@@ -240,12 +240,18 @@ function configureGit(repoPath, authorName, authorEmail) {
240240/**
241241 * Create a branch, commit changes, and push
242242 * @param {string } repoPath - Path to the repository
243- * @param {string } branchName - Name of the branch to create
244- * @param {string } authorName - Git author name
245- * @param {string } authorEmail - Git author email
246- * @param {boolean } dryRun - Whether this is a dry run
243+ * @param {Object } options - Commit and push options
244+ * @param {string } options.branchName - Name of the branch to create
245+ * @param {string } options.authorName - Git author name
246+ * @param {string } options.authorEmail - Git author email
247+ * @param {boolean } options.dryRun - Whether this is a dry run
248+ * @param {string } options.owner - Repository owner
249+ * @param {string } options.repo - Repository name
250+ * @param {string } options.token - GitHub token for authentication
247251 */
248- function commitAndPush ( repoPath , branchName , authorName , authorEmail , dryRun ) {
252+ function commitAndPush ( repoPath , options ) {
253+ const { branchName, authorName, authorEmail, dryRun, owner, repo, token } = options ;
254+
249255 Logger . log ( 'Creating branch and committing changes...' ) ;
250256
251257 configureGit ( repoPath , authorName , authorEmail ) ;
@@ -264,8 +270,12 @@ function commitAndPush(repoPath, branchName, authorName, authorEmail, dryRun) {
264270 Logger . info ( '🔍 DRY RUN: Would push to branch: ' + branchName + ' (skipping)' ) ;
265271 Logger . log ( '' ) ;
266272 } else {
273+ // Set remote URL with token to ensure authentication works
274+ const repoUrl = 'https://x-access-token:' + token + '@github.com/' + owner + '/' + repo + '.git' ;
275+ execCommand ( 'git remote set-url origin ' + repoUrl , { cwd : repoPath } ) ;
276+
267277 // Push branch
268- execCommand ( 'git push origin ' + branchName , { cwd : repoPath } ) ;
278+ execCommand ( 'git push -u origin ' + branchName , { cwd : repoPath } ) ;
269279 Logger . success ( '✅ Changes committed and pushed to branch: ' + branchName ) ;
270280 Logger . log ( '' ) ;
271281 }
@@ -328,7 +338,8 @@ async function createPullRequest(github, owner, repo, branchName, defaultBranch,
328338 const title = 'chore: update GitHub Actions to use commit hashes' ;
329339 const body = `This PR updates GitHub Actions to use commit hashes instead of tags for improved security.
330340
331- Changes were automatically generated by [pinact](https://github.com/suzuki-shunsuke/pinact).
341+ Changes were automatically generated by [pinact](https://github.com/suzuki-shunsuke/pinact)
342+ and the LizardByte/actions [pinact action](https://github.com/LizardByte/actions/tree/master/actions/pinact).
332343
333344## Benefits
334345- Prevents tag hijacking attacks
@@ -489,7 +500,15 @@ async function processRepository(github, options) {
489500
490501 if ( hasChanges ) {
491502 // Commit and push changes
492- commitAndPush ( repoPath , branchName , authorName , authorEmail , dryRun ) ;
503+ commitAndPush ( repoPath , {
504+ branchName,
505+ authorName,
506+ authorEmail,
507+ dryRun,
508+ owner,
509+ repo,
510+ token
511+ } ) ;
493512
494513 // Create pull request
495514 await createPullRequest ( github , owner , repo , branchName , defaultBranch , dryRun ) ;
@@ -735,7 +754,7 @@ async function runPinactAction({ github, context, core }) {
735754 const pinactVersion = process . env . INPUT_PINACT_VERSION ;
736755 const prBranchName = process . env . INPUT_PR_BRANCH_NAME ;
737756 const repo = process . env . INPUT_REPO ;
738- const token = process . env . GITHUB_TOKEN || process . env . INPUT_TOKEN ;
757+ const token = process . env . PINACT_GITHUB_TOKEN || process . env . INPUT_TOKEN || process . env . GITHUB_TOKEN ;
739758
740759 printActionConfig ( {
741760 dryRun,
0 commit comments