Update secret token for Dependabot auto-merge

[yonatankarp]

Summary by CodeRabbit

Release Notes

This pull request contains internal workflow configuration updates with no user-facing changes or new functionality.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

A GitHub workflow file is updated to rename an environment variable in the dependabot auto-merge job from DEPENDABOT_MERGE_TOKEN to GITHUB_PAT, while maintaining the same secret source reference.

Changes

Cohort / File(s)	Summary
GitHub Workflow Configuration .github/workflows/pull_request.yml	Renamed secret environment variable binding in dependabot_auto_merge job from DEPENDABOT_MERGE_TOKEN to GITHUB_PAT, keeping the source as secrets.REVIEWER_GITHUB_TOKEN

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Possibly related PRs

• Fix dependabot auto-merge #180: Modifies the same secret binding in the dependabot_auto_merge job workflow configuration (inverse direction change).

Poem

🐰 A token by any name still grants its grace,
From DEPENDABOT to PAT—a workflow's change of face,
The secrets flow the same, though labels shift,
A humble tweak, a nomenclature gift! ✨

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: updating the secret token binding in the Dependabot auto-merge workflow configuration.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix-ci

---

📜 Recent review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b49cd28 and 5bb521d.

📒 Files selected for processing (1)

• .github/workflows/pull_request.yml

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: pipeline / build

🔇 Additional comments (1)

.github/workflows/pull_request.yml (1)

26-26: Verify that the reusable workflow accepts GITHUB_PAT as the secret input parameter name.

The secret parameter passed to the reusable workflow at yonatankarp/github-actions/.github/workflows/dependabot-auto-merge.yml@v1 was renamed from DEPENDABOT_MERGE_TOKEN to GITHUB_PAT. Confirm that the reusable workflow's interface has been updated to expect GITHUB_PAT as the input parameter name. A mismatch will cause the dependabot auto-merge to fail. Check the reusable workflow definition to ensure this change is coordinated.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}