mirror of
https://github.com/actions/checkout.git
synced 2025-06-03 14:02:37 +08:00
Compare commits
4 Commits
0bba011be3
...
106ba46bba
| Author | SHA1 | Date | |
|---|---|---|---|
|
106ba46bba | ||
|
85e6279cec | ||
|
009b9ae9e4 | ||
|
|
79a832ff0d |
13
README.md
13
README.md
@ -35,6 +35,10 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
|
||||
#
|
||||
# We recommend using a service account with the least permissions necessary. Also
|
||||
# when generating a new PAT, select the least scopes necessary.
|
||||
# For a basic restricted reference, you can use the same permissions as the
|
||||
# [`GITHUB_TOKEN` gives.](https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token)
|
||||
# This means creating a "Fine-grained personal access token" with the
|
||||
# `content` and `metadata` permissions.
|
||||
#
|
||||
# [Learn more about creating and using encrypted secrets](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)
|
||||
#
|
||||
@ -311,8 +315,17 @@ jobs:
|
||||
git commit -m "generated"
|
||||
git push
|
||||
```
|
||||
|
||||
*NOTE:* The user email is `{user.id}+{user.login}@users.noreply.github.com`. See users API: https://api.github.com/users/github-actions%5Bbot%5D
|
||||
|
||||
# Recommended permissions
|
||||
|
||||
When using the `checkout` action in your GitHub Actions workflow, it is recommended to set the following `GITHUB_TOKEN` permissions to ensure proper functionality, unless alternative auth is provided via the `token` or `ssh-key` inputs:
|
||||
|
||||
```yaml
|
||||
permissions:
|
||||
contents: read
|
||||
```
|
||||
|
||||
# License
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user