From e5a064dbdc710a697d80a08786150a511385bc1f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 25 Sep 2023 08:51:03 -0700
Subject: [PATCH] chore: github-actions: Bump tibdex/github-app-token from 1 to
 2 (#297)

Bumps
[tibdex/github-app-token](https://github.com/tibdex/github-app-token)
from 1 to 2.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tibdex/github-app-token/commit/0914d50df753bbc42180d982a6550f195390069f"><code>0914d50</code></a>
release v2.0.0</li>
<li><a
href="https://github.com/tibdex/github-app-token/commit/95717386c657bc772ba69db6fafa0e08baf5372e"><code>9571738</code></a>
Add support for organization and user installation retrieval and
repository s...</li>
<li>See full diff in <a
href="https://github.com/tibdex/github-app-token/compare/v1...v2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tibdex/github-app-token&package-manager=github_actions&previous-version=1&new-version=2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Caleb Tonn <caleb.tonn@slalom.com>
---
 .github/workflows/publish.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index aea160c7..977d2aff 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -34,7 +34,7 @@ jobs:
       uploaded: ${{ steps.upload.outputs.uploaded }}
     steps:
       - name: Get App Token
-        uses: tibdex/github-app-token@v1
+        uses: tibdex/github-app-token@v2
         id: app_token
         with:
           app_id: ${{ secrets.APP_ID }}
@@ -116,7 +116,7 @@ jobs:
         run: echo uploaded=${{ needs.secureli-release.outputs.uploaded }}
 
       - name: Get App Token
-        uses: tibdex/github-app-token@v1
+        uses: tibdex/github-app-token@v2
         id: app_token
         with:
           app_id: ${{ secrets.APP_ID }}