Merge f6b63ceb9e79ee917ff77ed8ef9f79097ad2cfc6 into 85e6279cec87321a52edac9c87bce653a07cf6c2

Adjust positioning of user email note and permissions heading (#2044 )
Documentation update - add recommended permissions to Readme (#2043 )
2025-04-25 12:52:25 +08:00 · 2025-02-01 11:08:09 +00:00 · 2025-01-16 15:56:18 -05:00 · 2025-01-16 14:14:48 -05:00 · 2022-03-02 20:23:19 +01:00
1 changed files with 10 additions and 1 deletions
--- a/README.md
+++ b/README.md
@ -252,7 +252,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 ```yaml
 - uses: actions/checkout@v4
  with:
-    ref: ${{ github.event.pull_request.head.sha }}
+    ref: ${{ github.event.pull_request.head.sha || github.ref }}
 ```

 ## Checkout pull request on closed event
@ -311,8 +311,17 @@ jobs:
          git commit -m "generated"
          git push
 ```
+
 *NOTE:* The user email is `{user.id}+{user.login}@users.noreply.github.com`. See users API: https://api.github.com/users/github-actions%5Bbot%5D

+# Recommended permissions
+
+When using the `checkout` action in your GitHub Actions workflow, it is recommended to set the following `GITHUB_TOKEN` permissions to ensure proper functionality, unless alternative auth is provided via the `token` or `ssh-key` inputs:
+
+```yaml
+permissions:
+  contents: read
+```

 # License
Author	SHA1	Message	Date
Alfonso Acosta	d34ea94a88	Merge f6b63ceb9e79ee917ff77ed8ef9f79097ad2cfc6 into 85e6279cec87321a52edac9c87bce653a07cf6c2	2025-02-01 11:08:09 +00:00
Josh Gross	85e6279cec	Adjust positioning of user email note and permissions heading (#2044 )	2025-01-16 15:56:18 -05:00
Ben Wells	009b9ae9e4	Documentation update - add recommended permissions to Readme (#2043 ) * Update README.md * Update README.md Co-authored-by: Josh Gross <joshmgross@github.com> --------- Co-authored-by: Josh Gross <joshmgross@github.com>	2025-01-16 14:14:48 -05:00
Alfonso Acosta	f6b63ceb9e	Make 'checkout pull request HEAD' example work for non-PRs	2022-03-02 20:23:19 +01:00