[Bug] 403 With ${{ secrets.GITHUB_TOKEN }}

[ghost]

Describe the bug With a simple setup using the example in the README, I am still getting a 403 error.

To Reproduce

name: Pre-Publish Checks
on:
  pull_request:
    types:
      - opened
      - reopened
jobs:
  build:
    name: Build Source Code
    runs-on: ubuntu-latest
    steps:
      - name: checkout
        uses: actions/checkout@v4

      - name: check version change
        id: version
        uses: EndBug/version-check@v2
        with:
          diff-search: true
          token: ${{ secrets.GITHUB_TOKEN }}

      - name: verify version change
        if: steps.version.outputs.changed == 'false'
        run: 'echo "VERSION CHANGE NOT DETECTED" && exit 1'

Edit: I also tried running setup node first, too, but this still fails:

jobs:
  build:
    name: Build Source Code
    runs-on: ubuntu-latest
    steps:
      - name: checkout
        uses: actions/checkout@v4

      - name: setup
        uses: actions/setup-node@v3
        with:
          node-version: '20.x'

      - name: check version change
        id: version
        uses: EndBug/version-check@v2
        with:
          diff-search: true
          token: ${{ secrets.GITHUB_TOKEN }}

      - name: verify version change
        if: steps.version.outputs.changed == 'false'
        run: 'echo "VERSION CHANGE NOT DETECTED" && exit 1'

Expected behavior 403 should not occur with the token; is it properly being passed?

Screenshots

##[debug]Evaluating condition for step: 'check version change'
##[debug]Evaluating: success()
##[debug]Evaluating success:
##[debug]=> true
##[debug]Result: true
##[debug]Starting: check version change
##[debug]Loading inputs
##[debug]Evaluating: secrets.GITHUB_TOKEN
##[debug]Evaluating Index:
##[debug]..Evaluating secrets:
##[debug]..=> Object
##[debug]..Evaluating String:
##[debug]..=> 'GITHUB_TOKEN'
##[debug]=> '***'
##[debug]Result: '***'
##[debug]Loading env
Run EndBug/version-check@v2
  with:
    diff-search: true
    token: ***
    file-name: package.json
    github-api-url: https://api.github.com
Searching for version update...
Error: Response code 403 (Forbidden)
##[debug]Node Action run completed with exit code [1](https://github.com/inspire-labs-tms-tech/zenbridge/actions/runs/7533794873/job/20506987625#step:3:1)
##[debug]Finishing: check version change

Additional context Add any other context about the problem here.

[EndBug]

Hmm, that's weird. Using the default token explicitly shouldn't change anything, since that's the default value being used...

Are you restricting token permissions anywhere else in your workflow? Also, please check your actions settings at https://github.com/inspire-labs-tms-tech/zenbridge/settings/actions, make sure that you're not restricting the action from accessing the repo

[ghost]

@EndBug thanks for the reply! I ended up shuffling our workflows around, but for some reason, I did not get the error when using:

# ...
on:
  push:
# ...

Maybe push has different permissions? The error then came immediately back if all I did was switch back to:

# ...
on:
  pull_request:
# ...

[EndBug]

Are you running this on every kind of pull_request event, or just on open, close, ...?

Anyway, I think this is the call that is causing the error, because it's run only when a pull request is used

https://github.com/EndBug/version-check/blob/6b0b3767318643690be2887436d3c386f78c32ce/src/main.ts#L134

[ghost]

Are you running this on every kind of pull_request event, or just on open, close, ...?

@EndBug I was running it only on pull_request: opened and reopened

[github-actions[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[moekify]

This is still happening :)