Requesting `permission-pull-requests` results in 422 error

[Omochice]

After version 2.0.4, the permission- prefix works correctly. However, when specifying a permission key with hyphens (e.g., permission-pull-requests), a 422 Unprocessable Entity error occurs when calling the /app/installations/{installation_id}/access_tokens endpoint.

This issue arises because the key permission-pull-requests is converted into an environment variable like INPUT_PERMISSION-PULL-REQUESTS during processing (https://docs.github.com/en/actions/sharing-automations/creating-actions/metadata-syntax-for-github-actions#example-specifying-inputs). The value is sent to the API as pull-requests instead of the expected pull_requests. Since the API expects the underscore format (pull_requests) to identify permissions, the invalid pull-requests key results in a request for a non-existent permission, triggering the 422 error.

[create-app-token-action-releaser]

🎉 This issue has been resolved in version 2.0.6 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀