bkimminich
commented
11 months ago @J12934, I wasn't sure if your ACCESS_TOKEN will do the trick but we might give it a try. In the main and CTF extension repo I have a BOT_TOKEN secret belonging to the JuiceShopBot user, and with that the similar action works fine. We might have to add that one here as well or generate a seperate fresh token.
Switched this preemptively to BOT_TOKEN secret also used in juice-shop and juice-shop-ctf actions.
(works only in conjunction with https://github.com/OWASP/www-project-juice-shop/commit/7b94cb59eaa1cb5b01680cb9922cbf2300d7dac7)