Merge f787e7d544 into 85e6279cec

Adjust positioning of user email note and permissions heading (#2044 )
Documentation update - add recommended permissions to Readme (#2043 )
2025-04-20 17:00:15 +03:00 · 2025-01-16 16:06:59 -05:00 · 2025-01-16 15:56:18 -05:00 · 2025-01-16 14:14:48 -05:00 · 2023-10-06 06:25:44 -07:00 · 2021-09-15 09:59:02 -07:00
2 changed files with 18 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -311,8 +311,17 @@ jobs:
          git commit -m "generated"
          git push
 ```
+
 *NOTE:* The user email is `{user.id}+{user.login}@users.noreply.github.com`. See users API: https://api.github.com/users/github-actions%5Bbot%5D

+# Recommended permissions
+
+When using the `checkout` action in your GitHub Actions workflow, it is recommended to set the following `GITHUB_TOKEN` permissions to ensure proper functionality, unless alternative auth is provided via the `token` or `ssh-key` inputs:
+
+```yaml
+permissions:
+  contents: read
+```

 # License

--- a/src/git-source-provider.ts
+++ b/src/git-source-provider.ts
@ -1,4 +1,5 @@
 import * as core from '@actions/core'
+import * as github from '@actions/github'
 import * as fsHelper from './fs-helper'
 import * as gitAuthHelper from './git-auth-helper'
 import * as gitCommandManager from './git-command-manager'
@ -274,6 +275,14 @@ export async function getSource(settings: IGitSourceSettings): Promise<void> {
      settings.commit,
      settings.githubServerUrl
    )
+
+    // Set default author
+    if (!await git.configExists('user.name', true)) {
+      await git.config('user.name', github.context.workflow, true)
+    }
+    if (!await git.configExists('user.email', true)) {
+      await git.config('user.email', 'github-actions@github.com', true)
+    }
  } finally {
    // Remove auth
    if (authHelper) {
Author	SHA1	Message	Date
Jack Bates	d610477733	Merge `f787e7d544` into `85e6279cec`	2025-01-16 16:06:59 -05:00
Josh Gross	85e6279cec	Adjust positioning of user email note and permissions heading (#2044 ) Some checks failed CodeQL / Analyze (push) Has been cancelled Details Licensed / Check licenses (push) Has been cancelled Details Build and Test / build (push) Has been cancelled Details Build and Test / test (macos-latest) (push) Has been cancelled Details Build and Test / test (ubuntu-latest) (push) Has been cancelled Details Build and Test / test (windows-latest) (push) Has been cancelled Details Build and Test / test-proxy (push) Has been cancelled Details Build and Test / test-bypass-proxy (push) Has been cancelled Details Build and Test / test-git-container (push) Has been cancelled Details Build and Test / test-output (push) Has been cancelled Details	2025-01-16 15:56:18 -05:00
Ben Wells	009b9ae9e4	Documentation update - add recommended permissions to Readme (#2043 ) * Update README.md * Update README.md Co-authored-by: Josh Gross <joshmgross@github.com> --------- Co-authored-by: Josh Gross <joshmgross@github.com>	2025-01-16 14:14:48 -05:00
Jack Bates	f787e7d544	Apply suggestions from code review Co-authored-by: Usman <akeju00+github@gmail.com>	2023-10-06 06:25:44 -07:00
Jack Bates	d48599a299	Set default user.name and user.email	2021-09-15 09:59:02 -07:00