Skip to content
Latchkey

stefanzweifel/git-auto-commit-action

Detect files changed during a workflow run, commit them, and push back to the repository.

Community actionCategory: Utilities & ScriptingLatest v7View on GitHub

What it does

stefanzweifel/git-auto-commit-action checks whether the working tree is dirty after your build steps and, if so, commits the matching files and pushes them back, typical for lint --fix, code formatters, or regenerated docs.

If nothing changed, the action is a no-op and exposes changes_detected: false instead of failing.

Usage

workflow (.yml)
permissions:
  contents: write
steps:
  - uses: actions/checkout@v4
    with:
      ref: ${{ github.head_ref }}
  - run: npm run lint -- --fix
  - uses: stefanzweifel/git-auto-commit-action@v7
    with:
      commit_message: 'chore: apply lint fixes'

Inputs

InputDescriptionDefaultRequired
commit_messageCommit message.Apply automatic changesNo
branchGit branch name where changes should be pushed. Required if the action is used on the pull_request event.${{ github.head_ref }}No
file_patternFile pattern used for git add and the dirty-check. Supports multiple space-separated patterns, e.g. src/*.js..No
commit_user_nameName used for the commit user.github-actions[bot]No
commit_user_emailEmail address used for the commit user.41898282+github-actions[bot]@users.noreply.github.comNo
create_branchCreate a new branch with the name of the branch input, locally and remotely, if it does not exist yet.falseNo
push_optionsPush options (eg. --force).-No

Outputs

OutputDescription
changes_detected"true" if matching changes were detected and committed, "false" otherwise.
commit_hashFull hash of the created commit. Only set when a commit was actually made.

Notes

On pull_request events, check out the PR head branch (ref: github.head_ref) so the action has a branch to push to instead of a detached HEAD.

Commits pushed with the default GITHUB_TOKEN do not trigger new workflow runs; use a GitHub App token (actions/create-github-app-token) if the pushed commit must re-run CI.

Common errors

  • A push rejected with a 403 for github-actions[bot] means the workflow token is read-only; set permissions: contents: write on the job or enable write permissions in the repository Actions settings.
  • GH006: Protected branch update failed means the target branch's protection rules block direct pushes; push to a non-protected branch or exempt the bot/app from the rule.
  • The action reporting a detached HEAD on pull_request events means checkout used the merge ref; check out github.head_ref explicitly.

Security and pinning

  • Scope the job to contents: write only, the action needs nothing else. Pin the action to a commit SHA.
  • Avoid running it on pull_request_target with untrusted fork code checked out; that combination lets fork changes be committed with elevated credentials, which is why the action emits a warning on that event.

Alternatives and related

Frequently asked questions

Should I auto-commit to the branch or open a PR with the changes?
Auto-commit is fine for changes to the same PR branch (formatting fixes). For changes to protected branches or anything needing review, use peter-evans/create-pull-request to propose the diff instead.
Running stefanzweifel/git-auto-commit-action? Run it on Latchkey managed runners - self-healing and caching included. Start free → 30-day trial · No credit card