From d2275193d38ffddb5f93828573f5363458d8c228 Mon Sep 17 00:00:00 2001
From: Jesse Wright <63333554+jeswr@users.noreply.github.com>
Date: Fri, 3 Jan 2025 17:00:36 +0000
Subject: [PATCH] chore: revert to using secrets.GH_TOKEN in update.yml (#826)

---
 .github/workflows/update.yml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/update.yml b/.github/workflows/update.yml
index 5e6877a..800e735 100644
--- a/.github/workflows/update.yml
+++ b/.github/workflows/update.yml
@@ -10,10 +10,6 @@ jobs:
       matrix:
         dependency: ['swipl', 'emsdk', 'zlib', 'pcre2']
 
-    permissions:
-      contents: write
-      pull-requests: write
-
     steps:
       - uses: actions/checkout@v4
         with:
@@ -67,4 +63,8 @@ jobs:
             fi
           fi
         env:
-          GH_TOKEN: ${{ github.token }}
+          # You may be tempted to make this github.token, this won't work
+          # because GH Actions does not trigger workflows on github.token
+          # in order to avoid recursive workflows.
+          # See: https://docs.github.com/en/actions/security-for-github-actions/security-guides/automatic-token-authentication#using-the-github_token-in-a-workflow
+          GH_TOKEN: ${{ secrets.GH_TOKEN }}