release: v6.1.0

* docs: update README.md [skip ci]

* docs: update .all-contributorsrc [skip ci]

Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com>

.all-contributorsrc

@@ -145,7 +145,8 @@
       "avatar_url": "https://avatars1.githubusercontent.com/u/8356175?v=4",
       "profile": "https://github.com/Cyberbeni",
       "contributions": [
-        "ideas"
+        "ideas",
+        "code"
       ]
     },
     {

.github/workflows/test.yml

@@ -0,0 +1,22 @@
+name: Test
+on:
+  push:
+  pull_request:
+  workflow_dispatch:
+
+jobs:
+  build:
+    name: Test build
+    runs-on: ubuntu-20.04
+    steps:
+      - uses: actions/checkout@v2
+      - run: npm i
+      - run: npm run build
+
+  lint:
+    name: Check linting
+    runs-on: ubuntu-20.04
+    steps:
+      - uses: actions/checkout@v2
+      - run: npm i
+      - run: npm run lint

CHANGELOG.md

@@ -7,6 +7,16 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [6.1.0] - 2020-12-22
+
+### Added:
+
+- `token` input: you can now use this instead of setting the `GITHUB_TOKEN` env variable, which has been deprecated. This input is optional, its default value is the default `secrets.GITHUB_TOKEN`. You only need to use this if you want the action to run with a PAT. (issue #110)
+
+### Deprecated:
+
+- `GITHUB_TOKEN`: the use of this env variable is now deprecated in favor of the `token` input, you'll start receiving warnings if you keep using it. (issue #110)
+
 ## [6.0.0] - 2020-12-22
 
 ### Added:
@@ -216,3 +226,4 @@ First release
 [5.2.0]: https://github.com/EndBug/add-and-commit/compare/v5.1.2...v5.2.0
 [5.3.0]: https://github.com/EndBug/add-and-commit/compare/v5.2.0...v5.3.0
 [6.0.0]: https://github.com/EndBug/add-and-commit/compare/v5.3.0...v6.0.0
+[6.1.0]: https://github.com/EndBug/add-and-commit/compare/v6.0.0...v6.1.0

README.md

@@ -13,7 +13,7 @@ This action lets you choose the path that you want to use when adding & committi
 Add a step like this to your workflow:
 
 ```yaml
-- uses: EndBug/add-and-commit@v5 # You can change this to use a specific version
+- uses: EndBug/add-and-commit@v6 # You can change this to use a specific version
   with:
     # The arguments for the `git add` command (see the paragraph below for more info)
     # Default: '.'
@@ -59,16 +59,11 @@ Add a step like this to your workflow:
     # Default: ''
     tag: 'v1.0.0 --force'
 
-  env:
-    # This is necessary in order to push a commit to the repo
-    GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Leave this line unchanged
+    # Token to use for pushing the commit. The default value won't trigger any workflows, you need to use a Personal Access Token for that.
+    # Default: secrets.GITHUB_TOKEN
+    token: ${{ secrets.GITHUB_TOKEN }}
 ```
 
-### Environment variables:
-
-The only `env` variable required is the token for the action to run: GitHub generates one automatically, but you need to pass it through `env` to make it available to actions. You can find more about `GITHUB_TOKEN` [here](https://help.github.com/en/articles/virtual-environments-for-github-actions#github_token-secret).  
-That said, you can just copy the example line and not worry about it. If you do want to use a different token you can pass that in, but I wouldn't see any possible advantage in doing so.
-
 ### Adding files:
 
 The action adds files using a regular `git add` command, so you can put every kind of argument in the `add` option. For example, if you want to force-add a file: `./path/to/file.txt --force`.  
@@ -123,14 +118,12 @@ jobs:
         run: eslint "src/**" --fix
 
       - name: Commit changes
-        uses: EndBug/add-and-commit@v5
+        uses: EndBug/add-and-commit@v6
         with:
           author_name: Your Name
           author_email: mail@example.com
           message: 'Your commit message'
           add: '*.js'
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 ```
 
 If you need to run the action on a repository that is not located in [`$GITHUB_WORKSPACE`](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/using-environment-variables#default-environment-variables), you can use the `cwd` option: the action uses a `cd` normal command, so the path should follow bash standards.
@@ -154,13 +147,11 @@ jobs:
       - run: echo "123" > ./pathToRepo/file.txt
 
       # ...and then use the action as you would normally do, but providing the path to the repo
-      - uses: EndBug/add-and-commit@v5
+      - uses: EndBug/add-and-commit@v6
         with:
           message: 'Add the very useful text file'
           add: '*.txt --force'
           cwd: './pathToRepo/'
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 ```
 
 ## Contributors ✨
@@ -190,7 +181,7 @@ Thanks goes to these wonderful people ([emoji key](https://allcontributors.org/d
     <td align="center"><a href="http://hoten.cc"><img src="https://avatars1.githubusercontent.com/u/4071474?v=4" width="100px;" alt=""/><br /><sub><b>Connor Clark</b></sub></a><br /><a href="#ideas-connorjclark" title="Ideas, Planning, & Feedback">🤔</a></td>
   </tr>
   <tr>
-    <td align="center"><a href="https://github.com/Cyberbeni"><img src="https://avatars1.githubusercontent.com/u/8356175?v=4" width="100px;" alt=""/><br /><sub><b>Benedek Kozma</b></sub></a><br /><a href="#ideas-Cyberbeni" title="Ideas, Planning, & Feedback">🤔</a></td>
+    <td align="center"><a href="https://github.com/Cyberbeni"><img src="https://avatars1.githubusercontent.com/u/8356175?v=4" width="100px;" alt=""/><br /><sub><b>Benedek Kozma</b></sub></a><br /><a href="#ideas-Cyberbeni" title="Ideas, Planning, & Feedback">🤔</a> <a href="https://github.com/EndBug/add-and-commit/commits?author=Cyberbeni" title="Code">💻</a></td>
     <td align="center"><a href="https://github.com/coffeegoddd"><img src="https://avatars3.githubusercontent.com/u/43383835?v=4" width="100px;" alt=""/><br /><sub><b>Dustin Brown</b></sub></a><br /><a href="https://github.com/EndBug/add-and-commit/issues?q=author%3Acoffeegoddd" title="Bug reports">🐛</a></td>
     <td align="center"><a href="https://github.com/Chocrates"><img src="https://avatars1.githubusercontent.com/u/1758164?v=4" width="100px;" alt=""/><br /><sub><b>Chris McIntosh</b></sub></a><br /><a href="https://github.com/EndBug/add-and-commit/issues?q=author%3AChocrates" title="Bug reports">🐛</a></td>
     <td align="center"><a href="https://github.com/kbsali"><img src="https://avatars0.githubusercontent.com/u/53676?v=4" width="100px;" alt=""/><br /><sub><b>Kevin Saliou</b></sub></a><br /><a href="#ideas-kbsali" title="Ideas, Planning, & Feedback">🤔</a></td>
@@ -201,7 +192,6 @@ Thanks goes to these wonderful people ([emoji key](https://allcontributors.org/d
 
 <!-- markdownlint-enable -->
 <!-- prettier-ignore-end -->
-
 <!-- ALL-CONTRIBUTORS-LIST:END -->
 
 This project follows the [all-contributors](https://github.com/all-contributors/all-contributors) specification. Contributions of any kind welcome!

action.yml

@@ -38,6 +38,10 @@ inputs:
   tag:
     description: Arguments for the git tag command (the tag name always needs to be the first word not preceded by a hyphen)
     required: false
+  token:
+    description: 'GITHUB_TOKEN or a `repo` scoped Personal Access Token (PAT)'
+    required: false
+    default: ${{ github.token }}
 
 outputs:
   committed:

package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "add-and-commit",
-  "version": "5.3.0",
+  "version": "6.1.0",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {

package.json

@@ -1,14 +1,15 @@
 {
   "name": "add-and-commit",
-  "version": "6.0.0",
+  "version": "6.1.0",
   "description": "Add & commit files from a path directly from GitHub Actions",
   "main": "lib/index.js",
   "scripts": {
     "build": "ncc build src/main.ts --minify --out lib",
     "watch": "ncc build src/main.ts --watch --out lib",
+    "lint": "eslint --ext .ts src",
     "lint:fix": "eslint --ext .ts --fix src",
     "all-contributors-badge": "ts-node scripts/all-contributors-badge",
-    "changelog": "ts-node scripts/changelog.ts",
+    "changelog": "ts-node scripts/changelog.ts && npm i",
     "test": "echo \"Error: no test specified\" && exit 1"
   },
   "husky": {

src/main.ts

@@ -161,7 +161,6 @@ async function checkInputs() {
 
   const eventPath = process.env.GITHUB_EVENT_PATH,
     event = eventPath && require(eventPath),
-    token = process.env.GITHUB_TOKEN,
     isPR = process.env.GITHUB_EVENT_NAME?.includes('pull_request'),
     sha = (event?.pull_request?.head?.sha || process.env.GITHUB_SHA) as string,
     defaultBranch = isPR
@@ -169,10 +168,17 @@ async function checkInputs() {
       : process.env.GITHUB_REF?.substring(11)
 
   // #region GITHUB_TOKEN
-  if (!token)
+  let token = process.env.GITHUB_TOKEN
+  if (token) {
+    debug('Using token from GITHUB_TOKEN env variable.')
     warning(
-      'The GITHUB_TOKEN env variable is missing: the action may not work as expected.'
+      "The GITHUB_TOKEN env variable is deprecated and will not be supported in the next major release. Use the 'token' input, " +
+        "which defaults to 'secrets.GITHUB_TOKEN'."
     )
+  } else {
+    debug('Using token from token input.')
+    token = getInput('token')
+  }
   // #endregion
 
   // #region add, remove

src/util.ts

@@ -12,6 +12,7 @@ export type Input =
   | 'remove'
   | 'signoff'
   | 'tag'
+  | 'token'
 
 export const outputs = {
   committed: 'false',