[build] Avoid dependabot nag and add github_token

GITHUB_TOKEN environment variable was added to the 'Get run info' step for secure access to GitHub resources.
2024-09-25 22:58:54 +01:00 · 2024-09-25 22:58:54 +01:00 · 9f5440ab2a
parent 1be32f31fe
commit 9f5440ab2a
1 changed files with 3 additions and 1 deletions
--- a/.github/workflows/tag-fs-build.yml
+++ b/.github/workflows/tag-fs-build.yml
@ -38,7 +38,7 @@ jobs:
    steps:
      # Step 1: Checkout the Repository
      - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
        with:
          fetch-depth: 0  # Necessary to fetch all history for tagging

@ -50,6 +50,8 @@ jobs:
      - name: Get run info
        id: get_run_info
        uses: octokit/request-action@v2.x
+        env:
+            GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}        
        with:
          route: GET /repos/{owner}/{repo}/actions/runs/{run_id}
          owner: ${{ github.repository_owner }}