Following the introduction of a Dependabot workflow in https://github.com/imbue-ai/offload/commit/a755d90aa99c159f569b52ab71e4e356bd39dc91, checks on the resulting PRs are failing to access the secrets required in their workflows. As an example, [the Vet workflow requires an Anthropic token](https://github.com/imbue-ai/offload/blob/main/.github/workflows/vet.yml#L26) but [Dependabot is unable to read this secret](https://github.com/imbue-ai/offload/actions/runs/23356028296/job/67946936647?pr=122#step:5:280), per https://github.blog/changelog/2021-02-19-github-actions-workflows-triggered-by-dependabot-prs-will-run-with-read-only-permissions/. Dependabot secrets are managed separately from those used in GitHub Actions, and will need to be created for the checks on Dependabot workflows to pass - reference https://docs.github.com/en/code-security/how-tos/secure-your-supply-chain/manage-your-dependency-security/configuring-access-to-private-registries-for-dependabot#adding-a-repository-secret-for-dependabot, sorry for the trouble!
Following the introduction of a Dependabot workflow in a755d90, checks on the resulting PRs are failing to access the secrets required in their workflows. As an example, the Vet workflow requires an Anthropic token but Dependabot is unable to read this secret, per https://github.blog/changelog/2021-02-19-github-actions-workflows-triggered-by-dependabot-prs-will-run-with-read-only-permissions/.
Dependabot secrets are managed separately from those used in GitHub Actions, and will need to be created for the checks on Dependabot workflows to pass - reference https://docs.github.com/en/code-security/how-tos/secure-your-supply-chain/manage-your-dependency-security/configuring-access-to-private-registries-for-dependabot#adding-a-repository-secret-for-dependabot, sorry for the trouble!