From b001e5f0ff05d7297c0101f4b44e861799e417dd Mon Sep 17 00:00:00 2001
From: Stefan Zweifel <stefanzweifel@users.noreply.github.com>
Date: Mon, 2 Jun 2025 21:37:45 +0200
Subject: [PATCH] Apply suggestions from code review

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index ff60268..512f25c 100644
--- a/README.md
+++ b/README.md
@@ -461,11 +461,11 @@ If you create a fine-grained personal access token, apply the `Contents`-permiss
 ```yaml
 - uses: actions/checkout@v4
   with:
+    # We pass the "PAT" secret to the checkout action; if no PAT secret is available to the workflow runner (eg. Dependabot) we fall back to the default "GITHUB_TOKEN".
     token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }}
 ```
 You can learn more about Personal Access Token in the [GitHub documentation](https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token).
 
-Having a fallback to GITHUB_TOKEN helps things like Dependabot to continue working, as they may not be granted access to the PAT.
 
 > [!TIP] 
 > If you're working in an organisation, and you don't want to create the PAT from your personal account, we recommend using a bot-account for such tokens.