Auto cannot push to a protected branch

[aldrichdev]

Describe the bug

I am working with main branch which is protected. The only rule applied is PR and review. When a PR is merged, Auto tries to push to main but this fails with:

npm notice Publishing to https://npm.pkg.github.com/

Error: Running command 'git' with args [push, --follow-tags, --set-upstream, https://****toyF@github.com/Sample-Company/Sample-Repo, main] failed

remote: error: GH006: Protected branch update failed for refs/heads/main.        
remote: error: Changes must be made through a pull request.        
To https://github.com/Sample-Company/Sample-Repo
 * [new tag]           v13.0.0 -> v13.0.0
 ! [remote rejected]   main -> main (protected branch hook declined)
error: failed to push some refs to 'https://github.com/Sample-Company/Sample-Repo'

My GH_TOKEN is set to a GitHub token, which I created, that has full repo scope access; also, I am listed as an actor that can bypass required pull requests in the branch protection rule.

To Reproduce

Try to run Auto and have it publish a release against a protected branch

Expected behavior

The release is published

Screenshots

Environment information:

PS > npx auto info
×  error     No GitHub was found. Make sure it is available on process.env.GH_TOKEN.
Error: GitHub token not found!
    at Auto.loadConfig (redacted\node_modules\@auto-it\core\src\auto.ts:657:13)

Additional context

This issue is very similar to this one: #945, except the solution there did not work for me.

My push.yml that publishes releases:

# Name of our action
name: Release

# The event that will trigger the action
on:
  push:
    branches: [main]
  pull_request:

# What the action will do
jobs:
  release:
    # The operating system it will run on
    runs-on: ubuntu-latest

    # The permissions it will have
    permissions:
      # To be able to push to the repo
      contents: write
      # To update the PR description with canary info
      pull-requests: write
      # For pr-check to create a status
      statuses: write
      # Needed to create PR statuses/checks
      checks: write
      # To post comments on PRs
      issues: write
      # To create NPM packages in GitHub
      packages: write

    # This check needs to be in place to prevent a publish loop with auto and github actions
    if: "!contains(github.event.head_commit.message, 'ci skip') && !contains(github.event.head_commit.message, 'skip ci')"

    # The list of steps that the action will go through
    steps:
      - uses: actions/checkout@v3
      - name: Prepare repository
        run: git fetch --unshallow --tags
      - name: Use Node.js 16.x
        uses: actions/setup-node@v3
        with:
          node-version: 16.x
          registry-url: https://npm.pkg.github.com/
          scope: '@redacted'
      - name: Cache node modules
        uses: actions/cache@v3
        with:
          path: node_modules
          key: yarn-deps-${{ hashFiles('yarn.lock') }}
          restore-keys: |
            yarn-deps-${{ hashFiles('yarn.lock') }}
      - name: Create Release
        env:
          GH_TOKEN: ghp_redacted
          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: |
          yarn install --frozen-lockfile
          yarn build
          yarn release

[hipstersmoothie]

We have a plugin that handles this. Doesn't seem to be in the docs though I'll fix that https://www.npmjs.com/package/@auto-it/protected-branch