Skip to content

Comments

Replace GITHUB_AUTH_HEADER with GH_TOKEN#152

Merged
kevinbackhouse merged 1 commit intoGitHubSecurityLab:mainfrom
kevinbackhouse:auth_token
Feb 18, 2026
Merged

Replace GITHUB_AUTH_HEADER with GH_TOKEN#152
kevinbackhouse merged 1 commit intoGitHubSecurityLab:mainfrom
kevinbackhouse:auth_token

Conversation

@kevinbackhouse
Copy link
Collaborator

@kevinbackhouse kevinbackhouse commented Feb 18, 2026

I think these tokens will always be the same, so there's no reason to have two separate environment variables.

Copilot AI review requested due to automatic review settings February 18, 2026 12:21
Copilot AI reviewed Feb 18, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR standardizes authentication configuration by removing the dedicated GITHUB_AUTH_HEADER environment variable and using GH_TOKEN (token-only) instead, with the Bearer prefix applied where needed.

Changes:

  • Update the GitHub official toolbox to build the Authorization: Bearer … header from GH_TOKEN.
  • Update developer/run documentation and the Docker run helper to reference GH_TOKEN.
  • Update the smoketest workflow to pass GH_TOKEN (token-only) instead of a preformatted auth header.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated no comments.

File Description
src/seclab_taskflow_agent/toolboxes/github_official.yaml Switches Authorization header construction to Bearer {{ env('GH_TOKEN') }}.
docker/run.sh Updates usage instructions to export GH_TOKEN instead of GITHUB_AUTH_HEADER.
README.md Updates the toolbox configuration example to use GH_TOKEN with a Bearer prefix.
.github/workflows/smoketest.yaml Passes GH_TOKEN (raw token) into the smoketest job environment.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@kevinbackhouse kevinbackhouse marked this pull request as ready for review February 18, 2026 14:13
@kevinbackhouse kevinbackhouse merged commit 25d5f13 into GitHubSecurityLab:main Feb 18, 2026
15 checks passed
@kevinbackhouse kevinbackhouse mentioned this pull request Feb 18, 2026
Merged
@kevinbackhouse kevinbackhouse deleted the auth_token branch February 18, 2026 21:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@Kwstubbs Kwstubbs Kwstubbs approved these changes

@m-y-mo m-y-mo Awaiting requested review from m-y-mo m-y-mo is a code owner

@p- p- Awaiting requested review from p- p- is a code owner

@JarLob JarLob Awaiting requested review from JarLob JarLob is a code owner

@sylwia-budzynska sylwia-budzynska Awaiting requested review from sylwia-budzynska sylwia-budzynska is a code owner

@anticomputer anticomputer Awaiting requested review from anticomputer anticomputer is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kevinbackhouse @Kwstubbs