adc

Closes #347

.github/ISSUE_TEMPLATE/bug.yaml

@@ -5,7 +5,7 @@ body:
   - type: markdown
     attributes:
       value: |
-        Before opening a bug report, please search for the behaviour in the existing issues. 
+        Before opening a bug report, please search for the behaviour in existing issues or discussions. 
         
         ---
         
@@ -17,7 +17,7 @@ body:
       description: "Which exact version of git-auto-commit are you using in your Workflow?"
       placeholder: "v4.14.0"
     validations:
-      required: true  
+      required: true
   - type: dropdown
     id: machine
     attributes:
@@ -33,7 +33,7 @@ body:
     id: bug-description
     attributes:
       label: Bug description
-      description: What exactly happened?
+      description: What exactly happened? Please describe your problem in detail.
     validations:
       required: true
   - type: textarea
@@ -52,7 +52,7 @@ body:
     id: example-workflow
     attributes:
       label: Example Workflow
-      description: Please share your GitHub Actions workflow which causes the bug. We use this to reproduce the error. No need for backticks here.
+      description: Please share the YAML-code of your GitHub Actions workflow which causes the bug. We use this to reproduce the error. If the workflow is in a private repostory, please provide a minimal example. (No need for backticks here, the pasted code will be correctly formatted.)
       render: yaml
     validations:
       required: true
@@ -60,5 +60,10 @@ body:
     id: logs
     attributes:
       label: Relevant log output
-      description: If applicable, provide relevant log output. No need for backticks here.
+      description: If applicable, provide relevant log output. Please copy and paste the output here, and make sure to remove any sensitive information. (No need for backticks here, the pasted code will be correctly formatted.)
       render: shell
+  - type: input
+    id: repository-url
+    attributes:
+      label: Repository
+      description: If applicable, please provide the repository where the bug occurred.

.github/ISSUE_TEMPLATE/config.yml

@@ -4,5 +4,5 @@ contact_links:
     url: https://github.com/stefanzweifel/git-auto-commit-action/discussions/new?category=help
     about: If you can't get something to work the way you expect, open a question in our discussion forums.
   - name: Feature Request
-    url: https://github.com/tailwindlabs/tailwindcss/discussions/new?category=ideas
+    url: https://github.com/stefanzweifel/git-auto-commit-action/discussions/new?category=ideas
     about: 'Suggest any ideas you have using our discussion forums.'

.github/workflows/linter.yml

@@ -12,7 +12,7 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Lint Code Base
-        uses: github/super-linter@v5
+        uses: github/super-linter@v7
         env:
           VALIDATE_ALL_CODEBASE: false
           VALIDATE_MARKDOWN: false

.github/workflows/release-drafter.yml

@@ -15,6 +15,6 @@ jobs:
       contents: write
 
     steps:
-      - uses: release-drafter/release-drafter@v5
+      - uses: release-drafter/release-drafter@v6
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

111.txt

@@ -0,0 +1 @@
+1sdlfjlasdf;ljf;ljas;ldfj23123

CHANGELOG.md

@@ -1,14 +1,36 @@
-# Changelog
+
+
+# add sdfsf
+
+# add sdf
+# Changelog234234
 
 All notable changes to this project will be documented in this file.
 
 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
-## [Unreleased](https://github.com/stefanzweifel/git-auto-commit-action/compare/v5.0.0...HEAD)
+## [Unreleased](https://github.com/stefanzweifel/git-auto-commit-action/compare/v5.0.1...HEAD)
 
 > TBD
 
+## [v5.0.1](https://github.com/stefanzweifel/git-auto-commit-action/compare/v5.0.0...v5.0.1) - 2024-04-12
+
+### Fixed
+
+- Fail if attempting to execute git commands in a directory that is not a git-repo. ([#326](https://github.com/stefanzweifel/git-auto-commit-action/pull/326)) [@ccomendant](https://github.com/@ccomendant)
+
+### Dependency Updates
+
+- Bump bats from 1.10.0 to 1.11.0 ([#325](https://github.com/stefanzweifel/git-auto-commit-action/pull/325)) [@dependabot](https://github.com/@dependabot)
+- Bump release-drafter/release-drafter from 5 to 6 ([#319](https://github.com/stefanzweifel/git-auto-commit-action/pull/319)) [@dependabot](https://github.com/@dependabot)
+
+### Misc
+
+- Clarify `commit_author` input option ([#315](https://github.com/stefanzweifel/git-auto-commit-action/pull/315)) [@npanuhin](https://github.com/@npanuhin)
+- Add step id explanation for output in README.md ([#324](https://github.com/stefanzweifel/git-auto-commit-action/pull/324)) [@ChristianVermeulen](https://github.com/@ChristianVermeulen)
+- Linux is not UNIX ([#321](https://github.com/stefanzweifel/git-auto-commit-action/pull/321)) [@couling](https://github.com/@couling)
+
 ## [v5.0.0](https://github.com/stefanzweifel/git-auto-commit-action/compare/v4.16.0...v5.0.0) - 2023-10-06
 
 New major release that bumps the default runtime to Node 20. There are no other breaking changes.

README.md

@@ -1,4 +1,151 @@
-# git-auto-commit Action
+# abcd add haha ... git-auto-commit Action
+# add env #!/usr/bin/env bash
+
+
+set -o pipefail
+
+readonly DEFAULT_FILE_MAXSIZE_MB="30" 
+readonly CONFIG_NAME="hooks.maxfilesize"
+readonly NULLSHA="0000000000000000000000000000000000000000"
+readonly EXIT_SUCCESS=0
+readonly EXIT_FAILURE=1
+readonly DEFAULT_REPO_MAXSIZE_MB="1024" 
+readonly CHECK_FLAG_ON=1
+
+env
+
+echo "CHECK_FLAG_ON=====$CHECK_FLAG_ON"
+echo "PUSH_SIZE_CHECK_FLAG=====$PUSH_SIZE_CHECK_FLAG"
+
+status="$EXIT_SUCCESS"
+
+# skip this hook entirely if shell check is not open
+check_flag=1 #${PUSH_SIZE_CHECK_FLAG}
+if [[ $check_flag != $CHECK_FLAG_ON ]]; then
+exit $EXIT_SUCCESS
+fi
+
+export REPO_MAX_SIZE=50
+
+echo "REPO_MAX_FILE_SIZE===${REPO_MAX_FILE_SIZE}"
+echo "REPO_MAX_SIZE===${REPO_MAX_SIZE}"
+echo "REPO_CURRENT_SIZE===${REPO_CURRENT_SIZE}"
+
+
+
+
+#######################################
+# check the file max size limit
+#######################################
+
+# get maximum filesize (from repository-specific config)
+maxsize_mb="${REPO_MAX_FILE_SIZE}"
+
+if [[ "$?" != $EXIT_SUCCESS ]]; then
+echo "failed to get ${CONFIG_NAME} from config"
+exit "$EXIT_FAILURE"
+fi
+
+push_size="0"
+# read lines from stdin (format: "<oldref> <newref> <refname>\n")
+while read oldref newref refname; do
+# skip branch deletions
+if [[ "$newref" == "$NULLSHA" ]]; then
+  continue
+fi
+
+# find large objects
+# check all objects from $oldref (possible $NULLSHA) to $newref, but
+# skip all objects that have already been accepted (i.e. are referenced by
+# another branch or tag).
+
+new_branch_flag=0
+if [[ "$oldref" == "$NULLSHA" ]]; then
+  target="$newref"
+  new_branch_flag=1
+  echo "You are creating a new remote branch,openI will check all files in commit history to find oversize files"
+else
+  target="${oldref}..${newref}"
+fi
+echo "target==${target}"
+
+maxsize=`expr $maxsize_mb \* 1048576` 
+
+# find objects in this push_size
+# print like:
+# 08da8e2ab9ae4095bf94dd71ac913132b880b463 commit 214
+# 43e993b768ede5740e8c65de2ed6edec25053ea1 tree 185
+# 4476971d76569039df7569af1b8d03c288f6b193 blob 20167318 b0417e6593a1.zip
+files="$(git rev-list --objects "$target" | \
+  git cat-file $'--batch-check=%(objectname) %(objecttype) %(objectsize) %(rest)' | \
+      awk -F ' ' -v maxbytes="$maxsize" 'BEGIN {totalIn=0} {if( $3 > maxbytes && $2 == "blob") { totalIn+=$3; print $4} else { totalIn+=$3}} END { printf ("totalIn=\t%s",totalIn)}' )"
+  
+if [[ "$?" != $EXIT_SUCCESS ]]; then
+  echo "failed to check for large files in ref ${refname}"
+  continue
+fi
+
+IFS=$'\n'
+# rewrite IFS to seperate line in $files
+for file in $files; do
+  # if don't unset IFS,temp_array=(${file}) will get error answer
+ 
+  if [[ ${file} == totalIn=* ]]; then
+	IFS=$'\t'
+	temp_array=(${file})
+	push_size=${temp_array[1]}
+	continue
+  fi
+	unset IFS
+  if [[ "$status" == $EXIT_SUCCESS ]]; then
+		echo -e "Error: Your push was rejected because it contains files larger than $(numfmt --to=iec "$maxsize_mb") Mb"
+		echo "help document -- https://openi.pcl.ac.cn/zeizei/OpenI_Learning/src/branch/master/docs/git/repository_capacity_help.md"
+		echo "oversize files:"
+		# status="$EXIT_FAILURE"	
+  fi
+  echo -e "\033[31m- ${file}\033[0m "
+done
+
+echo "push_size=======${push_size}"
+
+if [[ "$status" != $EXIT_SUCCESS ]]; then
+	exit "$status"
+fi
+
+done
+
+#######################################
+# check the repo max size limit
+#######################################
+if [[ $push_size -eq "0" ]]; then
+	exit $EXIT_SUCCESS
+fi
+
+# if create new branch or tag,use count-objects -v to get pack size
+if [[ $new_branch_flag -eq 1 ]]; then
+    size_kb=`git count-objects -v | grep 'size-pack' | sed  's/.*\(size-pack:\).//'`
+    size_pack_kb=`git count-objects -v | grep 'size:' | sed  's/.*\(size:\).//'`
+	total_kb=`expr $size_kb + $size_pack_kb`
+	let push_size=$total_kb*1024
+fi
+
+sizelimit_mb="${REPO_MAX_SIZE}"
+let sizelimit_b=$sizelimit_mb*1024*1024
+
+# repo size at here means the size of repo directory in server 
+reposize_b=${REPO_CURRENT_SIZE}
+
+total=`expr $push_size + $reposize_b`
+
+if [ $total -gt $sizelimit_b ]; then
+    echo "Error: Your push was rejected because the repository size is large than $sizelimit_mb Mb"
+    echo "see the help document--https://openi.pcl.ac.cn/zeizei/OpenI_Learning/src/branch/master/docs/git/repository_capacity_help.md"
+    exit $EXIT_FAILURE
+fi
+
+
+exit $EXIT_SUCCESS
+v
 
 > The GitHub Action for committing files for the 80% use case.
 
@@ -40,15 +187,18 @@ jobs:
 
     steps:
       - uses: actions/checkout@v4
+        with:
+          ref: ${{ github.head_ref }}
 
-      # Other steps that change files in the repository
+      # Other steps that change files in the repository go here
+      # …
 
       # Commit all changed files back to the repository
       - uses: stefanzweifel/git-auto-commit-action@v5
 ```
 
 > [!NOTE]
-> The Action has to be used in a Job that runs on a UNIX system (e.g. `ubuntu-latest`).
+> The Action has to be used in a Job that runs on a UNIX-like system (e.g. `ubuntu-latest`).
 
 The following is an extended example with all available options.
 
@@ -82,7 +232,7 @@ The following is an extended example with all available options.
     # Optional commit user and author settings
     commit_user_name: My GitHub Actions Bot # defaults to "github-actions[bot]"
     commit_user_email: my-github-actions-bot@example.org # defaults to "41898282+github-actions[bot]@users.noreply.github.com"
-    commit_author: Author <actions@github.com> # defaults to author of the commit that triggered the run
+    commit_author: Author <actions@github.com> # defaults to "username <username@users.noreply.github.com>", where "username" belongs to the author of the commit that triggered the run
 
     # Optional. Tag name being created in the local repository and 
     # pushed to remote repository and defined branch.
@@ -167,9 +317,16 @@ You can use these outputs to trigger other Actions in your Workflow run based on
 - `changes_detected`: Returns either "true" or "false" if the repository was dirty and files have changed.
 - `commit_hash`: Returns the full hash of the commit if one was created.
 
+**⚠️ When using outputs, the step needs to be given an id. See example below.**
+
 ### Example
 
 ```yaml
+  - uses: stefanzweifel/git-auto-commit-action@v5
+    id: auto-commit-action #mandatory for the output to show up in ${{ steps }}
+    with:
+      commit_message: Apply php-cs-fixer changes
+
   - name: "Run if changes have been detected"
     if: steps.auto-commit-action.outputs.changes_detected == 'true'
     run: echo "Changes!"
@@ -224,10 +381,17 @@ storing the token as a secret in your repository and then passing the new token
     token: ${{ secrets.PAT }}
 ```
 
-If you create a personal access token, apply the `repo` and `workflow` scopes.
+If you create a personal access token (classic), apply the `repo` and `workflow` scopes.
+If you create a fine-grained personal access token, apply the `Contents`-permissions.
 
 If you work in an organization and don't want to create a PAT from your personal account, we recommend using a [robot account](https://docs.github.com/en/github/getting-started-with-github/types-of-github-accounts) for the token.
 
+### Prevent Infinite Loop when using a Personal Access Token
+
+If you're using a Personal Access Token (PAT) to push commits to GitHub repository, the resulting commit or push can trigger other GitHub Actions workflows. This can result in an infinite loop.
+
+If you would like to prevent this, you can add `skip-checks:true` to the commit message. See [Skipping workflow runs](https://docs.github.com/en/actions/managing-workflow-runs/skipping-workflow-runs) for details.
+
 ### Change to file is not detected
 
 Does your workflow change a file, but "git-auto-commit" does not detect the change? Check the `.gitignore` that applies to the respective file. You might have accidentally marked the file to be ignored by git.
@@ -264,11 +428,32 @@ The example below can be used as a starting point to generate a multiline commit
         commit_message: ${{ steps.commit_message_step.outputs.commit_message }}
 ```  
 
-### Signing Commits & Other Git Command Line Options
+### Signing Commits
 
-Using command lines options needs to be done manually for each workflow which you require the option enabled. So for example signing commits requires you to import the gpg signature each and every time. The following list of actions are worth checking out if you need to automate these tasks regularly.
+If you would like to sign your commits using a GPG key, you will need to use an additional action. 
+You can use the [crazy-max/ghaction-import-gpg](https://github.com/crazy-max/ghaction-import-gpg) action and follow its setup instructions.
 
-- [Import GPG Signature](https://github.com/crazy-max/ghaction-import-gpg) (Suggested by [TGTGamer](https://github.com/tgtgamer))
+As git-auto-commit by default does not use **your** username and email when creating a commit, you have to override these values in your workflow.
+
+```yml
+- name: "Import GPG key"
+  id: import-gpg
+  uses: crazy-max/ghaction-import-gpg@v6
+  with:
+    gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
+    passphrase: ${{ secrets.GPG_PASSPHRASE }}
+    git_user_signingkey: true
+    git_commit_gpgsign: true
+
+- name: "Commit and push changes"
+  uses: stefanzweifel/git-auto-commit-action@v5
+  with:
+     commit_author: "${{ steps.import-gpg.outputs.name }} <${{ steps.import-gpg.outputs.email }}>"
+     commit_user_name: ${{ steps.import-gpg.outputs.name }}
+     commit_user_email: ${{ steps.import-gpg.outputs.email }}
+```
+
+See discussion [#334](https://github.com/stefanzweifel/git-auto-commit-action/discussions/334) for details.
 
 ### Use in forks from private repositories
 
@@ -353,6 +538,8 @@ If you would like to use this Action to create a commit using [`--amend`](https:
 First, you need to extract the previous commit message by using `git log -1 --pretty=%s`.
 Then you need to provide this last commit message to the Action through the `commit_message` input option.
 
+By default, the commit author is changed to `username <username@users.noreply.github.com>`, where `username` is the name of the user who triggered the workflow (The [`github.actor`](https://docs.github.com/en/actions/learn-github-actions/contexts#github-context) context is used here). If you want to preserve the name and email of the original author, you must extract them from the last commit and provide them to the Action through the `commit_author` input option.
+
 Finally, you have to use `push_options: '--force'` to overwrite the git history on the GitHub remote repository. (git-auto-commit will not do a `git-rebase` for you!)
 
 The steps in your workflow might look like this:
@@ -366,13 +553,15 @@ The steps in your workflow might look like this:
 # Other steps in your workflow to trigger a changed file
 
 - name: Get last commit message
-  id: last-commit-message
+  id: last-commit
   run: |
-    echo "msg=$(git log -1 --pretty=%s)" >> $GITHUB_OUTPUT
+    echo "message=$(git log -1 --pretty=%s)" >> $GITHUB_OUTPUT
+    echo "author=$(git log -1 --pretty=\"%an <%ae>\")" >> $GITHUB_OUTPUT
 
 - uses: stefanzweifel/git-auto-commit-action@v5
   with:
-    commit_message: ${{ steps.last-commit-message.outputs.msg }}
+    commit_author: ${{ steps.last-commit.outputs.author }}
+    commit_message: ${{ steps.last-commit.outputs.message }}
     commit_options: '--amend --no-edit'
     push_options: '--force'
     skip_fetch: true
@@ -392,13 +581,25 @@ please update your Workflow configuration and usage of [`actions/checkout`](http
 
 Updating the `token` value with a Personal Access Token should fix your issues.
 
+### git-auto-commit fails to push commit that creates or updates files in `.github/workflows/`
+
+The default `GITHUB_TOKEN` issued by GitHub Action does not have permission to make changes to workflow files located in `.github/workflows/`.
+To fix this, please create a personal access token (PAT) and pass the token to the `actions/checkout`-step in your workflow. (Similar to [how to push to protected branches](https://github.com/stefanzweifel/git-auto-commit-action?tab=readme-ov-file#push-to-protected-branches)).
+
+If a PAT does not work for you, you could also create a new GitHub app and use it's token in your workflows. See [this comment in #87](https://github.com/stefanzweifel/git-auto-commit-action/issues/87#issuecomment-1939138661) for details.
+
+See [#322](https://github.com/stefanzweifel/git-auto-commit-action/issues/322) for details and discussions around this topic.
+
 ### Push to protected branches
 
-If your repository uses [protected branches](https://help.github.com/en/github/administering-a-repository/configuring-protected-branches) you have to make some changes to your Workflow for the Action to work properly: You need a Personal Access Token and you either have to allow force pushes or the Personal Access Token needs to belong to an Administrator.
+If your repository uses [protected branches](https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches) you have to make some changes to your Workflow for the Action to work properly: You need a Personal Access Token and you either have to allow force pushes or the Personal Access Token needs to belong to an Administrator.
 
 First, you have to create a new [Personal Access Token (PAT)](https://github.com/settings/tokens/new),
 store the token as a secret in your repository and pass the new token to the [`actions/checkout`](https://github.com/actions/checkout#usage) Action step.
 
+If you create a personal access token (classic), apply the `repo` and `workflow` scopes.
+If you create a fine-grained personal access token, apply the `Contents`-permissions.
+
 ```yaml
 - uses: actions/checkout@v4
   with:

entrypoint.sh

@@ -82,8 +82,15 @@ _git_is_dirty() {
     echo "INPUT_FILE_PATTERN: ${INPUT_FILE_PATTERN}";
     read -r -a INPUT_FILE_PATTERN_EXPANDED <<< "$INPUT_FILE_PATTERN";
 
+    # capture stderr
+    gitStatusMessage="$((git status -s $INPUT_STATUS_OPTIONS -- ${INPUT_FILE_PATTERN_EXPANDED:+${INPUT_FILE_PATTERN_EXPANDED[@]}} >/dev/null ) 2>&1)";
     # shellcheck disable=SC2086
-    [ -n "$(git status -s $INPUT_STATUS_OPTIONS -- ${INPUT_FILE_PATTERN_EXPANDED:+${INPUT_FILE_PATTERN_EXPANDED[@]}})" ]
+    gitStatus="$(git status -s $INPUT_STATUS_OPTIONS -- ${INPUT_FILE_PATTERN_EXPANDED:+${INPUT_FILE_PATTERN_EXPANDED[@]}})";
+    if [ $? -ne 0 ]; then
+        _log "error" "git-status failed with:<$gitStatusMessage>";
+        exit 1;
+    fi
+    [ -n "$gitStatus" ]
 }
 
 _switch_to_branch() {

package.json

@@ -1,6 +1,6 @@
 {
   "devDependencies": {
-    "bats": "^1.10.0",
+    "bats": "^1.11.0",
     "bats-assert": "ztombol/bats-assert",
     "bats-support": "ztombol/bats-support"
   },

tests/git-auto-commit.bats

@@ -8,6 +8,7 @@ setup() {
     export FAKE_LOCAL_REPOSITORY="${BATS_TEST_DIRNAME}/tests_local_repository"
     export FAKE_REMOTE="${BATS_TEST_DIRNAME}/tests_remote_repository"
     export FAKE_TEMP_LOCAL_REPOSITORY="${BATS_TEST_DIRNAME}/tests_clone_of_remote_repository"
+    export FAKE_FOLDER_WITHOUT_GIT_REPO="/tmp/tests_folder_without_git_repo"
 
     # While it is likely the GitHub hosted runners will use master as the default branch,
     # locally anyone may change that. So for tests lets grab whatever is currently set
@@ -58,6 +59,7 @@ teardown() {
     rm -rf "${FAKE_LOCAL_REPOSITORY}"
     rm -rf "${FAKE_REMOTE}"
     rm -rf "${FAKE_TEMP_LOCAL_REPOSITORY}"
+    rm -rf "${INPUT_REPOSITORY}"
 
     if [ -z ${GITHUB_OUTPUT+x} ]; then
         echo "GITHUB_OUTPUT is not set"
@@ -1112,3 +1114,14 @@ END
     run git log -n 1
     assert_output --partial $COMMIT_MESSAGE
 }
+
+@test "It exits with error message if entrypoint.sh is being run not in a git repository" {
+    INPUT_REPOSITORY="${FAKE_FOLDER_WITHOUT_GIT_REPO}"
+
+    mkdir "${INPUT_REPOSITORY}"
+
+    run git_auto_commit
+
+    assert_failure;
+    assert_line "::error::git-status failed with:<fatal: not a git repository (or any of the parent directories): .git>"
+}

yarn.lock

@@ -10,7 +10,7 @@ bats-support@ztombol/bats-support:
   version "0.3.0"
   resolved "https://codeload.github.com/ztombol/bats-support/tar.gz/004e707638eedd62e0481e8cdc9223ad471f12ee"
 
-bats@^1.10.0:
-  version "1.10.0"
-  resolved "https://registry.yarnpkg.com/bats/-/bats-1.10.0.tgz#d22cb6e2d88fd39302167da237d710406d1587ce"
-  integrity sha512-yOQrC7npuCrN+Ic3TyjTjJlzHa0qlK3oEO6VAYPWwFeutx/GmpljIyB6uNSl/UTASyc2w4FgVuA/QMMf9OdsCw==
+bats@^1.11.0:
+  version "1.11.0"
+  resolved "https://registry.yarnpkg.com/bats/-/bats-1.11.0.tgz#40281f021f5befcc10da54ed5674aa5b181f4953"
+  integrity sha512-qiKdnS4ID3bJ1MaEOKuZe12R4w+t+psJF0ICj+UdkiHBBoObPMHv8xmD3w6F4a5qwUyZUHS+413lxENBNy8xcQ==