From 3c3e99848b36c587c8046383ab04e86713061576 Mon Sep 17 00:00:00 2001 From: Jake Bailey <5341706+jakebailey@users.noreply.github.com> Date: Thu, 5 Oct 2023 09:04:25 -0700 Subject: [PATCH 1/3] Document that filter doesn't override fetch-depth --- README.md | 2 ++ action.yml | 5 +++-- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 92bc784..c4853f6 100644 --- a/README.md +++ b/README.md @@ -76,6 +76,8 @@ When Git 2.18 or higher is not in your PATH, falls back to the REST API to downl clean: '' # Partially clone against a given filter. Overrides sparse-checkout if set. + # Note that when a filter is provided, fetch-depth is still respected; you + # may want to specify `fetch-depth: 0` to ensure the full history is fetched. # Default: null filter: '' diff --git a/action.yml b/action.yml index 5aa90a7..ac392e1 100644 --- a/action.yml +++ b/action.yml @@ -55,8 +55,9 @@ inputs: default: true filter: description: > - Partially clone against a given filter. - Overrides sparse-checkout if set. + Partially clone against a given filter. Overrides sparse-checkout if set. + Note that when a filter is provided, fetch-depth is still respected; you + may want to specify `fetch-depth: 0` to ensure the full history is fetched. default: null sparse-checkout: description: > From 009b9ae9e446ad8d9b8c809870b0fbcc5e03573e Mon Sep 17 00:00:00 2001 From: Ben Wells Date: Thu, 16 Jan 2025 14:14:48 -0500 Subject: [PATCH 2/3] Documentation update - add recommended permissions to Readme (#2043) * Update README.md * Update README.md Co-authored-by: Josh Gross --------- Co-authored-by: Josh Gross --- README.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/README.md b/README.md index b0f6224..f28fec7 100644 --- a/README.md +++ b/README.md @@ -311,6 +311,16 @@ jobs: git commit -m "generated" git push ``` + +## Recommended permissions + +When using the `checkout` action in your GitHub Actions workflow, it is recommended to set the following `GITHUB_TOKEN` permissions to ensure proper functionality, unless alternative auth is provided via the `token` or `ssh-key` inputs: + +```yaml +permissions: + contents: read +``` + *NOTE:* The user email is `{user.id}+{user.login}@users.noreply.github.com`. See users API: https://api.github.com/users/github-actions%5Bbot%5D From 85e6279cec87321a52edac9c87bce653a07cf6c2 Mon Sep 17 00:00:00 2001 From: Josh Gross Date: Thu, 16 Jan 2025 15:56:18 -0500 Subject: [PATCH 3/3] Adjust positioning of user email note and permissions heading (#2044) --- README.md | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index f28fec7..64dc025 100644 --- a/README.md +++ b/README.md @@ -312,7 +312,9 @@ jobs: git push ``` -## Recommended permissions +*NOTE:* The user email is `{user.id}+{user.login}@users.noreply.github.com`. See users API: https://api.github.com/users/github-actions%5Bbot%5D + +# Recommended permissions When using the `checkout` action in your GitHub Actions workflow, it is recommended to set the following `GITHUB_TOKEN` permissions to ensure proper functionality, unless alternative auth is provided via the `token` or `ssh-key` inputs: @@ -321,9 +323,6 @@ permissions: contents: read ``` -*NOTE:* The user email is `{user.id}+{user.login}@users.noreply.github.com`. See users API: https://api.github.com/users/github-actions%5Bbot%5D - - # License The scripts and documentation in this project are released under the [MIT License](LICENSE)