The tryConfigUnsetValue method was passing file paths directly to
`git config --unset`, which treats the value argument as an extended
regular expression. File paths contain `.` characters that would match
any character instead of literal periods, potentially causing incorrect
matches.
Adding the --fixed-value flag ensures the value is treated as a literal
string, fixing credential config cleanup in the v6-style authentication.
Replace the workaround that hid/restored checkout@v6 credential files
with a proper implementation that aligns with actions/checkout@v6's
new authentication approach.
Changes:
- Store credentials in separate config file in RUNNER_TEMP with UUID
- Use git's includeIf.gitdir mechanism to conditionally include credentials
- Support both host and Docker container paths for credential resolution
- Add worktree path support for git worktrees
- Maintain backwards compatibility with checkout@v4/v5 old-style auth
GitCommandManager:
- Add configFile parameter to config() method
- Add tryConfigUnsetValue() for key-value specific unset
- Add tryGetConfigValues() for multi-value config keys
- Add tryGetConfigKeys() for regex pattern matching config keys
GitConfigHelper:
- Remove hacky hide/unhide credential file approach
- Add getCredentialsConfigPath() for UUID-based credential file paths
- Add configureIncludeIf() for setting up includeIf entries
- Add removeIncludeIfCredentials() for cleanup
- Retain setExtraheaderConfig() for restoring old-style persisted auth
* GitCommandManager: add a function to get a file's contents at a specific revision
* use showFileAtRef instead of readFileBase64
* Teach GitCommandManager.exec about an object of exec parameters so we can add more
* Encode the showFiletRef output as base64 out of the gate
* Fix missing async for function
* Use Buffer.concat to avoid issues with partial data streams
* formatting
---------
Co-authored-by: gustavderdrache <alex.ford@determinate.systems>
* Add support for signed commits (#3055)
* formatting
* fix eslint and lint errors
* shift setting the base to before the push
* sign commits by default for testing
* add debug lines
* read to buffer not string and use non-legacy method to base64
* debug payload without contents
* disable linter for debug code
* fix filepath when using path input
* try to fix head repo
* remove commented code
* Try refactor of file changes
* add tests for building file changes
* add build file changes test for binary files
* refactor graphql code into github helper class
* build file changes even when there is no diff
* add function to get commit detail
* fix format
* build branch commits
* use source mode for deleted files
* try rest api route
* fix check for branch existence
* force push
* try fix base tree
* debug commit verification
* debug commit verification
* fix format and cleanup
* add executable mode file to test
* limit blob creation concurrency
* only build commits when feature enabled
* remove unused code
* update readme link
* update docs for commit signing
* fix capital letter
* update docs
* add throttling
* set default back to false
* output head sha and verified status
* log outputs
* fix head sha output
* default the operation output to none
* output retryafter for secondary rate limit
* use separate client for branch and pull operations
* add maintainer-can-modify input
* rename git-token to branch-token
* fix branch token input
* remove deprecated env output
* update docs
* fix doc
* update docs
* build branch commits when there is a diff with the base
* check verification status of head commit when not known
* fix verified output when no commit signing is being used
* draft always-true
* convert to draft on branch updates when there is a diff with base
* update docs with blob size limit
* catch errors during blob creation for debugging
* parse empty commits
* pass base commit to push signed commits
* use parent commit details in create commit
* use parent tree for base_tree
* multipart tree creation
* update docs
* update readme about the permissions of the default token
* fix edge case where changes are partially merged
* add updating documentation
* fix typo
* update major version
---------
Co-authored-by: Ravi <1299606+rustycl0ck@users.noreply.github.com>
* feat: update author and committer input defaults
* Update github-actions[bot]
* Update author to new email format
* feat: optional input for git ops token
* feat: allow push-to-fork to push to sibling repos (#2414)
Fixes#2412.
* build: update dist
* feat: update action runtime to node 20 (#2340)
* feat: add truncate warning to pull request body
* perf: unshallow only when necessary
* fix: remove the remote for the fork on completion
* feat: infer github server and api urls
* test: integration test fixes
* build: bump major version
* docs: update to v6
---------
Co-authored-by: Teko <112829523+Teko012@users.noreply.github.com>
Co-authored-by: Benjamin Gilbert <bgilbert@backtick.net>
* feat: restore working base branch and uncommitted changes
* docs: uncommitted changes are stashed and restored
* docs: add major version notes
* fix: update package version
* fix: update package-lock
* feat: revise proxy implementation
* docs: add notes for the revised proxy implementation
* feat: set and remove git safe directory
* docs: add notes for the git safe directory feature
* fix: use base url for proxy check
* feat: determine the git dir with rev-parse
* build: update package lock
* fix: remove support for ghes alpha
* feat: revise handling of team reviewers
* docs: update notes
* feat: body-path
* docs: update to v5
* docs: update to v5
* build: fix package lock
