fix(dependabot-rebase): update SHA pin to include GITHUB_TOKEN fix (PR #141)

[don-petry]

Problem

After merging PR #141, the caller stubs still reference SHA `35e0e20` (the version from PR #140). This means the reusable workflow being invoked predates the GITHUB_TOKEN fix — `update-branch` is still using the app token, which lacks `workflows` permission.

Fix

Update both caller stubs to reference `f5c167c` (HEAD of main after PR #141 merged), which includes:

• `GITHUB_TOKEN` for `update-branch` (resolves HTTP 403 on workflow files)
• `APP_TOKEN` for approvals and merges (preserves app bot identity)
• `contents: write` + `pull-requests: write` job permissions in callers

Impact

Once merged, the next push to main will trigger a workflow run that can successfully call `update-branch` on PRs #125 and #129, which have been stuck behind for several days.

🤖 Generated with Claude Code

[coderabbitai]

Warning

Rate limit exceeded

@don-petry has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 2 minutes and 44 seconds before requesting another review.

Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 2 minutes and 44 seconds.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 684db73b-d7da-4873-a075-bf9b4ead9765

📥 Commits

Reviewing files that changed from the base of the PR and between f5c167c and 576f343.

📒 Files selected for processing (2)

• .github/workflows/dependabot-rebase.yml
• standards/workflows/dependabot-rebase.yml

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/dependabot-rebase-sha-update

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull request overview

Updates the pinned commit SHA for the dependabot-rebase reusable workflow caller stubs so they invoke the version that includes the GITHUB_TOKEN fix for update-branch.

Changes:

• Bump the reusable workflow uses: pin from 35e0e20... to f5c167c... in the repo workflow stub.
• Bump the same uses: pin in the standards template to keep templates and stubs in sync.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

File	Description
.github/workflows/dependabot-rebase.yml	Updates the reusable workflow pin to the post-PR-141 commit SHA.
standards/workflows/dependabot-rebase.yml	Mirrors the same SHA bump in the standards template to prevent drift.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud