Bump the minor-actions-dependencies group across 1 directory with 2 updates

Bumps the minor-actions-dependencies group with 2 updates in the / directory: [actions/publish-immutable-action](https://github.com/actions/publish-immutable-action) and [docker/build-push-action](https://github.com/docker/build-push-action).


Updates `actions/publish-immutable-action` from 0.0.3 to 0.0.4
- [Release notes](https://github.com/actions/publish-immutable-action/releases)
- [Commits](https://github.com/actions/publish-immutable-action/compare/0.0.3...v0.0.4)

Updates `docker/build-push-action` from 6.5.0 to 6.10.0
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v6.5.0...v6.10.0)

---
updated-dependencies:
- dependency-name: actions/publish-immutable-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-actions-dependencies
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-actions-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

.github/workflows/publish-immutable-actions.yml

@@ -17,4 +17,4 @@ jobs:
         uses: actions/checkout@v4
       - name: Publish
         id: publish
-        uses: actions/publish-immutable-action@0.0.3
+        uses: actions/publish-immutable-action@v0.0.4

.github/workflows/update-test-ubuntu-git.yml

@@ -48,7 +48,7 @@ jobs:
 
       # Use `docker/build-push-action` to build (and optionally publish) the image. 
       - name: Build Docker Image (with optional Push)
-        uses: docker/build-push-action@v6.5.0
+        uses: docker/build-push-action@v6.10.0
         with:
           context: .
           file: images/test-ubuntu-git.Dockerfile

README.md

@@ -33,9 +33,6 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
     # with the local git config, which enables your scripts to run authenticated git
     # commands. The post-job step removes the PAT.
     #
-    # If any of the submodules are private GitHub repos, pass in a PAT with read-access 
-    # to them. 
-    #
     # We recommend using a service account with the least permissions necessary. Also
     # when generating a new PAT, select the least scopes necessary.
     #
@@ -113,8 +110,8 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
     # Whether to checkout submodules: `true` to checkout submodules or `recursive` to
     # recursively checkout submodules.
     #
-    # When neither the `ssh-key` nor the `token` inputs are provided, SSH URLs 
-    # beginning with `git@github.com:` are converted to HTTPS. 
+    # When the `ssh-key` input is not provided, SSH URLs beginning with
+    # `git@github.com:` are converted to HTTPS.
     #
     # Default: false
     submodules: ''
@@ -243,19 +240,12 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
   uses: actions/checkout@v4
   with:
     repository: my-org/my-private-tools
-    token: ${{ secrets.GH_PAT }}  # `GH_PAT` is a secret that contains a PAT with read-access to this private repository
+    token: ${{ secrets.GH_PAT }} # `GH_PAT` is a secret that contains your PAT
     path: my-tools
 ```
 
-## Checkout a repo and its private submodules
+> - `${{ github.token }}` is scoped to the current repository, so if you want to checkout a different repository that is private you will need to provide your own [PAT](https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line).
 
-```yaml
-- name: Checkout
-  uses: actions/checkout@v2
-  with:
-    submodules: true
-    token: ${{ secrets.GH_PAT }} # `GH_PAT` is a secret that contains a PAT with read-access to the private submodules
-```
 
 ## Checkout pull request HEAD commit instead of merge commit
 
@@ -321,17 +311,8 @@ jobs:
           git commit -m "generated"
           git push
 ```
-
 *NOTE:* The user email is `{user.id}+{user.login}@users.noreply.github.com`. See users API: https://api.github.com/users/github-actions%5Bbot%5D
 
-# Recommended permissions
-
-When using the `checkout` action in your GitHub Actions workflow, it is recommended to set the following `GITHUB_TOKEN` permissions to ensure proper functionality, unless alternative auth is provided via the `token` or `ssh-key` inputs:
-
-```yaml
-permissions:
-  contents: read
-```
 
 # License