From 482f512fbbba9649aee7d15e8c14abe597b5d092 Mon Sep 17 00:00:00 2001
From: Parker Brown <17183625+parkerbxyz@users.noreply.github.com>
Date: Fri, 25 Aug 2023 09:38:39 -0700
Subject: [PATCH 1/2] fix: mask the installation token in logs

The runner will automatically mask GitHub token formats it recognizes, but sometimes a new pattern rolls out before the runner is updated to recognize it.
---
 lib/main.js | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/lib/main.js b/lib/main.js
index a55d7dc..c47dcdc 100644
--- a/lib/main.js
+++ b/lib/main.js
@@ -52,6 +52,9 @@ export async function main(
     repositoryNames: [repo],
   });
 
+  // Register the secret with the runner to ensure it is masked in logs
+  core.setSecret(authentication.token);
+
   core.setOutput("token", authentication.token);
 
   // Make token accessible to post function (so we can invalidate it)

From b6643c7566c1c29fae2c9932c5dcc00d43e1babf Mon Sep 17 00:00:00 2001
From: Parker Brown <17183625+parkerbxyz@users.noreply.github.com>
Date: Fri, 25 Aug 2023 09:40:00 -0700
Subject: [PATCH 2/2] Update code comment

---
 lib/main.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/main.js b/lib/main.js
index c47dcdc..977fcf8 100644
--- a/lib/main.js
+++ b/lib/main.js
@@ -52,7 +52,7 @@ export async function main(
     repositoryNames: [repo],
   });
 
-  // Register the secret with the runner to ensure it is masked in logs
+  // Register the token with the runner as a secret to ensure it is masked in logs
   core.setSecret(authentication.token);
 
   core.setOutput("token", authentication.token);