Problem
The action.yml declares ~40+ permission-* inputs in its generated permissions block, but permission-discussions is missing. It should appear between permission-deployments and permission-email-addresses (alphabetically), but was omitted from the generated list.
Current behavior
Because permission-discussions is not declared in action.yml, any workflow that passes permission-discussions: read or permission-discussions: write sees an "Unexpected input" warning in the Actions logs:
Warning: Unexpected input(s) 'permission-discussions', ...
Despite the warning, the permission does work at runtime — the action reads all INPUT_PERMISSION-* environment variables from process.env (via get-permissions-from-inputs.js), so the value is forwarded to the GitHub API regardless. The issue is purely cosmetic but confusing for users.
Why this matters now
github/gh-aw#25709 restores the compiler-side mapping that passes permission-discussions: write to create-github-app-token for workflows that interact with GitHub Discussions. With that PR merged, tokens are correctly scoped, but every such workflow run will emit the "Unexpected input" warning until this action declares the input.
Proposed fix
Add permission-discussions to the generated permissions block in action.yml, between permission-deployments and permission-email-addresses:
permission-discussions:
description: "The level of permission to grant the access token for discussions. Can be set to 'read' or 'write'."This is consistent with how all other permission-* inputs are declared. No code changes are needed — only the action.yml input declaration.
Problem
The
action.ymldeclares ~40+permission-*inputs in its generated permissions block, butpermission-discussionsis missing. It should appear betweenpermission-deploymentsandpermission-email-addresses(alphabetically), but was omitted from the generated list.Current behavior
Because
permission-discussionsis not declared inaction.yml, any workflow that passespermission-discussions: readorpermission-discussions: writesees an "Unexpected input" warning in the Actions logs:Despite the warning, the permission does work at runtime — the action reads all
INPUT_PERMISSION-*environment variables fromprocess.env(viaget-permissions-from-inputs.js), so the value is forwarded to the GitHub API regardless. The issue is purely cosmetic but confusing for users.Why this matters now
github/gh-aw#25709restores the compiler-side mapping that passespermission-discussions: writetocreate-github-app-tokenfor workflows that interact with GitHub Discussions. With that PR merged, tokens are correctly scoped, but every such workflow run will emit the "Unexpected input" warning until this action declares the input.Proposed fix
Add
permission-discussionsto the generated permissions block inaction.yml, betweenpermission-deploymentsandpermission-email-addresses:This is consistent with how all other
permission-*inputs are declared. No code changes are needed — only theaction.ymlinput declaration.