use github token when getting latest release

[sbfnk]

Description

If this works it would address the issue mentioned in https://github.com/epiforecasts/EpiNow2/pull/769#issuecomment-2363736624 - possibly causing the same issue elsewhere?

It tries to do so by sending a github token with the HTTP request to get the latest release version.

I have been able to test the unix version locally but not the windows one.

Checklist

• [ ] My PR is based on a package issue and I have explicitly linked it.
• [ ] I have included the target issue or issues in the PR title in the for Issue(s) issue-numbers: PR title
• [X] I have read the contribution guidelines.
• [X] I have tested my changes locally.
• [ ] I have added or updated unit tests where necessary.
• [ ] I have updated the documentation if required.
• [X] My code follows the established coding standards.
• [ ] I have added a news item linked to this PR.
• [x] I have reviewed CI checks for this PR and addressed them as far as I am able.

[sbfnk]

Nice. Two thoughts:

1. Do we want to make this optional?

You mean something like a use_github_token true/false argument?

2. Do we want to make this an action input vs using secrets directly? Thinking about how other composite actions work I think this would be more standard?

Can you point me to an example where this is done?

I'll also need to figure out how to actually make this work, and then it might also be better (safer) to just find the environment variable from the script rather than passing it as an argument.

[seabbs]

I mean if supplied use it and if it's null or not present don't use it.

I'll have a look but limited as on a phone. Maybe codecov is an example?

[sbfnk]

I think this is non-breaking now and working except on windows where I don't have access to a good testing environment so am really fishing in the dark