docs: suggest using fine-grained PATs #1937
Conversation
|
Hi @jackkoenig I'm happy add information about using fine-grained PATs to this section of the documentation, but it should be a separate bullet point and not replace the existing advice. The reason for this is that fine-grained PATs are still in beta and not all GitHub APIs and processes support them yet. Some features of this action appear not to work with fine-grained PATs currently, such as this issue. So if I add it to the documentation it needs to come with a caveat that it may not work in all cases. |
|
For the upcoming v7 release I've been doing lots of testing with fine-grained permissions (both fine-grained PATs and GitHub App generated tokens). I've resolved a couple of issues and I'm now more confident that this action works fine with fine-grained tokens for all the use cases my test suite covers. The new documentation for the v7 release is now updated to cover fine-grained tokens. Closing this in favour of #3057 Thank you for your effort to contribute. It is appreciated. |
|
Thanks for the improved support and docs, v7 is a much better outcome than this little tweak 🙂. |
Fine-grained PATs fix a lot of the security issues with PATs so are worth suggesting (IMO): https://github.blog/2022-10-18-introducing-fine-grained-personal-access-tokens-for-github/.