TooAngel · worlddriven · Dec 16, 2025 · Dec 14, 2025
diff --git a/AUTHENTICATION_ARCHITECTURE.md b/AUTHENTICATION_ARCHITECTURE.md
@@ -27,7 +27,7 @@ The system tries authentication methods in this priority order:
 1. **Session User PAT** (Priority 1) - If user is logged in, use their personal access token
 2. **Repository GitHub App** (Priority 2) - If repository is configured with GitHub App
 3. **Repository Owner PAT** (Priority 3) - Fallback to repository owner's personal access token
-4. **Environment Token** (Priority 4) - System-wide fallback using `GITHUB_FALLBACK_TOKEN`
+4. **Environment Token** (Priority 4) - System-wide token using `WORLDDRIVEN_GITHUB_TOKEN`
 
 ## Configuration Options
 

diff --git a/GITHUB_APP_MIGRATION.md b/GITHUB_APP_MIGRATION.md
@@ -42,7 +42,7 @@ The `repositories` collection uses GitHub App authentication:
 
 **Repository Operations (PR management, webhooks):**
 1. **GitHub App** (Priority 1): Uses `installationId` from repository configuration
-2. **Fallback Token** (Priority 2): Uses `GITHUB_FALLBACK_TOKEN` environment variable for public repositories
+2. **Worlddriven Token** (Priority 2): Uses `WORLDDRIVEN_GITHUB_TOKEN` environment variable for public repositories
 3. **Error**: If repository has no `installationId`, it cannot be processed
 
 **User-Specific Operations (UI, user API calls):**

diff --git a/src/helpers/auth.js b/src/helpers/auth.js
@@ -66,13 +66,13 @@ export class Auth {
       console.warn('Failed to load repository config:', error.message);
     }
 
-    // Priority 2: Environment token fallback (if available)
-    if (process.env.GITHUB_FALLBACK_TOKEN) {
+    // Priority 2: Environment token (if available)
+    if (process.env.WORLDDRIVEN_GITHUB_TOKEN) {
       this._methods.push({
         type: 'ENV',
-        token: process.env.GITHUB_FALLBACK_TOKEN,
+        token: process.env.WORLDDRIVEN_GITHUB_TOKEN,
         priority: 2,
-        description: 'Environment fallback token',
+        description: 'Worlddriven GitHub token',
       });
     }
 

diff --git a/src/helpers/invitationProcessor.js b/src/helpers/invitationProcessor.js
@@ -8,10 +8,12 @@ const GITHUB_API_BASE = 'https://api.github.com';
 const DOCUMENTATION_REPO = 'worlddriven/documentation';
 
 export async function acceptRepositoryInvitations() {
-  const token = process.env.GITHUB_FALLBACK_TOKEN;
+  const token = process.env.WORLDDRIVEN_GITHUB_TOKEN;
 
   if (!token) {
-    console.log('[Invitations] No GITHUB_FALLBACK_TOKEN configured, skipping');
+    console.log(
+      '[Invitations] No WORLDDRIVEN_GITHUB_TOKEN configured, skipping'
+    );
     return { accepted: 0, failed: 0 };
   }
 

diff --git a/tests/auth.test.js b/tests/auth.test.js
@@ -13,7 +13,7 @@ test('Auth class', async t => {
     findByOwnerAndRepoStub = sinon.stub(Repository, 'findByOwnerAndRepo');
 
     // Clear environment variable
-    delete process.env.GITHUB_FALLBACK_TOKEN;
+    delete process.env.WORLDDRIVEN_GITHUB_TOKEN;
   });
 
   t.afterEach(() => {
@@ -68,7 +68,7 @@ test('Auth class', async t => {
       installationId: 12345,
     };
     findByOwnerAndRepoStub.resolves(mockRepo);
-    process.env.GITHUB_FALLBACK_TOKEN = 'env-token';
+    process.env.WORLDDRIVEN_GITHUB_TOKEN = 'env-token';
 
     const auth = new Auth({ owner: 'test', repo: 'repo' });
     const methods = await auth.getAllMethods();
@@ -81,7 +81,7 @@ test('Auth class', async t => {
   });
 
   await t.test('should add environment token when available', async () => {
-    process.env.GITHUB_FALLBACK_TOKEN = 'env-token';
+    process.env.WORLDDRIVEN_GITHUB_TOKEN = 'env-token';
     findByOwnerAndRepoStub.resolves(null);
 
     const auth = new Auth({ owner: 'test', repo: 'repo' });
@@ -91,7 +91,7 @@ test('Auth class', async t => {
     assert.strictEqual(methods[0].type, 'ENV');
     assert.strictEqual(methods[0].priority, 2);
     assert.strictEqual(methods[0].token, 'env-token');
-    assert.strictEqual(methods[0].description, 'Environment fallback token');
+    assert.strictEqual(methods[0].description, 'Worlddriven GitHub token');
   });
 
   await t.test('should provide auth strategy description', async () => {
@@ -102,14 +102,14 @@ test('Auth class', async t => {
       installationId: 12345,
     };
     findByOwnerAndRepoStub.resolves(mockRepo);
-    process.env.GITHUB_FALLBACK_TOKEN = 'env-token';
+    process.env.WORLDDRIVEN_GITHUB_TOKEN = 'env-token';
 
     const auth = new Auth({ owner: 'test', repo: 'repo' });
     const strategy = await auth.getAuthStrategy();
 
     assert.ok(strategy.includes('Auth strategy (with fallbacks)'));
     assert.ok(strategy.includes('1. Repository GitHub App'));
-    assert.ok(strategy.includes('2. Environment fallback token'));
+    assert.ok(strategy.includes('2. Worlddriven GitHub token'));
   });
 
   await t.test('should cache methods on repeated calls', async () => {