From 763cc8bd642715902751475b5fb2325a01c828f3 Mon Sep 17 00:00:00 2001 From: Harry Marr Date: Tue, 16 Mar 2021 01:22:31 +0000 Subject: [PATCH] Add code owners section to the README --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index ee0ea34..5903f0e 100644 --- a/README.md +++ b/README.md @@ -47,3 +47,7 @@ jobs: GitHub lets you prevent merges of unapproved pull requests. However, it's occasionally useful to selectively circumvent this restriction - for instance, some people want Dependabot's automated pull requests to not require approval. [dependabot]: https://github.com/marketplace/dependabot + +## Code owners + +If you're using a [CODEOWNERS file](https://docs.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners), you'll need to give this action a personal access token for a user listed as a code owner. Rather than using a real user's personal access token, you're probably better off creating a dedicated bot user, and adding it to a team which you assign as the code owner. That way you can restrict the bot user's permissions as much as possible, and your workflow won't break when people leave the team.