Change generation auth token for COMMENT_BOT_TOKEN #643
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
paulinebm
added a commit
to huggingface/transformers
that referenced
this pull request
Sep 30, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hi,
We have to change the way we inject COMMENT_BOT_TOKEN. Indeed, we have reached the number of repositories able to access this fine-grained token.
I created a GitHub app to bypass this limitation. We also improve security by generating a temporary token for each workflow execution. This token is revoked automatically at the end of the process.
I introduce 2 news required secrets to achieve that.
Could you just approve, I will merge at the end of the workflows update task.
Thanks
cc @glegendre01 @jagwar for viz