Bump actions/create-github-app-token from 2.0.2 to 3.2.0 in the actions group #330

	name: Reviewers - Dependabot

	# What it does: Automatically add reviewers based on paths, for docs-internal and docs repos.
	# Why we have it: So dependabot maintainers can be notified about relevant pull requests.
	# Who does it impact: dependabot-updates-reviewers.

	on:
	pull_request:
	types:
	- edited
	- opened
	- ready_for_review
	- reopened
	- synchronize
	paths:
	- 'data/reusable/dependabot/**'
	- 'content/code-security/dependabot/**'
	- 'content/rest/dependabot/**'
	- '.github/workflows/reviewers-dependabot.yml'

	permissions:
	contents: read
	pull-requests: write
	repository-projects: read

	jobs:
	reviewers-dependabot:
	if: >-
	${{ github.repository == 'github/docs-internal' &&
	!github.event.pull_request.draft &&
	!contains(github.event.pull_request.labels.*.name, 'reviewers-dependabot') &&
	github.event.pull_request.head.ref != 'repo-sync' }}
	runs-on: ubuntu-latest
	env:
	PR: ${{ github.event.pull_request.html_url }}

	steps:
	- name: Checkout repository
	uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1

	- name: Generate GitHub App token
	id: app-token
	uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0
	with:
	app-id: ${{ secrets.DOCS_BOT_APP_ID }}
	private-key: ${{ secrets.DOCS_BOT_APP_PRIVATE_KEY }}

	- name: Add dependabot as a reviewer
	env:
	GH_TOKEN: ${{ steps.app-token.outputs.token }}
	uses: ./.github/actions/retry-command
	with:
	command: gh pr edit $PR --add-reviewer github/dependabot-updates-reviewers --add-label reviewers-dependabot

Provide feedback