Create a GitHub App

Last Light needs a GitHub App to act on your repositories. The App gives the bot its own identity (your-bot[bot] on comments and PRs), its own set of downscoped tokens, and per-repo installation control.

1. Create the app

1. Go to github.com/settings/apps/new.
2. Fill in the basics:
   • Name — your bot name. This is what appears on comments and PRs with a [bot] suffix.
   • Homepage URL — your repo URL is fine.
   • Webhook URL — https://your-host:8644/webhooks/github, or leave blank for now if you're deploying webhooks later.
   • Webhook secret — generate a random string. This becomes WEBHOOK_SECRET in .env.
3. Uncheck Active under "Webhook" if you don't yet have a public URL. You can turn it back on after deploying.

2. Set permissions

Under Repository permissions, grant:

3. Subscribe to events

Under Subscribe to events, check:

• Issues
• Issue comment
• Pull request
• Pull request review (optional — currently ignored but will be used)

4. Install the app

1. Click Create GitHub App.
2. On the settings page, click Generate a private key and save the .pem file — you will need it in a moment.
3. Note the App ID at the top of the settings page.
4. In the left sidebar click Install App, then install it on the repositories you want Last Light to manage.
5. After installing, the URL will be github.com/settings/installations/12345678 — copy that ID. That's your Installation ID.

5. Collect the four values

At this point you should have:

Keep the .pem file somewhere safe. In local dev, drop it into the project root and reference it with a relative path. In production, it lives inside secrets/ — see the Production deploy page.