GITHUB_TOKEN cannot push commits that contain changes to
.github/workflows/ files (GitHub security restriction).
Use a Classic PAT with 'repo' + 'workflow' scopes instead.
Also add explicit checkout with fetch-depth:0 and ref:master
so the Fork-Sync action has full history for merging.
Revert to actions-cool/issues-helper and aormsby/Fork-Sync-With-Upstream-action
(matching lobehub/lobehub upstream sync pattern) with pinned SHA for v3.7.6.
Uses GITHUB_TOKEN which works when repo Settings > Actions > Workflow permissions
is set to 'Read and write permissions'.
GITHUB_TOKEN cannot push to fork repos in scheduled workflows.
Remove the GITHUB_TOKEN fallback so the workflow fails explicitly
when UPSTREAM_TOKEN is missing, instead of silently 403-ing.
Also add issues:write permission and git user config for merges.
Replace actions-cool/issues-helper and aormsby/Fork-Sync-With-Upstream-action
with native git commands and actions/github-script. This fixes the
'Repository access blocked' error caused by GitHub restricting access
to third-party actions in fork repositories.