fix(deploy): don't inject CI runner token into ppms #43

Merged

shad0w merged 1 commit from fix/deploy-no-update-env into master

2026-06-20 18:29:08 +00:00

Author	SHA1	Message	Date
Hardik	2d6681014d	fix(deploy): don't inject the CI runner token into ppms (drop --update-env) All checks were successful PR checks / checks (pull_request) Successful in 31s Details The deploy job runs inside the Forgejo Actions runner, whose env includes an ephemeral FORGEJO_TOKEN (per-job token, revoked when the job ends). 'pm2 restart --update-env' injected it into ppms, where it shadowed the real PAT in .env (Next.js won't override an already-set process.env var) — so the Report Issue button 401'd once the job token expired. Plain restart keeps the daemon's clean env. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>	2026-06-20 23:57:01 +05:30

Author

SHA1

Message

Date

Hardik

2d6681014d

fix(deploy): don't inject the CI runner token into ppms (drop --update-env)

PR checks / checks (pull_request) Successful in 31s

Details

The deploy job runs inside the Forgejo Actions runner, whose env includes an
ephemeral FORGEJO_TOKEN (per-job token, revoked when the job ends). 'pm2 restart
--update-env' injected it into ppms, where it shadowed the real PAT in .env
(Next.js won't override an already-set process.env var) — so the Report Issue
button 401'd once the job token expired. Plain restart keeps the daemon's clean env.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

2026-06-20 23:57:01 +05:30