Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@hasdfa we have the following keys in use today
https://store-wp.mui.com/wp-admin/admin.php?page=wc-settings&tab=advanced§ion=keys
It feels like we should create a new one specifically for GitHub Actions so we can reduce disruption in case of a security leak. How about we make the change?
@michelengelen which key did you use?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@oliviertassinari I did use the one from the private toolpad app
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok, I have created an organization secret for the GitHub action, easier to rotate this way.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I broke the GitHub Action with this token change.
We are back up and running with 113a612, e.g. #14380 as a proof. With this change:
Source: https://github.com/oliviertassinari/mui-x/actions/runs/10604955513/job/29392734749
Basic
is in the token. This is normally not how it's done if we look at our codebase: https://github.com/search?q=org%3Amui+%22Authorization%3A+%22&type=code, e.g. GITHUB_AUTH. The exceptions that I can find were this one (gone) and one done by Prakhar: https://github.com/mui/mui-private/blob/04c21bf04d29f9985ea400ef52afb3861203867e/tools-private/toolpad/resources/functions.ts#L107.