👷‍♀️ Remove PERSONAL_ACCESS_TOKEN usage

reedsy · Jan 18, 2024 · 02391f8 · 02391f8
1 parent dc0ea8e
commit 02391f8
Showing 1 changed file with 6 additions and 9 deletions.
diff --git a/.github/workflows/test.yml → .github/workflows/ci.yml b/.github/workflows/test.yml → .github/workflows/ci.yml
@@ -1,31 +1,28 @@
-name: Test
+name: CI
 
 on:
   push:
     branches:
     - main
-    - lint
   pull_request:
     branches:
     - main
 
 jobs:
   build:
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-latest
     timeout-minutes: 10
     steps:
-    - uses: actions/checkout@v3
-    - uses: actions/setup-node@v3
+    - uses: actions/checkout@v4
+    - uses: actions/setup-node@v4
       with:
-        node-version: '18.x'
+        node-version: '20.x'
         registry-url: 'https://npm.pkg.github.com'
     - name: Install
       # Skip post-install to avoid malicious scripts stealing PAT
       run: npm install --ignore-script
       env:
-        # GITHUB_TOKEN can't access packages hosted in private repos,
-        # even within the same organisation
-        NODE_AUTH_TOKEN: ${{ secrets.PERSONAL_ACCESS_TOKEN }}
+        NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
     - name: Post-install
       run: npm rebuild && npm run prepare --if-present
     - name: Build