privilegedescalation-engineer[bot]
06e6784174
* feat(release): add token permission pre-check Detect missing write permissions early in the release pipeline rather than failing late during git push with a cryptic 403 error (see PRI-348). The new check-token-permissions job generates a GitHub App token and attempts to create a test ref via the API. On 201 the token has write permission (cleaned up immediately); on 403 the release job is skipped with a clear error message. This saves CI time and provides actionable diagnostics. Co-Authored-By: Paperclip <noreply@paperclip.ing> * fix: skip dual approval check gracefully on dismissed reviews When a pull_request_review event is dismissed, the PR context is null and PR_NUMBER is empty. Instead of exiting with an error, exit 0 (skip) since dismissed reviews are not approvals and do not affect the approval state. Fixes PRI-314. --------- Co-authored-by: Chris Farhood <chris@farhood.org> Co-authored-by: Paperclip <noreply@paperclip.ing>