Merge 1bf7689f6b into 11bd71901b

Error: Unstaged changes detected. Locally try running: git clean -ffdx && npm ci && npm run format && npm run build
Error: Process completed with exit code 1.

Rebased PR from #424

.github/workflows/publish-immutable-actions.yml

@@ -17,4 +17,4 @@ jobs:
         uses: actions/checkout@v4
       - name: Publish
         id: publish
-        uses: actions/publish-immutable-action@v0.0.4
+        uses: actions/publish-immutable-action@0.0.3

.github/workflows/update-test-ubuntu-git.yml

@@ -48,7 +48,7 @@ jobs:
 
       # Use `docker/build-push-action` to build (and optionally publish) the image. 
       - name: Build Docker Image (with optional Push)
-        uses: docker/build-push-action@v6.10.0
+        uses: docker/build-push-action@v6.5.0
         with:
           context: .
           file: images/test-ubuntu-git.Dockerfile

README.md

@@ -143,7 +143,6 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 - [Checkout pull request HEAD commit instead of merge commit](#Checkout-pull-request-HEAD-commit-instead-of-merge-commit)
 - [Checkout pull request on closed event](#Checkout-pull-request-on-closed-event)
 - [Push a commit using the built-in token](#Push-a-commit-using-the-built-in-token)
-- [Push a commit to a PR using the built-in token](#Push-a-commit-to-a-PR-using-the-built-in-token)
 
 ## Fetch only the root files
 
@@ -212,7 +211,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
     repository: my-org/my-tools
     path: my-tools
 ```
-> - If your secondary repository is private or internal you will need to add the option noted in [Checkout multiple repos (private)](#Checkout-multiple-repos-private)
+> - If your secondary repository is private you will need to add the option noted in [Checkout multiple repos (private)](#Checkout-multiple-repos-private)
 
 ## Checkout multiple repos (nested)
 
@@ -226,7 +225,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
     repository: my-org/my-tools
     path: my-tools
 ```
-> - If your secondary repository is private or internal you will need to add the option noted in [Checkout multiple repos (private)](#Checkout-multiple-repos-private)
+> - If your secondary repository is private you will need to add the option noted in [Checkout multiple repos (private)](#Checkout-multiple-repos-private)
 
 ## Checkout multiple repos (private)
 
@@ -289,31 +288,6 @@ jobs:
 ```
 *NOTE:* The user email is `{user.id}+{user.login}@users.noreply.github.com`. See users API: https://api.github.com/users/github-actions%5Bbot%5D
 
-## Push a commit to a PR using the built-in token
-
-In a pull request trigger, `ref` is required as GitHub Actions checks out in detached HEAD mode, meaning it doesn’t check out your branch by default.
-
-```yaml
-on: pull_request
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          ref: ${{ github.head_ref }}
-      - run: |
-          date > generated.txt
-          # Note: the following account information will not work on GHES
-          git config user.name "github-actions[bot]"
-          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
-          git add .
-          git commit -m "generated"
-          git push
-```
-*NOTE:* The user email is `{user.id}+{user.login}@users.noreply.github.com`. See users API: https://api.github.com/users/github-actions%5Bbot%5D
-
-
 # License
 
 The scripts and documentation in this project are released under the [MIT License](LICENSE)

__test__/git-auth-helper.test.ts

@@ -482,6 +482,7 @@ describe('git-auth-helper tests', () => {
       )
       settings.persistCredentials = false
       settings.sshKey = ''
+      settings.submodules = true
       const authHelper = gitAuthHelper.createAuthHelper(git, settings)
       await authHelper.configureAuth()
       const mockSubmoduleForeach = git.submoduleForeach as jest.Mock<any, any>
@@ -515,6 +516,7 @@ describe('git-auth-helper tests', () => {
         configureSubmoduleAuth_configuresSubmodulesWhenPersistCredentialsFalseAndSshKeySet
       )
       settings.persistCredentials = false
+      settings.submodules = true
       const authHelper = gitAuthHelper.createAuthHelper(git, settings)
       await authHelper.configureAuth()
       const mockSubmoduleForeach = git.submoduleForeach as jest.Mock<any, any>
@@ -541,6 +543,7 @@ describe('git-auth-helper tests', () => {
         configureSubmoduleAuth_configuresSubmodulesWhenPersistCredentialsTrueAndSshKeyNotSet
       )
       settings.sshKey = ''
+      settings.submodules = true
       const authHelper = gitAuthHelper.createAuthHelper(git, settings)
       await authHelper.configureAuth()
       const mockSubmoduleForeach = git.submoduleForeach as jest.Mock<any, any>
@@ -580,6 +583,7 @@ describe('git-auth-helper tests', () => {
       await setup(
         configureSubmoduleAuth_configuresSubmodulesWhenPersistCredentialsTrueAndSshKeySet
       )
+      settings.submodules = true
       const authHelper = gitAuthHelper.createAuthHelper(git, settings)
       await authHelper.configureAuth()
       const mockSubmoduleForeach = git.submoduleForeach as jest.Mock<any, any>

dist/index.js

@@ -424,10 +424,12 @@ class GitAuthHelper {
                     core.warning(`Failed to remove '${configKey}' from the git config`);
                 }
             }
-            const pattern = regexpHelper.escape(configKey);
-            yield this.git.submoduleForeach(
-            // wrap the pipeline in quotes to make sure it's handled properly by submoduleForeach, rather than just the first part of the pipeline
-            `sh -c "git config --local --name-only --get-regexp '${pattern}' && git config --local --unset-all '${configKey}' || :"`, true);
+            if (this.settings.submodules) {
+                const pattern = regexpHelper.escape(configKey);
+                yield this.git.submoduleForeach(
+                // wrap the pipeline in quotes to make sure it's handled properly by submoduleForeach, rather than just the first part of the pipeline
+                `sh -c "git config --local --name-only --get-regexp '${pattern}' && git config --local --unset-all '${configKey}' || :"`, true);
+            }
         });
     }
 }

src/git-auth-helper.ts

@@ -364,11 +364,13 @@ class GitAuthHelper {
       }
     }
 
-    const pattern = regexpHelper.escape(configKey)
-    await this.git.submoduleForeach(
-      // wrap the pipeline in quotes to make sure it's handled properly by submoduleForeach, rather than just the first part of the pipeline
-      `sh -c "git config --local --name-only --get-regexp '${pattern}' && git config --local --unset-all '${configKey}' || :"`,
-      true
-    )
+    if (this.settings.submodules) {
+      const pattern = regexpHelper.escape(configKey)
+      await this.git.submoduleForeach(
+        // wrap the pipeline in quotes to make sure it's handled properly by submoduleForeach, rather than just the first part of the pipeline
+        `sh -c "git config --local --name-only --get-regexp '${pattern}' && git config --local --unset-all '${configKey}' || :"`,
+        true
+      )
+    }
   }
 }