fix(ci): pass App token via 'token' input to action-gh-release

[Fahl-Design]

Summary

• Toolchain pin from fix(ci): pin build matrix toolchain to 1.95.0 #21 worked: matrix builds compile. But asset upload still failed with Resource not accessible by integration (403). v1.1.1 release was published with zero binaries.
• Root cause: softprops/action-gh-release@v2.6.1 (per fix: prefer token input over GITHUB_TOKEN softprops/action-gh-release#751) now prefers the explicit token: input over the GITHUB_TOKEN env var. Action default is token: ${{ github.token }} — the workflow GITHUB_TOKEN, not the GitHub App token we want. Build job has no permissions: block, so the workflow token has no release write perms.
• Fix: pass the App token via token: input. Drop the now-redundant env: GITHUB_TOKEN.
• Once merged, semantic-release cuts v1.1.2 with all three tarballs and install.sh recovers automatically.

Test plan

• CI Lint & Test passes
• On merge: semantic-release publishes v1.1.2
• All three matrix Build jobs succeed and upload assets
• v1.1.2 release contains pvm-linux-x86_64.tar.gz, pvm-macos-aarch64.tar.gz, pvm-macos-x86_64.tar.gz
• curl -fsSL https://raw.githubusercontent.com/WebProject-xyz/php-version-manager/main/install.sh | bash succeeds on macOS aarch64 (issue Cannot install on MacOs #20 reproducer)

Refs #20

[coderabbitai]

Warning

Rate limit exceeded

@Fahl-Design has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 33 minutes and 53 seconds before requesting another review.

To continue reviewing without waiting, purchase usage credits in the billing tab.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 9204c3fe-f5c8-4218-bc64-3ec7b300d5c3

📥 Commits

Reviewing files that changed from the base of the PR and between d395430 and af237bf.

📒 Files selected for processing (1)

• .github/workflows/release.yml

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/release-upload-token

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[webproject-bot]

🎉 This PR is included in version 1.1.2 🎉

The release is available on:

• v1.1.2
• GitHub release

Your semantic-release bot 📦🚀