Simplify the code for authenticating to GitHub

[DilumAluthge]

After #24, all calls to the GitHub API are done through GitHub.jl. So then there's no need to keep a custom GitHubAuthenticator struct around. Just call GitHub.authenticate() one time at the very beginning, and store the resulting GitHub.Authorization in the config. Yes, GitHub.Authorization is an abstract type, but I don't think that matters much here; most of the time will be spent on these network calls, so the overhead when reading config.auth won't matter much.

[codecov-commenter]

⚠️ Please install the to ensure uploads and comments are reliably processed by Codecov.

Codecov Report

❌ Patch coverage is 0% with 35 lines in your changes missing coverage. Please review.
⚠️ Please upload report for BASE (master@7e221b2). Learn more about missing BASE report.

Files with missing lines	Patch %	Lines
backporter.jl	0.00%	35 Missing ⚠️
❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files

@@            Coverage Diff            @@
##             master      #33   +/-   ##
=========================================
  Coverage          ?   25.21%           
=========================================
  Files             ?        6           
  Lines             ?      797           
  Branches          ?        0           
=========================================
  Hits              ?      201           
  Misses            ?      596           
  Partials          ?        0           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[DilumAluthge]

@KristofferC @IanButterworth Could you review this?

[IanButterworth]

Claude review:

---

Review of PR #33: Simplify the code for authenticating to GitHub

The refactor is a good simplification — removing the lazy GitHubAuthenticator /
authenticate! indirection in favour of a single upfront call is cleaner and easier to
reason about. All call sites appear to be correctly updated. There is one outright bug and
one minor issue.

---

Bug — wrong variable name in get_github_auth_from_env (backporter.jl, new function)

function get_github_auth_from_env()
    str = get(ENV, "GITHUB_TOKEN", "")
    if isempty(str)
        error("GITHUB_TOKEN environment variable must be set")
    end
    auth = try
        GitHub.authenticate(github_auth)   # ← BUG: `github_auth` is not defined here
    ...

The token is read into str, but GitHub.authenticate is called with github_auth — a
name that no longer exists in this scope (it was a field on the old struct/config). This
will throw an UndefVarError at runtime every time authentication is attempted. It should
be:

GitHub.authenticate(str)

---

Minor — get_github_auth_from_env() called twice in audit mode

LabelAuditConfig's inner constructor calls get_github_auth_from_env(). In
run_audit_mode, get_github_auth_from_env() is also called separately just to pass
auth into find_backport_versions. That means authentication (a network round-trip)
happens at least twice when running audit mode. The first call's result could be passed
through, or find_backport_versions could accept a LabelAuditConfig directly, to avoid
the redundant call.

---

Nit — comment duplication

The same comment appears on both struct fields:

auth::GitHub.Authorization # This is an abstract type, but that's okay

It appears on BackportConfig and on LabelAuditConfig. Since the PR description already
explains the reasoning, a single comment in one place (or just in get_github_auth_from_env)
would suffice.