From 32b3c2e62bf1aa3f171046d24008ecfb474245d8 Mon Sep 17 00:00:00 2001
From: Josh Soref <2119212+jsoref@users.noreply.github.com>
Date: Wed, 31 Jan 2024 16:20:04 -0500
Subject: [PATCH] Document action.inputs.token

---
 analyze/action.yml             | 2 ++
 autobuild/action.yml           | 2 ++
 resolve-environment/action.yml | 1 +
 upload-sarif/action.yml        | 1 +
 4 files changed, 6 insertions(+)

diff --git a/analyze/action.yml b/analyze/action.yml
index 7e5f02ac02..2742bdf34c 100644
--- a/analyze/action.yml
+++ b/analyze/action.yml
@@ -69,6 +69,8 @@ inputs:
     required: true
     default: "true"
   token:
+    description: "GitHub token to use for authenticating with this instance of GitHub. The token needs the `security-events: write` permission."
+    required: false
     default: ${{ github.token }}
   matrix:
     default: ${{ toJson(matrix) }}
diff --git a/autobuild/action.yml b/autobuild/action.yml
index 208ef1442d..f688b56119 100644
--- a/autobuild/action.yml
+++ b/autobuild/action.yml
@@ -3,6 +3,8 @@ description: 'Attempt to automatically build code'
 author: 'GitHub'
 inputs:
   token:
+    description: "GitHub token to use for authenticating with this instance of GitHub. The token needs the `security-events: write` permission."
+    required: false
     default: ${{ github.token }}
   matrix:
     default: ${{ toJson(matrix) }}
diff --git a/resolve-environment/action.yml b/resolve-environment/action.yml
index 17c22c0e43..88814d7a81 100644
--- a/resolve-environment/action.yml
+++ b/resolve-environment/action.yml
@@ -3,6 +3,7 @@ description: '[Experimental] Attempt to infer a build environment suitable for a
 author: 'GitHub'
 inputs:
   token:
+    description: "Token for accessing /code-scanning/analysis endpoints (used for ???)"
     default: ${{ github.token }}
   matrix:
     default: ${{ toJson(matrix) }}
diff --git a/upload-sarif/action.yml b/upload-sarif/action.yml
index 1794c365ad..0e416805a8 100644
--- a/upload-sarif/action.yml
+++ b/upload-sarif/action.yml
@@ -20,6 +20,7 @@ inputs:
     description: "The sha of the HEAD of the ref where results will be uploaded. If not provided, the Action will use the GITHUB_SHA environment variable. If provided, the ref input must be provided as well. This input is ignored for pull requests from forks."
     required: false
   token:
+    description: "Token for accessing /code-scanning/analysis endpoints (used to publish sarif -- generally requires `security-events: write`)"
     default: ${{ github.token }}
   matrix:
     default: ${{ toJson(matrix) }}