Tiamat-Tech · pull · Dec 9, 2025 · Dec 9, 2025
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -22,7 +22,7 @@ jobs:
       - uses: actions/checkout@v6
       - uses: actions/setup-node@v6
         with:
-          node-version: 20.x
+          node-version-file: package.json
           cache: npm
       - run: npm ci
       - run: npm run build

diff --git a/.github/workflows/update-major-version.yml b/.github/workflows/update-major-version.yml
@@ -11,8 +11,8 @@ on:
         type: choice
         description: The major version tag to update
         options:
-          - v6
           - v7
+          - v8
 
 jobs:
   tag:

diff --git a/README.md b/README.md
@@ -21,7 +21,7 @@ Create Pull Request action will:
 
 - [Concepts, guidelines and advanced usage](docs/concepts-guidelines.md)
 - [Examples](docs/examples.md)
-- [Updating to v7](docs/updating.md)
+- [Updating between versions](docs/updating.md)
 - [Common issues](docs/common-issues.md)
 
 ## Usage

diff --git a/action.yml b/action.yml
@@ -94,7 +94,7 @@ outputs:
   pull-request-branch:
     description: 'The pull request branch name'
 runs:
-  using: 'node20'
+  using: 'node24'
   main: 'dist/index.js'
 branding:
   icon: 'git-pull-request'

diff --git a/dist/index.js b/dist/index.js
@@ -10020,7 +10020,7 @@ module.exports = {
 
 
 const { parseSetCookie } = __nccwpck_require__(7803)
-const { stringify, getHeadersList } = __nccwpck_require__(6338)
+const { stringify } = __nccwpck_require__(6338)
 const { webidl } = __nccwpck_require__(8134)
 const { Headers } = __nccwpck_require__(9061)
 
@@ -10096,14 +10096,13 @@ function getSetCookies (headers) {
 
   webidl.brandCheck(headers, Headers, { strict: false })
 
-  const cookies = getHeadersList(headers).cookies
+  const cookies = headers.getSetCookie()
 
   if (!cookies) {
     return []
   }
 
-  // In older versions of undici, cookies is a list of name:value.
-  return cookies.map((pair) => parseSetCookie(Array.isArray(pair) ? pair[1] : pair))
+  return cookies.map((pair) => parseSetCookie(pair))
 }
 
 /**
@@ -10531,14 +10530,15 @@ module.exports = {
 /***/ }),
 
 /***/ 6338:
-/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
+/***/ ((module) => {
 
 "use strict";
 
 
-const assert = __nccwpck_require__(2613)
-const { kHeadersList } = __nccwpck_require__(9411)
-
+/**
+ * @param {string} value
+ * @returns {boolean}
+ */
 function isCTLExcludingHtab (value) {
   if (value.length === 0) {
     return false
@@ -10799,31 +10799,13 @@ function stringify (cookie) {
   return out.join('; ')
 }
 
-let kHeadersListNode
-
-function getHeadersList (headers) {
-  if (headers[kHeadersList]) {
-    return headers[kHeadersList]
-  }
-
-  if (!kHeadersListNode) {
-    kHeadersListNode = Object.getOwnPropertySymbols(headers).find(
-      (symbol) => symbol.description === 'headers list'
-    )
-
-    assert(kHeadersListNode, 'Headers cannot be parsed')
-  }
-
-  const headersList = headers[kHeadersListNode]
-  assert(headersList)
-
-  return headersList
-}
-
 module.exports = {
   isCTLExcludingHtab,
-  stringify,
-  getHeadersList
+  validateCookieName,
+  validateCookiePath,
+  validateCookieValue,
+  toIMFDate,
+  stringify
 }
 
 
@@ -12752,6 +12734,14 @@ const { isUint8Array, isArrayBuffer } = __nccwpck_require__(8253)
 const { File: UndiciFile } = __nccwpck_require__(3305)
 const { parseMIMEType, serializeAMimeType } = __nccwpck_require__(4346)
 
+let random
+try {
+  const crypto = __nccwpck_require__(7598)
+  random = (max) => crypto.randomInt(0, max)
+} catch {
+  random = (max) => Math.floor(Math.random(max))
+}
+
 let ReadableStream = globalThis.ReadableStream
 
 /** @type {globalThis['File']} */
@@ -12837,7 +12827,7 @@ function extractBody (object, keepalive = false) {
     // Set source to a copy of the bytes held by object.
     source = new Uint8Array(object.buffer.slice(object.byteOffset, object.byteOffset + object.byteLength))
   } else if (util.isFormDataLike(object)) {
-    const boundary = `----formdata-undici-0${`${Math.floor(Math.random() * 1e11)}`.padStart(11, '0')}`
+    const boundary = `----formdata-undici-0${`${random(1e11)}`.padStart(11, '0')}`
     const prefix = `--${boundary}\r\nContent-Disposition: form-data`
 
     /*! formdata-polyfill. MIT License. Jimmy Wärting <https://jimmy.warting.se/opensource> */
@@ -14819,6 +14809,7 @@ const {
   isValidHeaderName,
   isValidHeaderValue
 } = __nccwpck_require__(555)
+const util = __nccwpck_require__(9023)
 const { webidl } = __nccwpck_require__(8134)
 const assert = __nccwpck_require__(2613)
 
@@ -15372,6 +15363,9 @@ Object.defineProperties(Headers.prototype, {
   [Symbol.toStringTag]: {
     value: 'Headers',
     configurable: true
+  },
+  [util.inspect.custom]: {
+    enumerable: false
   }
 })
 
@@ -24548,6 +24542,20 @@ class Pool extends PoolBase {
       ? { ...options.interceptors }
       : undefined
     this[kFactory] = factory
+
+    this.on('connectionError', (origin, targets, error) => {
+      // If a connection error occurs, we remove the client from the pool,
+      // and emit a connectionError event. They will not be re-used.
+      // Fixes https://github.com/nodejs/undici/issues/3895
+      for (const target of targets) {
+        // Do not use kRemoveClient here, as it will close the client,
+        // but the client cannot be closed in this state.
+        const idx = this[kClients].indexOf(target)
+        if (idx !== -1) {
+          this[kClients].splice(idx, 1)
+        }
+      }
+    })
   }
 
   [kGetDispatcher] () {

diff --git a/docs/common-issues.md b/docs/common-issues.md
@@ -37,7 +37,7 @@ So the straightforward solution is to just not install them during the workflow
 
 - If hooks are automatically enabled by a framework, use an option provided by the framework to disable them. For example, for Husky users, they can be disabled with the `--ignore-scripts` flag, or by setting the `HUSKY` environment variable when the action runs.
   ```yml
-  uses: peter-evans/create-pull-request@v7
+  uses: peter-evans/create-pull-request@v8
   env:
     HUSKY: '0'
   ```

diff --git a/docs/concepts-guidelines.md b/docs/concepts-guidelines.md
@@ -92,15 +92,15 @@ In these cases, you *must supply* the `base` input so the action can rebase chan
 Workflows triggered by [`pull_request`](https://docs.github.com/en/actions/reference/events-that-trigger-workflows#pull_request) events will by default check out a merge commit. Set the `base` input as follows to base the new pull request on the current pull request's branch.
 
 ```yml
-      - uses: peter-evans/create-pull-request@v7
+      - uses: peter-evans/create-pull-request@v8
         with:
           base: ${{ github.head_ref }}
 ```
 
 Workflows triggered by [`release`](https://docs.github.com/en/actions/reference/events-that-trigger-workflows#release) events will by default check out a tag. For most use cases, you will need to set the `base` input to the branch name of the tagged commit.
 
 ```yml
-      - uses: peter-evans/create-pull-request@v7
+      - uses: peter-evans/create-pull-request@v8
         with:
           base: main
 ```
@@ -186,7 +186,7 @@ Checking out a branch from a different repository from where the workflow is exe
 
       # Make changes to pull request here
 
-      - uses: peter-evans/create-pull-request@v7
+      - uses: peter-evans/create-pull-request@v8
         with:
           token: ${{ secrets.PAT }}
 ```
@@ -217,7 +217,7 @@ How to use SSH (deploy keys) with create-pull-request action:
       # Make changes to pull request here
 
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v7
+        uses: peter-evans/create-pull-request@v8
 ```
 
 ### Push pull request branches to a fork
@@ -242,7 +242,7 @@ It will use their own fork to push code and create the pull request.
 
       # Make changes to pull request here
 
-      - uses: peter-evans/create-pull-request@v7
+      - uses: peter-evans/create-pull-request@v8
         with:
           token: ${{ secrets.MACHINE_USER_PAT }}
           push-to-fork: machine-user/fork-of-repository
@@ -285,7 +285,7 @@ The following is an example of pushing to a fork using GitHub App tokens.
       # Make changes to pull request here
 
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v7
+        uses: peter-evans/create-pull-request@v8
         with:
           branch-token: ${{ steps.generate-token.outputs.token }}
           push-to-fork: owner/fork-of-repo
@@ -330,7 +330,7 @@ GitHub App generated tokens can be configured with fine-grained permissions and
       # Make changes to pull request here
 
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v7
+        uses: peter-evans/create-pull-request@v8
         with:
           token: ${{ steps.generate-token.outputs.token }}
 ```
@@ -358,7 +358,7 @@ In the following example, a pull request is being created in remote repo `owner/
       # Make changes to pull request here
 
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v7
+        uses: peter-evans/create-pull-request@v8
         with:
           token: ${{ steps.generate-token.outputs.token }}
 ```
@@ -387,7 +387,7 @@ In this example the `token` input is not supplied, so the action will use the re
       # Make changes to pull request here
 
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v7
+        uses: peter-evans/create-pull-request@v8
         with:
           sign-commits: true
 ```
@@ -406,7 +406,7 @@ In this example, the `token` input is generated using a GitHub App. This will si
       # Make changes to pull request here
 
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v7
+        uses: peter-evans/create-pull-request@v8
         with:
           token: ${{ steps.generate-token.outputs.token }}
           sign-commits: true
@@ -449,7 +449,7 @@ The action can use GPG to sign commits with a GPG key that you generate yourself
       # Make changes to pull request here
 
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v7
+        uses: peter-evans/create-pull-request@v8
         with:
           token: ${{ secrets.PAT }}
           committer: example <email@example.com>
@@ -479,7 +479,7 @@ jobs:
       # Make changes to pull request here
 
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v7
+        uses: peter-evans/create-pull-request@v8
 ```
 
 **Ubuntu container example:**
@@ -502,5 +502,5 @@ jobs:
       # Make changes to pull request here
 
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v7
+        uses: peter-evans/create-pull-request@v8
 ```
-Original file line number
+Diff line change
@@ Expand Up / @@ -11,8 +11,8 @@ on: @@
             type: choice
             description: The major version tag to update
             options:
-              - v6
               - v7
+              - v8
     jobs:
       tag:
@@ Expand Down @@