ci: use RENOVATE_TOKEN for Renovate to enable vulnerability alert access

clavery · clavery · commit 8acafafd1f14 · 2026-06-08T11:49:26.000-04:00
The default GITHUB_TOKEN cannot read Dependabot/vulnerability alerts,
causing 'Cannot access vulnerability alerts' on the Dependency Dashboard.
Switch to the RENOVATE_TOKEN secret which can be granted alert read access.
diff --git a/.github/workflows/renovate.yml b/.github/workflows/renovate.yml
@@ -29,7 +29,7 @@ jobs:
         uses: renovatebot/github-action@v46.1.6
         with:
           configurationFile: renovate.json
-          token: ${{ secrets.GITHUB_TOKEN }}
+          token: ${{ secrets.RENOVATE_TOKEN }}
         env:
           LOG_LEVEL: info
           RENOVATE_REPOSITORIES: ${{ github.repository }}
