Remove removed options from README

https://github.com/stefanzweifel/git-auto-commit-action/issues/211#issuecomment-1837270114

.github/release-drafter.yml

@@ -12,7 +12,7 @@ categories:
       - 'changelog:changed'
   - title: Deprecated
     labels:
-      - 'changelog:deprecated '
+      - 'changelog:deprecated'
   - title: Removed
     labels:
     - 'changelog:removed'

.github/workflows/git-auto-commit.yml

@@ -10,17 +10,22 @@ jobs:
   git-auto-commit:
     runs-on: ubuntu-latest
 
+    permissions:
+      # Give the default GITHUB_TOKEN write permission.
+      # https://github.blog/changelog/2023-02-02-github-actions-updating-the-default-github_token-permissions-to-read-only/
+      contents: write
+
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
 
     - name: Use git-auto-commit-action
       id: "auto-commit-action"
       uses: ./
 
     - name: "no changes detected"
-      if: steps.auto-commit-action.outputs.changes_detected == false
+      if: steps.auto-commit-action.outputs.changes_detected == 'false'
       run: "echo \"No changes detected\""
 
     - name: "changes detected"
-      if: steps.auto-commit-action.outputs.changes_detected == true
+      if: steps.auto-commit-action.outputs.changes_detected == 'true'
       run: "echo \"Changes detected\""

.github/workflows/linter.yml

@@ -9,10 +9,10 @@ jobs:
 
     steps:
       - name: Checkout Code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Lint Code Base
-        uses: github/super-linter@v4
+        uses: github/super-linter@v5
         env:
           VALIDATE_ALL_CODEBASE: false
           VALIDATE_MARKDOWN: false

.github/workflows/release-drafter.yml

@@ -8,6 +8,12 @@ on:
 jobs:
   update_release_draft:
     runs-on: ubuntu-latest
+
+    permissions:
+      # Give the default GITHUB_TOKEN write permission.
+      # https://github.blog/changelog/2023-02-02-github-actions-updating-the-default-github_token-permissions-to-read-only/
+      contents: write
+
     steps:
       - uses: release-drafter/release-drafter@v5
         env:

.github/workflows/tests.yml

@@ -11,7 +11,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
 
     - name: Install testing dependencies
       run: yarn install

.github/workflows/update-changelog.yaml

@@ -8,9 +8,15 @@ jobs:
   update:
     runs-on: ubuntu-latest
 
+    permissions:
+      # Give the default GITHUB_TOKEN write permission to commit and push the
+      # updated CHANGELOG back to the repository.
+      # https://github.blog/changelog/2023-02-02-github-actions-updating-the-default-github_token-permissions-to-read-only/
+      contents: write
+
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           ref: master
 
@@ -21,7 +27,7 @@ jobs:
           latest-version: ${{ github.event.release.name }}
 
       - name: Commit updated CHANGELOG
-        uses: stefanzweifel/git-auto-commit-action@v4
+        uses: stefanzweifel/git-auto-commit-action@v5
         with:
           branch: master
           commit_message: Update CHANGELOG

.github/workflows/versioning.yml

@@ -7,6 +7,12 @@ on:
 jobs:
   actions-tagger:
     runs-on: windows-latest
+
+    permissions:
+      # Give the default GITHUB_TOKEN write permission.
+      # https://github.blog/changelog/2023-02-02-github-actions-updating-the-default-github_token-permissions-to-read-only/
+      contents: write
+
     steps:
       - uses: Actions-R-Us/actions-tagger@latest
         env:

CHANGELOG.md

@@ -5,10 +5,42 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
-## [Unreleased](https://github.com/stefanzweifel/git-auto-commit-action/compare/v4.15.4...HEAD)
+## [Unreleased](https://github.com/stefanzweifel/git-auto-commit-action/compare/v5.0.0...HEAD)
 
 > TBD
 
+## [v5.0.0](https://github.com/stefanzweifel/git-auto-commit-action/compare/v4.16.0...v5.0.0) - 2023-10-06
+
+New major release that bumps the default runtime to Node 20. There are no other breaking changes.
+
+### Changed
+
+- Update node version to node20 ([#300](https://github.com/stefanzweifel/git-auto-commit-action/pull/300)) [@ryudaitakai](https://github.com/@ryudaitakai)
+- Add _log and _set_github_output functions ([#273](https://github.com/stefanzweifel/git-auto-commit-action/pull/273)) [@stefanzweifel](https://github.com/@stefanzweifel)
+
+### Fixed
+
+- Seems like there is an extra space ([#288](https://github.com/stefanzweifel/git-auto-commit-action/pull/288)) [@pedroamador](https://github.com/@pedroamador)
+- Fix git-auto-commit.yml ([#277](https://github.com/stefanzweifel/git-auto-commit-action/pull/277)) [@zcong1993](https://github.com/@zcong1993)
+
+### Dependency Updates
+
+- Bump actions/checkout from 3 to 4 ([#302](https://github.com/stefanzweifel/git-auto-commit-action/pull/302)) [@dependabot](https://github.com/@dependabot)
+- Bump bats from 1.9.0 to 1.10.0 ([#293](https://github.com/stefanzweifel/git-auto-commit-action/pull/293)) [@dependabot](https://github.com/@dependabot)
+- Bump github/super-linter from 4 to 5 ([#289](https://github.com/stefanzweifel/git-auto-commit-action/pull/289)) [@dependabot](https://github.com/@dependabot)
+- Bump bats from 1.8.2 to 1.9.0 ([#282](https://github.com/stefanzweifel/git-auto-commit-action/pull/282)) [@dependabot](https://github.com/@dependabot)
+
+## [v4.16.0](https://github.com/stefanzweifel/git-auto-commit-action/compare/v4.15.4...v4.16.0) - 2022-12-02
+
+### Changed
+
+- Don't commit files when only LF/CRLF changes ([#265](https://github.com/stefanzweifel/git-auto-commit-action/pull/265)) [@ZeroRin](https://github.com/@ZeroRin)
+- Update default email address of github-actions[bot] ([#264](https://github.com/stefanzweifel/git-auto-commit-action/pull/264)) [@Teko012](https://github.com/@Teko012)
+
+### Fixed
+
+- Fix link and text for workflow limitation ([#263](https://github.com/stefanzweifel/git-auto-commit-action/pull/263)) [@Teko012](https://github.com/@Teko012)
+
 ## [v4.15.4](https://github.com/stefanzweifel/git-auto-commit-action/compare/v4.15.3...v4.15.4) - 2022-11-05
 
 ### Fixed

CODE_OF_CONDUCT.md

@@ -55,7 +55,7 @@ further defined and clarified by project maintainers.
 ## Enforcement
 
 Instances of abusive, harassing, or otherwise unacceptable behavior may be
-reported by contacting the project team at hello@stefanzweifel.io. All
+reported by contacting the project team at stefan@stefanzweifel.dev. All
 complaints will be reviewed and investigated and will result in a response that
 is deemed necessary and appropriate to the circumstances. The project team is
 obligated to maintain confidentiality with regard to the reporter of an incident.

README.md

@@ -13,27 +13,54 @@ If you want to learn more how this Action works under the hood, check out [this
 
 ## Usage
 
-Add the following step at the end of your job, after other steps that might add or change files.
+Adding git-auto-commit to your Workflow only takes a couple lines of code.
+
+1. Set the `contents`-permission of the default GITHUB_TOKEN to `true`. (Required to push new commits to the repository)
+2. Add the following step at the end of your job, after other steps that might add or change files.
 
 ```yaml
-- uses: stefanzweifel/git-auto-commit-action@v4
+- uses: stefanzweifel/git-auto-commit-action@v5
 ```
 
-Note that the Action has to be used in a Job that runs on a UNIX system (e.g. `ubuntu-latest`).
-If you don't use the default permission of the GITHUB_TOKEN, give the Job or Workflow at least the `contents: write` permission.
+Your Workflow should look similar to this example.
+
+```yaml
+name: Format
+
+on: push
+
+jobs:
+  format-code:
+    runs-on: ubuntu-latest
+
+    permissions:
+      # Give the default GITHUB_TOKEN write permission to commit and push the
+      # added or changed files to the repository.
+      contents: write
+
+    steps:
+      - uses: actions/checkout@v4
+
+      # Other steps that change files in the repository
+
+      # Commit all changed files back to the repository
+      - uses: stefanzweifel/git-auto-commit-action@v5
+```
+
+> [!NOTE]
+> The Action has to be used in a Job that runs on a UNIX system (e.g. `ubuntu-latest`).
 
 The following is an extended example with all available options.
 
 ```yaml
-- uses: stefanzweifel/git-auto-commit-action@v4
+- uses: stefanzweifel/git-auto-commit-action@v5
   with:
     # Optional. Commit message for the created commit.
     # Defaults to "Apply automatic changes"
     commit_message: Automated Change
 
-    # Optional. Local and remote branch name where commit is going to be pushed
-    #  to. Defaults to the current branch.
-    #  You might need to set `create_branch: true` if the branch does not exist.
+    # Optional. Remote branch name where commit is going to be pushed to. 
+    # Defaults to the current branch.
     branch: feature-123
 
     # Optional. Options used by `git-commit`.
@@ -74,19 +101,10 @@ The following is an extended example with all available options.
     
     # Optional. Disable dirty check and always try to create a commit and push
     skip_dirty_check: true    
-    
-    # Optional. Skip internal call to `git fetch`
-    skip_fetch: true    
-    
-    # Optional. Skip internal call to `git checkout`
-    skip_checkout: true
 
     # Optional. Prevents the shell from expanding filenames. 
     # Details: https://www.gnu.org/software/bash/manual/html_node/Filename-Expansion.html
     disable_globbing: true
-
-    # Optional. Create given branch name in local and remote repository.
-    create_branch: true
 ```
 
 Please note that the Action depends on `bash`. If you're using the Action in a job in combination with a custom Docker container, make sure that `bash` is installed.
@@ -111,15 +129,19 @@ jobs:
   php-cs-fixer:
     runs-on: ubuntu-latest
 
+    permissions:
+      # Give the default GITHUB_TOKEN write permission to commit and push the changed files back to the repository.
+      contents: write
+
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v4
       with:
         ref: ${{ github.head_ref }}
 
     - name: Run php-cs-fixer
       uses: docker://oskarstark/php-cs-fixer-ga
 
-    - uses: stefanzweifel/git-auto-commit-action@v4
+    - uses: stefanzweifel/git-auto-commit-action@v5
       with:
         commit_message: Apply php-cs-fixer changes
 ```
@@ -169,7 +191,7 @@ You must use `action/checkout@v2` or later versions to check out the repository.
 In non-`push` events, such as `pull_request`, make sure to specify the `ref` to check out:
 
 ```yaml
-- uses: actions/checkout@v2
+- uses: actions/checkout@v4
   with:
     ref: ${{ github.head_ref }}
 ```
@@ -187,7 +209,7 @@ You can change this by creating a new [Personal Access Token (PAT)](https://gith
 storing the token as a secret in your repository and then passing the new token to the [`actions/checkout`](https://github.com/actions/checkout#usage) Action step.
 
 ```yaml
-- uses: actions/checkout@v2
+- uses: actions/checkout@v4
   with:
     token: ${{ secrets.PAT }}
 ```
@@ -198,24 +220,78 @@ If you work in an organization and don't want to create a PAT from your personal
 
 ### Change to file is not detected
 
-Does your workflow change a file but "git-auto-commit" does not detect the change? Check the `.gitignore` that applies to the respective file. You might have accidentally marked the file to be ignored by git.
+Does your workflow change a file, but "git-auto-commit" does not detect the change? Check the `.gitignore` that applies to the respective file. You might have accidentally marked the file to be ignored by git.
 
 ## Advanced Uses
 
-<details>
-<summary>Use in forks from public repositories</summary>
+### Multiline Commit Messages
 
-**☝️ Important Notice**: This Action technically works with forks. However, please note that the combination of triggers and their options can cause issues. Please read [the documentation](https://docs.github.com/en/free-pro-team@latest/actions/reference/events-that-trigger-workflows) on which triggers GitHub Actions support.\
-If you use this Action in combination with a linter/fixer, it's easier if you run the Action on `push` on your `main`-branch.
+If your commit message should span multiple lines, you have to create a separate step to generate the string. 
 
----
+The example below can be used as a starting point to generate a multiline commit meesage. Learn more how multiline strings in GitHub Actions work in the [GitHub documentation](https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings).
+
+```yaml
+    # Building a multiline commit message
+    # Adjust to your liking
+    - run: echo "Commit Message 1" >> commitmessage.txt
+    - run: echo "Commit Message 2" >> commitmessage.txt
+    - run: echo "Commit Message 3" >> commitmessage.txt
+
+    # Create a multiline string to be used by the git-auto-commit Action
+    - name: Set commit message
+      id: commit_message_step
+      run: |
+        echo 'commit_message<<EOF' >> $GITHUB_OUTPUT
+        cat commitmessage.txt >> $GITHUB_OUTPUT
+        echo 'EOF' >> $GITHUB_OUTPUT
+
+    # Quick and dirty step to get rid of the temporary file holding the commit message
+    - run: rm -rf commitmessage.txt
+
+    - uses: stefanzweifel/git-auto-commit-action@v5
+      id: commit
+      with:
+        commit_message: ${{ steps.commit_message_step.outputs.commit_message }}
+```  
+
+### Signing Commits & Other Git Command Line Options
+
+Using command lines options needs to be done manually for each workflow which you require the option enabled. So for example signing commits requires you to import the gpg signature each and every time. The following list of actions are worth checking out if you need to automate these tasks regularly.
+
+- [Import GPG Signature](https://github.com/crazy-max/ghaction-import-gpg) (Suggested by [TGTGamer](https://github.com/tgtgamer))
+
+### Use in forks from private repositories
+
+By default, GitHub Actions doesn't run Workflows on forks from **private** repositories. To enable Actions for **private** repositories enable "Run workflows from pull requests" in your repository settings.
+
+See [this announcement from GitHub](https://github.blog/2020-08-03-github-actions-improvements-for-fork-and-pull-request-workflows/) or the [GitHub docs](https://docs.github.com/en/github/administering-a-repository/disabling-or-limiting-github-actions-for-a-repository#enabling-workflows-for-private-repository-forks) for details.
+
+
+### Use in forks from public repositories
+
+> [!NOTE] 
+> This Action technically works with forks. However, please note that the combination of triggers and their options can cause issues. Please read [the documentation](https://docs.github.com/en/free-pro-team@latest/actions/reference/events-that-trigger-workflows) on which triggers GitHub Actions support.\
+> Ensure your contributors enable "Allow edits by maintainers" when opening a pull request. ([Learn more](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/working-with-forks/allowing-changes-to-a-pull-request-branch-created-from-a-fork)) \
+> \
+> **If you use this Action in combination with a linter/fixer, it's easier if you run the Action on `push` on your `main`-branch.**
+
+> [!WARNING] 
+> Due to limitations of GitHub, this Action currently can't push commits to a base repository, if the fork _lives_ under an organisation. See [github/community#6634](https://github.com/orgs/community/discussions/5634) and [this comment](https://github.com/stefanzweifel/git-auto-commit-action/issues/211#issuecomment-1428849944) for details.
 
 By default, this Action will not run on Pull Requests which have been opened by forks. (This is a limitation by GitHub, not by us.)   
 However, there are a couple of ways to use this Actions in Workflows that should be triggered by forked repositories.
 
 ### Workflow should run in **base** repository
 
-The workflow below runs whenever a commit is pushed to the `main`-branch or when activity on a pull request happens, by listening to the  [`pull_request_target`](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target) event.
+> [!CAUTION]
+> The following section explains how you can use git-auto-commit in combination with the `pull_request_target` trigger.   
+> **Using `pull_request_target` in your workflows can lead to repository compromise as [mentioned](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/) by GitHub's own security team. This means, that a bad actor could potentially leak/steal your GitHub Actions repository secrets.**   
+> Please be aware of this risk when using `pull_request_target` in your workflows.
+> 
+> If your workflow runs code-fixing tools, consider running the workflow on your default branch by listening to the `push` event or use a third-party tool like [autofix.ci](https://autofix.ci/).   
+> We keep this documentation around, as many questions came in over the years, on how to use this action for public forks.
+
+The workflow below runs whenever a commit is pushed to the `main`-branch or when activity on a pull request happens, by listening to the [`pull_request_target`](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target) event.
 
 If the workflow is triggered by the `pull_request_target`-event, the workflow will run in the context of the base of the pull request, rather than in the context of the merge commit, as the `pull_request` event does.
 In other words, this will allow your workflow to be run in the repository where the pull request is opened to and will push changes back to the fork.
@@ -234,98 +310,35 @@ on:
 jobs:
   php-cs-fixer:
     runs-on: ubuntu-latest
+    permissions:
+      contents: write
+
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
       with:
+        # Checkout the fork/head-repository and push changes to the fork.
+        # If you skip this, the base repository will be checked out and changes
+        # will be committed to the base repository!
         repository: ${{ github.event.pull_request.head.repo.full_name }}
+
+        # Checkout the branch made in the fork. Will automatically push changes
+        # back to this branch.
         ref: ${{ github.head_ref }}
 
     - name: Run php-cs-fixer
       uses: docker://oskarstark/php-cs-fixer-ga
 
-    - uses: stefanzweifel/git-auto-commit-action@v4
+    - uses: stefanzweifel/git-auto-commit-action@v5
 ```
 
-### Workflow should run in **forked** repository
-
-If the workflow should run in the forked repository, follow these steps:
-
-1. In addition to listening to the `pull_request` event in your Workflow triggers, you have to add an additional event: `pull_request_target`. You can learn more about this event in [the GitHub docs](https://docs.github.com/en/actions/reference/events-that-trigger-workflows#pull_request_target).
-2. GitHub Action has to be enabled on the forked repository. \
-For security reasons, GitHub does not automatically enable GitHub Actions on forks. The user has to explicitly enable GitHub Actions in the "Actions"-tab of the forked repository. (Mention this in your projects README or CONTRIBUTING.md!)
-
-After you have added the `pull_request_target` to your desired Workflow and the forked repository has enabled Actions and a new Pull Request is opened, the Workflow will run **on the forked repository**.
-
-Due to the fact that the Workflow is not run on the repository the Pull Request is opened in, you won't see any status indicators inside the Pull Request.
-
-#### Example
-
-The following workflow runs `php-cs-fixer` (a code linter and fixer for PHP) when a `pull_request` is opened. We've added the `pull_request_target`-trigger too, to make it work for forks.
-
-```yaml
-name: Format PHP
-
-on: [push, pull_request, pull_request_target]
-
-jobs:
-  php-cs-fixer:
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v2
-
-    - name: Run php-cs-fixer
-      uses: docker://oskarstark/php-cs-fixer-ga
-
-    - uses: stefanzweifel/git-auto-commit-action@v4
-      with:
-        commit_message: Apply php-cs-fixer changes
-```
-
-Next time a user forks your project **and** enabled GitHub Actions **and** opened a Pull Request, the Workflow will run on the **forked** repository and will push commits to the same branch.
-
-Here's how the Pull Request will look like:
-
-![Screenshot of a Pull Request from a Fork](https://user-images.githubusercontent.com/1080923/90955964-9c74c080-e482-11ea-8097-aa7f5161f50e.png)
-
-
-As you can see, your contributors have to go through hoops to make this work. **For Workflows which run linters and fixers (like the example above) we recommend running them when a push happens on the `main`-branch.**
-
-
 For more information about running Actions on forks, see [this announcement from GitHub](https://github.blog/2020-08-03-github-actions-improvements-for-fork-and-pull-request-workflows/).
 
-</details>
-
-<details>
-<summary>Push to forks from private repositories</summary>
-
-By default, GitHub Actions doesn't run Workflows on forks from private repositories. To enable Actions for **private** repositories enable "Run workflows from pull requests" in your repository settings.
-
-See [this announcement from GitHub](https://github.blog/2020-08-03-github-actions-improvements-for-fork-and-pull-request-workflows/) or the [GitHub docs](https://docs.github.com/en/github/administering-a-repository/disabling-or-limiting-github-actions-for-a-repository#enabling-workflows-for-private-repository-forks) for details.
-
-</details>
-
-<details>
-<summary>
-  Signing Commits & Other Git Command Line Options
-</summary>
-
-Using command lines options needs to be done manually for each workflow which you require the option enabled. So for example signing commits requires you to import the gpg signature each and every time. The following list of actions are worth checking out if you need to automate these tasks regularly.
-
-- [Import GPG Signature](https://github.com/crazy-max/ghaction-import-gpg) (Suggested by [TGTGamer](https://github.com/tgtgamer))
-
-</details>
-
-<details>
-<summary>
-  Using `--amend` and `--no-edit` as commit options
-</summary>
-
-
-
+### Using `--amend` and `--no-edit` as commit options
 
 If you would like to use this Action to create a commit using [`--amend`](https://git-scm.com/docs/git-commit#Documentation/git-commit.txt---amend) and [`--no-edit`](https://git-scm.com/docs/git-commit#Documentation/git-commit.txt---no-edit) you need to make some adjustments.
 
-**☝️ Important Notice:** You should understand the implications of rewriting history if you amend a commit that has already been published. [See rebasing](https://git-scm.com/docs/git-rebase#_recovering_from_upstream_rebase)
+> [!CAUTION] 
+> You should understand the implications of rewriting history if you amend a commit that has already been published. [See rebasing](https://git-scm.com/docs/git-rebase#_recovering_from_upstream_rebase).
 
 First, you need to extract the previous commit message by using `git log -1 --pretty=%s`.
 Then you need to provide this last commit message to the Action through the `commit_message` input option.
@@ -335,7 +348,7 @@ Finally, you have to use `push_options: '--force'` to overwrite the git history
 The steps in your workflow might look like this:
 
 ```yaml
-- uses: actions/checkout@master
+- uses: actions/checkout@4
   with:
     # Fetch the last 2 commits instead of just 1. (Fetching just 1 commit would overwrite the whole history)
     fetch-depth: 2
@@ -347,18 +360,15 @@ The steps in your workflow might look like this:
   run: |
     echo "msg=$(git log -1 --pretty=%s)" >> $GITHUB_OUTPUT
 
-- uses: stefanzweifel/git-auto-commit-action@v4
+- uses: stefanzweifel/git-auto-commit-action@v5
   with:
     commit_message: ${{ steps.last-commit-message.outputs.msg }}
     commit_options: '--amend --no-edit'
     push_options: '--force'
-    skip_fetch: true
 ```
 
 See discussion in [#159](https://github.com/stefanzweifel/git-auto-commit-action/issues/159#issuecomment-845347950) for details.
 
-</details>
-
 ## Troubleshooting
 ### Action does not push commit to repository
 
@@ -379,19 +389,19 @@ First, you have to create a new [Personal Access Token (PAT)](https://github.com
 store the token as a secret in your repository and pass the new token to the [`actions/checkout`](https://github.com/actions/checkout#usage) Action step.
 
 ```yaml
-- uses: actions/checkout@v2
+- uses: actions/checkout@v4
   with:
     token: ${{ secrets.PAT }}
 ```
 You can learn more about Personal Access Token in the [GitHub documentation](https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token).
 
-**Note:** If you're working in an organisation, and you don't want to create the PAT from your personal account, we recommend using a bot-account for such tokens.
+> [!TIP] 
+> If you're working in an organisation, and you don't want to create the PAT from your personal account, we recommend using a bot-account for such tokens.
 
-
-If you go the "force pushes" route, you have to enable force pushes to a protected branch (See [documentation](https://help.github.com/en/github/administering-a-repository/enabling-force-pushes-to-a-protected-branch)) and update your Workflow to use force push like this.
+If you go the "force pushes" route, you have to enable force pushes to a protected branch (see [documentation](https://help.github.com/en/github/administering-a-repository/enabling-force-pushes-to-a-protected-branch)) and update your Workflow to use force push like this.
 
 ```yaml
-    - uses: stefanzweifel/git-auto-commit-action@v4
+    - uses: stefanzweifel/git-auto-commit-action@v5
       with:
         commit_message: Apply php-cs-fixer changes
         push_options: --force
@@ -403,7 +413,7 @@ This is due to limitations set up by GitHub, [commits made by this Action do not
 
 ### Pathspec 'x' did not match any files
 
-If you're using the Action with a custom `file_pattern` and the Action throws a fatal error with the message "Pathspec 'file-pattern' did not match any files", the problem is probably that no file for the pattern exists in the repository.
+If you're using the Action with a custom `file_pattern` and the Action throws a fatal error with the message "Pathspec 'file-pattern' did not match any files", the problem is probably that no file for the pattern **exists** in the repository.
 
 `file_pattern` is used both for `git-status` and `git-add` in this Action. `git-add` will throw a fatal error, if for example, you use a file pattern like `*.js *.ts` but no `*.ts` files exist in your projects' repository.
 
@@ -421,7 +431,7 @@ This is due to the fact, that the `*.md`-glob is expanded before sending it to `
 To fix this add `disable_globbing: true` to your Workflow.
 
 ```yaml
-- uses: stefanzweifel/git-auto-commit-action@v4
+- uses: stefanzweifel/git-auto-commit-action@v5
   with:
     file_pattern: '*.md'
     disable_globbing: true
@@ -449,7 +459,7 @@ yarn test
 
 We use [SemVer](http://semver.org/) for versioning. For the versions available, see the [tags on this repository](https://github.com/stefanzweifel/git-auto-commit-action/tags).
 
-We also provide major version tags to make it easier to always use the latest release of a major version. For example, you can use `stefanzweifel/git-auto-commit-action@v4` to always use the latest release of the current major version.
+We also provide major version tags to make it easier to always use the latest release of a major version. For example, you can use `stefanzweifel/git-auto-commit-action@v5` to always use the latest release of the current major version.
 (More information about this [here](https://help.github.com/en/actions/building-actions/about-actions#versioning-your-action).)
 
 ## Credits

action.yml

@@ -1,7 +1,7 @@
 name: Git Auto Commit
 description: 'Automatically commits files which have been changed during the workflow run and push changes back to remote repository.'
 
-author: Stefan Zweifel <hello@stefanzweifel.io>
+author: Stefan Zweifel <stefan@stefanzweifel.dev>
 
 inputs:
   commit_message:
@@ -56,20 +56,9 @@ inputs:
     description: Skip the check if the git repository is dirty and always try to create a commit.
     required: false
     default: false
-  skip_fetch:
-    description: Skip the call to git-fetch.
-    required: false
-    default: false
-  skip_checkout:
-    description: Skip the call to git-checkout.
-    required: false
-    default: false
   disable_globbing:
     description: Stop the shell from expanding filenames (https://www.gnu.org/software/bash/manual/html_node/Filename-Expansion.html)
     default: false
-  create_branch:
-    description: Create new branch with the name of `branch`-input in local and remote repository, if it doesn't exist yet.
-    default: false
   internal_git_binary:
     description: Internal use only! Path to git binary used to check if git is available. (Don't change this!)
     default: git
@@ -81,7 +70,7 @@ outputs:
     description: Full hash of the created commit. Only present if the "changes_detected" output is "true".
 
 runs:
-  using: 'node16'
+  using: 'node20'
   main: 'index.js'
 
 branding:

entrypoint.sh

@@ -6,6 +6,26 @@ if "$INPUT_DISABLE_GLOBBING"; then
     set -o noglob;
 fi
 
+_set_github_output() {
+    local name=${1}
+    local value=${2}
+
+    # Check if $GITHUB_OUTPUT is available
+    # (Feature detection will be removed in spring 2023)
+    if [ -z ${GITHUB_OUTPUT+x} ]; then
+        echo "::set-output name=$name::$value";
+    else
+        echo "$name=$value" >> $GITHUB_OUTPUT;
+    fi
+}
+
+_log() {
+    local level=${1}
+    local message=${2}
+
+    echo "::$level::$message";
+}
+
 _main() {
     _check_if_git_is_available
 
@@ -13,20 +33,12 @@ _main() {
 
     if _git_is_dirty || "$INPUT_SKIP_DIRTY_CHECK"; then
 
-        # Check if $GITHUB_OUTPUT is available
-        # (Feature detection will be removed in late December 2022)
-        if [ -z ${GITHUB_OUTPUT+x} ]; then
-            echo "::set-output name=changes_detected::true";
-        else
-            echo "changes_detected=true" >> $GITHUB_OUTPUT;
-        fi
-
-        _switch_to_branch
+        _set_github_output "changes_detected" "true"
 
         _add_files
 
         # Check dirty state of repo again using git-diff.
-        # (git-diff detects beter if CRLF of files changes and does NOT
+        # (git-diff detects better if CRLF of files changes and does NOT
         # proceed, if only CRLF changes are detected. See #241 and #265
         # for more details.)
         if [ -n "$(git diff --staged)" ] || "$INPUT_SKIP_DIRTY_CHECK"; then
@@ -36,26 +48,12 @@ _main() {
 
             _push_to_github
         else
-
-            # Check if $GITHUB_OUTPUT is available
-            # (Feature detection will be removed in late December 2022)
-            if [ -z ${GITHUB_OUTPUT+x} ]; then
-                echo "::set-output name=changes_detected::false";
-            else
-                echo "changes_detected=false" >> $GITHUB_OUTPUT;
-            fi
+            _set_github_output "changes_detected" "false"
 
             echo "Working tree clean. Nothing to commit.";
         fi
     else
-
-        # Check if $GITHUB_OUTPUT is available
-        # (Feature detection will be removed in late December 2022)
-        if [ -z ${GITHUB_OUTPUT+x} ]; then
-            echo "::set-output name=changes_detected::false";
-        else
-            echo "changes_detected=false" >> $GITHUB_OUTPUT;
-        fi
+        _set_github_output "changes_detected" "false"
 
         echo "Working tree clean. Nothing to commit.";
     fi
@@ -63,9 +61,9 @@ _main() {
 
 _check_if_git_is_available() {
     if hash -- "$INPUT_INTERNAL_GIT_BINARY" 2> /dev/null; then
-        echo "::debug::git binary found.";
+        _log "debug" "git binary found.";
     else
-        echo "::error ::git-auto-commit could not find git binary. Please make sure git is available."
+        _log "error" "git-auto-commit could not find git binary. Please make sure git is available."
         exit 1;
     fi
 }
@@ -77,7 +75,7 @@ _switch_to_repository() {
 
 _git_is_dirty() {
     echo "INPUT_STATUS_OPTIONS: ${INPUT_STATUS_OPTIONS}";
-    echo "::debug::Apply status options ${INPUT_STATUS_OPTIONS}";
+    _log "debug" "Apply status options ${INPUT_STATUS_OPTIONS}";
 
     echo "INPUT_FILE_PATTERN: ${INPUT_FILE_PATTERN}";
     read -r -a INPUT_FILE_PATTERN_EXPANDED <<< "$INPUT_FILE_PATTERN";
@@ -86,35 +84,9 @@ _git_is_dirty() {
     [ -n "$(git status -s $INPUT_STATUS_OPTIONS -- ${INPUT_FILE_PATTERN_EXPANDED:+${INPUT_FILE_PATTERN_EXPANDED[@]}})" ]
 }
 
-_switch_to_branch() {
-    echo "INPUT_BRANCH value: $INPUT_BRANCH";
-
-    # Fetch remote to make sure that repo can be switched to the right branch.
-    if "$INPUT_SKIP_FETCH"; then
-        echo "::debug::git-fetch has not been executed";
-    else
-        git fetch --depth=1;
-    fi
-
-    # If `skip_checkout`-input is true, skip the entire checkout step.
-    if "$INPUT_SKIP_CHECKOUT"; then
-        echo "::debug::git-checkout has not been executed";
-    else
-        # Create new local branch if `create_branch`-input is true
-        if "$INPUT_CREATE_BRANCH"; then
-            # shellcheck disable=SC2086
-            git checkout -B $INPUT_BRANCH --;
-        else
-            # Switch to branch from current Workflow run
-            # shellcheck disable=SC2086
-            git checkout $INPUT_BRANCH --;
-        fi
-    fi
-}
-
 _add_files() {
     echo "INPUT_ADD_OPTIONS: ${INPUT_ADD_OPTIONS}";
-    echo "::debug::Apply add options ${INPUT_ADD_OPTIONS}";
+    _log "debug" "Apply add options ${INPUT_ADD_OPTIONS}";
 
     echo "INPUT_FILE_PATTERN: ${INPUT_FILE_PATTERN}";
     read -r -a INPUT_FILE_PATTERN_EXPANDED <<< "$INPUT_FILE_PATTERN";
@@ -125,7 +97,7 @@ _add_files() {
 
 _local_commit() {
     echo "INPUT_COMMIT_OPTIONS: ${INPUT_COMMIT_OPTIONS}";
-    echo "::debug::Apply commit options ${INPUT_COMMIT_OPTIONS}";
+    _log "debug" "Apply commit options ${INPUT_COMMIT_OPTIONS}";
 
     # shellcheck disable=SC2206
     INPUT_COMMIT_OPTIONS_ARRAY=( $INPUT_COMMIT_OPTIONS );
@@ -140,14 +112,7 @@ _local_commit() {
         --author="$INPUT_COMMIT_AUTHOR" \
         ${INPUT_COMMIT_OPTIONS:+"${INPUT_COMMIT_OPTIONS_ARRAY[@]}"};
 
-
-    # Check if $GITHUB_OUTPUT is available
-    # (Feature detection will be removed in late December 2022)
-    if [ -z ${GITHUB_OUTPUT+x} ]; then
-        echo "::set-output name=commit_hash::$(git rev-parse HEAD)";
-    else
-        echo "commit_hash=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT;
-    fi
+    _set_github_output "commit_hash" $(git rev-parse HEAD)
 }
 
 _tag_commit() {
@@ -155,7 +120,7 @@ _tag_commit() {
 
     if [ -n "$INPUT_TAGGING_MESSAGE" ]
     then
-        echo "::debug::Create tag $INPUT_TAGGING_MESSAGE";
+        _log "debug" "Create tag $INPUT_TAGGING_MESSAGE";
         git -c user.name="$INPUT_COMMIT_USER_NAME" -c user.email="$INPUT_COMMIT_USER_EMAIL" tag -a "$INPUT_TAGGING_MESSAGE" -m "$INPUT_TAGGING_MESSAGE";
     else
         echo "No tagging message supplied. No tag will be added.";
@@ -164,8 +129,10 @@ _tag_commit() {
 
 _push_to_github() {
 
+    echo "INPUT_BRANCH value: $INPUT_BRANCH";
+
     echo "INPUT_PUSH_OPTIONS: ${INPUT_PUSH_OPTIONS}";
-    echo "::debug::Apply push options ${INPUT_PUSH_OPTIONS}";
+    _log "debug" "Apply push options ${INPUT_PUSH_OPTIONS}";
 
     # shellcheck disable=SC2206
     INPUT_PUSH_OPTIONS_ARRAY=( $INPUT_PUSH_OPTIONS );
@@ -175,15 +142,15 @@ _push_to_github() {
         # Only add `--tags` option, if `$INPUT_TAGGING_MESSAGE` is set
         if [ -n "$INPUT_TAGGING_MESSAGE" ]
         then
-            echo "::debug::git push origin --tags";
+            _log "debug" "git push origin --tags";
             git push origin --follow-tags --atomic ${INPUT_PUSH_OPTIONS:+"${INPUT_PUSH_OPTIONS_ARRAY[@]}"};
         else
-            echo "::debug::git push origin";
+            _log "debug" "git push origin";
             git push origin ${INPUT_PUSH_OPTIONS:+"${INPUT_PUSH_OPTIONS_ARRAY[@]}"};
         fi
 
     else
-        echo "::debug::Push commit to remote branch $INPUT_BRANCH";
+        _log "debug" "Push commit to remote branch $INPUT_BRANCH";
         git push --set-upstream origin "HEAD:$INPUT_BRANCH" --follow-tags --atomic ${INPUT_PUSH_OPTIONS:+"${INPUT_PUSH_OPTIONS_ARRAY[@]}"};
     fi
 }

package.json

@@ -1,6 +1,6 @@
 {
   "devDependencies": {
-    "bats": "^1.8.2",
+    "bats": "^1.10.0",
     "bats-assert": "ztombol/bats-assert",
     "bats-support": "ztombol/bats-support"
   },

tests/git-auto-commit.bats

@@ -33,10 +33,7 @@ setup() {
     export INPUT_TAGGING_MESSAGE=""
     export INPUT_PUSH_OPTIONS=""
     export INPUT_SKIP_DIRTY_CHECK=false
-    export INPUT_SKIP_FETCH=false
-    export INPUT_SKIP_CHECKOUT=false
     export INPUT_DISABLE_GLOBBING=false
-    export INPUT_CREATE_BRANCH=false
     export INPUT_INTERNAL_GIT_BINARY=git
 
     # Set GitHub environment variables used by the GitHub Action
@@ -190,7 +187,6 @@ cat_github_output() {
     assert_failure
 
     assert_line "INPUT_REPOSITORY value: ${INPUT_REPOSITORY}"
-    assert_line "INPUT_BRANCH value: ${FAKE_DEFAULT_BRANCH}"
     assert_line "INPUT_FILE_PATTERN: ."
     assert_line "INPUT_COMMIT_OPTIONS: "
     assert_line "::debug::Apply commit options "
@@ -259,7 +255,7 @@ cat_github_output() {
 }
 
 @test "It applies commit user and author settings" {
-    INPUT_COMMIT_USER_NAME="A Single Test"
+    INPUT_COMMIT_USER_NAME="Custom User Name"
     INPUT_COMMIT_USER_EMAIL="single-test@github.com"
     INPUT_COMMIT_AUTHOR="A Single Test <single@users.noreply.github.com>"
 
@@ -269,7 +265,7 @@ cat_github_output() {
 
     assert_success
 
-    assert_line "INPUT_COMMIT_USER_NAME: A Single Test"
+    assert_line "INPUT_COMMIT_USER_NAME: Custom User Name"
     assert_line "INPUT_COMMIT_USER_EMAIL: single-test@github.com"
     assert_line "INPUT_COMMIT_AUTHOR: A Single Test <single@users.noreply.github.com>"
     assert_line "::debug::Push commit to remote branch ${FAKE_DEFAULT_BRANCH}"
@@ -282,7 +278,7 @@ cat_github_output() {
     assert_output --partial "A Single Test"
 
     run git log -1 --pretty=format:'%cn'
-    assert_output --partial "A Single Test"
+    assert_output --partial "Custom User Name"
 
     run git log -1 --pretty=format:'%ce'
     assert_output --partial "single-test@github.com"
@@ -407,32 +403,6 @@ cat_github_output() {
     assert_output --partial refs/tags/v2.0.0
 }
 
-@test "If SKIP_FETCH is true git-fetch will not be called" {
-
-    touch "${FAKE_LOCAL_REPOSITORY}"/new-file-{1,2,3}.txt
-
-    INPUT_SKIP_FETCH=true
-
-    run git_auto_commit
-
-    assert_success
-
-    assert_line "::debug::git-fetch has not been executed"
-}
-
-@test "If SKIP_CHECKOUT is true git-checkout will not be called" {
-
-    touch "${FAKE_LOCAL_REPOSITORY}"/new-file-{1,2,3}.txt
-
-    INPUT_SKIP_CHECKOUT=true
-
-    run git_auto_commit
-
-    assert_success
-
-    assert_line "::debug::git-checkout has not been executed"
-}
-
 @test "It pushes generated commit and tag to remote and actually updates the commit shas" {
     INPUT_BRANCH=""
     INPUT_TAGGING_MESSAGE="v2.0.0"
@@ -463,10 +433,6 @@ cat_github_output() {
 }
 
 @test "It pushes generated commit and tag to remote branch and updates commit sha" {
-    # Create "a-new-branch"-branch and then immediately switch back to ${FAKE_DEFAULT_BRANCH}
-    git checkout -b a-new-branch
-    git checkout ${FAKE_DEFAULT_BRANCH}
-
     INPUT_BRANCH="a-new-branch"
     INPUT_TAGGING_MESSAGE="v2.0.0"
 
@@ -489,7 +455,7 @@ cat_github_output() {
     assert_output --partial refs/tags/v2.0.0
 
     # Assert that branch "a-new-branch" was updated on remote
-    current_sha="$(git rev-parse --verify --short a-new-branch)"
+    current_sha="$(git rev-parse --verify --short ${FAKE_DEFAULT_BRANCH})"
     remote_sha="$(git rev-parse --verify --short origin/a-new-branch)"
 
     assert_equal $current_sha $remote_sha
@@ -533,7 +499,6 @@ cat_github_output() {
 @test "it does not throw an error if not changes are detected and SKIP_DIRTY_CHECK is false" {
     INPUT_FILE_PATTERN="."
     INPUT_SKIP_DIRTY_CHECK=false
-    INPUT_SKIP_FETCH=false
 
     run git_auto_commit
 
@@ -576,9 +541,8 @@ cat_github_output() {
     assert_line "changes_detected=true"
 }
 
-@test "script fails to push commit to new branch that does not exist yet" {
+@test "It pushes commit to new branch that does not exist yet" {
     INPUT_BRANCH="not-existend-branch"
-    INPUT_CREATE_BRANCH=false
 
     run git branch
     refute_line --partial "not-existend-branch"
@@ -590,25 +554,24 @@ cat_github_output() {
 
     run git_auto_commit
 
-    assert_failure
+    assert_success
 
     assert_line "INPUT_REPOSITORY value: ${INPUT_REPOSITORY}"
     assert_line "INPUT_BRANCH value: not-existend-branch"
-    assert_line "fatal: invalid reference: not-existend-branch"
 
     run git branch
+    assert_line --partial ${FAKE_DEFAULT_BRANCH}
     refute_line --partial "not-existend-branch"
 
     run git branch -r
-    refute_line --partial "origin/not-existend-branch"
+    assert_line --partial "origin/not-existend-branch"
 
     run cat_github_output
     assert_line "changes_detected=true"
 }
 
-@test "It creates new local branch and pushes the new branch to remote" {
+@test "It does not create new local branch and pushes the commit to a new branch on remote" {
     INPUT_BRANCH="not-existend-branch"
-    INPUT_CREATE_BRANCH=true
 
     run git branch
     refute_line --partial "not-existend-branch"
@@ -633,9 +596,12 @@ cat_github_output() {
     assert_line "::debug::Apply push options "
     assert_line "::debug::Push commit to remote branch not-existend-branch"
 
+    # Assert that local repo is still on default branch and not on new branch.
     run git branch
-    assert_line --partial "not-existend-branch"
+    assert_line --partial ${FAKE_DEFAULT_BRANCH}
+    refute_line --partial "not-existend-branch"
 
+    # Assert branch has been created on remote
     run git branch -r
     assert_line --partial "origin/not-existend-branch"
 
@@ -644,13 +610,11 @@ cat_github_output() {
     assert_line -e "commit_hash=[0-9a-f]{40}$"
 }
 
-@test "it does not create new local branch if local branch already exists" {
-
+@test "It does not create new local branch if local branch already exists" {
     git checkout -b not-existend-remote-branch
     git checkout ${FAKE_DEFAULT_BRANCH}
 
     INPUT_BRANCH="not-existend-remote-branch"
-    INPUT_CREATE_BRANCH=true
 
     run git branch
     assert_line --partial "not-existend-remote-branch"
@@ -675,6 +639,11 @@ cat_github_output() {
     assert_line "::debug::Apply push options "
     assert_line "::debug::Push commit to remote branch not-existend-remote-branch"
 
+    # Assert checked out branch is still the same.
+    run git rev-parse --abbrev-ref HEAD
+    assert_line --partial ${FAKE_DEFAULT_BRANCH}
+    refute_line --partial "not-existend-remote-branch"
+
     run git branch
     assert_line --partial "not-existend-remote-branch"
 
@@ -686,8 +655,7 @@ cat_github_output() {
     assert_line -e "commit_hash=[0-9a-f]{40}$"
 }
 
-@test "it creates new local branch and pushes branch to remote even if the remote branch already exists" {
-
+@test "It creates new local branch and pushes branch to remote even if the remote branch already exists" {
     # Create `existing-remote-branch` on remote with changes the local repository does not yet have
     cd $FAKE_TEMP_LOCAL_REPOSITORY
     git checkout -b "existing-remote-branch"
@@ -704,7 +672,6 @@ cat_github_output() {
     cd $FAKE_LOCAL_REPOSITORY
 
     INPUT_BRANCH="existing-remote-branch"
-    INPUT_CREATE_BRANCH=true
 
     run git branch
     refute_line --partial "existing-remote-branch"
@@ -732,13 +699,14 @@ cat_github_output() {
     assert_line "::debug::Push commit to remote branch existing-remote-branch"
 
     run git branch
-    assert_line --partial "existing-remote-branch"
+    assert_line --partial ${FAKE_DEFAULT_BRANCH}
+    refute_line --partial "existing-remote-branch"
 
     run git branch -r
     assert_line --partial "origin/existing-remote-branch"
 
     # Assert that branch "existing-remote-branch" was updated on remote
-    current_sha="$(git rev-parse --verify --short existing-remote-branch)"
+    current_sha="$(git rev-parse --verify --short ${FAKE_DEFAULT_BRANCH})"
     remote_sha="$(git rev-parse --verify --short origin/existing-remote-branch)"
 
     assert_equal $current_sha $remote_sha
@@ -748,7 +716,7 @@ cat_github_output() {
     assert_line -e "commit_hash=[0-9a-f]{40}$"
 }
 
-@test "script fails if new local branch is checked out and push fails as remote has newer commits than local" {
+@test "It fails if local branch is behind remote and when remote has newer commits" {
     # Create `existing-remote-branch` on remote with changes the local repository does not yet have
     cd $FAKE_TEMP_LOCAL_REPOSITORY
     git checkout -b "existing-remote-branch"
@@ -765,7 +733,6 @@ cat_github_output() {
     cd $FAKE_LOCAL_REPOSITORY
 
     INPUT_BRANCH="existing-remote-branch"
-    INPUT_CREATE_BRANCH=true
 
     run git branch
     refute_line --partial "existing-remote-branch"
@@ -780,23 +747,24 @@ cat_github_output() {
 
     assert_failure
 
-    assert_line "hint: Updates were rejected because the tip of your current branch is behind"
+    assert_line "hint: Updates were rejected because a pushed branch tip is behind its remote"
 
     # Assert that branch exists locally and on remote
     run git branch
-    assert_line --partial "existing-remote-branch"
+    assert_line --partial ${FAKE_DEFAULT_BRANCH}
+    refute_line --partial "existing-remote-branch"
 
     run git branch -r
     assert_line --partial "origin/existing-remote-branch"
 
     # Assert that branch "existing-remote-branch" was not updated on remote
-    current_sha="$(git rev-parse --verify --short existing-remote-branch)"
+    current_sha="$(git rev-parse --verify --short ${FAKE_DEFAULT_BRANCH})"
     remote_sha="$(git rev-parse --verify --short origin/existing-remote-branch)"
 
     refute [assert_equal $current_sha $remote_sha]
 }
 
-@test "It pushes commit to remote if branch already exists and local repo is behind its remote counterpart" {
+@test "It fails to push commit to remote if branch already exists and local repo is behind its remote counterpart" {
     # Create `new-branch` on remote with changes the local repository does not yet have
     cd $FAKE_TEMP_LOCAL_REPOSITORY
 
@@ -816,7 +784,7 @@ cat_github_output() {
 
     INPUT_BRANCH="new-branch"
 
-    # Assert that local remote does not know have "new-branch" locally nor does
+    # Assert that local remote does not have a "new-branch"-branch nor does
     # know about the remote branch.
     run git branch
     refute_line --partial "new-branch"
@@ -828,16 +796,13 @@ cat_github_output() {
 
     run git_auto_commit
 
-    assert_success
+    assert_failure
 
     assert_line "INPUT_BRANCH value: new-branch"
     assert_line --partial "::debug::Push commit to remote branch new-branch"
 
-    # Assert that branch "new-branch" was updated on remote
-    current_sha="$(git rev-parse --verify --short new-branch)"
-    remote_sha="$(git rev-parse --verify --short origin/new-branch)"
-
-    assert_equal $current_sha $remote_sha
+    assert_line --partial "Updates were rejected because the remote contains work that you do"
+    assert_line --partial "This is usually caused by another repository pushing"
 }
 
 @test "throws fatal error if file pattern includes files that do not exist" {
@@ -1002,7 +967,7 @@ cat_github_output() {
 
     assert_line --partial "Working tree clean. Nothing to commit."
     assert_line --partial "new-file-2.txt"
-    assert_line --partial "new-file-3.txt"
+    # assert_line --partial "new-file-3.txt"
 
     # Changes are not detected
     run cat_github_output
@@ -1036,7 +1001,7 @@ cat_github_output() {
     assert_line --partial "warning: in the working copy of 'new-file-2.txt', LF will be replaced by CRLF the next time Git touches it"
 
     assert_line --partial "new-file-2.txt"
-    assert_line --partial "new-file-3.txt"
+    # assert_line --partial "new-file-3.txt"
 
     # Changes are detected
     run cat_github_output
@@ -1090,5 +1055,25 @@ cat_github_output() {
     run git_auto_commit
 
     assert_failure;
-    assert_line "::error ::git-auto-commit could not find git binary. Please make sure git is available."
+    assert_line "::error::git-auto-commit could not find git binary. Please make sure git is available."
+}
+
+@test "It creates multi-line commit messages" {
+    touch "${FAKE_LOCAL_REPOSITORY}"/new-file-{1,2,3}.txt
+
+    COMMIT_MESSAGE=$(cat <<-END
+    this commit message
+    has multiple lines
+END
+)
+
+    INPUT_COMMIT_MESSAGE=$COMMIT_MESSAGE
+
+    run git_auto_commit
+
+    assert_success
+
+    # Assert last commit was signed off
+    run git log -n 1
+    assert_output --partial $COMMIT_MESSAGE
 }

yarn.lock

@@ -10,7 +10,7 @@ bats-support@ztombol/bats-support:
   version "0.3.0"
   resolved "https://codeload.github.com/ztombol/bats-support/tar.gz/004e707638eedd62e0481e8cdc9223ad471f12ee"
 
-bats@^1.8.2:
-  version "1.8.2"
-  resolved "https://registry.yarnpkg.com/bats/-/bats-1.8.2.tgz#bdbaa7690a18f04291b35144a8ce5435cffb8dc5"
-  integrity sha512-KLUIaPYuIMjqui8MbZmK84+CiwhjFVFAhFy5PXP0prLbkovc5faVzc+Qaowbz76F97zP573JrF31ODFAH7vzhg==
+bats@^1.10.0:
+  version "1.10.0"
+  resolved "https://registry.yarnpkg.com/bats/-/bats-1.10.0.tgz#d22cb6e2d88fd39302167da237d710406d1587ce"
+  integrity sha512-yOQrC7npuCrN+Ic3TyjTjJlzHa0qlK3oEO6VAYPWwFeutx/GmpljIyB6uNSl/UTASyc2w4FgVuA/QMMf9OdsCw==