Request PR write permission for guidance comments#23
Conversation
There was a problem hiding this comment.
Pull request overview
This PR aligns the post-review-guidance job's GitHub App token with the permissions actually required to post PR conversation guidance comments. The post-review-guidance job uses a minted GitHub App installation token to read existing PR comments and post a guidance comment via the issues comments REST endpoint. For GitHub App tokens, commenting on a pull request through that endpoint requires pull_requests: write (not just issues: write), so the prior read scope would fail. The documentation is updated to reflect this requirement.
Changes:
- Upgrade
permission-pull-requestsfromreadtowritefor thepost-review-guidancetoken. - Update
WEBHOOK_SETUP.mdto document that PR conversation guidance comments requirePull requests: read and write, including the permission table rows and rationale paragraph.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
.github/workflows/pull-request-dashboard-repo.yml |
Grants the review-guidance app token pull_requests: write so it can post PR conversation comments. |
.github/scripts/pull-request-dashboard/WEBHOOK_SETUP.md |
Updates the App permission list, rationale table, and summary to state that posting guidance comments needs Pull requests: read and write. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Request Pull requests write permission when minting the dashboard app token for the review-guidance job, matching the updated GitHub App permission. Update the webhook setup docs to document that PR conversation guidance comments require Pull requests read and write access.