Merge d03156b5b8 into 44c2b7a8a4

* README: Set `user.email` to GitHub Actions Bot

* Update workflow to use proper bot GitHub Bot email

* Prefix `user.email` with `41898282+`

To match squash merge user, else showing as two different users, see: b0948d0da0

* Update README.md

---------

Co-authored-by: Pelle Wessman <pelle@kodfabrik.se>

.github/workflows/update-main-version.yml

@@ -27,8 +27,8 @@ jobs:
         fetch-depth: 0
     - name: Git config
       run: |
-        git config user.name github-actions
-        git config user.email github-actions@github.com
+        git config user.name "github-actions[bot]"
+        git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
     - name: Tag new target
       run: git tag -f ${{ github.event.inputs.major_version }} ${{ github.event.inputs.target }}
     - name: Push new tag

README.md

@@ -33,6 +33,9 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
     # with the local git config, which enables your scripts to run authenticated git
     # commands. The post-job step removes the PAT.
     #
+    # If any of the submodules are private GitHub repos, pass in a PAT with read-access 
+    # to them. 
+    #
     # We recommend using a service account with the least permissions necessary. Also
     # when generating a new PAT, select the least scopes necessary.
     #
@@ -110,8 +113,8 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
     # Whether to checkout submodules: `true` to checkout submodules or `recursive` to
     # recursively checkout submodules.
     #
-    # When the `ssh-key` input is not provided, SSH URLs beginning with
-    # `git@github.com:` are converted to HTTPS.
+    # When neither the `ssh-key` nor the `token` inputs are provided, SSH URLs 
+    # beginning with `git@github.com:` are converted to HTTPS. 
     #
     # Default: false
     submodules: ''
@@ -239,12 +242,19 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
   uses: actions/checkout@v4
   with:
     repository: my-org/my-private-tools
-    token: ${{ secrets.GH_PAT }} # `GH_PAT` is a secret that contains your PAT
+    token: ${{ secrets.GH_PAT }}  # `GH_PAT` is a secret that contains a PAT with read-access to this private repository
     path: my-tools
 ```
 
-> - `${{ github.token }}` is scoped to the current repository, so if you want to checkout a different repository that is private you will need to provide your own [PAT](https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line).
+## Checkout a repo and its private submodules
 
+```yaml
+- name: Checkout
+  uses: actions/checkout@v2
+  with:
+    submodules: true
+    token: ${{ secrets.GH_PAT }} # `GH_PAT` is a secret that contains a PAT with read-access to the private submodules
+```
 
 ## Checkout pull request HEAD commit instead of merge commit
 
@@ -279,8 +289,9 @@ jobs:
       - uses: actions/checkout@v4
       - run: |
           date > generated.txt
-          git config user.name github-actions
-          git config user.email github-actions@github.com
+          # Note: the following account information will not work on GHES
+          git config user.name "github-actions[bot]"
+          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
           git add .
           git commit -m "generated"
           git push