chore: revert to using secrets.GH_TOKEN in update.yml

SWI-Prolog · Jan 3, 2025 · 0935e77 · 0935e77
1 parent d54a884
commit 0935e77
Showing 1 changed file with 5 additions and 5 deletions.
diff --git a/.github/workflows/update.yml b/.github/workflows/update.yml
@@ -10,10 +10,6 @@ jobs:
       matrix:
         dependency: ['swipl', 'emsdk', 'zlib', 'pcre2']
 
-    permissions:
-      contents: write
-      pull-requests: write
-
     steps:
       - uses: actions/checkout@v4
         with:
@@ -67,4 +63,8 @@ jobs:
             fi
           fi
         env:
-          GH_TOKEN: ${{ github.token }}
+          # You may be tempted to make this github.token, this won't work
+          # because GH Actions does not trigger workflows on github.token
+          # in order to avoid recursive workflows.
+          # See: https://docs.github.com/en/actions/security-for-github-actions/security-guides/automatic-token-authentication#using-the-github_token-in-a-workflow
+          GH_TOKEN: ${{ secrets.GH_TOKEN }}