays a no-op until the DIST_REBUILD_APP_ID and DIST_REBUILD_APP_PRIVATE_KEY Dependabot secrets are configured. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com> * ci: use GORELEASER_APP_ID/GORELEASER_APP_KEY for dist rebuild Use the existing GoReleaser GitHub App secrets instead of dedicated DIST_REBUILD_* ones. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com> --------- Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>