Clear statement about required token

[Andre601]

Something I encountered both with the wiki-page-creator-action and now with this one here is, that neither does give a clear cut explanation on when you need to use a PAT and when the default GITHUB_TOKEN is sufficient enough.

Both mention at different points either one or the other and only give the brief explanation to "use a PAT when accessing other repositories" (or something like that).

My simple question now is, how this is actually handled in case of an org. Would the github token be enough if the Wiki is on the same repository in an organisation, or does the Org require the PAT (I remember reading this to be the case).

I really want to go away from using a PAT, especially since I'm not the Repo Owner on the Org and don't want to risk the other person to get his account hacked or something, and use the github token, but with this extremely unclear description about when to use what can I not switch without the risk of errors.

[Andrew-Chen-Wang]

In the README:

- rsyncing from a different repository requires a GitHub PAT
- If you use a private repository, you may have to use a GitHub PAT.

I can clarify that you only need the GitHub secret token (the default) if it is a public repository. If it's within the same user or org, follow the same above guidelines.

To be fair, I don't have a paid org account, so I have no idea if you actually do need a PAT for private repository. I based it off someone else's feedback in the README's mentioned issue. I'd encourage you to test this out in a test repository such that you have a GitHub PAT, save it in GitHub Secrets, then use that secret in the action in your test repository. The key is to store it as a repo secret of course and to test it in a separate repository, one of your own org perhaps. (Surprisingly, many don't know this but your default permission in an org probably allows you to create repositories, so test this out!).