ci: tmp debug info

Author: bellini666

.github/workflows/release.yml

@@ -39,16 +39,59 @@ jobs:
         with:
           enable-cache: true
 
+      - name: Verify token permissions
+        run: |
+          echo "Checking token type and permissions..."
+
+          # Check token authentication type
+          AUTH_RESPONSE=$(curl -s -H "Authorization: token ${{ secrets.BOT_TOKEN }}" \
+            https://api.github.com/user)
+          echo "Authenticated as: $(echo $AUTH_RESPONSE | jq -r '.login')"
+          echo "Account type: $(echo $AUTH_RESPONSE | jq -r '.type')"
+
+          # Check repo permissions
+          RESPONSE=$(curl -s -H "Authorization: token ${{ secrets.BOT_TOKEN }}" \
+            https://api.github.com/repos/${{ github.repository }})
+          echo "Permissions: $(echo $RESPONSE | jq -r '.permissions')"
+
+      - name: Create monkey-patch script
+        run: |
+          cat > /tmp/check_wrapper.py <<'PYEOF'
+          import sys
+          from autopub.plugins import github
+          from autopub.cli import cli
+
+          # Monkey-patch to handle 403 errors on forked PRs
+          original_comment = github.GithubPlugin._update_or_create_comment
+
+          def patched_comment(self, text, marker="<!-- autopub-comment -->"):
+              try:
+                  return original_comment(self, text, marker)
+              except Exception as e:
+                  error_str = str(e)
+                  if "403" in error_str or "Resource not accessible" in error_str:
+                      print("WARNING: Skipping PR comment due to permission restrictions (forked PR)")
+                      return
+                  raise
+
+          github.GithubPlugin._update_or_create_comment = patched_comment
+
+          # Run autopub check
+          sys.exit(cli(["check"], standalone_mode=False) or 0)
+          PYEOF
+
       - name: Check
         id: check
         run: |
-          if $AUTOPUB_CMD check; then
+          uvx --from 'autopub>=1.0.0a51' --with pygithub python3 /tmp/check_wrapper.py
+
+          if [ $? -eq 0 ]; then
             echo "has_release=true" >> "$GITHUB_OUTPUT"
           else
             echo "has_release=false" >> "$GITHUB_OUTPUT"
           fi
         env:
-          GITHUB_TOKEN: ${{ github.token }}
+          GITHUB_TOKEN: ${{ secrets.BOT_TOKEN }}
 
       - name: Upload .autopub artifact
         if: steps.check.outputs.has_release == 'true'
@@ -86,15 +129,15 @@ jobs:
 
       - name: Build and publish
         run: |
-          git remote set-url origin https://${{ github.token }}@github.com/${{ github.repository }}
+          git remote set-url origin https://${{ secrets.BOT_TOKEN }}@github.com/${{ github.repository }}
           echo "✨ Preparing..."
           $AUTOPUB_CMD prepare
           echo "✨ Building..."
           $AUTOPUB_CMD build
           echo "✨ Publishing..."
           $AUTOPUB_CMD publish
         env:
-          GITHUB_TOKEN: ${{ github.token }}
+          GITHUB_TOKEN: ${{ secrets.BOT_TOKEN }}
 
       - name: Get project version
         id: get-version