From 6d27d4d607341ac643d8d848a4a45b825f1d2235 Mon Sep 17 00:00:00 2001
From: Stephan <stephane.gay@hazelcast.com>
Date: Thu, 16 Dec 2021 12:56:17 +0100
Subject: [PATCH] fix

---
 .github/workflows/assign-to-project.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/.github/workflows/assign-to-project.yml b/.github/workflows/assign-to-project.yml
index b1eecd4..6a4323d 100644
--- a/.github/workflows/assign-to-project.yml
+++ b/.github/workflows/assign-to-project.yml
@@ -7,6 +7,11 @@ on:
     
 # github-script: https://github.com/actions/github-script
 # -> points to github rest (octokit) reference doc
+
+# github PAT: https://github.com/settings/tokens
+# must have full repo access
+
+# FIXME how can I prevent a user from creating a PR and stealing my token?
     
 jobs:
   assign: