build: update distribution (#1208)

Co-authored-by: peter-evans <peter-evans@users.noreply.github.com>

.eslintrc.json

@@ -9,11 +9,15 @@
     "plugin:import/errors",
     "plugin:import/warnings",
     "plugin:import/typescript",
-    "plugin:prettier/recommended",
-    "prettier/@typescript-eslint"
+    "plugin:prettier/recommended"
   ],
   "plugins": ["@typescript-eslint"],
   "rules": {
     "@typescript-eslint/camelcase": "off"
+  },
+  "settings": {
+    "import/resolver": {
+      "typescript": {}
+    }
   }
 }

.github/dependabot.yml

@@ -0,0 +1,8 @@
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    labels:
+      - "dependencies"

.github/workflows/ci.yml

@@ -1,12 +1,12 @@
 name: CI
 on:
   push:
-    branches: [master]
+    branches: [main]
     paths-ignore:
       - 'README.md'
       - 'docs/**'
   pull_request:
-    branches: [master]
+    branches: [main]
     paths-ignore:
       - 'README.md'
       - 'docs/**'
@@ -14,23 +14,21 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-node@v1
+      - uses: actions/checkout@v3
+      - uses: actions/setup-node@v3
         with:
-          node-version: 12.x
-      - uses: actions/setup-python@v2
-        with:
-          python-version: '3.x'
+          node-version: 16.x
+          cache: npm
       - run: npm ci
       - run: npm run build
       - run: npm run format-check
       - run: npm run lint
       - run: npm run test
-      - uses: actions/upload-artifact@v2
+      - uses: actions/upload-artifact@v3
         with:
           name: dist
           path: dist
-      - uses: actions/upload-artifact@v2
+      - uses: actions/upload-artifact@v3
         with:
           name: action.yml
           path: action.yml
@@ -43,16 +41,16 @@ jobs:
       matrix:
         target: [built, committed]
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
         with:
-          ref: master
+          ref: main
       - if: matrix.target == 'built' || github.event_name == 'pull_request'
-        uses: actions/download-artifact@v2
+        uses: actions/download-artifact@v3
         with:
           name: dist
           path: dist
       - if: matrix.target == 'built' || github.event_name == 'pull_request'
-        uses: actions/download-artifact@v2
+        uses: actions/download-artifact@v3
         with:
           name: action.yml
           path: .
@@ -77,7 +75,7 @@ jobs:
           branch: ci-test-${{ matrix.target }}
 
       - name: Close Pull
-        uses: peter-evans/close-pull@v1
+        uses: peter-evans/close-pull@v2
         with:
           pull-request-number: ${{ steps.cpr.outputs.pull-request-number }}
           comment: '[CI] test ${{ matrix.target }}'
@@ -89,7 +87,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Find Comment
-        uses: peter-evans/find-comment@v1
+        uses: peter-evans/find-comment@v2
         id: fc
         with:
           issue-number: ${{ github.event.number }}
@@ -98,7 +96,7 @@ jobs:
 
       - if: steps.fc.outputs.comment-id == ''
         name: Create comment
-        uses: peter-evans/create-or-update-comment@v1
+        uses: peter-evans/create-or-update-comment@v2
         with:
           issue-number: ${{ github.event.number }}
           body: |
@@ -108,22 +106,22 @@ jobs:
             ```
 
   package:
-    if: github.event_name == 'push' && github.ref == 'refs/heads/master'
+    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
     needs: [test]
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/download-artifact@v2
+      - uses: actions/checkout@v3
+      - uses: actions/download-artifact@v3
         with:
           name: dist
           path: dist
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v3
+        uses: peter-evans/create-pull-request@v4
         with:
           commit-message: 'build: update distribution'
           title: Update distribution
           body: |
-            - Updates the distribution for changes on `master`
+            - Updates the distribution for changes on `main`
 
             Auto-generated by [create-pull-request][1]
 

.github/workflows/cpr-example-command.yml

@@ -6,7 +6,7 @@ jobs:
   createPullRequest:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
 
       - name: Make changes to pull request
         run: date +%s > report.txt
@@ -42,7 +42,7 @@ jobs:
           echo "Pull Request URL - ${{ steps.cpr.outputs.pull-request-url }}"
 
       - name: Add reaction
-        uses: peter-evans/create-or-update-comment@v1
+        uses: peter-evans/create-or-update-comment@v2
         with:
           repository: ${{ github.event.client_payload.github.payload.repository.full_name }}
           comment-id: ${{ github.event.client_payload.github.payload.comment.id }}

.github/workflows/slash-command-dispatch.yml

@@ -7,7 +7,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Slash Command Dispatch
-        uses: peter-evans/slash-command-dispatch@v2
+        uses: peter-evans/slash-command-dispatch@v3
         with:
           token: ${{ secrets.ACTIONS_BOT_TOKEN }}
           config: >

.github/workflows/update-dep.yml

@@ -1,31 +0,0 @@
-name: Update Dependencies
-on:
-  schedule:
-    - cron:  '0 1 * * 4'
-jobs:
-  update-dep:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-node@v1
-        with:
-          node-version: '12.x'
-      - name: Update dependencies
-        run: |
-          npx -p npm-check-updates ncu -u
-          npm install
-      - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v3
-        with:
-            token: ${{ secrets.ACTIONS_BOT_TOKEN }}
-            commit-message: 'chore: update dependencies'
-            committer: GitHub <noreply@github.com>
-            author: actions-bot <actions-bot@users.noreply.github.com>
-            title: Update dependencies
-            body: |
-              - Dependency updates
-  
-              Auto-generated by [create-pull-request][1]
-  
-              [1]: https://github.com/peter-evans/create-pull-request
-            branch: update-dependencies

.gitignore

@@ -2,3 +2,4 @@ lib/
 node_modules/
 
 .DS_Store
+.idea

README.md

@@ -1,6 +1,6 @@
 # <img width="24" height="24" src="docs/assets/logo.svg"> Create Pull Request
 [![CI](https://github.com/peter-evans/create-pull-request/workflows/CI/badge.svg)](https://github.com/peter-evans/create-pull-request/actions?query=workflow%3ACI)
-[![GitHub Marketplace](https://img.shields.io/badge/Marketplace-Create%20Pull%20Request-blue.svg?colorA=24292e&colorB=0366d6&style=flat&longCache=true&logo=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAA4AAAAOCAYAAAAfSC3RAAAABHNCSVQICAgIfAhkiAAAAAlwSFlzAAAM6wAADOsB5dZE0gAAABl0RVh0U29mdHdhcmUAd3d3Lmlua3NjYXBlLm9yZ5vuPBoAAAERSURBVCiRhZG/SsMxFEZPfsVJ61jbxaF0cRQRcRJ9hlYn30IHN/+9iquDCOIsblIrOjqKgy5aKoJQj4O3EEtbPwhJbr6Te28CmdSKeqzeqr0YbfVIrTBKakvtOl5dtTkK+v4HfA9PEyBFCY9AGVgCBLaBp1jPAyfAJ/AAdIEG0dNAiyP7+K1qIfMdonZic6+WJoBJvQlvuwDqcXadUuqPA1NKAlexbRTAIMvMOCjTbMwl1LtI/6KWJ5Q6rT6Ht1MA58AX8Apcqqt5r2qhrgAXQC3CZ6i1+KMd9TRu3MvA3aH/fFPnBodb6oe6HM8+lYHrGdRXW8M9bMZtPXUji69lmf5Cmamq7quNLFZXD9Rq7v0Bpc1o/tp0fisAAAAASUVORK5CYII=)](https://github.com/marketplace/actions/create-pull-request)
+[![GitHub Marketplace](https://img.shields.io/badge/Marketplace-Create%20Pull%20Request-blue.svg?colorA=24292e&colorB=0366d6&style=flat&longCache=true&logo=github)](https://github.com/marketplace/actions/create-pull-request)
 
 A GitHub action to create a pull request for changes to your repository in the actions workspace.
 
@@ -21,20 +21,27 @@ Create Pull Request action will:
 
 - [Concepts, guidelines and advanced usage](docs/concepts-guidelines.md)
 - [Examples](docs/examples.md)
-- [Updating to v3](docs/updating.md)
+- [Updating to v4](docs/updating.md)
 
 ## Usage
 
 ```yml
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
 
       # Make changes to pull request here
 
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v3
+        uses: peter-evans/create-pull-request@v4
 ```
 
-You can also pin to a [specific release](https://github.com/peter-evans/create-pull-request/releases) version in the format `@v3.x.x`
+You can also pin to a [specific release](https://github.com/peter-evans/create-pull-request/releases) version in the format `@v4.x.x`
+
+### Workflow permissions
+
+For this action to work you must explicitly allow GitHub Actions to create pull requests.
+This setting can be found in a repository's settings under Actions > General > Workflow permissions.
+
+For repositories belonging to an organization, this setting can be managed by admins in organization settings under Actions > General > Workflow permissions.
 
 ### Action inputs
 
@@ -44,8 +51,9 @@ All inputs are **optional**. If not set, sensible defaults will be used.
 
 | Name | Description | Default |
 | --- | --- | --- |
-| `token` | `GITHUB_TOKEN` or a `repo` scoped [Personal Access Token (PAT)](https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token). | `GITHUB_TOKEN` |
+| `token` | `GITHUB_TOKEN` (permissions `contents: write` and `pull-requests: write`) or a `repo` scoped [Personal Access Token (PAT)](https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token). | `GITHUB_TOKEN` |
 | `path` | Relative path under `GITHUB_WORKSPACE` to the repository. | `GITHUB_WORKSPACE` |
+| `add-paths` | A comma or newline-separated list of file paths to commit. Paths should follow git's [pathspec](https://git-scm.com/docs/gitglossary#Documentation/gitglossary.txt-aiddefpathspecapathspec) syntax. If no paths are specified, all new and modified files are added. See [Add specific paths](#add-specific-paths). | |
 | `commit-message` | The message to use when committing changes. | `[create-pull-request] automated change` |
 | `committer` | The committer name and email address in the format `Display Name <email@address.com>`. Defaults to the GitHub Actions bot user. | `GitHub <noreply@github.com>` |
 | `author` | The author name and email address in the format `Display Name <email@address.com>`. Defaults to the user who triggered the workflow run. | `${{ github.actor }} <${{ github.actor }}@users.noreply.github.com>` |
@@ -60,9 +68,17 @@ All inputs are **optional**. If not set, sensible defaults will be used.
 | `labels` | A comma or newline-separated list of labels. | |
 | `assignees` | A comma or newline-separated list of assignees (GitHub usernames). | |
 | `reviewers` | A comma or newline-separated list of reviewers (GitHub usernames) to request a review from. | |
-| `team-reviewers` | A comma or newline-separated list of GitHub teams to request a review from. Note that a `repo` scoped [PAT](https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token) may be required. See [this issue](https://github.com/peter-evans/create-pull-request/issues/155). | |
+| `team-reviewers` | A comma or newline-separated list of GitHub teams to request a review from. Note that a `repo` scoped [PAT](https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token) may be required. See [this issue](https://github.com/peter-evans/create-pull-request/issues/155). If using a GitHub App, refer to [Authenticating with GitHub App generated tokens](docs/concepts-guidelines.md#authenticating-with-github-app-generated-tokens) for the proper permissions. | |
 | `milestone` | The number of the milestone to associate this pull request with. | |
-| `draft` | Create a [draft pull request](https://docs.github.com/en/github/collaborating-with-issues-and-pull-requests/about-pull-requests#draft-pull-requests). | `false` |
+| `draft` | Create a [draft pull request](https://docs.github.com/en/github/collaborating-with-issues-and-pull-requests/about-pull-requests#draft-pull-requests). It is not possible to change draft status after creation except through the web interface. | `false` |
+
+For self-hosted runners behind a corporate proxy set the `https_proxy` environment variable.
+```yml
+      - name: Create Pull Request
+        uses: peter-evans/create-pull-request@v4
+        env:
+          https_proxy: http://<proxy_address>:<port>
+```
 
 ### Action outputs
 
@@ -71,6 +87,7 @@ The following outputs can be used by subsequent workflow steps.
 - `pull-request-number` - The pull request number.
 - `pull-request-url` - The URL of the pull request.
 - `pull-request-operation` - The pull request operation performed by the action, `created`, `updated` or `closed`.
+- `pull-request-head-sha` - The commit SHA of the pull request branch.
 
 Step outputs can be accessed as in the following example.
 Note that in order to read the step outputs the action step must have an id.
@@ -78,8 +95,9 @@ Note that in order to read the step outputs the action step must have an id.
 ```yml
       - name: Create Pull Request
         id: cpr
-        uses: peter-evans/create-pull-request@v3
+        uses: peter-evans/create-pull-request@v4
       - name: Check outputs
+        if: ${{ steps.cpr.outputs.pull-request-number }}
         run: |
           echo "Pull Request Number - ${{ steps.cpr.outputs.pull-request-number }}"
           echo "Pull Request URL - ${{ steps.cpr.outputs.pull-request-url }}"
@@ -95,7 +113,7 @@ How the action behaves:
 
 - If there are changes (i.e. a diff exists with the checked-out base branch), the changes will be pushed to a new `branch` and a pull request created.
 - If there are no changes (i.e. no diff exists with the checked-out base branch), no pull request will be created and the action exits silently.
-- If a pull request already exists and there are no further changes (i.e. no diff with the current pull request branch) then the action exits silently.
+- If a pull request already exists it will be updated if necessary. Local changes in the Actions workspace, or changes on the base branch, can cause an update. If no update is required the action exits silently.
 - If a pull request exists and new changes on the base branch make the pull request unnecessary (i.e. there is no longer a diff between the pull request branch and the base), the pull request is automatically closed. Additionally, if `delete-branch` is set to `true` the `branch` will be deleted.
 
 For further details about how the action works and usage guidelines, see [Concepts, guidelines and advanced usage](docs/concepts-guidelines.md).
@@ -113,14 +131,48 @@ To use this strategy, set input `branch-suffix` with one of the following option
 
 - `short-commit-hash` - Commits will be made to a branch suffixed with the short SHA1 commit hash. e.g. `create-pull-request/patch-fcdfb59`, `create-pull-request/patch-394710b`
 
-### Controlling commits
+### Controlling committed files
+
+The action defaults to adding all new and modified files.
+If there are files that should not be included in the pull request, you can use the following methods to control the committed content.
+
+#### Remove files
+
+The most straightforward way to handle unwanted files is simply to remove them in a step before the action runs.
+
+```yml
+      - run: |
+          rm -rf temp-dir
+          rm temp-file.txt
+```
+
+#### Ignore files
+
+If there are files or directories you want to ignore you can simply add them to a `.gitignore` file at the root of your repository. The action will respect this file.
+
+#### Add specific paths
+
+You can control which files are committed with the `add-paths` input.
+Paths should follow git's [pathspec](https://git-scm.com/docs/gitglossary#Documentation/gitglossary.txt-aiddefpathspecapathspec) syntax.
+All file changes that do not match one of the paths will be discarded.
+
+```yml
+      - name: Create Pull Request
+        uses: peter-evans/create-pull-request@v4
+        with:
+          add-paths: |
+            *.java
+            docs/*.md
+```
+
+#### Create your own commits
 
 As well as relying on the action to handle uncommitted changes, you can additionally make your own commits before the action runs.
 Note that the repository must be checked out on a branch with a remote, it won't work for [events which checkout a commit](docs/concepts-guidelines.md#events-which-checkout-a-commit).
 
 ```yml
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
       - name: Create commits
         run: |
           git config user.name 'Peter Evans'
@@ -133,13 +185,9 @@ Note that the repository must be checked out on a branch with a remote, it won't
       - name: Uncommitted change
         run: date +%s > report.txt
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v3
+        uses: peter-evans/create-pull-request@v4
 ```
 
-### Ignoring files
-
-If there are files or directories you want to ignore you can simply add them to a `.gitignore` file at the root of your repository. The action will respect this file.
-
 ### Create a project card
 
 To create a project card for the pull request, pass the `pull-request-number` step output to [create-or-update-project-card](https://github.com/peter-evans/create-or-update-project-card) action.
@@ -147,16 +195,22 @@ To create a project card for the pull request, pass the `pull-request-number` st
 ```yml
       - name: Create Pull Request
         id: cpr
-        uses: peter-evans/create-pull-request@v3
+        uses: peter-evans/create-pull-request@v4
 
       - name: Create or Update Project Card
-        uses: peter-evans/create-or-update-project-card@v1
+        if: ${{ steps.cpr.outputs.pull-request-number }}
+        uses: peter-evans/create-or-update-project-card@v2
         with:
           project-name: My project
           column-name: My column
           issue-number: ${{ steps.cpr.outputs.pull-request-number }}
 ```
 
+### Auto-merge
+
+Auto-merge can be enabled on a pull request allowing it to be automatically merged once requirements have been satisfied.
+See [enable-pull-request-automerge](https://github.com/peter-evans/enable-pull-request-automerge) action for usage details.
+
 ## Reference Example
 
 The following workflow sets many of the action's inputs for reference purposes.
@@ -169,14 +223,14 @@ jobs:
   createPullRequest:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
 
       - name: Make changes to pull request
         run: date +%s > report.txt
 
       - name: Create Pull Request
         id: cpr
-        uses: peter-evans/create-pull-request@v3
+        uses: peter-evans/create-pull-request@v4
         with:
           token: ${{ secrets.PAT }}
           commit-message: Update report
@@ -202,11 +256,6 @@ jobs:
             maintainers
           milestone: 1
           draft: false
-
-      - name: Check outputs
-        run: |
-          echo "Pull Request Number - ${{ steps.cpr.outputs.pull-request-number }}"
-          echo "Pull Request URL - ${{ steps.cpr.outputs.pull-request-url }}"
 ```
 
 An example based on the above reference configuration creates pull requests that look like this:

__test__/create-or-update-branch.int.test.ts

@@ -11,8 +11,8 @@ import {v4 as uuidv4} from 'uuid'
 const REPO_PATH = '/git/local/test-base'
 const REMOTE_NAME = 'origin'
 
-const TRACKED_FILE = 'tracked-file.txt'
-const UNTRACKED_FILE = 'untracked-file.txt'
+const TRACKED_FILE = 'a/tracked-file.txt'
+const UNTRACKED_FILE = 'b/untracked-file.txt'
 
 const DEFAULT_BRANCH = 'tests/master'
 const NOT_BASE_BRANCH = 'tests/branch-that-is-not-the-base'
@@ -25,9 +25,14 @@ const BASE = DEFAULT_BRANCH
 const FORK_REMOTE_URL = 'git://127.0.0.1/test-fork.git'
 const FORK_REMOTE_NAME = 'fork'
 
+const ADD_PATHS_DEFAULT = []
+const ADD_PATHS_MULTI = ['a', 'b']
+const ADD_PATHS_WILDCARD = ['a/*.txt', 'b/*.txt']
+
 async function createFile(filename: string, content?: string): Promise<string> {
   const _content = content ? content : uuidv4()
   const filepath = path.join(REPO_PATH, filename)
+  await fs.promises.mkdir(path.dirname(filepath), {recursive: true})
   await fs.promises.writeFile(filepath, _content, {encoding: 'utf8'})
   return _content
 }
@@ -220,7 +225,8 @@ describe('create-or-update-branch tests', () => {
       '',
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(result.action).toEqual('none')
     expect(await gitLogMatches([INIT_COMMIT_MESSAGE])).toBeTruthy()
@@ -236,7 +242,8 @@ describe('create-or-update-branch tests', () => {
       '',
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(result.action).toEqual('created')
     expect(await getFileContent(TRACKED_FILE)).toEqual(trackedContent)
@@ -263,7 +270,8 @@ describe('create-or-update-branch tests', () => {
       '',
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(_result.action).toEqual('updated')
     expect(_result.hasDiffWithBase).toBeTruthy()
@@ -283,7 +291,8 @@ describe('create-or-update-branch tests', () => {
       '',
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(result.action).toEqual('created')
     expect(await getFileContent(UNTRACKED_FILE)).toEqual(untrackedContent)
@@ -310,7 +319,8 @@ describe('create-or-update-branch tests', () => {
       '',
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(_result.action).toEqual('updated')
     expect(_result.hasDiffWithBase).toBeTruthy()
@@ -332,7 +342,8 @@ describe('create-or-update-branch tests', () => {
       '',
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(result.action).toEqual('created')
     expect(await getFileContent(TRACKED_FILE)).toEqual(changes.tracked)
@@ -360,7 +371,8 @@ describe('create-or-update-branch tests', () => {
       '',
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(_result.action).toEqual('not-updated')
     expect(await getFileContent(TRACKED_FILE)).toEqual(changes.tracked)
@@ -380,7 +392,8 @@ describe('create-or-update-branch tests', () => {
       '',
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(result.action).toEqual('created')
     expect(await getFileContent(TRACKED_FILE)).toEqual(changes.tracked)
@@ -416,7 +429,8 @@ describe('create-or-update-branch tests', () => {
       '',
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(_result.action).toEqual('updated')
     expect(_result.hasDiffWithBase).toBeTruthy()
@@ -446,7 +460,8 @@ describe('create-or-update-branch tests', () => {
       '',
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(result.action).toEqual('created')
     expect(await getFileContent(TRACKED_FILE)).toEqual(changes.tracked)
@@ -473,7 +488,8 @@ describe('create-or-update-branch tests', () => {
       '',
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(_result.action).toEqual('updated')
     expect(_result.hasDiffWithBase).toBeFalsy()
@@ -493,7 +509,8 @@ describe('create-or-update-branch tests', () => {
       '',
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(result.action).toEqual('created')
     expect(await getFileContent(TRACKED_FILE)).toEqual(changes.tracked)
@@ -532,7 +549,8 @@ describe('create-or-update-branch tests', () => {
       '',
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(_result.action).toEqual('updated')
     expect(_result.hasDiffWithBase).toBeFalsy()
@@ -558,7 +576,8 @@ describe('create-or-update-branch tests', () => {
       '',
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(result.action).toEqual('created')
     expect(await getFileContent(TRACKED_FILE)).toEqual(changes.tracked)
@@ -600,7 +619,8 @@ describe('create-or-update-branch tests', () => {
       '',
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(_result.action).toEqual('updated')
     expect(_result.hasDiffWithBase).toBeFalsy()
@@ -621,7 +641,8 @@ describe('create-or-update-branch tests', () => {
       '',
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(result.action).toEqual('created')
     expect(await getFileContent(TRACKED_FILE)).toEqual(commits.changes.tracked)
@@ -651,7 +672,8 @@ describe('create-or-update-branch tests', () => {
       '',
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(_result.action).toEqual('updated')
     expect(_result.hasDiffWithBase).toBeTruthy()
@@ -676,7 +698,8 @@ describe('create-or-update-branch tests', () => {
       '',
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(result.action).toEqual('created')
     expect(await getFileContent(TRACKED_FILE)).toEqual(changes.tracked)
@@ -710,7 +733,8 @@ describe('create-or-update-branch tests', () => {
       '',
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(_result.action).toEqual('updated')
     expect(_result.hasDiffWithBase).toBeTruthy()
@@ -737,7 +761,8 @@ describe('create-or-update-branch tests', () => {
       '',
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(result.action).toEqual('created')
     expect(await getFileContent(TRACKED_FILE)).toEqual(changes.tracked)
@@ -779,7 +804,8 @@ describe('create-or-update-branch tests', () => {
       '',
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(_result.action).toEqual('updated')
     expect(_result.hasDiffWithBase).toBeTruthy()
@@ -805,7 +831,8 @@ describe('create-or-update-branch tests', () => {
       '',
       BRANCH,
       FORK_REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(result.action).toEqual('created')
     expect(await getFileContent(TRACKED_FILE)).toEqual(changes.tracked)
@@ -833,7 +860,8 @@ describe('create-or-update-branch tests', () => {
       '',
       BRANCH,
       FORK_REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(_result.action).toEqual('updated')
     expect(_result.hasDiffWithBase).toBeTruthy()
@@ -854,7 +882,8 @@ describe('create-or-update-branch tests', () => {
       '',
       BRANCH,
       REMOTE_NAME,
-      true
+      true,
+      ADD_PATHS_DEFAULT
     )
     expect(result.action).toEqual('created')
     expect(await getFileContent(TRACKED_FILE)).toEqual(changes.tracked)
@@ -889,7 +918,8 @@ describe('create-or-update-branch tests', () => {
       '',
       BRANCH,
       REMOTE_NAME,
-      true
+      true,
+      ADD_PATHS_DEFAULT
     )
     expect(_result.action).toEqual('updated')
     expect(_result.hasDiffWithBase).toBeTruthy()
@@ -907,6 +937,125 @@ describe('create-or-update-branch tests', () => {
     )
   })
 
+  it('tests create and update with multiple add-paths', async () => {
+    // Create tracked and untracked file changes
+    const changes = await createChanges()
+    const commitMessage = uuidv4()
+    const result = await createOrUpdateBranch(
+      git,
+      commitMessage,
+      '',
+      BRANCH,
+      REMOTE_NAME,
+      false,
+      ADD_PATHS_MULTI
+    )
+    expect(result.action).toEqual('created')
+    expect(await getFileContent(TRACKED_FILE)).toEqual(changes.tracked)
+    expect(await getFileContent(UNTRACKED_FILE)).toEqual(changes.untracked)
+    expect(
+      await gitLogMatches([commitMessage, INIT_COMMIT_MESSAGE])
+    ).toBeTruthy()
+
+    // Push pull request branch to remote
+    await git.push([
+      '--force-with-lease',
+      REMOTE_NAME,
+      `HEAD:refs/heads/${BRANCH}`
+    ])
+
+    await afterTest(false)
+    await beforeTest()
+
+    // Create tracked and untracked file changes
+    const _changes = await createChanges()
+    const _commitMessage = uuidv4()
+    const _result = await createOrUpdateBranch(
+      git,
+      _commitMessage,
+      '',
+      BRANCH,
+      REMOTE_NAME,
+      false,
+      ADD_PATHS_MULTI
+    )
+    expect(_result.action).toEqual('updated')
+    expect(_result.hasDiffWithBase).toBeTruthy()
+    expect(await getFileContent(TRACKED_FILE)).toEqual(_changes.tracked)
+    expect(await getFileContent(UNTRACKED_FILE)).toEqual(_changes.untracked)
+    expect(
+      await gitLogMatches([_commitMessage, INIT_COMMIT_MESSAGE])
+    ).toBeTruthy()
+  })
+
+  it('tests create and update with wildcard add-paths', async () => {
+    // Create tracked and untracked file changes
+    const changes = await createChanges()
+    const commitMessage = uuidv4()
+    const result = await createOrUpdateBranch(
+      git,
+      commitMessage,
+      '',
+      BRANCH,
+      REMOTE_NAME,
+      false,
+      ADD_PATHS_WILDCARD
+    )
+    expect(result.action).toEqual('created')
+    expect(await getFileContent(TRACKED_FILE)).toEqual(changes.tracked)
+    expect(await getFileContent(UNTRACKED_FILE)).toEqual(changes.untracked)
+    expect(
+      await gitLogMatches([commitMessage, INIT_COMMIT_MESSAGE])
+    ).toBeTruthy()
+
+    // Push pull request branch to remote
+    await git.push([
+      '--force-with-lease',
+      REMOTE_NAME,
+      `HEAD:refs/heads/${BRANCH}`
+    ])
+
+    await afterTest(false)
+    await beforeTest()
+
+    // Create tracked and untracked file changes
+    const _changes = await createChanges()
+    const _commitMessage = uuidv4()
+    const _result = await createOrUpdateBranch(
+      git,
+      _commitMessage,
+      '',
+      BRANCH,
+      REMOTE_NAME,
+      false,
+      ADD_PATHS_WILDCARD
+    )
+    expect(_result.action).toEqual('updated')
+    expect(_result.hasDiffWithBase).toBeTruthy()
+    expect(await getFileContent(TRACKED_FILE)).toEqual(_changes.tracked)
+    expect(await getFileContent(UNTRACKED_FILE)).toEqual(_changes.untracked)
+    expect(
+      await gitLogMatches([_commitMessage, INIT_COMMIT_MESSAGE])
+    ).toBeTruthy()
+  })
+
+  it('tests create with add-paths resolving to no changes when other changes exist', async () => {
+    // Create tracked and untracked file changes
+    await createChanges()
+    const commitMessage = uuidv4()
+    const result = await createOrUpdateBranch(
+      git,
+      commitMessage,
+      '',
+      BRANCH,
+      REMOTE_NAME,
+      false,
+      ['nonexistent/*']
+    )
+    expect(result.action).toEqual('none')
+    expect(await gitLogMatches([INIT_COMMIT_MESSAGE])).toBeTruthy()
+  })
+
   // Working Base is Not Base (WBNB)
 
   it('tests no changes resulting in no new branch being created (WBNB)', async () => {
@@ -920,7 +1069,8 @@ describe('create-or-update-branch tests', () => {
       BASE,
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(result.action).toEqual('none')
     expect(await gitLogMatches([INIT_COMMIT_MESSAGE])).toBeTruthy()
@@ -939,7 +1089,8 @@ describe('create-or-update-branch tests', () => {
       BASE,
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(result.action).toEqual('created')
     expect(await getFileContent(TRACKED_FILE)).toEqual(trackedContent)
@@ -969,7 +1120,8 @@ describe('create-or-update-branch tests', () => {
       BASE,
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(_result.action).toEqual('updated')
     expect(_result.hasDiffWithBase).toBeTruthy()
@@ -992,7 +1144,8 @@ describe('create-or-update-branch tests', () => {
       BASE,
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(result.action).toEqual('created')
     expect(await getFileContent(UNTRACKED_FILE)).toEqual(untrackedContent)
@@ -1022,7 +1175,8 @@ describe('create-or-update-branch tests', () => {
       BASE,
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(_result.action).toEqual('updated')
     expect(_result.hasDiffWithBase).toBeTruthy()
@@ -1047,7 +1201,8 @@ describe('create-or-update-branch tests', () => {
       BASE,
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(result.action).toEqual('created')
     expect(await getFileContent(TRACKED_FILE)).toEqual(changes.tracked)
@@ -1078,7 +1233,8 @@ describe('create-or-update-branch tests', () => {
       BASE,
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(_result.action).toEqual('not-updated')
     expect(await getFileContent(TRACKED_FILE)).toEqual(changes.tracked)
@@ -1101,7 +1257,8 @@ describe('create-or-update-branch tests', () => {
       BASE,
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(result.action).toEqual('created')
     expect(await getFileContent(TRACKED_FILE)).toEqual(changes.tracked)
@@ -1140,7 +1297,8 @@ describe('create-or-update-branch tests', () => {
       BASE,
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(_result.action).toEqual('updated')
     expect(_result.hasDiffWithBase).toBeTruthy()
@@ -1173,7 +1331,8 @@ describe('create-or-update-branch tests', () => {
       BASE,
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(result.action).toEqual('created')
     expect(await getFileContent(TRACKED_FILE)).toEqual(changes.tracked)
@@ -1203,7 +1362,8 @@ describe('create-or-update-branch tests', () => {
       BASE,
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(_result.action).toEqual('updated')
     expect(_result.hasDiffWithBase).toBeFalsy()
@@ -1228,7 +1388,8 @@ describe('create-or-update-branch tests', () => {
       BASE,
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(result.action).toEqual('created')
     expect(await getFileContent(TRACKED_FILE)).toEqual(changes.tracked)
@@ -1270,7 +1431,8 @@ describe('create-or-update-branch tests', () => {
       BASE,
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(_result.action).toEqual('updated')
     expect(_result.hasDiffWithBase).toBeFalsy()
@@ -1299,7 +1461,8 @@ describe('create-or-update-branch tests', () => {
       BASE,
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(result.action).toEqual('created')
     expect(await getFileContent(TRACKED_FILE)).toEqual(changes.tracked)
@@ -1344,7 +1507,8 @@ describe('create-or-update-branch tests', () => {
       BASE,
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(_result.action).toEqual('updated')
     expect(_result.hasDiffWithBase).toBeFalsy()
@@ -1368,7 +1532,8 @@ describe('create-or-update-branch tests', () => {
       BASE,
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(result.action).toEqual('created')
     expect(await getFileContent(TRACKED_FILE)).toEqual(commits.changes.tracked)
@@ -1401,7 +1566,8 @@ describe('create-or-update-branch tests', () => {
       BASE,
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(_result.action).toEqual('updated')
     expect(_result.hasDiffWithBase).toBeTruthy()
@@ -1429,7 +1595,8 @@ describe('create-or-update-branch tests', () => {
       BASE,
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(result.action).toEqual('created')
     expect(await getFileContent(TRACKED_FILE)).toEqual(changes.tracked)
@@ -1466,7 +1633,8 @@ describe('create-or-update-branch tests', () => {
       BASE,
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(_result.action).toEqual('updated')
     expect(_result.hasDiffWithBase).toBeTruthy()
@@ -1496,7 +1664,8 @@ describe('create-or-update-branch tests', () => {
       BASE,
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(result.action).toEqual('created')
     expect(await getFileContent(TRACKED_FILE)).toEqual(changes.tracked)
@@ -1541,7 +1710,8 @@ describe('create-or-update-branch tests', () => {
       BASE,
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(_result.action).toEqual('updated')
     expect(_result.hasDiffWithBase).toBeTruthy()
@@ -1570,7 +1740,8 @@ describe('create-or-update-branch tests', () => {
       BASE,
       BRANCH,
       FORK_REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(result.action).toEqual('created')
     expect(await getFileContent(TRACKED_FILE)).toEqual(changes.tracked)
@@ -1601,7 +1772,8 @@ describe('create-or-update-branch tests', () => {
       BASE,
       BRANCH,
       FORK_REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(_result.action).toEqual('updated')
     expect(_result.hasDiffWithBase).toBeTruthy()
@@ -1629,7 +1801,8 @@ describe('create-or-update-branch tests', () => {
       BASE,
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(result.action).toEqual('created')
     expect(await getFileContent(TRACKED_FILE)).toEqual(changes.tracked)
@@ -1661,7 +1834,8 @@ describe('create-or-update-branch tests', () => {
       BASE,
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(_result.action).toEqual('updated')
     expect(_result.hasDiffWithBase).toBeTruthy()
@@ -1686,7 +1860,8 @@ describe('create-or-update-branch tests', () => {
       BASE,
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(result.action).toEqual('created')
     expect(await getFileContent(TRACKED_FILE)).toEqual(changes.tracked)
@@ -1726,7 +1901,8 @@ describe('create-or-update-branch tests', () => {
       BASE,
       BRANCH,
       REMOTE_NAME,
-      false
+      false,
+      ADD_PATHS_DEFAULT
     )
     expect(_result.action).toEqual('updated')
     expect(_result.hasDiffWithBase).toBeTruthy()
@@ -1740,4 +1916,27 @@ describe('create-or-update-branch tests', () => {
       ])
     ).toBeTruthy()
   })
+
+  // This failure mode is a limitation of the action. Controlling your own commits cannot be used in detached HEAD state.
+  // https://github.com/peter-evans/create-pull-request/issues/902
+  it('tests failure to create with commits on the working base (during the workflow) in detached HEAD state (WBNR)', async () => {
+    // Checkout the HEAD commit SHA
+    const headSha = await git.revParse('HEAD')
+    await git.checkout(headSha)
+
+    // Create commits on the working base
+    const commits = await createCommits(git)
+    const commitMessage = uuidv4()
+    const result = await createOrUpdateBranch(
+      git,
+      commitMessage,
+      BASE,
+      BRANCH,
+      REMOTE_NAME,
+      false,
+      ADD_PATHS_DEFAULT
+    )
+    // The action cannot successfully create the branch
+    expect(result.action).toEqual('none')
+  })
 })

__test__/integration-tests.sh

@@ -10,13 +10,13 @@ if [[ "$(docker images -q $IMAGE 2> /dev/null)" == "" || $ARG1 == "build" ]]; th
     cat > Dockerfile << EOF
 FROM node:12-alpine
 RUN apk --no-cache add git git-daemon
-RUN npm install jest --global
+RUN npm install jest jest-environment-jsdom --global
 WORKDIR /cpr
 COPY __test__/entrypoint.sh /entrypoint.sh
 ENTRYPOINT ["/entrypoint.sh"]
 EOF
 
-    docker build -t $IMAGE .
+    docker build --no-cache -t $IMAGE .
     rm Dockerfile
 fi
 

__test__/utils.unit.test.ts

@@ -50,6 +50,12 @@ describe('utils tests', () => {
     )
     expect(remote3.protocol).toEqual('SSH')
     expect(remote3.repository).toEqual('peter-evans/create-pull-request')
+
+    const remote4 = utils.getRemoteDetail(
+      'https://github.com/peter-evans/create-pull-request.git'
+    )
+    expect(remote4.protocol).toEqual('HTTPS')
+    expect(remote4.repository).toEqual('peter-evans/create-pull-request')
   })
 
   test('getRemoteDetail fails to parse a remote URL', async () => {
@@ -58,7 +64,7 @@ describe('utils tests', () => {
       utils.getRemoteDetail(remoteUrl)
       // Fail the test if an error wasn't thrown
       expect(true).toEqual(false)
-    } catch (e) {
+    } catch (e: any) {
       expect(e.message).toEqual(
         `The format of '${remoteUrl}' is not a valid GitHub repository URL`
       )
@@ -104,7 +110,7 @@ describe('utils tests', () => {
       utils.parseDisplayNameEmail(displayNameEmail1)
       // Fail the test if an error wasn't thrown
       expect(true).toEqual(false)
-    } catch (e) {
+    } catch (e: any) {
       expect(e.message).toEqual(
         `The format of '${displayNameEmail1}' is not a valid email address with display name`
       )
@@ -115,7 +121,7 @@ describe('utils tests', () => {
       utils.parseDisplayNameEmail(displayNameEmail2)
       // Fail the test if an error wasn't thrown
       expect(true).toEqual(false)
-    } catch (e) {
+    } catch (e: any) {
       expect(e.message).toEqual(
         `The format of '${displayNameEmail2}' is not a valid email address with display name`
       )

action.yml

@@ -8,6 +8,11 @@ inputs:
     description: >
       Relative path under $GITHUB_WORKSPACE to the repository.
       Defaults to $GITHUB_WORKSPACE.
+  add-paths:
+    description: >
+      A comma or newline-separated list of file paths to commit.
+      Paths should follow git's pathspec syntax.
+      Defaults to adding all new and modified files.
   commit-message:
     description: 'The message to use when committing changes.'
     default: '[create-pull-request] automated change'
@@ -62,13 +67,19 @@ inputs:
   milestone:
     description: 'The number of the milestone to associate the pull request with.'
   draft:
-    description: 'Create a draft pull request'
+    description: 'Create a draft pull request. It is not possible to change draft status after creation except through the web interface'
     default: false
 outputs:
   pull-request-number:
     description: 'The pull request number'
+  pull-request-url:
+    description: 'The URL of the pull request.'
+  pull-request-operation:
+    description: 'The pull request operation performed by the action, `created`, `updated` or `closed`.'
+  pull-request-head-sha:
+    description: 'The commit SHA of the pull request branch.'
 runs:
-  using: 'node12'
+  using: 'node16'
   main: 'dist/index.js'
 branding:
   icon: 'git-pull-request'

docs/assets/cpr-gitgraph.htm

@@ -29,37 +29,37 @@
             orientation: "vertical-reverse"
         });
 
-        const master = gitgraph.branch("master");
-        master.commit("Last commit on base");
-        const localMaster = gitgraph.branch("<#1> master (local)");
-        localMaster.commit({
+        const main = gitgraph.branch("main");
+        main.commit("Last commit on base");
+        const localMain = gitgraph.branch("<#1> main (local)");
+        localMain.commit({
             subject: "<uncommitted changes>",
             body: "Changes to the local base during the workflow",
         })
         const remotePatch = gitgraph.branch("create-pull-request/patch");
         remotePatch.merge({
-            branch: localMaster,
+            branch: localMain,
             commitOptions: {
                 subject: "[create-pull-request] automated change",
                 body: "Changes pushed to create the remote branch",
             },
         });
-        master.commit("New commit on base");
+        main.commit("New commit on base");
 
-        const localMaster2 = gitgraph.branch("<#2> master (local)");
-        localMaster2.commit({
+        const localMain2 = gitgraph.branch("<#2> main (local)");
+        localMain2.commit({
             subject: "<uncommitted changes>",
             body: "Changes to the updated local base during the workflow",
         })
         remotePatch.merge({
-            branch: localMaster2,
+            branch: localMain2,
             commitOptions: {
                 subject: "[create-pull-request] automated change",
                 body: "Changes force pushed to update the remote branch",
             },
         });
 
-        master.merge(remotePatch);
+        main.merge(remotePatch);
 
     </script>
 

docs/concepts-guidelines.md

@@ -16,6 +16,7 @@ This document covers terminology, how the action works, general usage guidelines
   - [Push using SSH (deploy keys)](#push-using-ssh-deploy-keys)
   - [Push pull request branches to a fork](#push-pull-request-branches-to-a-fork)
   - [Authenticating with GitHub App generated tokens](#authenticating-with-github-app-generated-tokens)
+  - [GPG commit signature verification](#gpg-commit-signature-verification)
   - [Running in a container or on self-hosted runners](#running-in-a-container-or-on-self-hosted-runners)
 
 ## Terminology
@@ -35,7 +36,7 @@ For each [event type](https://docs.github.com/en/actions/reference/events-that-t
 The default can be overridden by specifying a `ref` on checkout.
 
 ```yml
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
         with:
           ref: develop
 ```
@@ -72,7 +73,7 @@ jobs:
   example:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
 ```
 
 There may be use cases where it makes sense to execute the workflow on a branch that is not the base of the pull request. In these cases, the base branch can be specified with the `base` action input. The action will attempt to rebase changes made during the workflow on to the actual base.
@@ -87,7 +88,7 @@ In these cases, you *must supply* the `base` input so the action can rebase chan
 Workflows triggered by [`pull_request`](https://docs.github.com/en/actions/reference/events-that-trigger-workflows#pull_request) events will by default check out a merge commit. Set the `base` input as follows to base the new pull request on the current pull request's branch.
 
 ```yml
-      - uses: peter-evans/create-pull-request@v3
+      - uses: peter-evans/create-pull-request@v4
         with:
           base: ${{ github.head_ref }}
 ```
@@ -95,9 +96,9 @@ Workflows triggered by [`pull_request`](https://docs.github.com/en/actions/refer
 Workflows triggered by [`release`](https://docs.github.com/en/actions/reference/events-that-trigger-workflows#release) events will by default check out a tag. For most use cases, you will need to set the `base` input to the branch name of the tagged commit.
 
 ```yml
-      - uses: peter-evans/create-pull-request@v3
+      - uses: peter-evans/create-pull-request@v4
         with:
-          base: master
+          base: main
 ```
 
 ### Restrictions on repository forks
@@ -129,19 +130,21 @@ jobs:
     if: github.event.pull_request.head.repo.full_name == github.repository
 ```
 
+For further reading regarding the security of pull requests, see this GitHub blog post titled [Keeping your GitHub Actions and workflows secure: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)
+
 ### Triggering further workflow runs
 
 Pull requests created by the action using the default `GITHUB_TOKEN` cannot trigger other workflows. If you have `on: pull_request` or `on: push` workflows acting as checks on pull requests, they will not run.
 
-> When you use the repository's GITHUB_TOKEN to perform tasks on behalf of the GitHub Actions app, events triggered by the GITHUB_TOKEN will not create a new workflow run.
+> When you use the repository's `GITHUB_TOKEN` to perform tasks, events triggered by the `GITHUB_TOKEN` will not create a new workflow run. This prevents you from accidentally creating recursive workflow runs. For example, if a workflow run pushes code using the repository's `GITHUB_TOKEN`, a new workflow will not run even when the repository contains a workflow configured to run when `push` events occur.
 
-[GitHub Actions: Events that trigger workflows](https://docs.github.com/en/actions/reference/events-that-trigger-workflows#triggering-new-workflows-using-a-personal-access-token)
+[GitHub Actions: Triggering a workflow from a workflow](https://docs.github.com/en/actions/using-workflows/triggering-a-workflow#triggering-a-workflow-from-a-workflow)
 
 #### Workarounds to trigger further workflow runs
 
 There are a number of workarounds with different pros and cons.
 
-- Use the default `GITHUB_TOKEN` and allow the action to create pull requests that have no checks enabled. Manually close pull requests and immediately reopen them. This will enable `on: pull_request` workflows to run and be added as checks.
+- Use the default `GITHUB_TOKEN` and allow the action to create pull requests that have no checks enabled. Manually close pull requests and immediately reopen them. This will enable `on: pull_request` workflows to run and be added as checks. To prevent merging of pull requests without checks erroneously, use [branch protection rules](https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests).
 
 - Use a `repo` scoped [Personal Access Token (PAT)](https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token) created on an account that has write access to the repository that pull requests are being created in. This is the standard workaround and [recommended by GitHub](https://docs.github.com/en/actions/reference/events-that-trigger-workflows#triggering-new-workflows-using-a-personal-access-token). However, the PAT cannot be scoped to a specific repository so the token becomes a very sensitive secret. If this is a concern, the PAT can instead be created for a dedicated [machine account](https://docs.github.com/en/github/site-policy/github-terms-of-service#3-account-requirements) that has collaborator access to the repository. Also note that because the account that owns the PAT will be the creator of pull requests, that user account will be unable to perform actions such as request changes or approve the pull request.
 
@@ -161,7 +164,7 @@ Alternatively, use the action directly and reference the commit hash for the ver
   - uses: thirdparty/foo-action@172ec762f2ac8e050062398456fccd30444f8f30
 ```
 
-This action uses [ncc](https://github.com/vercel/ncc) to compile the Node.js code and dependencies into a single JavaScript file under the [dist](https://github.com/peter-evans/create-pull-request/tree/master/dist) directory.
+This action uses [ncc](https://github.com/vercel/ncc) to compile the Node.js code and dependencies into a single JavaScript file under the [dist](https://github.com/peter-evans/create-pull-request/tree/main/dist) directory.
 
 ## Advanced usage
 
@@ -170,14 +173,14 @@ This action uses [ncc](https://github.com/vercel/ncc) to compile the Node.js cod
 Checking out a branch from a different repository from where the workflow is executing will make *that repository* the target for the created pull request. In this case, a `repo` scoped [Personal Access Token (PAT)](https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token) is required.
 
 ```yml
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
         with:
           token: ${{ secrets.PAT }}
           repository: owner/repo
 
       # Make changes to pull request here
 
-      - uses: peter-evans/create-pull-request@v3
+      - uses: peter-evans/create-pull-request@v4
         with:
           token: ${{ secrets.PAT }}
 ```
@@ -197,14 +200,14 @@ How to use SSH (deploy keys) with create-pull-request action:
 
 ```yml
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
         with:
           ssh-key: ${{ secrets.SSH_PRIVATE_KEY }}
 
       # Make changes to pull request here
 
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v3
+        uses: peter-evans/create-pull-request@v4
 ```
 
 ### Push pull request branches to a fork
@@ -222,11 +225,11 @@ It will use their own fork to push code and create the pull request.
 6. As shown in the following example workflow, set the `push-to-fork` input to the full repository name of the fork.
 
 ```yaml
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
 
       # Make changes to pull request here
 
-      - uses: peter-evans/create-pull-request@v3
+      - uses: peter-evans/create-pull-request@v4
         with:
           token: ${{ secrets.MACHINE_USER_PAT }}
           push-to-fork: machine-user/fork-of-repository
@@ -245,6 +248,8 @@ GitHub App generated tokens are more secure than using a PAT because GitHub App
     - Uncheck `Active` under `Webhook`. You do not need to enter a `Webhook URL`.
     - Under `Repository permissions: Contents` select `Access: Read & write`.
     - Under `Repository permissions: Pull requests` select `Access: Read & write`.
+    - Under `Organization permissions: Members` select `Access: Read-only`.
+      - **NOTE**: Only needed if you would like add teams as reviewers to PRs.
 
 2. Create a Private key from the App settings page and store it securely.
 
@@ -256,7 +261,7 @@ GitHub App generated tokens are more secure than using a PAT because GitHub App
 
 ```yaml
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
 
       - uses: tibdex/github-app-token@v1
         id: generate-token
@@ -267,11 +272,53 @@ GitHub App generated tokens are more secure than using a PAT because GitHub App
       # Make changes to pull request here
 
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v3
+        uses: peter-evans/create-pull-request@v4
         with:
           token: ${{ steps.generate-token.outputs.token }}
 ```
 
+### GPG commit signature verification
+
+The action can use GPG to sign commits with a GPG key that you generate yourself.
+
+1. Follow GitHub's guide to [generate a new GPG key](https://docs.github.com/en/github/authenticating-to-github/generating-a-new-gpg-key).
+
+2. [Add the public key](https://docs.github.com/en/github/authenticating-to-github/adding-a-new-gpg-key-to-your-github-account) to the user account associated with the [Personal Access Token (PAT)](https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token) that you will use with the action.
+
+3. Copy the private key to your clipboard, replacing `email@example.com` with the email address of your GPG key.
+   ```
+   # macOS
+   gpg --armor --export-secret-key email@example.com | pbcopy
+   ```
+
+4. Paste the private key into a repository secret where the workflow will run. e.g. `GPG_PRIVATE_KEY`
+
+5. Create another repository secret for the key's passphrase, if applicable. e.g. `GPG_PASSPHRASE`
+
+6. The following example workflow shows how to use [crazy-max/ghaction-import-gpg](https://github.com/crazy-max/ghaction-import-gpg) to import your GPG key and allow the action to sign commits.
+
+   Note that the `committer` email address *MUST* match the email address used to create your GPG key.
+
+```yaml
+    steps:
+      - uses: actions/checkout@v3
+
+      - uses: crazy-max/ghaction-import-gpg@v3
+        with:
+          gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
+          passphrase: ${{ secrets.GPG_PASSPHRASE }}
+          git-user-signingkey: true
+          git-commit-gpgsign: true
+
+      # Make changes to pull request here
+
+      - name: Create Pull Request
+        uses: peter-evans/create-pull-request@v4
+        with:
+          token: ${{ secrets.PAT }}
+          committer: example <email@example.com>
+```
+
 ### Running in a container or on self-hosted runners
 
 This action can be run inside a container, or on [self-hosted runners](https://docs.github.com/en/actions/hosting-your-own-runners), by installing the necessary dependencies.
@@ -291,12 +338,12 @@ jobs:
       - name: Install dependencies
         run: apk --no-cache add git
 
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
 
       # Make changes to pull request here
 
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v3
+        uses: peter-evans/create-pull-request@v4
 ```
 
 **Ubuntu container example:**
@@ -314,10 +361,10 @@ jobs:
           add-apt-repository -y ppa:git-core/ppa
           apt-get install -y git
 
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
 
       # Make changes to pull request here
 
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v3
+        uses: peter-evans/create-pull-request@v4
 ```

docs/examples.md

@@ -21,6 +21,7 @@
   - [Filtering push events](#filtering-push-events)
   - [Dynamic configuration using variables](#dynamic-configuration-using-variables)
   - [Setting the pull request body from a file](#setting-the-pull-request-body-from-a-file)
+  - [Using a markdown template](#using-a-markdown-template)
   - [Debugging GitHub Actions](#debugging-github-actions)
 
 
@@ -37,19 +38,19 @@ name: Update AUTHORS
 on:
   push:
     branches:
-      - master
+      - main
 jobs:
   updateAuthors:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
         with:
           fetch-depth: 0
       - name: Update AUTHORS
         run: |
           git log --format='%aN <%aE>%n%cN <%cE>' | sort -u > AUTHORS
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v3
+        uses: peter-evans/create-pull-request@v4
         with:
           commit-message: update authors
           title: Update AUTHORS
@@ -61,27 +62,27 @@ jobs:
 
 This is a use case where a branch should be kept up to date with another by opening a pull request to update it. The pull request should then be updated with new changes until it is merged or closed.
 
-In this example scenario, a branch called `production` should be updated via pull request to keep it in sync with `master`. Merging the pull request is effectively promoting those changes to production.
+In this example scenario, a branch called `production` should be updated via pull request to keep it in sync with `main`. Merging the pull request is effectively promoting those changes to production.
 
 ```yml
 name: Create production promotion pull request
 on:
   push:
     branches:
-      - master
+      - main
 jobs:
   productionPromotion:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
         with:
           ref: production
       - name: Reset promotion branch
         run: |
-          git fetch origin master:master
-          git reset --hard master
+          git fetch origin main:main
+          git reset --hard main
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v3
+        uses: peter-evans/create-pull-request@v4
         with:
           branch: production-promotion
 ```
@@ -95,7 +96,7 @@ This pattern will work well for updating any kind of static content based on the
 Raises a pull request to update the `CHANGELOG.md` file based on the tagged commit of the release.
 Note that [git-chglog](https://github.com/git-chglog/git-chglog/) requires some configuration files to exist in the repository before this workflow will work.
 
-This workflow assumes the tagged release was made on a default branch called `master`.
+This workflow assumes the tagged release was made on a default branch called `main`.
 
 ```yml
 name: Update Changelog
@@ -106,7 +107,7 @@ jobs:
   updateChangelog:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
         with:
           fetch-depth: 0
       - name: Update Changelog
@@ -116,13 +117,13 @@ jobs:
           ./git-chglog -o CHANGELOG.md
           rm git-chglog
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v3
+        uses: peter-evans/create-pull-request@v4
         with:
           commit-message: update changelog
           title: Update Changelog
           body: Update changelog to reflect release changes
           branch: update-changelog
-          base: master
+          base: main
 ```
 
 ## Use case: Create a pull request to update X periodically
@@ -144,16 +145,16 @@ jobs:
   update-dep:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-node@v1
+      - uses: actions/checkout@v3
+      - uses: actions/setup-node@v3
         with:
-          node-version: '12.x'
+          node-version: '16.x'
       - name: Update dependencies
         run: |
           npx -p npm-check-updates ncu -u
           npm install
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v3
+        uses: peter-evans/create-pull-request@v4
         with:
             token: ${{ secrets.PAT }}
             commit-message: Update dependencies
@@ -173,17 +174,17 @@ The above workflow works best in combination with a build workflow triggered on
 name: CI
 on:
   push:
-    branches: [master]
+    branches: [main]
   pull_request:
-    branches: [master]
+    branches: [main]
 jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-node@v1
+      - uses: actions/checkout@v3
+      - uses: actions/setup-node@v3
         with:
-          node-version: 12.x
+          node-version: 16.x
       - run: npm ci
       - run: npm run test
       - run: npm run build
@@ -204,16 +205,17 @@ jobs:
   update-dep:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-java@v1
+      - uses: actions/checkout@v3
+      - uses: actions/setup-java@v2
         with:
+          distribution: 'temurin'
           java-version: 1.8
       - name: Grant execute permission for gradlew
         run: chmod +x gradlew
       - name: Perform dependency resolution and write new lockfiles
         run: ./gradlew dependencies --write-locks
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v3
+        uses: peter-evans/create-pull-request@v4
         with:
             token: ${{ secrets.PAT }}
             commit-message: Update dependencies
@@ -241,14 +243,14 @@ jobs:
   update-dep:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
       - name: Update dependencies
         run: |
           cargo install cargo-edit
           cargo update
           cargo upgrade --to-lockfile
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v3
+        uses: peter-evans/create-pull-request@v4
         with:
             token: ${{ secrets.PAT }}
             commit-message: Update dependencies
@@ -276,7 +278,7 @@ jobs:
   updateSwagger:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
       - name: Get Latest Swagger UI Release
         id: swagger-ui
         run: |
@@ -304,7 +306,7 @@ jobs:
           # Update current release
           echo ${{ steps.swagger-ui.outputs.release_tag }} > swagger-ui.version
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v3
+        uses: peter-evans/create-pull-request@v4
         with:
           commit-message: Update swagger-ui to ${{ steps.swagger-ui.outputs.release_tag }}
           title: Update SwaggerUI to ${{ steps.swagger-ui.outputs.release_tag }}
@@ -324,7 +326,7 @@ jobs:
 This example is designed to be run in a seperate repository from the fork repository itself.
 The aim of this is to prevent committing anything to the fork's default branch would cause it to differ from the upstream.
 
-In the following example workflow, `owner/repo` is the upstream repository and `fork-owner/repo` is the fork. It assumes the default branch of the upstream repository is called `master`.
+In the following example workflow, `owner/repo` is the upstream repository and `fork-owner/repo` is the fork. It assumes the default branch of the upstream repository is called `main`.
 
 The [Personal Access Token (PAT)](https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token) should have `repo` scope. Additionally, if the upstream makes changes to the `.github/workflows` directory, the action will be unable to push the changes to a branch and throw the error "_(refusing to allow a GitHub App to create or update workflow `.github/workflows/xxx.yml` without `workflows` permission)_". To allow these changes to be pushed to the fork, add the `workflow` scope to the PAT. Of course, allowing this comes with the risk that the workflow changes from the upstream could run and do something unexpected. Disabling GitHub Actions in the fork is highly recommended to prevent this.
 
@@ -339,16 +341,16 @@ jobs:
   updateFork:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
         with:
           repository: fork-owner/repo
       - name: Reset the default branch with upstream changes
         run: |
           git remote add upstream https://github.com/owner/repo.git
-          git fetch upstream master:upstream-master
-          git reset --hard upstream-master
+          git fetch upstream main:upstream-main
+          git reset --hard upstream-main
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v3
+        uses: peter-evans/create-pull-request@v4
         with:
           token: ${{ secrets.PAT }}
           branch: upstream-changes
@@ -367,7 +369,7 @@ jobs:
   format:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
       - name: Download website
         run: |
           wget \
@@ -381,7 +383,7 @@ jobs:
             --domains quotes.toscrape.com \
             http://quotes.toscrape.com/
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v3
+        uses: peter-evans/create-pull-request@v4
         with:
           commit-message: update local website copy
           title: Automated Updates to Local Website Copy
@@ -426,7 +428,7 @@ An `on: repository_dispatch` workflow can be triggered from another workflow wit
 
 ```yml
 - name: Repository Dispatch
-  uses: peter-evans/repository-dispatch@v1
+  uses: peter-evans/repository-dispatch@v2
   with:
     token: ${{ secrets.REPO_ACCESS_TOKEN }}
     repository: username/my-repo
@@ -463,7 +465,7 @@ jobs:
     if: startsWith(github.head_ref, 'autopep8-patches') == false && github.event.pull_request.head.repo.full_name == github.repository
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
         with:
           ref: ${{ github.head_ref }}
       - name: autopep8
@@ -476,7 +478,7 @@ jobs:
         run: echo ::set-output name=branch-name::"autopep8-patches/${{ github.head_ref }}"
       - name: Create Pull Request
         if: steps.autopep8.outputs.exit-code == 2
-        uses: peter-evans/create-pull-request@v3
+        uses: peter-evans/create-pull-request@v4
         with:
           commit-message: autopep8 action fixes
           title: Fixes by autopep8 action
@@ -510,13 +512,13 @@ jobs:
     if: startsWith(github.ref, 'refs/heads/')
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
       ...
 
   someOtherJob:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
       ...
 ```
 
@@ -534,7 +536,7 @@ The recommended method is to use [`set-output`](https://docs.github.com/en/actio
           echo ::set-output name=pr_body::"This PR was auto-generated on $(date +%d-%m-%Y) \
             by [create-pull-request](https://github.com/peter-evans/create-pull-request)."
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v3
+        uses: peter-evans/create-pull-request@v4
         with:
           title: ${{ steps.vars.outputs.pr_title }}
           body: ${{ steps.vars.outputs.pr_body }}
@@ -555,11 +557,36 @@ The content must be [escaped to preserve newlines](https://github.community/t/se
           echo ::set-output name=body::$body
 
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v3
+        uses: peter-evans/create-pull-request@v4
         with:
           body: ${{ steps.get-pr-body.outputs.body }}
 ```
 
+### Using a markdown template
+
+In this example, a markdown template file is added to the repository at `.github/pull-request-template.md` with the following content.
+```
+This is a test pull request template
+Render template variables such as {{ .foo }} and {{ .bar }}.
+```
+
+The template is rendered using the [render-template](https://github.com/chuhlomin/render-template) action and the result is used to create the pull request.
+```yml
+      - name: Render template
+        id: template
+        uses: chuhlomin/render-template@v1.4
+        with:
+          template: .github/pull-request-template.md
+          vars: |
+            foo: this
+            bar: that
+
+      - name: Create Pull Request
+        uses: peter-evans/create-pull-request@v4
+        with:
+          body: ${{ steps.template.outputs.result }}
+```
+
 ### Debugging GitHub Actions
 
 #### Runner Diagnostic Logging

docs/updating.md

@@ -1,3 +1,17 @@
+## Updating from `v3` to `v4`
+
+### Breaking changes
+
+- The `add-paths` input no longer accepts `-A` as a valid value. When committing all new and modified files the `add-paths` input should be omitted.
+
+- If using self-hosted runners or GitHub Enterprise Server, there are minimum requirements for `v4` to run. See "What's new" below for details.
+
+### What's new
+
+- Updated runtime to Node.js 16
+  - The action now requires a minimum version of v2.285.0 for the [Actions Runner](https://github.com/actions/runner/releases/tag/v2.285.0).
+  - If using GitHub Enterprise Server, the action requires [GHES 3.4](https://docs.github.com/en/enterprise-server@3.4/admin/release-notes) or later.
+
 ## Updating from `v2` to `v3`
 
 ### Breaking changes
@@ -31,7 +45,7 @@
           push-to-fork: machine-user/fork-of-repository
   ```
 
-### New features
+### What's new
 
 - The action has been converted to Typescript giving it a significant performance improvement.
 
@@ -66,8 +80,8 @@
 
   If neither `author` or `committer` are set the action will default to making commits as the GitHub Actions bot user.
 
-### New features
+### What's new
 
-- Unpushed commits made during the workflow before the action runs will now be considered as changes to be raised in the pull request. See [Controlling commits](https://github.com/peter-evans/create-pull-request#controlling-commits) for details.
+- Unpushed commits made during the workflow before the action runs will now be considered as changes to be raised in the pull request. See [Create your own commits](https://github.com/peter-evans/create-pull-request#create-your-own-commits) for details.
 - New commits made to the pull request base will now be taken into account when pull requests are updated.
 - If an updated pull request no longer differs from its base it will automatically be closed and the pull request branch deleted.

package.json

@@ -1,6 +1,6 @@
 {
   "name": "create-pull-request",
-  "version": "3.0.0",
+  "version": "4.0.0",
   "private": true,
   "description": "Creates a pull request for changes to your repository in the actions workspace",
   "main": "lib/main.js",
@@ -29,26 +29,30 @@
   },
   "homepage": "https://github.com/peter-evans/create-pull-request",
   "dependencies": {
-    "@actions/core": "1.2.6",
-    "@actions/exec": "1.0.4",
-    "@octokit/core": "3.2.4",
-    "@octokit/plugin-paginate-rest": "2.8.0",
-    "@octokit/plugin-rest-endpoint-methods": "4.5.2",
-    "uuid": "8.3.2"
+    "@actions/core": "^1.6.0",
+    "@actions/exec": "^1.1.0",
+    "@octokit/core": "^3.5.1",
+    "@octokit/plugin-paginate-rest": "^2.17.0",
+    "@octokit/plugin-rest-endpoint-methods": "^5.13.0",
+    "https-proxy-agent": "^5.0.0",
+    "uuid": "^8.3.2"
   },
   "devDependencies": {
-    "@types/jest": "26.0.20",
-    "@types/node": "14.14.22",
-    "@typescript-eslint/parser": "4.14.0",
-    "@vercel/ncc": "0.27.0",
-    "eslint": "7.18.0",
-    "eslint-plugin-github": "4.1.1",
-    "eslint-plugin-jest": "24.1.3",
-    "jest": "26.6.3",
-    "jest-circus": "26.6.3",
-    "js-yaml": "4.0.0",
-    "prettier": "2.2.1",
-    "ts-jest": "26.4.4",
-    "typescript": "4.1.3"
+    "@types/jest": "^27.5.0",
+    "@types/node": "^16.11.11",
+    "@typescript-eslint/parser": "^5.5.0",
+    "@vercel/ncc": "^0.32.0",
+    "eslint": "^8.3.0",
+    "eslint-import-resolver-typescript": "^2.5.0",
+    "eslint-plugin-github": "^4.3.5",
+    "eslint-plugin-import": "^2.25.3",
+    "eslint-plugin-jest": "^26.1.5",
+    "jest": "^28.1.0",
+    "jest-circus": "^28.1.0",
+    "jest-environment-jsdom": "^28.1.0",
+    "js-yaml": "^4.1.0",
+    "prettier": "^2.5.0",
+    "ts-jest": "^28.0.2",
+    "typescript": "^4.5.2"
   }
 }

src/create-or-update-branch.ts

@@ -33,7 +33,9 @@ export async function tryFetch(
   branch: string
 ): Promise<boolean> {
   try {
-    await git.fetch([`${branch}:refs/remotes/${remote}/${branch}`], remote)
+    await git.fetch([`${branch}:refs/remotes/${remote}/${branch}`], remote, [
+      '--force'
+    ])
     return true
   } catch {
     return false
@@ -91,7 +93,8 @@ export async function createOrUpdateBranch(
   base: string,
   branch: string,
   branchRemoteName: string,
-  signoff: boolean
+  signoff: boolean,
+  addPaths: string[]
 ): Promise<CreateOrUpdateBranchResult> {
   // Get the working base.
   // When a ref, it may or may not be the actual base.
@@ -110,23 +113,34 @@ export async function createOrUpdateBranch(
   const result: CreateOrUpdateBranchResult = {
     action: 'none',
     base: base,
-    hasDiffWithBase: false
+    hasDiffWithBase: false,
+    headSha: ''
   }
 
   // Save the working base changes to a temporary branch
   const tempBranch = uuidv4()
   await git.checkout(tempBranch, 'HEAD')
   // Commit any uncommitted changes
-  if (await git.isDirty(true)) {
+  if (await git.isDirty(true, addPaths)) {
     core.info('Uncommitted changes found. Adding a commit.')
-    await git.exec(['add', '-A'])
-    const params = ['-m', commitMessage]
-    if (signoff) {
-      params.push('--signoff')
+    const aopts = ['add']
+    if (addPaths.length > 0) {
+      aopts.push(...['--', ...addPaths])
+    } else {
+      aopts.push('-A')
     }
-    await git.commit(params)
+    await git.exec(aopts, true)
+    const popts = ['-m', commitMessage]
+    if (signoff) {
+      popts.push('--signoff')
+    }
+    await git.commit(popts)
   }
 
+  // Remove uncommitted tracked and untracked changes
+  await git.exec(['reset', '--hard'])
+  await git.exec(['clean', '-f', '-d'])
+
   // Perform fetch and reset the working base
   // Commits made during the workflow will be removed
   if (workingBaseType == WorkingBaseType.Branch) {
@@ -231,6 +245,9 @@ export async function createOrUpdateBranch(
     result.hasDiffWithBase = await isAhead(git, base, branch)
   }
 
+  // Get the pull request branch SHA
+  result.headSha = await git.revParse('HEAD')
+
   // Delete the temporary branch
   await git.exec(['branch', '--delete', '--force', tempBranch])
 
@@ -241,4 +258,5 @@ interface CreateOrUpdateBranchResult {
   action: string
   base: string
   hasDiffWithBase: boolean
+  headSha: string
 }

src/create-pull-request.ts

@@ -12,6 +12,7 @@ import * as utils from './utils'
 export interface Inputs {
   token: string
   path: string
+  addPaths: string[]
   commitMessage: string
   committer: string
   author: string
@@ -173,7 +174,8 @@ export async function createPullRequest(inputs: Inputs): Promise<void> {
       inputs.base,
       inputs.branch,
       branchRemoteName,
-      inputs.signoff
+      inputs.signoff,
+      inputs.addPaths
     )
     core.endGroup()
 
@@ -195,11 +197,13 @@ export async function createPullRequest(inputs: Inputs): Promise<void> {
 
     if (result.hasDiffWithBase) {
       // Create or update the pull request
+      core.startGroup('Create or update the pull request')
       const pull = await githubHelper.createOrUpdatePullRequest(
         inputs,
         baseRemote.repository,
         branchRepository
       )
+      core.endGroup()
 
       // Set outputs
       core.startGroup('Setting outputs')
@@ -210,6 +214,7 @@ export async function createPullRequest(inputs: Inputs): Promise<void> {
       } else if (result.action == 'updated') {
         core.setOutput('pull-request-operation', 'updated')
       }
+      core.setOutput('pull-request-head-sha', result.headSha)
       // Deprecated
       core.exportVariable('PULL_REQUEST_NUMBER', pull.number)
       core.endGroup()
@@ -235,7 +240,7 @@ export async function createPullRequest(inputs: Inputs): Promise<void> {
         }
       }
     }
-  } catch (error) {
+  } catch (error: any) {
     core.setFailed(error.message)
   } finally {
     // Remove auth and restore persisted auth config if it existed

src/git-auth-helper.ts

@@ -33,7 +33,7 @@ export class GitAuthHelper {
       try {
         await this.setExtraheaderConfig(this.persistedExtraheaderConfigValue)
         core.info('Persisted git credentials restored')
-      } catch (e) {
+      } catch (e: any) {
         core.warning(e)
       }
     }

src/git-command-manager.ts

@@ -32,6 +32,8 @@ export class GitCommandManager {
     } else {
       args.push(ref)
     }
+    // https://github.com/git/git/commit/a047fafc7866cc4087201e284dc1f53e8f9a32d5
+    args.push('--')
     await this.exec(args)
   }
 
@@ -153,17 +155,22 @@ export class GitCommandManager {
     return output.exitCode === 1
   }
 
-  async isDirty(untracked: boolean): Promise<boolean> {
+  async isDirty(untracked: boolean, pathspec?: string[]): Promise<boolean> {
+    const pathspecArgs = pathspec ? ['--', ...pathspec] : []
     // Check untracked changes
-    if (untracked && (await this.status(['--porcelain', '-unormal']))) {
+    const sargs = ['--porcelain', '-unormal']
+    sargs.push(...pathspecArgs)
+    if (untracked && (await this.status(sargs))) {
       return true
     }
     // Check working index changes
-    if (await this.hasDiff()) {
+    if (await this.hasDiff(pathspecArgs)) {
       return true
     }
     // Check staged changes
-    if (await this.hasDiff(['--staged'])) {
+    const dargs = ['--staged']
+    dargs.push(...pathspecArgs)
+    if (await this.hasDiff(dargs)) {
       return true
     }
     return false

src/github-helper.ts

@@ -39,11 +39,16 @@ export class GitHubHelper {
   private async createOrUpdate(
     inputs: Inputs,
     baseRepository: string,
-    headBranch: string
+    headRepository: string
   ): Promise<Pull> {
+    const [headOwner] = headRepository.split('/')
+    const headBranch = `${headOwner}:${inputs.branch}`
+    const headBranchFull = `${headRepository}:${inputs.branch}`
+
     // Try to create the pull request
     try {
-      const {data: pull} = await this.octokit.pulls.create({
+      core.info(`Attempting creation of pull request`)
+      const {data: pull} = await this.octokit.rest.pulls.create({
         ...this.parseRepository(baseRepository),
         title: inputs.title,
         head: headBranch,
@@ -59,10 +64,10 @@ export class GitHubHelper {
         html_url: pull.html_url,
         created: true
       }
-    } catch (e) {
+    } catch (e: any) {
       if (
         e.message &&
-        e.message.includes(`A pull request already exists for ${headBranch}`)
+        e.message.includes(`A pull request already exists for`)
       ) {
         core.info(`A pull request already exists for ${headBranch}`)
       } else {
@@ -71,18 +76,19 @@ export class GitHubHelper {
     }
 
     // Update the pull request that exists for this branch and base
-    const {data: pulls} = await this.octokit.pulls.list({
+    core.info(`Fetching existing pull request`)
+    const {data: pulls} = await this.octokit.rest.pulls.list({
       ...this.parseRepository(baseRepository),
       state: 'open',
-      head: headBranch,
+      head: headBranchFull,
       base: inputs.base
     })
-    const {data: pull} = await this.octokit.pulls.update({
+    core.info(`Attempting update of pull request`)
+    const {data: pull} = await this.octokit.rest.pulls.update({
       ...this.parseRepository(baseRepository),
       pull_number: pulls[0].number,
       title: inputs.title,
-      body: inputs.body,
-      draft: inputs.draft
+      body: inputs.body
     })
     core.info(
       `Updated pull request #${pull.number} (${headBranch} => ${inputs.base})`
@@ -95,7 +101,7 @@ export class GitHubHelper {
   }
 
   async getRepositoryParent(headRepository: string): Promise<string> {
-    const {data: headRepo} = await this.octokit.repos.get({
+    const {data: headRepo} = await this.octokit.rest.repos.get({
       ...this.parseRepository(headRepository)
     })
     if (!headRepo.parent) {
@@ -111,16 +117,17 @@ export class GitHubHelper {
     baseRepository: string,
     headRepository: string
   ): Promise<Pull> {
-    const [headOwner] = headRepository.split('/')
-    const headBranch = `${headOwner}:${inputs.branch}`
-
     // Create or update the pull request
-    const pull = await this.createOrUpdate(inputs, baseRepository, headBranch)
+    const pull = await this.createOrUpdate(
+      inputs,
+      baseRepository,
+      headRepository
+    )
 
     // Apply milestone
     if (inputs.milestone) {
       core.info(`Applying milestone '${inputs.milestone}'`)
-      await this.octokit.issues.update({
+      await this.octokit.rest.issues.update({
         ...this.parseRepository(baseRepository),
         issue_number: pull.number,
         milestone: inputs.milestone
@@ -129,7 +136,7 @@ export class GitHubHelper {
     // Apply labels
     if (inputs.labels.length > 0) {
       core.info(`Applying labels '${inputs.labels}'`)
-      await this.octokit.issues.addLabels({
+      await this.octokit.rest.issues.addLabels({
         ...this.parseRepository(baseRepository),
         issue_number: pull.number,
         labels: inputs.labels
@@ -138,10 +145,10 @@ export class GitHubHelper {
     // Apply assignees
     if (inputs.assignees.length > 0) {
       core.info(`Applying assignees '${inputs.assignees}'`)
-      await this.octokit.issues.addAssignees({
+      await this.octokit.rest.issues.addAssignees({
         ...this.parseRepository(baseRepository),
         issue_number: pull.number,
-        labels: inputs.assignees
+        assignees: inputs.assignees
       })
     }
 
@@ -157,12 +164,12 @@ export class GitHubHelper {
     }
     if (Object.keys(requestReviewersParams).length > 0) {
       try {
-        await this.octokit.pulls.requestReviewers({
+        await this.octokit.rest.pulls.requestReviewers({
           ...this.parseRepository(baseRepository),
           pull_number: pull.number,
           ...requestReviewersParams
         })
-      } catch (e) {
+      } catch (e: any) {
         if (e.message && e.message.includes(ERROR_PR_REVIEW_FROM_AUTHOR)) {
           core.warning(ERROR_PR_REVIEW_FROM_AUTHOR)
         } else {

src/main.ts

@@ -8,12 +8,13 @@ async function run(): Promise<void> {
     const inputs: Inputs = {
       token: core.getInput('token'),
       path: core.getInput('path'),
+      addPaths: utils.getInputAsArray('add-paths'),
       commitMessage: core.getInput('commit-message'),
       committer: core.getInput('committer'),
       author: core.getInput('author'),
-      signoff: core.getInput('signoff') === 'true',
+      signoff: core.getBooleanInput('signoff'),
       branch: core.getInput('branch'),
-      deleteBranch: core.getInput('delete-branch') === 'true',
+      deleteBranch: core.getBooleanInput('delete-branch'),
       branchSuffix: core.getInput('branch-suffix'),
       base: core.getInput('base'),
       pushToFork: core.getInput('push-to-fork'),
@@ -24,12 +25,12 @@ async function run(): Promise<void> {
       reviewers: utils.getInputAsArray('reviewers'),
       teamReviewers: utils.getInputAsArray('team-reviewers'),
       milestone: Number(core.getInput('milestone')),
-      draft: core.getInput('draft') === 'true'
+      draft: core.getBooleanInput('draft')
     }
     core.debug(`Inputs: ${inspect(inputs)}`)
 
     await createPullRequest(inputs)
-  } catch (error) {
+  } catch (error: any) {
     core.setFailed(error.message)
   }
 }

src/octokit-client.ts

@@ -1,7 +1,33 @@
 import {Octokit as Core} from '@octokit/core'
 import {paginateRest} from '@octokit/plugin-paginate-rest'
 import {restEndpointMethods} from '@octokit/plugin-rest-endpoint-methods'
+import {HttpsProxyAgent} from 'https-proxy-agent'
 export {RestEndpointMethodTypes} from '@octokit/plugin-rest-endpoint-methods'
 export {OctokitOptions} from '@octokit/core/dist-types/types'
 
-export const Octokit = Core.plugin(paginateRest, restEndpointMethods)
+export const Octokit = Core.plugin(
+  paginateRest,
+  restEndpointMethods,
+  autoProxyAgent
+)
+
+// Octokit plugin to support the https_proxy and no_proxy environment variable
+function autoProxyAgent(octokit: Core) {
+  const proxy = process.env.https_proxy || process.env.HTTPS_PROXY
+
+  const noProxy = process.env.no_proxy || process.env.NO_PROXY
+  let noProxyArray: string[] = []
+  if (noProxy) {
+    noProxyArray = noProxy.split(',')
+  }
+
+  if (!proxy) return
+
+  const agent = new HttpsProxyAgent(proxy)
+  octokit.hook.before('request', options => {
+    if (noProxyArray.includes(options.request.hostname)) {
+      return
+    }
+    options.request.agent = agent
+  })
+}

src/utils.ts

@@ -47,7 +47,7 @@ export function getRemoteDetail(remoteUrl: string): RemoteDetail {
   }
 
   const httpsUrlPattern = new RegExp(
-    '^https?://.*@?' + githubServerMatch[1] + '/(.+/.+)$',
+    '^https?://.*@?' + githubServerMatch[1] + '/(.+/.+?)(.git)?$',
     'i'
   )
   const sshUrlPattern = new RegExp(
@@ -134,7 +134,7 @@ export function fileExistsSync(path: string): boolean {
   let stats: fs.Stats
   try {
     stats = fs.statSync(path)
-  } catch (error) {
+  } catch (error: any) {
     if (error.code === 'ENOENT') {
       return false
     }