From 8a91892889b2f0f8814a049e7c13a824159021ca Mon Sep 17 00:00:00 2001
From: Sylvain Rabot <sylvain@abstraction.fr>
Date: Tue, 25 Jun 2024 16:06:42 +0200
Subject: [PATCH 1/3] Disable lfs fetch when using a fetch filter

Signed-off-by: Sylvain Rabot <sylvain@abstraction.fr>
---
 dist/index.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/dist/index.js b/dist/index.js
index 9d959a9..d832ca0 100644
--- a/dist/index.js
+++ b/dist/index.js
@@ -1306,7 +1306,7 @@ function getSource(settings) {
             // Explicit lfs-fetch to avoid slow checkout (fetches one lfs object at a time).
             // Explicit lfs fetch will fetch lfs objects in parallel.
             // For sparse checkouts, let `checkout` fetch the needed objects lazily.
-            if (settings.lfs && !settings.sparseCheckout) {
+            if (settings.lfs && !settings.sparseCheckout && !fetchOptions.filter) {
                 core.startGroup('Fetching LFS objects');
                 yield git.lfsFetch(checkoutInfo.startPoint || checkoutInfo.ref);
                 core.endGroup();
@@ -38194,4 +38194,4 @@ module.exports = parseParams
 /******/ 	module.exports = __webpack_exports__;
 /******/ 	
 /******/ })()
-;
\ No newline at end of file
+;

From 009b9ae9e446ad8d9b8c809870b0fbcc5e03573e Mon Sep 17 00:00:00 2001
From: Ben Wells <benwells@github.com>
Date: Thu, 16 Jan 2025 14:14:48 -0500
Subject: [PATCH 2/3] Documentation update - add recommended permissions to
 Readme (#2043)

* Update README.md

* Update README.md

Co-authored-by: Josh Gross <joshmgross@github.com>

---------

Co-authored-by: Josh Gross <joshmgross@github.com>
---
 README.md | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/README.md b/README.md
index b0f6224..f28fec7 100644
--- a/README.md
+++ b/README.md
@@ -311,6 +311,16 @@ jobs:
           git commit -m "generated"
           git push
 ```
+
+## Recommended permissions
+
+When using the `checkout` action in your GitHub Actions workflow, it is recommended to set the following `GITHUB_TOKEN` permissions to ensure proper functionality, unless alternative auth is provided via the `token` or `ssh-key` inputs:
+
+```yaml
+permissions:
+  contents: read
+```
+
 *NOTE:* The user email is `{user.id}+{user.login}@users.noreply.github.com`. See users API: https://api.github.com/users/github-actions%5Bbot%5D
 
 

From 85e6279cec87321a52edac9c87bce653a07cf6c2 Mon Sep 17 00:00:00 2001
From: Josh Gross <joshmgross@github.com>
Date: Thu, 16 Jan 2025 15:56:18 -0500
Subject: [PATCH 3/3] Adjust positioning of user email note and permissions
 heading (#2044)

---
 README.md | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index f28fec7..64dc025 100644
--- a/README.md
+++ b/README.md
@@ -312,7 +312,9 @@ jobs:
           git push
 ```
 
-## Recommended permissions
+*NOTE:* The user email is `{user.id}+{user.login}@users.noreply.github.com`. See users API: https://api.github.com/users/github-actions%5Bbot%5D
+
+# Recommended permissions
 
 When using the `checkout` action in your GitHub Actions workflow, it is recommended to set the following `GITHUB_TOKEN` permissions to ensure proper functionality, unless alternative auth is provided via the `token` or `ssh-key` inputs:
 
@@ -321,9 +323,6 @@ permissions:
   contents: read
 ```
 
-*NOTE:* The user email is `{user.id}+{user.login}@users.noreply.github.com`. See users API: https://api.github.com/users/github-actions%5Bbot%5D
-
-
 # License
 
 The scripts and documentation in this project are released under the [MIT License](LICENSE)