test: integration test fixes

Fixes #2412.

.github/workflows/ci.yml

@@ -92,7 +92,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Find Comment
-        uses: peter-evans/find-comment@v3
+        uses: peter-evans/find-comment@v2
         id: fc
         with:
           issue-number: ${{ github.event.number }}
@@ -101,7 +101,7 @@ jobs:
 
       - if: steps.fc.outputs.comment-id == ''
         name: Create comment
-        uses: peter-evans/create-or-update-comment@v4
+        uses: peter-evans/create-or-update-comment@v3
         with:
           issue-number: ${{ github.event.number }}
           body: |
@@ -121,7 +121,7 @@ jobs:
           name: dist
           path: dist
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v6
+        uses: peter-evans/create-pull-request@v5
         with:
           token: ${{ secrets.ACTIONS_BOT_TOKEN }}
           commit-message: 'build: update distribution'

.github/workflows/cpr-example-command.yml

@@ -42,7 +42,7 @@ jobs:
           echo "Pull Request URL - ${{ steps.cpr.outputs.pull-request-url }}"
 
       - name: Add reaction
-        uses: peter-evans/create-or-update-comment@v4
+        uses: peter-evans/create-or-update-comment@v3
         with:
           repository: ${{ github.event.client_payload.github.payload.repository.full_name }}
           comment-id: ${{ github.event.client_payload.github.payload.comment.id }}

.github/workflows/slash-command-dispatch.yml

@@ -7,7 +7,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Slash Command Dispatch
-        uses: peter-evans/slash-command-dispatch@v4
+        uses: peter-evans/slash-command-dispatch@v3
         with:
           token: ${{ secrets.ACTIONS_BOT_TOKEN }}
           config: >

.github/workflows/update-major-version.yml

@@ -11,8 +11,8 @@ on:
         type: choice
         description: The major version tag to update
         options:
+          - v4
           - v5
-          - v6
 
 jobs:
   tag:

README.md

@@ -21,7 +21,7 @@ Create Pull Request action will:
 
 - [Concepts, guidelines and advanced usage](docs/concepts-guidelines.md)
 - [Examples](docs/examples.md)
-- [Updating to v6](docs/updating.md)
+- [Updating to v5](docs/updating.md)
 - [Common issues](docs/common-issues.md)
 
 ## Usage
@@ -32,10 +32,10 @@ Create Pull Request action will:
       # Make changes to pull request here
 
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v6
+        uses: peter-evans/create-pull-request@v5
 ```
 
-You can also pin to a [specific release](https://github.com/peter-evans/create-pull-request/releases) version in the format `@v6.x.x`
+You can also pin to a [specific release](https://github.com/peter-evans/create-pull-request/releases) version in the format `@v5.x.x`
 
 ### Workflow permissions
 
@@ -57,7 +57,7 @@ All inputs are **optional**. If not set, sensible defaults will be used.
 | `path` | Relative path under `GITHUB_WORKSPACE` to the repository. | `GITHUB_WORKSPACE` |
 | `add-paths` | A comma or newline-separated list of file paths to commit. Paths should follow git's [pathspec](https://git-scm.com/docs/gitglossary#Documentation/gitglossary.txt-aiddefpathspecapathspec) syntax. If no paths are specified, all new and modified files are added. See [Add specific paths](#add-specific-paths). | |
 | `commit-message` | The message to use when committing changes. See [commit-message](#commit-message). | `[create-pull-request] automated change` |
-| `committer` | The committer name and email address in the format `Display Name <email@address.com>`. Defaults to the GitHub Actions bot user on github.com. | `github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>` |
+| `committer` | The committer name and email address in the format `Display Name <email@address.com>`. Defaults to the GitHub Actions bot user. | `github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>` |
 | `author` | The author name and email address in the format `Display Name <email@address.com>`. Defaults to the user who triggered the workflow run. | `${{ github.actor }} <${{ github.actor_id }}+${{ github.actor }}@users.noreply.github.com>` |
 | `signoff` | Add [`Signed-off-by`](https://git-scm.com/docs/git-commit#Documentation/git-commit.txt---signoff) line by the committer at the end of the commit log message. | `false` |
 | `branch` | The pull request branch name. | `create-pull-request/patch` |
@@ -65,7 +65,6 @@ All inputs are **optional**. If not set, sensible defaults will be used.
 | `branch-suffix` | The branch suffix type when using the alternative branching strategy. Valid values are `random`, `timestamp` and `short-commit-hash`. See [Alternative strategy](#alternative-strategy---always-create-a-new-pull-request-branch) for details. | |
 | `base` | Sets the pull request base branch. | Defaults to the branch checked out in the workflow. |
 | `push-to-fork` | A fork of the checked-out parent repository to which the pull request branch will be pushed. e.g. `owner/repo-fork`. The pull request will be created to merge the fork's branch into the parent's base. See [push pull request branches to a fork](docs/concepts-guidelines.md#push-pull-request-branches-to-a-fork) for details. | |
-| `sign-commits` | Sign commits as `github-actions[bot]` when using `GITHUB_TOKEN`, or your own bot when using [GitHub App tokens](docs/concepts-guidelines.md#authenticating-with-github-app-generated-tokens). See [commit signing](docs/concepts-guidelines.md#commit-signature-verification-for-bots) for details.  | `false` |
 | `title` | The title of the pull request. | `Changes by create-pull-request action` |
 | `body` | The body of the pull request. | `Automated changes by [create-pull-request](https://github.com/peter-evans/create-pull-request) GitHub action` |
 | `body-path` | The path to a file containing the pull request body. Takes precedence over `body`. | |
@@ -75,7 +74,6 @@ All inputs are **optional**. If not set, sensible defaults will be used.
 | `team-reviewers` | A comma or newline-separated list of GitHub teams to request a review from. Note that a `repo` scoped [PAT](https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token), or equivalent [GitHub App permissions](docs/concepts-guidelines.md#authenticating-with-github-app-generated-tokens), are required. | |
 | `milestone` | The number of the milestone to associate this pull request with. | |
 | `draft` | Create a [draft pull request](https://docs.github.com/en/github/collaborating-with-issues-and-pull-requests/about-pull-requests#draft-pull-requests). It is not possible to change draft status after creation except through the web interface. | `false` |
-| `maintainer-can-modify` | Indicates whether [maintainers can modify](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/working-with-forks/allowing-changes-to-a-pull-request-branch-created-from-a-fork) the pull request. | `true` |
 
 #### commit-message
 
@@ -93,11 +91,7 @@ In addition to a message, the `commit-message` input can also be used to populat
 #### delete-branch
 
 The `delete-branch` feature doesn't delete branches immediately on merge. (It can't do that because it would require the merge to somehow trigger the action.)
-The intention of the feature is that when the action next runs it will delete the `branch` if there is no diff.
-
-Enabling this feature leads to the following behaviour:
-1. If a pull request was merged and the branch is left undeleted, when the action next runs it will delete the branch if there is no further diff.
-2. If a pull request is open, but there is now no longer a diff and the PR is unnecessary, the action will delete the branch causing the PR to close.
+The intention of the feature is that when the action next runs it will delete the `branch` if it doesn't have an active pull request associated with it.
 
 If you want branches to be deleted immediately on merge then you should use GitHub's `Automatically delete head branches` feature in your repository settings.
 
@@ -106,7 +100,7 @@ If you want branches to be deleted immediately on merge then you should use GitH
 For self-hosted runners behind a corporate proxy set the `https_proxy` environment variable.
 ```yml
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v6
+        uses: peter-evans/create-pull-request@v5
         env:
           https_proxy: http://<proxy_address>:<port>
 ```
@@ -117,10 +111,8 @@ The following outputs can be used by subsequent workflow steps.
 
 - `pull-request-number` - The pull request number.
 - `pull-request-url` - The URL of the pull request.
-- `pull-request-operation` - The pull request operation performed by the action, `created`, `updated`, `closed` or `none`.
+- `pull-request-operation` - The pull request operation performed by the action, `created`, `updated` or `closed`.
 - `pull-request-head-sha` - The commit SHA of the pull request branch.
-- `pull-request-branch` - The branch name of the pull request.
-- `pull-request-commits-verified` - Whether GitHub considers the signature of the branch's commits to be verified; `true` or `false`.
 
 Step outputs can be accessed as in the following example.
 Note that in order to read the step outputs the action step must have an id.
@@ -128,7 +120,7 @@ Note that in order to read the step outputs the action step must have an id.
 ```yml
       - name: Create Pull Request
         id: cpr
-        uses: peter-evans/create-pull-request@v6
+        uses: peter-evans/create-pull-request@v5
       - name: Check outputs
         if: ${{ steps.cpr.outputs.pull-request-number }}
         run: |
@@ -191,7 +183,7 @@ File changes that do not match one of the paths will be stashed and restored aft
 
 ```yml
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v6
+        uses: peter-evans/create-pull-request@v5
         with:
           add-paths: |
             *.java
@@ -218,7 +210,7 @@ Note that the repository must be checked out on a branch with a remote, it won't
       - name: Uncommitted change
         run: date +%s > report.txt
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v6
+        uses: peter-evans/create-pull-request@v5
 ```
 
 ### Create a project card
@@ -228,7 +220,7 @@ To create a project card for the pull request, pass the `pull-request-number` st
 ```yml
       - name: Create Pull Request
         id: cpr
-        uses: peter-evans/create-pull-request@v6
+        uses: peter-evans/create-pull-request@v5
 
       - name: Create or Update Project Card
         if: ${{ steps.cpr.outputs.pull-request-number }}
@@ -263,7 +255,7 @@ jobs:
 
       - name: Create Pull Request
         id: cpr
-        uses: peter-evans/create-pull-request@v6
+        uses: peter-evans/create-pull-request@v5
         with:
           token: ${{ secrets.PAT }}
           commit-message: Update report

__test__/create-or-update-branch.int.test.ts

@@ -1,8 +1,7 @@
 import {
   createOrUpdateBranch,
   tryFetch,
-  getWorkingBaseAndType,
-  buildBranchCommits
+  getWorkingBaseAndType
 } from '../lib/create-or-update-branch'
 import * as fs from 'fs'
 import {GitCommandManager} from '../lib/git-command-manager'
@@ -141,22 +140,10 @@ describe('create-or-update-branch tests', () => {
   })
 
   async function beforeTest(): Promise<void> {
-    await git.fetch(
-      [`${DEFAULT_BRANCH}:${DEFAULT_BRANCH}`],
-      REMOTE_NAME,
-      ['--force', '--update-head-ok'],
-      true
-    )
     await git.checkout(DEFAULT_BRANCH)
   }
 
   async function afterTest(deleteRemote = true): Promise<void> {
-    await git.fetch(
-      [`${DEFAULT_BRANCH}:${DEFAULT_BRANCH}`],
-      REMOTE_NAME,
-      ['--force', '--update-head-ok'],
-      true
-    )
     await git.checkout(DEFAULT_BRANCH)
     try {
       // Get the upstream branch if it exists
@@ -211,8 +198,8 @@ describe('create-or-update-branch tests', () => {
   }
 
   it('tests if a branch exists and can be fetched', async () => {
-    expect(await tryFetch(git, REMOTE_NAME, NOT_BASE_BRANCH, 1)).toBeTruthy()
-    expect(await tryFetch(git, REMOTE_NAME, NOT_EXIST_BRANCH, 1)).toBeFalsy()
+    expect(await tryFetch(git, REMOTE_NAME, NOT_BASE_BRANCH)).toBeTruthy()
+    expect(await tryFetch(git, REMOTE_NAME, NOT_EXIST_BRANCH)).toBeFalsy()
   })
 
   it('tests getWorkingBaseAndType on a checked out ref', async () => {
@@ -230,77 +217,6 @@ describe('create-or-update-branch tests', () => {
     expect(workingBaseType).toEqual('commit')
   })
 
-  it('tests buildBranchCommits with no diff', async () => {
-    await git.checkout(BRANCH, BASE)
-    const branchCommits = await buildBranchCommits(git, BASE, BRANCH)
-    expect(branchCommits.length).toEqual(0)
-  })
-
-  it('tests buildBranchCommits with addition and modification', async () => {
-    await git.checkout(BRANCH, BASE)
-    await createChanges()
-    const UNTRACKED_EXE_FILE = 'a/script.sh'
-    const filepath = path.join(REPO_PATH, UNTRACKED_EXE_FILE)
-    await fs.promises.writeFile(filepath, '#!/usr/bin/env bash', {mode: 0o755})
-    await git.exec(['add', '-A'])
-    await git.commit(['-m', 'Test changes'])
-
-    const branchCommits = await buildBranchCommits(git, BASE, BRANCH)
-
-    expect(branchCommits.length).toEqual(1)
-    expect(branchCommits[0].subject).toEqual('Test changes')
-    expect(branchCommits[0].changes.length).toEqual(3)
-    expect(branchCommits[0].changes).toEqual([
-      {mode: '100755', path: UNTRACKED_EXE_FILE, status: 'A'},
-      {mode: '100644', path: TRACKED_FILE, status: 'M'},
-      {mode: '100644', path: UNTRACKED_FILE, status: 'A'}
-    ])
-  })
-
-  it('tests buildBranchCommits with addition and deletion', async () => {
-    await git.checkout(BRANCH, BASE)
-    await createChanges()
-    const TRACKED_FILE_NEW_PATH = 'c/tracked-file.txt'
-    const filepath = path.join(REPO_PATH, TRACKED_FILE_NEW_PATH)
-    await fs.promises.mkdir(path.dirname(filepath), {recursive: true})
-    await fs.promises.rename(path.join(REPO_PATH, TRACKED_FILE), filepath)
-    await git.exec(['add', '-A'])
-    await git.commit(['-m', 'Test changes'])
-
-    const branchCommits = await buildBranchCommits(git, BASE, BRANCH)
-
-    expect(branchCommits.length).toEqual(1)
-    expect(branchCommits[0].subject).toEqual('Test changes')
-    expect(branchCommits[0].changes.length).toEqual(3)
-    expect(branchCommits[0].changes).toEqual([
-      {mode: '100644', path: TRACKED_FILE, status: 'D'},
-      {mode: '100644', path: UNTRACKED_FILE, status: 'A'},
-      {mode: '100644', path: TRACKED_FILE_NEW_PATH, status: 'A'}
-    ])
-  })
-
-  it('tests buildBranchCommits with multiple commits', async () => {
-    await git.checkout(BRANCH, BASE)
-    for (let i = 0; i < 3; i++) {
-      await createChanges()
-      await git.exec(['add', '-A'])
-      await git.commit(['-m', `Test changes ${i}`])
-    }
-
-    const branchCommits = await buildBranchCommits(git, BASE, BRANCH)
-
-    expect(branchCommits.length).toEqual(3)
-    for (let i = 0; i < 3; i++) {
-      expect(branchCommits[i].subject).toEqual(`Test changes ${i}`)
-      expect(branchCommits[i].changes.length).toEqual(2)
-      const untrackedFileStatus = i == 0 ? 'A' : 'M'
-      expect(branchCommits[i].changes).toEqual([
-        {mode: '100644', path: TRACKED_FILE, status: 'M'},
-        {mode: '100644', path: UNTRACKED_FILE, status: untrackedFileStatus}
-      ])
-    }
-  })
-
   it('tests no changes resulting in no new branch being created', async () => {
     const commitMessage = uuidv4()
     const result = await createOrUpdateBranch(
@@ -1538,7 +1454,8 @@ describe('create-or-update-branch tests', () => {
     expect(
       await gitLogMatches([
         _commitMessage,
-        commits.commitMsgs[0] // fetch depth of base is 1
+        ...commits.commitMsgs,
+        INIT_COMMIT_MESSAGE
       ])
     ).toBeTruthy()
   })
@@ -1673,9 +1590,7 @@ describe('create-or-update-branch tests', () => {
     expect(await getFileContent(TRACKED_FILE)).toEqual(_changes.tracked)
     expect(await getFileContent(UNTRACKED_FILE)).toEqual(_changes.untracked)
     expect(
-      await gitLogMatches([
-        commits.commitMsgs[0] // fetch depth of base is 1
-      ])
+      await gitLogMatches([...commits.commitMsgs, INIT_COMMIT_MESSAGE])
     ).toBeTruthy()
   })
 
@@ -1753,9 +1668,7 @@ describe('create-or-update-branch tests', () => {
     expect(await getFileContent(TRACKED_FILE)).toEqual(_changes.tracked)
     expect(await getFileContent(UNTRACKED_FILE)).toEqual(_changes.untracked)
     expect(
-      await gitLogMatches([
-        commits.commitMsgs[0] // fetch depth of base is 1
-      ])
+      await gitLogMatches([...commits.commitMsgs, INIT_COMMIT_MESSAGE])
     ).toBeTruthy()
   })
 
@@ -2038,7 +1951,8 @@ describe('create-or-update-branch tests', () => {
       await gitLogMatches([
         _commitMessage,
         ..._commits.commitMsgs,
-        commitsOnBase.commitMsgs[0] // fetch depth of base is 1
+        ...commitsOnBase.commitMsgs,
+        INIT_COMMIT_MESSAGE
       ])
     ).toBeTruthy()
   })
@@ -2233,7 +2147,8 @@ describe('create-or-update-branch tests', () => {
     expect(
       await gitLogMatches([
         _commitMessage,
-        commitsOnBase.commitMsgs[0] // fetch depth of base is 1
+        ...commitsOnBase.commitMsgs,
+        INIT_COMMIT_MESSAGE
       ])
     ).toBeTruthy()
   })

__test__/entrypoint.sh

@@ -13,7 +13,7 @@ git daemon --verbose --enable=receive-pack --base-path=/git/remote --export-all
 # Give the daemon time to start
 sleep 2
 
-# Create a local clone and make initial commits
+# Create a local clone and make an initial commit
 mkdir -p /git/local/repos
 git clone git://127.0.0.1/repos/test-base.git /git/local/repos/test-base
 cd /git/local/repos/test-base
@@ -22,10 +22,6 @@ git config --global user.name "Your Name"
 echo "#test-base" > README.md
 git add .
 git commit -m "initial commit"
-echo "#test-base :sparkles:" > README.md
-git add .
-git commit -m "add sparkles" -m "Change description:
-- updates README.md to add sparkles to the title"
 git push -u
 git log -1 --pretty=oneline
 git config --global --unset user.email

__test__/git-command-manager.int.test.ts

@@ -1,26 +0,0 @@
-import {GitCommandManager, Commit} from '../lib/git-command-manager'
-
-const REPO_PATH = '/git/local/repos/test-base'
-
-describe('git-command-manager integration tests', () => {
-  let git: GitCommandManager
-
-  beforeAll(async () => {
-    git = await GitCommandManager.create(REPO_PATH)
-    await git.checkout('main')
-  })
-
-  it('tests getCommit', async () => {
-    const parent = await git.getCommit('HEAD^')
-    const commit = await git.getCommit('HEAD')
-    expect(parent.subject).toEqual('initial commit')
-    expect(parent.changes).toEqual([
-      {mode: '100644', status: 'A', path: 'README.md'}
-    ])
-    expect(commit.subject).toEqual('add sparkles')
-    expect(commit.parents[0]).toEqual(parent.sha)
-    expect(commit.changes).toEqual([
-      {mode: '100644', status: 'M', path: 'README.md'}
-    ])
-  })
-})

__test__/git-config-helper.int.test.ts

@@ -7,6 +7,7 @@ const extraheaderConfigKey = 'http.https://127.0.0.1/.extraheader'
 
 describe('git-config-helper integration tests', () => {
   let git: GitCommandManager
+  let gitConfigHelper: GitConfigHelper
 
   beforeAll(async () => {
     git = await GitCommandManager.create(REPO_PATH)

action.yml

@@ -51,9 +51,6 @@ inputs:
       A fork of the checked out parent repository to which the pull request branch will be pushed.
       e.g. `owner/repo-fork`.
       The pull request will be created to merge the fork's branch into the parent's base.
-  sign-commits:
-    description: 'Sign commits as `github-actions[bot]` when using `GITHUB_TOKEN`, or your own bot when using GitHub App tokens.'
-    default: false
   title:
     description: 'The title of the pull request.'
     default: 'Changes by create-pull-request action'
@@ -77,9 +74,6 @@ inputs:
   draft:
     description: 'Create a draft pull request. It is not possible to change draft status after creation except through the web interface'
     default: false
-  maintainer-can-modify:
-    description: 'Indicates whether maintainers can modify the pull request.'
-    default: true
 outputs:
   pull-request-number:
     description: 'The pull request number'
@@ -89,8 +83,6 @@ outputs:
     description: 'The pull request operation performed by the action, `created`, `updated` or `closed`.'
   pull-request-head-sha:
     description: 'The commit SHA of the pull request branch.'
-  pull-request-branch:
-    description: 'The pull request branch name'
 runs:
   using: 'node20'
   main: 'dist/index.js'

docs/common-issues.md

@@ -35,12 +35,7 @@ The reason is that I'm trying very hard to keep the interface for this action to
 Git hooks must be installed after a repository is checked out in order for them to work.
 So the straightforward solution is to just not install them during the workflow where this action is used.
 
-- If hooks are automatically enabled by a framework, use an option provided by the framework to disable them. For example, for Husky users, they can be disabled with the `--ignore-scripts` flag, or by setting the `HUSKY` environment variable when the action runs.
-  ```yml
-  uses: peter-evans/create-pull-request@v6
-  env:
-    HUSKY: '0'
-  ```
+- If hooks are automatically enabled by a framework, use an option provided by the framework to disable them. For example, for Husky users, they can be disabled with the `--ignore-scripts` flag.
 - If hooks are installed in a script, then add a condition checking if the `CI` environment variable exists.
    ```sh
    #!/bin/sh

docs/concepts-guidelines.md

@@ -16,9 +16,7 @@ This document covers terminology, how the action works, general usage guidelines
   - [Push using SSH (deploy keys)](#push-using-ssh-deploy-keys)
   - [Push pull request branches to a fork](#push-pull-request-branches-to-a-fork)
   - [Authenticating with GitHub App generated tokens](#authenticating-with-github-app-generated-tokens)
-  - [Commit signing](#commit-signing)
-    - [Commit signature verification for bots](#commit-signature-verification-for-bots)
-    - [GPG commit signature verification](#gpg-commit-signature-verification)
+  - [GPG commit signature verification](#gpg-commit-signature-verification)
   - [Running in a container or on self-hosted runners](#running-in-a-container-or-on-self-hosted-runners)
 
 ## Terminology
@@ -90,7 +88,7 @@ In these cases, you *must supply* the `base` input so the action can rebase chan
 Workflows triggered by [`pull_request`](https://docs.github.com/en/actions/reference/events-that-trigger-workflows#pull_request) events will by default check out a merge commit. Set the `base` input as follows to base the new pull request on the current pull request's branch.
 
 ```yml
-      - uses: peter-evans/create-pull-request@v6
+      - uses: peter-evans/create-pull-request@v5
         with:
           base: ${{ github.head_ref }}
 ```
@@ -98,7 +96,7 @@ Workflows triggered by [`pull_request`](https://docs.github.com/en/actions/refer
 Workflows triggered by [`release`](https://docs.github.com/en/actions/reference/events-that-trigger-workflows#release) events will by default check out a tag. For most use cases, you will need to set the `base` input to the branch name of the tagged commit.
 
 ```yml
-      - uses: peter-evans/create-pull-request@v6
+      - uses: peter-evans/create-pull-request@v5
         with:
           base: main
 ```
@@ -182,7 +180,7 @@ Checking out a branch from a different repository from where the workflow is exe
 
       # Make changes to pull request here
 
-      - uses: peter-evans/create-pull-request@v6
+      - uses: peter-evans/create-pull-request@v5
         with:
           token: ${{ secrets.PAT }}
 ```
@@ -209,7 +207,7 @@ How to use SSH (deploy keys) with create-pull-request action:
       # Make changes to pull request here
 
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v6
+        uses: peter-evans/create-pull-request@v5
 ```
 
 ### Push pull request branches to a fork
@@ -232,7 +230,7 @@ Note that if you choose to use this method (not give the machine account `write`
 
       # Make changes to pull request here
 
-      - uses: peter-evans/create-pull-request@v6
+      - uses: peter-evans/create-pull-request@v5
         with:
           token: ${{ secrets.MACHINE_USER_PAT }}
           push-to-fork: machine-user/fork-of-repository
@@ -262,74 +260,27 @@ GitHub App generated tokens are more secure than using a PAT because GitHub App
 
 4. Set secrets on your repository containing the GitHub App ID, and the private key you created in step 2. e.g. `APP_ID`, `APP_PRIVATE_KEY`.
 
-5. The following example workflow shows how to use [actions/create-github-app-token](https://github.com/actions/create-github-app-token) to generate a token for use with this action.
+5. The following example workflow shows how to use [tibdex/github-app-token](https://github.com/tibdex/github-app-token) to generate a token for use with this action.
 
 ```yaml
     steps:
       - uses: actions/checkout@v4
 
-      - uses: actions/create-github-app-token@v1
+      - uses: tibdex/github-app-token@v1
         id: generate-token
         with:
-          app-id: ${{ secrets.APP_ID }}
-          private-key: ${{ secrets.APP_PRIVATE_KEY }}
+          app_id: ${{ secrets.APP_ID }}
+          private_key: ${{ secrets.APP_PRIVATE_KEY }}
 
       # Make changes to pull request here
 
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v6
+        uses: peter-evans/create-pull-request@v5
         with:
           token: ${{ steps.generate-token.outputs.token }}
 ```
 
-### Commit signing
-
-[Commit signature verification](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification) is a feature where GitHub will mark signed commits as "verified" to give confidence that changes are from a trusted source. Some organizations require commit signing, and enforce it with branch protection rules.
-
-The action supports two methods to sign commits, [commit signature verification for bots](#commit-signature-verification-for-bots), and [GPG commit signature verification](#gpg-commit-signature-verification).
-
-#### Commit signature verification for bots
-
-The action can sign commits as `github-actions[bot]` when using the repository's default `GITHUB_TOKEN`, or your own bot when using [GitHub App tokens](#authenticating-with-github-app-generated-tokens).
-
-> [!IMPORTANT]  
-> - When setting `sign-commits: true` the action will ignore the `committer` and `author` inputs.
-> - If you attempt to use a [Personal Access Token (PAT)](https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token) the action will create the pull request, but commits will not be signed. Commit signing is only supported with bot generated tokens.
-
-In this example the `token` input is not supplied, so the action will use the repository's default `GITHUB_TOKEN`. This will sign commits as `github-actions[bot]`.
-```yaml
-    steps:
-      - uses: actions/checkout@v4
-
-      # Make changes to pull request here
-
-      - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v6
-        with:
-          sign-commits: true
-```
-
-In this example, the `token` input is generated using a GitHub App. This will sign commits as `<application-name>[bot]`.
-```yaml
-    steps:
-      - uses: actions/checkout@v4
-
-      - uses: actions/create-github-app-token@v1
-        id: generate-token
-        with:
-          app-id: ${{ secrets.APP_ID }}
-          private-key: ${{ secrets.APP_PRIVATE_KEY }}
-
-      # Make changes to pull request here
-
-      - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v6
-        with:
-          token: ${{ steps.generate-token.outputs.token }}
-          sign-commits: true
-```
-
-#### GPG commit signature verification
+### GPG commit signature verification
 
 The action can use GPG to sign commits with a GPG key that you generate yourself.
 
@@ -365,7 +316,7 @@ The action can use GPG to sign commits with a GPG key that you generate yourself
       # Make changes to pull request here
 
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v6
+        uses: peter-evans/create-pull-request@v5
         with:
           token: ${{ secrets.PAT }}
           committer: example <email@example.com>
@@ -395,7 +346,7 @@ jobs:
       # Make changes to pull request here
 
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v6
+        uses: peter-evans/create-pull-request@v5
 ```
 
 **Ubuntu container example:**
@@ -418,5 +369,5 @@ jobs:
       # Make changes to pull request here
 
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v6
+        uses: peter-evans/create-pull-request@v5
 ```

docs/examples.md

@@ -19,6 +19,7 @@
   - [autopep8](#autopep8)
 - [Misc workflow tips](#misc-workflow-tips)
   - [Filtering push events](#filtering-push-events)
+  - [Bypassing git hooks](#bypassing-git-hooks)
   - [Dynamic configuration using variables](#dynamic-configuration-using-variables)
   - [Using a markdown template](#using-a-markdown-template)
   - [Debugging GitHub Actions](#debugging-github-actions)
@@ -49,7 +50,7 @@ jobs:
         run: |
           git log --format='%aN <%aE>%n%cN <%cE>' | sort -u > AUTHORS
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v6
+        uses: peter-evans/create-pull-request@v5
         with:
           commit-message: update authors
           title: Update AUTHORS
@@ -81,7 +82,7 @@ jobs:
           git fetch origin main:main
           git reset --hard main
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v6
+        uses: peter-evans/create-pull-request@v5
         with:
           branch: production-promotion
 ```
@@ -116,7 +117,7 @@ jobs:
           ./git-chglog -o CHANGELOG.md
           rm git-chglog
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v6
+        uses: peter-evans/create-pull-request@v5
         with:
           commit-message: update changelog
           title: Update Changelog
@@ -153,7 +154,7 @@ jobs:
           npx -p npm-check-updates ncu -u
           npm install
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v6
+        uses: peter-evans/create-pull-request@v5
         with:
             token: ${{ secrets.PAT }}
             commit-message: Update dependencies
@@ -214,7 +215,7 @@ jobs:
       - name: Perform dependency resolution and write new lockfiles
         run: ./gradlew dependencies --write-locks
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v6
+        uses: peter-evans/create-pull-request@v5
         with:
             token: ${{ secrets.PAT }}
             commit-message: Update dependencies
@@ -249,7 +250,7 @@ jobs:
           cargo update
           cargo upgrade --to-lockfile
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v6
+        uses: peter-evans/create-pull-request@v5
         with:
             token: ${{ secrets.PAT }}
             commit-message: Update dependencies
@@ -307,7 +308,7 @@ jobs:
           # Update current release
           echo ${{ steps.swagger-ui.outputs.release_tag }} > swagger-ui.version
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v6
+        uses: peter-evans/create-pull-request@v5
         with:
           commit-message: Update swagger-ui to ${{ steps.swagger-ui.outputs.release_tag }}
           title: Update SwaggerUI to ${{ steps.swagger-ui.outputs.release_tag }}
@@ -351,7 +352,7 @@ jobs:
           git fetch upstream main:upstream-main
           git reset --hard upstream-main
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v6
+        uses: peter-evans/create-pull-request@v5
         with:
           token: ${{ secrets.PAT }}
           branch: upstream-changes
@@ -384,7 +385,7 @@ jobs:
             --domains quotes.toscrape.com \
             http://quotes.toscrape.com/
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v6
+        uses: peter-evans/create-pull-request@v5
         with:
           commit-message: update local website copy
           title: Automated Updates to Local Website Copy
@@ -481,7 +482,7 @@ jobs:
           echo "branch-name=$branch-name" >> $GITHUB_OUTPUT
       - name: Create Pull Request
         if: steps.autopep8.outputs.exit-code == 2
-        uses: peter-evans/create-pull-request@v6
+        uses: peter-evans/create-pull-request@v5
         with:
           commit-message: autopep8 action fixes
           title: Fixes by autopep8 action
@@ -525,6 +526,18 @@ jobs:
       ...
 ```
 
+### Bypassing git hooks
+
+If you have git hooks that prevent the action from working correctly you can remove them before running the action.
+
+```yml
+      # Remove git hooks
+      - run: rm -rf .git/hooks
+
+      - name: Create Pull Request
+        uses: peter-evans/create-pull-request@v5
+```
+
 ### Dynamic configuration using variables
 
 The following examples show how configuration for the action can be dynamically defined in a previous workflow step.
@@ -540,7 +553,7 @@ Note that the step where output variables are defined must have an id.
           echo "pr_title=$pr_title" >> $GITHUB_OUTPUT
           echo "pr_body=$pr_body" >> $GITHUB_OUTPUT
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v6
+        uses: peter-evans/create-pull-request@v5
         with:
           title: ${{ steps.vars.outputs.pr_title }}
           body: ${{ steps.vars.outputs.pr_body }}
@@ -566,7 +579,7 @@ The template is rendered using the [render-template](https://github.com/chuhlomi
             bar: that
 
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v6
+        uses: peter-evans/create-pull-request@v5
         with:
           body: ${{ steps.template.outputs.result }}
 ```

docs/updating.md

@@ -1,23 +1,3 @@
-## Updating from `v5` to `v6`
-
-### Behaviour changes
-
-- The default values for `author` and `committer` have changed. See "What's new" below for details. If you are overriding the default values you will not be affected by this change.
-- On completion, the action now removes the temporary git remote configuration it adds when using `push-to-fork`. This should not affect you unless you were using the temporary configuration for some other purpose after the action completes.
-
-### What's new
-
-- Updated runtime to Node.js 20
-  - The action now requires a minimum version of [v2.308.0](https://github.com/actions/runner/releases/tag/v2.308.0) for the Actions runner. Update self-hosted runners to v2.308.0 or later to ensure compatibility.
-- The default value for `author` has been changed to `${{ github.actor }} <${{ github.actor_id }}+${{ github.actor }}@users.noreply.github.com>`. The change adds the `${{ github.actor_id }}+` prefix to the email address to align with GitHub's standard format for the author email address.
-- The default value for `committer` has been changed to `github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>`. This is to align with the default GitHub Actions bot user account.
-- Adds input `git-token`, the [Personal Access Token (PAT)](https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token) that the action will use for git operations. This input defaults to the value of `token`. Use this input if you would like the action to use a different token for git operations than the one used for the GitHub API.
-- `push-to-fork` now supports pushing to sibling repositories in the same network.
-- Previously, when using `push-to-fork`, the action did not remove temporary git remote configuration it adds during execution. This has been fixed and the configuration is now removed when the action completes.
-- If the pull request body is truncated due to exceeding the maximum length, the action will now suffix the body with the message "...*[Pull request body truncated]*" to indicate that the body has been truncated.
-- The action now uses `--unshallow` only when necessary, rather than as a default argument of `git fetch`. This should improve performance, particularly for large git repositories with extensive commit history.
-- The action can now be executed on one GitHub server and create pull requests on a *different* GitHub server. Server products include GitHub hosted (github.com), GitHub Enterprise Server (GHES), and GitHub Enterprise Cloud (GHEC). For example, the action can be executed on GitHub hosted and create pull requests on a GHES or GHEC instance.
-
 ## Updating from `v4` to `v5`
 
 ### Behaviour changes

package.json

@@ -1,6 +1,6 @@
 {
   "name": "create-pull-request",
-  "version": "6.0.0",
+  "version": "5.0.0",
   "private": true,
   "description": "Creates a pull request for changes to your repository in the actions workspace",
   "main": "lib/main.js",
@@ -31,33 +31,30 @@
   "dependencies": {
     "@actions/core": "^1.10.1",
     "@actions/exec": "^1.1.1",
-    "@octokit/core": "^6.1.2",
-    "@octokit/plugin-paginate-rest": "^11.3.3",
-    "@octokit/plugin-rest-endpoint-methods": "^13.2.4",
-    "@octokit/plugin-throttling": "^9.3.1",
-    "p-limit": "^6.1.0",
+    "@octokit/core": "^4.2.4",
+    "@octokit/plugin-paginate-rest": "^5.0.1",
+    "@octokit/plugin-rest-endpoint-methods": "^6.8.1",
+    "https-proxy-agent": "^5.0.1",
     "proxy-from-env": "^1.1.0",
-    "undici": "^6.19.7",
     "uuid": "^9.0.1"
   },
   "devDependencies": {
-    "@types/jest": "^29.5.12",
-    "@types/node": "^18.19.44",
-    "@typescript-eslint/eslint-plugin": "^7.17.0",
-    "@typescript-eslint/parser": "^7.17.0",
+    "@types/jest": "^29.5.11",
+    "@types/node": "^18.19.3",
+    "@typescript-eslint/parser": "^5.62.0",
     "@vercel/ncc": "^0.38.1",
-    "eslint": "^8.57.0",
+    "eslint": "^8.56.0",
     "eslint-import-resolver-typescript": "^3.6.1",
-    "eslint-plugin-github": "^4.10.2",
+    "eslint-plugin-github": "^4.10.1",
     "eslint-plugin-import": "^2.29.1",
-    "eslint-plugin-jest": "^27.9.0",
-    "eslint-plugin-prettier": "^5.2.1",
+    "eslint-plugin-jest": "^27.6.0",
+    "eslint-plugin-prettier": "^5.1.2",
     "jest": "^29.7.0",
     "jest-circus": "^29.7.0",
     "jest-environment-jsdom": "^29.7.0",
     "js-yaml": "^4.1.0",
-    "prettier": "^3.3.3",
-    "ts-jest": "^29.2.4",
-    "typescript": "^5.5.4"
+    "prettier": "^3.1.1",
+    "ts-jest": "^29.1.1",
+    "typescript": "^4.9.5"
   }
 }

src/create-or-update-branch.ts

@@ -1,13 +1,11 @@
 import * as core from '@actions/core'
-import {GitCommandManager, Commit} from './git-command-manager'
+import {GitCommandManager} from './git-command-manager'
 import {v4 as uuidv4} from 'uuid'
 
 const CHERRYPICK_EMPTY =
   'The previous cherry-pick is now empty, possibly due to conflict resolution.'
 const NOTHING_TO_COMMIT = 'nothing to commit, working tree clean'
 
-const FETCH_DEPTH_MARGIN = 10
-
 export enum WorkingBaseType {
   Branch = 'branch',
   Commit = 'commit'
@@ -33,13 +31,11 @@ export async function getWorkingBaseAndType(
 export async function tryFetch(
   git: GitCommandManager,
   remote: string,
-  branch: string,
-  depth: number
+  branch: string
 ): Promise<boolean> {
   try {
     await git.fetch([`${branch}:refs/remotes/${remote}/${branch}`], remote, [
-      '--force',
-      `--depth=${depth}`
+      '--force'
     ])
     return true
   } catch {
@@ -47,24 +43,6 @@ export async function tryFetch(
   }
 }
 
-export async function buildBranchCommits(
-  git: GitCommandManager,
-  base: string,
-  branch: string
-): Promise<Commit[]> {
-  const output = await git.exec(['log', '--format=%H', `${base}..${branch}`])
-  const shas = output.stdout
-    .split('\n')
-    .filter(x => x !== '')
-    .reverse()
-  const commits: Commit[] = []
-  for (const sha of shas) {
-    const commit = await git.getCommit(sha)
-    commits.push(commit)
-  }
-  return commits
-}
-
 // Return the number of commits that branch2 is ahead of branch1
 async function commitsAhead(
   git: GitCommandManager,
@@ -132,9 +110,7 @@ interface CreateOrUpdateBranchResult {
   action: string
   base: string
   hasDiffWithBase: boolean
-  baseSha: string
   headSha: string
-  branchCommits: Commit[]
 }
 
 export async function createOrUpdateBranch(
@@ -144,8 +120,7 @@ export async function createOrUpdateBranch(
   branch: string,
   branchRemoteName: string,
   signoff: boolean,
-  addPaths: string[],
-  signCommits: boolean = false
+  addPaths: string[]
 ): Promise<CreateOrUpdateBranchResult> {
   // Get the working base.
   // When a ref, it may or may not be the actual base.
@@ -165,9 +140,7 @@ export async function createOrUpdateBranch(
     action: 'none',
     base: base,
     hasDiffWithBase: false,
-    baseSha: '',
-    headSha: '',
-    branchCommits: []
+    headSha: ''
   }
 
   // Save the working base changes to a temporary branch
@@ -200,12 +173,24 @@ export async function createOrUpdateBranch(
   // Stash any uncommitted tracked and untracked changes
   const stashed = await git.stashPush(['--include-untracked'])
 
-  // Reset the working base
+  // Perform fetch and reset the working base
   // Commits made during the workflow will be removed
   if (workingBaseType == WorkingBaseType.Branch) {
     core.info(`Resetting working base branch '${workingBase}'`)
-    await git.checkout(workingBase)
-    await git.exec(['reset', '--hard', `${baseRemote}/${workingBase}`])
+    if (branchRemoteName == 'fork') {
+      // If pushing to a fork we must fetch with 'unshallow' to avoid the following error on git push
+      // ! [remote rejected] HEAD -> tests/push-branch-to-fork (shallow update not allowed)
+      await git.fetch(
+        [`${workingBase}:${workingBase}`],
+        baseRemote,
+        ['--force'],
+        true
+      )
+    } else {
+      // If the remote is 'origin' we can git reset
+      await git.checkout(workingBase)
+      await git.exec(['reset', '--hard', `${baseRemote}/${workingBase}`])
+    }
   }
 
   // If the working base is not the base, rebase the temp branch commits
@@ -214,13 +199,8 @@ export async function createOrUpdateBranch(
     core.info(
       `Rebasing commits made to ${workingBaseType} '${workingBase}' on to base branch '${base}'`
     )
-    const fetchArgs = ['--force']
-    if (branchRemoteName != 'fork') {
-      // If pushing to a fork we cannot shallow fetch otherwise the 'shallow update not allowed' error occurs
-      fetchArgs.push('--depth=1')
-    }
     // Checkout the actual base
-    await git.fetch([`${base}:${base}`], baseRemote, fetchArgs)
+    await git.fetch([`${base}:${base}`], baseRemote, ['--force'])
     await git.checkout(base)
     // Cherrypick commits from the temporary branch starting from the working base
     const commits = await git.revList(
@@ -239,18 +219,11 @@ export async function createOrUpdateBranch(
     // Reset the temp branch to the working index
     await git.checkout(tempBranch, 'HEAD')
     // Reset the base
-    await git.fetch([`${base}:${base}`], baseRemote, fetchArgs)
+    await git.fetch([`${base}:${base}`], baseRemote, ['--force'])
   }
 
-  // Determine the fetch depth for the pull request branch (best effort)
-  const tempBranchCommitsAhead = await commitsAhead(git, base, tempBranch)
-  const fetchDepth =
-    tempBranchCommitsAhead > 0
-      ? tempBranchCommitsAhead + FETCH_DEPTH_MARGIN
-      : FETCH_DEPTH_MARGIN
-
   // Try to fetch the pull request branch
-  if (!(await tryFetch(git, branchRemoteName, branch, fetchDepth))) {
+  if (!(await tryFetch(git, branchRemoteName, branch))) {
     // The pull request branch does not exist
     core.info(`Pull request branch '${branch}' does not exist yet.`)
     // Create the pull request branch
@@ -284,6 +257,7 @@ export async function createOrUpdateBranch(
     //   temp branch. This catches a case where the base branch has been force pushed to
     //   a new commit.
     // For changes on base this reset is equivalent to a rebase of the pull request branch.
+    const tempBranchCommitsAhead = await commitsAhead(git, base, tempBranch)
     const branchCommitsAhead = await commitsAhead(git, base, branch)
     if (
       (await git.hasDiff([`${branch}..${tempBranch}`])) ||
@@ -312,15 +286,8 @@ export async function createOrUpdateBranch(
     result.hasDiffWithBase = await isAhead(git, base, branch)
   }
 
-  // Get the base and head SHAs
-  result.baseSha = await git.revParse(base)
-  result.headSha = await git.revParse(branch)
-
-  // NOTE: This could always be built and returned. Maybe remove when there is confidence in buildBranchCommits.
-  if (signCommits) {
-    // Build the branch commits
-    result.branchCommits = await buildBranchCommits(git, base, branch)
-  }
+  // Get the pull request branch SHA
+  result.headSha = await git.revParse('HEAD')
 
   // Delete the temporary branch
   await git.exec(['branch', '--delete', '--force', tempBranch])

src/create-pull-request.ts

@@ -23,7 +23,6 @@ export interface Inputs {
   branchSuffix: string
   base: string
   pushToFork: string
-  signCommits: boolean
   title: string
   body: string
   bodyPath: string
@@ -33,7 +32,6 @@ export interface Inputs {
   teamReviewers: string[]
   milestone: number
   draft: boolean
-  maintainerCanModify: boolean
 }
 
 export async function createPullRequest(inputs: Inputs): Promise<void> {
@@ -47,9 +45,8 @@ export async function createPullRequest(inputs: Inputs): Promise<void> {
 
     core.startGroup('Determining the base and head repositories')
     const baseRemote = gitConfigHelper.getGitRemote()
-    // Init the GitHub clients
-    const ghBranch = new GitHubHelper(baseRemote.hostname, inputs.gitToken)
-    const ghPull = new GitHubHelper(baseRemote.hostname, inputs.token)
+    // Init the GitHub client
+    const githubHelper = new GitHubHelper(baseRemote.hostname, inputs.token)
     // Determine the head repository; the target for the pull request branch
     const branchRemoteName = inputs.pushToFork ? 'fork' : 'origin'
     const branchRepository = inputs.pushToFork
@@ -60,11 +57,11 @@ export async function createPullRequest(inputs: Inputs): Promise<void> {
       core.info(
         `Checking if '${branchRepository}' is a fork of '${baseRemote.repository}'`
       )
-      const baseParentRepository = await ghBranch.getRepositoryParent(
+      const baseParentRepository = await githubHelper.getRepositoryParent(
         baseRemote.repository
       )
       const branchParentRepository =
-        await ghBranch.getRepositoryParent(branchRepository)
+        await githubHelper.getRepositoryParent(branchRepository)
       if (branchParentRepository == null) {
         throw new Error(
           `Repository '${branchRepository}' is not a fork. Unable to continue.`
@@ -177,12 +174,6 @@ export async function createPullRequest(inputs: Inputs): Promise<void> {
     )
     core.endGroup()
 
-    // Action outputs
-    const outputs = new Map<string, string>()
-    outputs.set('pull-request-branch', inputs.branch)
-    outputs.set('pull-request-operation', 'none')
-    outputs.set('pull-request-commits-verified', 'false')
-
     // Create or update the pull request branch
     core.startGroup('Create or update the pull request branch')
     const result = await createOrUpdateBranch(
@@ -192,12 +183,8 @@ export async function createPullRequest(inputs: Inputs): Promise<void> {
       inputs.branch,
       branchRemoteName,
       inputs.signoff,
-      inputs.addPaths,
-      inputs.signCommits
+      inputs.addPaths
     )
-    outputs.set('pull-request-head-sha', result.headSha)
-    // Set the base. It would have been '' if not specified as an input
-    inputs.base = result.base
     core.endGroup()
 
     if (['created', 'updated'].includes(result.action)) {
@@ -205,50 +192,37 @@ export async function createPullRequest(inputs: Inputs): Promise<void> {
       core.startGroup(
         `Pushing pull request branch to '${branchRemoteName}/${inputs.branch}'`
       )
-      if (inputs.signCommits) {
-        // Create signed commits via the GitHub API
-        const stashed = await git.stashPush(['--include-untracked'])
-        await git.checkout(inputs.branch)
-        const pushSignedCommitsResult = await ghBranch.pushSignedCommits(
-          result.branchCommits,
-          result.baseSha,
-          repoPath,
-          branchRepository,
-          inputs.branch
-        )
-        outputs.set('pull-request-head-sha', pushSignedCommitsResult.sha)
-        outputs.set(
-          'pull-request-commits-verified',
-          pushSignedCommitsResult.verified.toString()
-        )
-        await git.checkout('-')
-        if (stashed) {
-          await git.stashPop()
-        }
-      } else {
-        await git.push([
-          '--force-with-lease',
-          branchRemoteName,
-          `${inputs.branch}:refs/heads/${inputs.branch}`
-        ])
-      }
+      await git.push([
+        '--force-with-lease',
+        branchRemoteName,
+        `${inputs.branch}:refs/heads/${inputs.branch}`
+      ])
       core.endGroup()
     }
 
+    // Set the base. It would have been '' if not specified as an input
+    inputs.base = result.base
+
     if (result.hasDiffWithBase) {
+      // Create or update the pull request
       core.startGroup('Create or update the pull request')
-      const pull = await ghPull.createOrUpdatePullRequest(
+      const pull = await githubHelper.createOrUpdatePullRequest(
         inputs,
         baseRemote.repository,
         branchRepository
       )
-      outputs.set('pull-request-number', pull.number.toString())
-      outputs.set('pull-request-url', pull.html_url)
+      core.endGroup()
+
+      // Set outputs
+      core.startGroup('Setting outputs')
+      core.setOutput('pull-request-number', pull.number)
+      core.setOutput('pull-request-url', pull.html_url)
       if (pull.created) {
-        outputs.set('pull-request-operation', 'created')
+        core.setOutput('pull-request-operation', 'created')
       } else if (result.action == 'updated') {
-        outputs.set('pull-request-operation', 'updated')
+        core.setOutput('pull-request-operation', 'updated')
       }
+      core.setOutput('pull-request-head-sha', result.headSha)
       // Deprecated
       core.exportVariable('PULL_REQUEST_NUMBER', pull.number)
       core.endGroup()
@@ -267,18 +241,13 @@ export async function createPullRequest(inputs: Inputs): Promise<void> {
             branchRemoteName,
             `refs/heads/${inputs.branch}`
           ])
-          outputs.set('pull-request-operation', 'closed')
+          // Set outputs
+          core.startGroup('Setting outputs')
+          core.setOutput('pull-request-operation', 'closed')
+          core.endGroup()
         }
       }
     }
-
-    // Set outputs
-    core.startGroup('Setting outputs')
-    for (const [key, value] of outputs) {
-      core.info(`${key} = ${value}`)
-      core.setOutput(key, value)
-    }
-    core.endGroup()
   } catch (error) {
     core.setFailed(utils.getErrorMessage(error))
   } finally {

src/git-command-manager.ts

@@ -5,19 +5,6 @@ import * as path from 'path'
 
 const tagsRefSpec = '+refs/tags/*:refs/tags/*'
 
-export type Commit = {
-  sha: string
-  tree: string
-  parents: string[]
-  subject: string
-  body: string
-  changes: {
-    mode: string
-    status: 'A' | 'M' | 'D'
-    path: string
-  }[]
-}
-
 export class GitCommandManager {
   private gitPath: string
   private workingDirectory: string
@@ -151,43 +138,6 @@ export class GitCommandManager {
     await this.exec(args)
   }
 
-  async getCommit(ref: string): Promise<Commit> {
-    const endOfBody = '###EOB###'
-    const output = await this.exec([
-      'show',
-      '--raw',
-      '--cc',
-      '--diff-filter=AMD',
-      `--format=%H%n%T%n%P%n%s%n%b%n${endOfBody}`,
-      ref
-    ])
-    const lines = output.stdout.split('\n')
-    const endOfBodyIndex = lines.lastIndexOf(endOfBody)
-    const detailLines = lines.slice(0, endOfBodyIndex)
-
-    return <Commit>{
-      sha: detailLines[0],
-      tree: detailLines[1],
-      parents: detailLines[2].split(' '),
-      subject: detailLines[3],
-      body: detailLines.slice(4, endOfBodyIndex).join('\n'),
-      changes: lines.slice(endOfBodyIndex + 2, -1).map(line => {
-        const change = line.match(
-          /^:(\d{6}) (\d{6}) \w{7} \w{7} ([AMD])\s+(.*)$/
-        )
-        if (change) {
-          return {
-            mode: change[3] === 'D' ? change[1] : change[2],
-            status: change[3],
-            path: change[4]
-          }
-        } else {
-          throw new Error(`Unexpected line format: ${line}`)
-        }
-      })
-    }
-  }
-
   async getConfigValue(configKey: string, configValue = '.'): Promise<string> {
     const output = await this.exec([
       'config',

src/github-helper.ts

@@ -1,16 +1,10 @@
 import * as core from '@actions/core'
 import {Inputs} from './create-pull-request'
-import {Commit} from './git-command-manager'
-import {Octokit, OctokitOptions, throttleOptions} from './octokit-client'
-import pLimit from 'p-limit'
+import {Octokit, OctokitOptions} from './octokit-client'
 import * as utils from './utils'
 
-const ERROR_PR_ALREADY_EXISTS = 'A pull request already exists for'
 const ERROR_PR_REVIEW_TOKEN_SCOPE =
   'Validation Failed: "Could not resolve to a node with the global id of'
-const ERROR_PR_FORK_COLLAB = `Fork collab can't be granted by someone without permission`
-
-const blobCreationLimit = pLimit(8)
 
 interface Repository {
   owner: string
@@ -23,18 +17,6 @@ interface Pull {
   created: boolean
 }
 
-interface CommitResponse {
-  sha: string
-  verified: boolean
-}
-
-type TreeObject = {
-  path: string
-  mode: '100644' | '100755' | '040000' | '160000' | '120000'
-  sha: string | null
-  type: 'blob'
-}
-
 export class GitHubHelper {
   private octokit: InstanceType<typeof Octokit>
 
@@ -48,7 +30,6 @@ export class GitHubHelper {
     } else {
       options.baseUrl = 'https://api.github.com'
     }
-    options.throttle = throttleOptions
     this.octokit = new Octokit(options)
   }
 
@@ -67,6 +48,7 @@ export class GitHubHelper {
   ): Promise<Pull> {
     const [headOwner] = headRepository.split('/')
     const headBranch = `${headOwner}:${inputs.branch}`
+    const headBranchFull = `${headRepository}:${inputs.branch}`
 
     // Try to create the pull request
     try {
@@ -78,8 +60,7 @@ export class GitHubHelper {
         head_repo: headRepository,
         base: inputs.base,
         body: inputs.body,
-        draft: inputs.draft,
-        maintainer_can_modify: inputs.maintainerCanModify
+        draft: inputs.draft
       })
       core.info(
         `Created pull request #${pull.number} (${headBranch} => ${inputs.base})`
@@ -90,17 +71,10 @@ export class GitHubHelper {
         created: true
       }
     } catch (e) {
-      const errorMessage = utils.getErrorMessage(e)
-      if (errorMessage.includes(ERROR_PR_ALREADY_EXISTS)) {
+      if (
+        utils.getErrorMessage(e).includes(`A pull request already exists for`)
+      ) {
         core.info(`A pull request already exists for ${headBranch}`)
-      } else if (errorMessage.includes(ERROR_PR_FORK_COLLAB)) {
-        core.warning(
-          'An attempt was made to create a pull request using a token that does not have write access to the head branch.'
-        )
-        core.warning(
-          `For this case, set input 'maintainer-can-modify' to 'false' to allow pull request creation.`
-        )
-        throw e
       } else {
         throw e
       }
@@ -111,7 +85,7 @@ export class GitHubHelper {
     const {data: pulls} = await this.octokit.rest.pulls.list({
       ...this.parseRepository(baseRepository),
       state: 'open',
-      head: headBranch,
+      head: headBranchFull,
       base: inputs.base
     })
     core.info(`Attempting update of pull request`)
@@ -211,121 +185,4 @@ export class GitHubHelper {
 
     return pull
   }
-
-  async pushSignedCommits(
-    branchCommits: Commit[],
-    baseSha: string,
-    repoPath: string,
-    branchRepository: string,
-    branch: string
-  ): Promise<CommitResponse> {
-    let headCommit: CommitResponse = {
-      sha: baseSha,
-      verified: false
-    }
-    for (const commit of branchCommits) {
-      headCommit = await this.createCommit(
-        commit,
-        [headCommit.sha],
-        repoPath,
-        branchRepository
-      )
-    }
-    await this.createOrUpdateRef(branchRepository, branch, headCommit.sha)
-    return headCommit
-  }
-
-  private async createCommit(
-    commit: Commit,
-    parents: string[],
-    repoPath: string,
-    branchRepository: string
-  ): Promise<CommitResponse> {
-    const repository = this.parseRepository(branchRepository)
-    let treeSha = commit.tree
-    if (commit.changes.length > 0) {
-      core.info(`Creating tree objects for local commit ${commit.sha}`)
-      const treeObjects = await Promise.all(
-        commit.changes.map(async ({path, mode, status}) => {
-          let sha: string | null = null
-          if (status === 'A' || status === 'M') {
-            core.info(`Creating blob for file '${path}'`)
-            const {data: blob} = await blobCreationLimit(() =>
-              this.octokit.rest.git.createBlob({
-                ...repository,
-                content: utils.readFileBase64([repoPath, path]),
-                encoding: 'base64'
-              })
-            )
-            sha = blob.sha
-          }
-          return <TreeObject>{
-            path,
-            mode,
-            sha,
-            type: 'blob'
-          }
-        })
-      )
-      core.info(`Creating tree for local commit ${commit.sha}`)
-      const {data: tree} = await this.octokit.rest.git.createTree({
-        ...repository,
-        base_tree: parents[0],
-        tree: treeObjects
-      })
-      treeSha = tree.sha
-      core.info(`Created tree ${treeSha} for local commit ${commit.sha}`)
-    }
-
-    const {data: remoteCommit} = await this.octokit.rest.git.createCommit({
-      ...repository,
-      parents: parents,
-      tree: treeSha,
-      message: `${commit.subject}\n\n${commit.body}`
-    })
-    core.info(
-      `Created commit ${remoteCommit.sha} for local commit ${commit.sha}`
-    )
-    core.info(
-      `Commit verified: ${remoteCommit.verification.verified}; reason: ${remoteCommit.verification.reason}`
-    )
-    return {
-      sha: remoteCommit.sha,
-      verified: remoteCommit.verification.verified
-    }
-  }
-
-  private async createOrUpdateRef(
-    branchRepository: string,
-    branch: string,
-    newHead: string
-  ) {
-    const repository = this.parseRepository(branchRepository)
-    const branchExists = await this.octokit.rest.repos
-      .getBranch({
-        ...repository,
-        branch: branch
-      })
-      .then(
-        () => true,
-        () => false
-      )
-
-    if (branchExists) {
-      core.info(`Branch ${branch} exists; Updating ref`)
-      await this.octokit.rest.git.updateRef({
-        ...repository,
-        sha: newHead,
-        ref: `heads/${branch}`,
-        force: true
-      })
-    } else {
-      core.info(`Branch ${branch} does not exist; Creating ref`)
-      await this.octokit.rest.git.createRef({
-        ...repository,
-        sha: newHead,
-        ref: `refs/heads/${branch}`
-      })
-    }
-  }
 }

src/main.ts

@@ -19,7 +19,6 @@ async function run(): Promise<void> {
       branchSuffix: core.getInput('branch-suffix'),
       base: core.getInput('base'),
       pushToFork: core.getInput('push-to-fork'),
-      signCommits: core.getBooleanInput('sign-commits'),
       title: core.getInput('title'),
       body: core.getInput('body'),
       bodyPath: core.getInput('body-path'),
@@ -28,8 +27,7 @@ async function run(): Promise<void> {
       reviewers: utils.getInputAsArray('reviewers'),
       teamReviewers: utils.getInputAsArray('team-reviewers'),
       milestone: Number(core.getInput('milestone')),
-      draft: core.getBooleanInput('draft'),
-      maintainerCanModify: core.getBooleanInput('maintainer-can-modify')
+      draft: core.getBooleanInput('draft')
     }
     core.debug(`Inputs: ${inspect(inputs)}`)
 

src/octokit-client.ts

@@ -1,55 +1,23 @@
-import * as core from '@actions/core'
-import {Octokit as OctokitCore} from '@octokit/core'
+import {Octokit as Core} from '@octokit/core'
 import {paginateRest} from '@octokit/plugin-paginate-rest'
 import {restEndpointMethods} from '@octokit/plugin-rest-endpoint-methods'
-import {throttling} from '@octokit/plugin-throttling'
+import {HttpsProxyAgent} from 'https-proxy-agent'
 import {getProxyForUrl} from 'proxy-from-env'
-import {ProxyAgent, fetch as undiciFetch} from 'undici'
 export {RestEndpointMethodTypes} from '@octokit/plugin-rest-endpoint-methods'
-// eslint-disable-next-line import/no-unresolved
 export {OctokitOptions} from '@octokit/core/dist-types/types'
 
-export const Octokit = OctokitCore.plugin(
+export const Octokit = Core.plugin(
   paginateRest,
   restEndpointMethods,
-  throttling,
   autoProxyAgent
 )
 
-export const throttleOptions = {
-  onRateLimit: (retryAfter, options, _, retryCount) => {
-    core.debug(`Hit rate limit for request ${options.method} ${options.url}`)
-    // Retries twice for a total of three attempts
-    if (retryCount < 2) {
-      core.debug(`Retrying after ${retryAfter} seconds!`)
-      return true
-    }
-  },
-  onSecondaryRateLimit: (retryAfter, options) => {
-    core.warning(
-      `Hit secondary rate limit for request ${options.method} ${options.url}`
-    )
-    core.warning(`Requests may be retried after ${retryAfter} seconds.`)
-  }
-}
-
-const proxyFetch =
-  (proxyUrl: string): typeof undiciFetch =>
-  (url, opts) => {
-    return undiciFetch(url, {
-      ...opts,
-      dispatcher: new ProxyAgent({
-        uri: proxyUrl
-      })
-    })
-  }
-
 // Octokit plugin to support the standard environment variables http_proxy, https_proxy and no_proxy
-function autoProxyAgent(octokit: OctokitCore) {
+function autoProxyAgent(octokit: Core) {
   octokit.hook.before('request', options => {
     const proxy = getProxyForUrl(options.baseUrl)
     if (proxy) {
-      options.request.fetch = proxyFetch(proxy)
+      options.request.agent = new HttpsProxyAgent(proxy)
     }
   })
 }

src/utils.ts

@@ -126,10 +126,6 @@ export function readFile(path: string): string {
   return fs.readFileSync(path, 'utf-8')
 }
 
-export function readFileBase64(pathParts: string[]): string {
-  return fs.readFileSync(path.resolve(...pathParts)).toString('base64')
-}
-
 /* eslint-disable  @typescript-eslint/no-explicit-any */
 function hasErrorCode(error: any): error is {code: string} {
   return typeof (error && error.code) === 'string'