From 5f9af4df4d5d1d24e0b0e26e02fea711db40a9d6 Mon Sep 17 00:00:00 2001
From: Emiel De Vleeschouwer <emiel@nimblestudio.com>
Date: Sat, 28 Mar 2026 18:15:56 +0100
Subject: [PATCH] ci: use GitHub App token for release-please

Replace GITHUB_TOKEN with a GitHub App token in the release
workflow so release-please PRs can trigger downstream workflows.
---
 .github/workflows/release.yml | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 4525f2e..565be18 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -22,10 +22,16 @@ jobs:
       releases_created: ${{ steps.release.outputs.releases_created }}
       paths_released: ${{ steps.release.outputs.paths_released }}
     steps:
+      - uses: actions/create-github-app-token@v1
+        id: app-token
+        with:
+          app-id: ${{ secrets.APP_ID }}
+          private-key: ${{ secrets.APP_PRIVATE_KEY }}
+
       - uses: googleapis/release-please-action@v4
         id: release
         with:
-          token: ${{ secrets.GITHUB_TOKEN }}
+          token: ${{ steps.app-token.outputs.token }}
 
   # Step 2: Publish to npm — only runs when a Release PR was merged in the push that triggered this workflow
   publish: