From 0fd9b140043bde4f66db61cc01ebf3294c5c8095 Mon Sep 17 00:00:00 2001
From: burgholzer <burgholzer@me.com>
Date: Tue, 10 Sep 2024 21:46:58 +0200
Subject: [PATCH] =?UTF-8?q?=F0=9F=93=9D=20add=20documentation=20on=20the?=
 =?UTF-8?q?=20GitHub=20authentication=20token?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 README.md | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/README.md b/README.md
index 156407e..78e5e26 100644
--- a/README.md
+++ b/README.md
@@ -17,6 +17,7 @@ Set up your GitHub Actions workflow with a specific version of [uv](https://docs
   - [Enable Caching](#enable-caching)
     - [Local cache path](#local-cache-path)
     - [Cache dependency glob](#cache-dependency-glob)
+  - [GitHub authentication token](#github-authentication-token)
 - [How it works](#how-it-works)
 - [FAQ](#faq)
 
@@ -134,6 +135,23 @@ changes. The glob matches files relative to the repository root.
       '**pyproject.toml'
 ```
 
+### GitHub authentication token
+
+This action uses the GitHub API to fetch the `uv` release artifacts. To avoid hitting the GitHub API
+rate limit too quickly, an authentication token can be provided via the `github-token` input. By
+default, the `GITHUB_TOKEN` secret is used, which is automatically provided by GitHub Actions.
+
+If the default
+[permissions for the GitHub token](https://docs.github.com/en/actions/security-for-github-actions/security-guides/automatic-token-authentication#permissions-for-the-github_token)
+are not sufficient, you can provide a custom GitHub token with the necessary permissions.
+
+```yaml
+- name: Install the latest version of uv with a custom GitHub token
+  uses: astral-sh/setup-uv@v2
+  with:
+    github-token: ${{ secrets.CUSTOM_GITHUB_TOKEN }}
+```
+
 ## How it works
 
 This action downloads uv from the uv repo's official