Migrate to official GitHub App token action

[Copilot]

Replaces peter-murray/workflow-application-token-action with GitHub's official actions/create-github-app-token for generating scoped workflow tokens.

Changes

• Action: peter-murray/[email protected] → actions/create-github-app-token@v2
• Parameters: application_id → app-id, application_private_key → private-key
• Scope: .github/workflows/pr-markdown.yml, .github/workflows/validate.yml
• Versioning: Using @v2 version reference for the trusted first-party GitHub action

Migration Pattern

# Before
uses: peter-murray/workflow-application-token-action@dc0413987a085fa17d19df9e47d4677cf81ffef3
with:
  application_id: ${{ secrets.APP_ID }}
  application_private_key: ${{ secrets.APP_KEY }}

# After
uses: actions/create-github-app-token@v2
with:
  app-id: ${{ secrets.APP_ID }}
  private-key: ${{ secrets.APP_KEY }}

Output reference (steps.<id>.outputs.token) remains unchanged.

Original prompt

Problem Statement

Replace all usages of peter-murray/workflow-application-token-action with the official GitHub-owned action actions/create-github-app-token.

Background

The peter-murray/workflow-application-token-action is a community action that generates scoped, short-lived tokens for Actions workflows using a GitHub Application. GitHub now provides an official action actions/create-github-app-token that serves the same purpose and is maintained by GitHub.

Changes Required

1. Find all workflow files that use peter-murray/workflow-application-token-action
2. Replace the action with actions/create-github-app-token@v2
3. Update the action syntax to match the official action's interface:
   • Input parameter names (e.g., app-id, private-key)
   • Output references if any
4. Update any documentation or examples that reference the old action

Expected Migration Pattern

Before:

- name: Generate a token
  id: generate-token
  uses: peter-murray/workflow-application-token-action@v1
  with:
    application_id: ${{ vars.APP_ID }}
    application_private_key: ${{ secrets.APP_PRIVATE_KEY }}

After:

- name: Generate a token
  id: generate-token
  uses: actions/create-github-app-token@v2
  with:
    app-id: ${{ vars.APP_ID }}
    private-key: ${{ secrets.APP_PRIVATE_KEY }}

Example of Correct Usage

Here's the correct pattern to follow:

on:
  workflow_dispatch:
jobs:
  use_app_token:
    runs-on: ubuntu-latest
    steps:
      - name: Generate a token
        id: generate-token
        uses: actions/create-github-app-token@v2
        with:
          app-id: ${{ vars.APP_ID }}
          private-key: ${{ secrets.APP_PRIVATE_KEY }}
      
      - name: Use the token
        env:
          GH_TOKEN: ${{ steps.generate-token.outputs.token }}
        run: |
          gh api octocat

Key Differences to Account For

• Parameter names may differ slightly (check documentation in the repository)
• The output token variable should remain compatible (steps.generate-token.outputs.token)
• The official action is maintained by GitHub and follows their support and security practices

Additional Requirements

• Ensure all sample code, documentation, and README files are updated
• Test that the workflows are syntactically correct after the change
• Preserve any existing functionality and configuration options

This pull request was created from Copilot chat.

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

[felickz]

@copilot this is a trusted 1P action - just use the actions version reference: @v2 to fix the failing CI

https://github.com/advanced-security/secret-scanning-custom-patterns/actions/runs/21598601780/job/62240302309?pr=109

[Copilot]

@copilot this is a trusted 1P action - just use the actions version reference: @v2 to fix the failing CI

https://github.com/advanced-security/secret-scanning-custom-patterns/actions/runs/21598601...

Updated to use @v2 version reference in commit cd09956.