From ffd7841d2e8ad8ee7c05cb4cf45e3cee9140734d Mon Sep 17 00:00:00 2001
From: Corey Martin <coreyn.martin@gmail.com>
Date: Wed, 4 Mar 2026 23:14:11 -0800
Subject: [PATCH] Use RELEASE_PAT in release workflow to trigger CI on release
 PRs

GITHUB_TOKEN events don't trigger downstream workflows (GitHub
anti-recursion policy), so CI and summary checks never ran on
bot-created release PRs. Switch to a PAT so the push and PR
creation events trigger workflows normally.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .github/workflows/release.yaml | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index 5f345b7..6f5390e 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -113,13 +113,18 @@ jobs:
       - name: Create release branch and PR
         if: github.event_name == 'workflow_dispatch'
         env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          # Use a PAT so the push and PR creation trigger CI workflows.
+          # GITHUB_TOKEN events don't trigger workflows (GitHub anti-recursion).
+          GH_TOKEN: ${{ secrets.RELEASE_PAT }}
         run: |
           OLD_VERSION="${{ steps.changes.outputs.old_version }}"
           NEW_VERSION="${{ steps.bump.outputs.new_version }}"
           VERSION_BUMP="${{ steps.ai.outputs.version_bump }}"
           BRANCH="release/v${NEW_VERSION}"
 
+          # Configure git to push with the PAT
+          git remote set-url origin "https://x-access-token:${GH_TOKEN}@github.com/${{ github.repository }}.git"
+
           git checkout -b "$BRANCH"
           git add package.json package-lock.json CHANGELOG.md
           git commit -m "v${NEW_VERSION}"