[汉化] 翻译一些说明和更新日志

Adjust positioning of user email note and permissions heading (#2044 )
Documentation update - add recommended permissions to Readme (#2043 )
2025-09-04 13:42:08 +08:00 · 2025-05-07 12:00:45 +08:00 · 2025-01-16 15:56:18 -05:00 · 2025-01-16 14:14:48 -05:00
4 changed files with 399 additions and 405 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,161 +1,160 @@
-# Changelog
+# 更新日志

 ## v4.2.2
-* `url-helper.ts` now leverages well-known environment variables by @jww3 in https://github.com/actions/checkout/pull/1941
-* Expand unit test coverage for `isGhes` by @jww3 in https://github.com/actions/checkout/pull/1946
+* `url-helper.ts` 现在利用众所周知的环境变量，由 @jww3 在 https://github.com/actions/checkout/pull/1941 中贡献
+* 扩展 `isGhes` 的单元测试覆盖率，由 @jww3 在 https://github.com/actions/checkout/pull/1946 中贡献

 ## v4.2.1
-* Check out other refs/* by commit if provided, fall back to ref by @orhantoy in https://github.com/actions/checkout/pull/1924
+* 如果提供了 commit，则检出其他 refs/*，否则回退到 ref，由 @orhantoy 在 https://github.com/actions/checkout/pull/1924 中贡献

 ## v4.2.0

-* Add Ref and Commit outputs by @lucacome in https://github.com/actions/checkout/pull/1180
-* Dependency updates by @dependabot- https://github.com/actions/checkout/pull/1777, https://github.com/actions/checkout/pull/1872
+* 添加 Ref 和 Commit 输出，由 @lucacome 在 https://github.com/actions/checkout/pull/1180 中贡献
+* 依赖项更新，由 @dependabot 在 https://github.com/actions/checkout/pull/1777 和 https://github.com/actions/checkout/pull/1872 中贡献

 ## v4.1.7
-* Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in https://github.com/actions/checkout/pull/1739
-* Bump actions/checkout from 3 to 4 by @dependabot in https://github.com/actions/checkout/pull/1697
-* Check out other refs/* by commit by @orhantoy in https://github.com/actions/checkout/pull/1774
-* Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in https://github.com/actions/checkout/pull/1776
+* 在 1 个目录中更新次要 npm 依赖项组，共 4 次更新，由 @dependabot 在 https://github.com/actions/checkout/pull/1739 中贡献
+* 将 actions/checkout 从 3 升级到 4，由 @dependabot 在 https://github.com/actions/checkout/pull/1697 中贡献
+* 按 commit 检出其他 refs/*，由 @orhantoy 在 https://github.com/actions/checkout/pull/1774 中贡献
+* 将 actions/checkout 自身的工作流固定到已知、良好、稳定的版本，由 @jww3 在 https://github.com/actions/checkout/pull/1776 中贡献

 ## v4.1.6
-* Check platform to set archive extension appropriately by @cory-miller in https://github.com/actions/checkout/pull/1732
+* 检查平台以适当设置存档扩展名，由 @cory-miller 在 https://github.com/actions/checkout/pull/1732 中贡献

 ## v4.1.5
-* Update NPM dependencies by @cory-miller in https://github.com/actions/checkout/pull/1703
-* Bump github/codeql-action from 2 to 3 by @dependabot in https://github.com/actions/checkout/pull/1694
-* Bump actions/setup-node from 1 to 4 by @dependabot in https://github.com/actions/checkout/pull/1696
-* Bump actions/upload-artifact from 2 to 4 by @dependabot in https://github.com/actions/checkout/pull/1695
-* README: Suggest `user.email` to be `41898282+github-actions[bot]@users.noreply.github.com` by @cory-miller in https://github.com/actions/checkout/pull/1707
+* 更新 NPM 依赖项，由 @cory-miller 在 https://github.com/actions/checkout/pull/1703 中贡献
+* 将 github/codeql-action 从 2 升级到 3，由 @dependabot 在 https://github.com/actions/checkout/pull/1694 中贡献
+* 将 actions/setup-node 从 1 升级到 4，由 @dependabot 在 https://github.com/actions/checkout/pull/1696 中贡献
+* 将 actions/upload-artifact 从 2 升级到 4，由 @dependabot 在 https://github.com/actions/checkout/pull/1695 中贡献
+* README：建议将 `user.email` 设置为 `41898282+github-actions[bot]@users.noreply.github.com`，由 @cory-miller 在 https://github.com/actions/checkout/pull/1707 中贡献

 ## v4.1.4
- Disable `extensions.worktreeConfig` when disabling `sparse-checkout` by @jww3 in https://github.com/actions/checkout/pull/1692
- Add dependabot config by @cory-miller in https://github.com/actions/checkout/pull/1688
- Bump the minor-actions-dependencies group with 2 updates by @dependabot in https://github.com/actions/checkout/pull/1693
- Bump word-wrap from 1.2.3 to 1.2.5 by @dependabot in https://github.com/actions/checkout/pull/1643
+- 禁用 `sparse-checkout` 时禁用 `extensions.worktreeConfig`，由 @jww3 在 https://github.com/actions/checkout/pull/1692 中贡献
+- 添加 dependabot 配置，由 @cory-miller 在 https://github.com/actions/checkout/pull/1688 中贡献
+- 使用 2 次更新更新次要 actions 依赖项组，由 @dependabot 在 https://github.com/actions/checkout/pull/1693 中贡献
+- 将 word-wrap 从 1.2.3 升级到 1.2.5，由 @dependabot 在 https://github.com/actions/checkout/pull/1643 中贡献

 ## v4.1.3
- Check git version before attempting to disable `sparse-checkout` by @jww3 in https://github.com/actions/checkout/pull/1656
- Add SSH user parameter by @cory-miller in https://github.com/actions/checkout/pull/1685
- Update `actions/checkout` version in `update-main-version.yml` by @jww3 in https://github.com/actions/checkout/pull/1650
+- 在尝试禁用 `sparse-checkout` 之前检查 git 版本，由 @jww3 在 https://github.com/actions/checkout/pull/1656 中贡献
+- 添加 SSH 用户参数，由 @cory-miller 在 https://github.com/actions/checkout/pull/1685 中贡献
+- 在 `update-main-version.yml` 中更新 `actions/checkout` 版本，由 @jww3 在 https://github.com/actions/checkout/pull/1650 中贡献

 ## v4.1.2
- Fix: Disable sparse checkout whenever `sparse-checkout` option is not present @dscho in https://github.com/actions/checkout/pull/1598
+- 修复：当 `sparse-checkout` 选项不存在时禁用稀疏检出，由 @dscho 在 https://github.com/actions/checkout/pull/1598 中贡献

 ## v4.1.1
- Correct link to GitHub Docs by @peterbe in https://github.com/actions/checkout/pull/1511
- Link to release page from what's new section by @cory-miller in https://github.com/actions/checkout/pull/1514
+- 修正指向 GitHub 文档的链接，由 @peterbe 在 https://github.com/actions/checkout/pull/1511 中贡献
+- 从“新特性”部分链接到发布页面，由 @cory-miller 在 https://github.com/actions/checkout/pull/1514 中贡献

 ## v4.1.0
- [Add support for partial checkout filters](https://github.com/actions/checkout/pull/1396)
+- [添加对部分检出过滤器的支持](https://github.com/actions/checkout/pull/1396)

 ## v4.0.0
- [Support fetching without the --progress option](https://github.com/actions/checkout/pull/1067)
- [Update to node20](https://github.com/actions/checkout/pull/1436)
+- [支持不带 --progress 选项的获取](https://github.com/actions/checkout/pull/1067)
+- [升级到 node20](https://github.com/actions/checkout/pull/1436)

 ## v3.6.0
- [Fix: Mark test scripts with Bash'isms to be run via Bash](https://github.com/actions/checkout/pull/1377)
- [Add option to fetch tags even if fetch-depth > 0](https://github.com/actions/checkout/pull/579)
+- [修复：将测试脚本标记为通过 Bash 运行的 Bash'isms](https://github.com/actions/checkout/pull/1377)
+- [添加选项以在 fetch-depth > 0 时获取标签](https://github.com/actions/checkout/pull/579)

 ## v3.5.3
- [Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in](https://github.com/actions/checkout/pull/1196)
- [Fix typos found by codespell](https://github.com/actions/checkout/pull/1287)
- [Add support for sparse checkouts](https://github.com/actions/checkout/pull/1369)
+- [修复：在自托管运行器上检出失败，当有故障的子模块被签入时](https://github.com/actions/checkout/pull/1196)
+- [修复 codespell 发现的拼写错误](https://github.com/actions/checkout/pull/1287)
+- [添加对稀疏检出的支持](https://github.com/actions/checkout/pull/1369)

 ## v3.5.2
- [Fix api endpoint for GHES](https://github.com/actions/checkout/pull/1289)
+- [修复 GHES 的 api 端点](https://github.com/actions/checkout/pull/1289)

 ## v3.5.1
- [Fix slow checkout on Windows](https://github.com/actions/checkout/pull/1246)
+- [修复 Windows 上的慢速检出](https://github.com/actions/checkout/pull/1246)

 ## v3.5.0
-* [Add new public key for known_hosts](https://github.com/actions/checkout/pull/1237)
+* [添加新的 known_hosts 公钥](https://github.com/actions/checkout/pull/1237)

 ## v3.4.0
- [Upgrade codeql actions to v2](https://github.com/actions/checkout/pull/1209)
- [Upgrade dependencies](https://github.com/actions/checkout/pull/1210)
- [Upgrade @actions/io](https://github.com/actions/checkout/pull/1225)
+- [将 codeql actions 升级到 v2](https://github.com/actions/checkout/pull/1209)
+- [升级依赖项](https://github.com/actions/checkout/pull/1210)
+- [升级 @actions/io](https://github.com/actions/checkout/pull/1225)

 ## v3.3.0
- [Implement branch list using callbacks from exec function](https://github.com/actions/checkout/pull/1045)
- [Add in explicit reference to private checkout options](https://github.com/actions/checkout/pull/1050)
- [Fix comment typos (that got added in #770)](https://github.com/actions/checkout/pull/1057)
+- [通过 exec 函数的回调实现分支列表](https://github.com/actions/checkout/pull/1045)
+- [明确引用私有检出选项](https://github.com/actions/checkout/pull/1050)
+- [修复评论中的拼写错误（在 #770 中添加）](https://github.com/actions/checkout/pull/1057)

 ## v3.2.0
- [Add GitHub Action to perform release](https://github.com/actions/checkout/pull/942)
- [Fix status badge](https://github.com/actions/checkout/pull/967)
- [Replace datadog/squid with ubuntu/squid Docker image](https://github.com/actions/checkout/pull/1002)
- [Wrap pipeline commands for submoduleForeach in quotes](https://github.com/actions/checkout/pull/964)
- [Update @actions/io to 1.1.2](https://github.com/actions/checkout/pull/1029)
- [Upgrading version to 3.2.0](https://github.com/actions/checkout/pull/1039)
+- [添加 GitHub Action 以执行发布](https://github.com/actions/checkout/pull/942)
+- [修复状态徽章](https://github.com/actions/checkout/pull/967)
+- [将 datadog/squid 替换为 ubuntu/squid Docker 镜像](https://github.com/actions/checkout/pull/1002)
+- [在 submoduleForeach 的管道命令周围添加引号](https://github.com/actions/checkout/pull/964)
+- [将 @actions/io 升级到 1.1.2](https://github.com/actions/checkout/pull/1029)
+- [升级到版本 3.2.0](https://github.com/actions/checkout/pull/1039)

 ## v3.1.0
- [Use @actions/core `saveState` and `getState`](https://github.com/actions/checkout/pull/939)
- [Add `github-server-url` input](https://github.com/actions/checkout/pull/922)
+- [使用 @actions/core `saveState` 和 `getState`](https://github.com/actions/checkout/pull/939)
+- [添加 `github-server-url` 输入](https://github.com/actions/checkout/pull/922)

 ## v3.0.2
- [Add input `set-safe-directory`](https://github.com/actions/checkout/pull/770)
+- [添加输入 `set-safe-directory`](https://github.com/actions/checkout/pull/770)

 ## v3.0.1
- [Fixed an issue where checkout failed to run in container jobs due to the new git setting `safe.directory`](https://github.com/actions/checkout/pull/762)
- [Bumped various npm package versions](https://github.com/actions/checkout/pull/744)
+- [修复了一个问题，由于新的 git 设置 `safe.directory`，导致在容器作业中无法运行 checkout](https://github.com/actions/checkout/pull/762)
+- [提升各种 npm 包版本](https://github.com/actions/checkout/pull/744)

 ## v3.0.0

- [Update to node 16](https://github.com/actions/checkout/pull/689)
+- [升级到 node 16](https://github.com/actions/checkout/pull/689)

 ## v2.3.1

- [Fix default branch resolution for .wiki and when using SSH](https://github.com/actions/checkout/pull/284)
+- [修复 .wiki 的默认分支解析以及使用 SSH 时的解析](https://github.com/actions/checkout/pull/284)

 ## v2.3.0

- [Fallback to the default branch](https://github.com/actions/checkout/pull/278)
+- [回退到默认分支](https://github.com/actions/checkout/pull/278)

 ## v2.2.0

- [Fetch all history for all tags and branches when fetch-depth=0](https://github.com/actions/checkout/pull/258)
+- [当 fetch-depth=0 时获取所有标签和分支的所有历史记录](https://github.com/actions/checkout/pull/258)

 ## v2.1.1

- Changes to support GHES ([here](https://github.com/actions/checkout/pull/236) and [here](https://github.com/actions/checkout/pull/248))
+- 支持 GHES 的更改（[这里](https://github.com/actions/checkout/pull/236) 和 [这里](https://github.com/actions/checkout/pull/248)）

 ## v2.1.0

- [Group output](https://github.com/actions/checkout/pull/191)
- [Changes to support GHES alpha release](https://github.com/actions/checkout/pull/199)
- [Persist core.sshCommand for submodules](https://github.com/actions/checkout/pull/184)
- [Add support ssh](https://github.com/actions/checkout/pull/163)
- [Convert submodule SSH URL to HTTPS, when not using SSH](https://github.com/actions/checkout/pull/179)
- [Add submodule support](https://github.com/actions/checkout/pull/157)
- [Follow proxy settings](https://github.com/actions/checkout/pull/144)
- [Fix ref for pr closed event when a pr is merged](https://github.com/actions/checkout/pull/141)
- [Fix issue checking detached when git less than 2.22](https://github.com/actions/checkout/pull/128)
+- [分组输出](https://github.com/actions/checkout/pull/191)
+- [支持 GHES alpha 发布的更改](https://github.com/actions/checkout/pull/199)
+- [为子模块持久化 core.sshCommand](https://github.com/actions/checkout/pull/184)
+- [添加对 ssh 的支持](https://github.com/actions/checkout/pull/163)
+- [当不使用 SSH 时，将子模块 SSH URL 转换为 HTTPS](https://github.com/actions/checkout/pull/179)
+- [添加子模块支持](https://github.com/actions/checkout/pull/157)
+- [遵循代理设置](https://github.com/actions/checkout/pull/144)
+- [修复 pr 关闭事件的 ref，当 pr 被合并时](https://github.com/actions/checkout/pull/141)
+- [修复 git 版本低于 2.22 时检查分离状态的问题](https://github.com/actions/checkout/pull/128)

 ## v2.0.0

- [Do not pass cred on command line](https://github.com/actions/checkout/pull/108)
- [Add input persist-credentials](https://github.com/actions/checkout/pull/107)
- [Fallback to REST API to download repo](https://github.com/actions/checkout/pull/104)
+- [不在命令行上传递凭据](https://github.com/actions/checkout/pull/108)
+- [添加输入 persist-credentials](https://github.com/actions/checkout/pull/107)
+- [回退到 REST API 下载仓库](https://github.com/actions/checkout/pull/104)

 ## v2 (beta)

- Improved fetch performance
-  - The default behavior now fetches only the SHA being checked-out
- Script authenticated git commands
-  - Persists `with.token` in the local git config
-  - Enables your scripts to run authenticated git commands
-  - Post-job cleanup removes the token
-  - Coming soon: Opt out by setting `with.persist-credentials` to `false`
- Creates a local branch
-  - No longer detached HEAD when checking out a branch
-  - A local branch is created with the corresponding upstream branch set
- Improved layout
-  - `with.path` is always relative to `github.workspace`
-  - Aligns better with container actions, where `github.workspace` gets mapped in
- Removed input `submodules`
-
+- 改进的获取性能
+  - 默认行为现在仅获取正在检出的 SHA
+- 脚本认证的 git 命令
+  - 将 `with.token` 持久化到本地 git 配置
+  - 使您的脚本可以运行经过身份验证的 git 命令
+  - 作业后清理移除令牌
+  - 即将推出：通过将 `with.persist-credentials` 设置为 `false` 来选择退出
+- 创建本地分支
+  - 检出分支时不再是分离的 HEAD
+  - 创建一个带有相应上游分支设置的本地分支
+- 改进的布局
+  - `with.path` 始终相对于 `github.workspace`
+  - 更好地与容器操作对齐，其中 `github.workspace` 被映射进来
+- 移除输入 `submodules`

 ## v1

-Refer [here](https://github.com/actions/checkout/blob/v1/CHANGELOG.md) for the V1 changelog
+有关 V1 更新日志，请参阅 [这里](https://github.com/actions/checkout/blob/v1/CHANGELOG.md)
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -1,28 +1,28 @@
-# Contributing
+# 贡献指南

-## Submitting a pull request
+## 提交拉取请求

-1. Fork and clone the repository
-1. Configure and install the dependencies: `npm install`
-1. Create a new branch: `git checkout -b my-branch-name`
-1. Make your change, add tests, and make sure the tests still pass: `npm run test`
-1. Make sure your code is correctly formatted: `npm run format`
-1. Update `dist/index.js` using `npm run build`. This creates a single javascript file that is used as an entrypoint for the action
-1. Push to your fork and submit a pull request
-1. Pat yourself on the back and wait for your pull request to be reviewed and merged
+1. Fork 并克隆仓库
+1. 配置并安装依赖项：`npm install`
+1. 创建新分支：`git checkout -b my-branch-name`
+1. 进行更改，添加测试，并确保测试仍然通过：`npm run test`
+1. 确保代码格式正确：`npm run format`
+1. 使用 `npm run build` 更新 `dist/index.js`。这将创建一个作为操作入口点的单一 JavaScript 文件
+1. 推送到您的 Fork 并提交拉取请求
+1. 拍拍自己的背，等待您的拉取请求被审查和合并

-Here are a few things you can do that will increase the likelihood of your pull request being accepted:
+以下是一些可以提高您的拉取请求被接受可能性的建议：

- Write tests.
- Keep your change as focused as possible. If there are multiple changes you would like to make that are not dependent upon each other, consider submitting them as separate pull requests.
+- 编写测试。
+- 尽量保持更改的专注性。如果您希望进行多个不相互依赖的更改，建议将它们作为单独的拉取请求提交。

-## Resources
+## 资源

- [How to Contribute to Open Source](https://opensource.guide/how-to-contribute/)
- [Using Pull Requests](https://help.github.com/articles/about-pull-requests/)
- [GitHub Help](https://help.github.com)
- [Writing good commit messages](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html)
+- [如何为开源做贡献](https://opensource.guide/how-to-contribute/)
+- [使用拉取请求](https://help.github.com/articles/about-pull-requests/)
+- [GitHub 帮助](https://help.github.com)
+- [编写良好的提交信息](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html)

-Thanks! :heart: :heart: :heart:
+谢谢！:heart: :heart: :heart:

-GitHub Actions Team :octocat:
+GitHub Actions 团队 :octocat:
--- a/README.md
+++ b/README.md
@ -1,261 +1,259 @@
-[![Build and Test](https://github.com/actions/checkout/actions/workflows/test.yml/badge.svg)](https://github.com/actions/checkout/actions/workflows/test.yml)
+[![构建和测试](https://github.com/actions/checkout/actions/workflows/test.yml/badge.svg)](https://github.com/actions/checkout/actions/workflows/test.yml)

 # Checkout V4

-This action checks-out your repository under `$GITHUB_WORKSPACE`, so your workflow can access it.
+此操作将您的仓库检出到 `$GITHUB_WORKSPACE` 下，以便您的工作流可以访问它。

-Only a single commit is fetched by default, for the ref/SHA that triggered the workflow. Set `fetch-depth: 0` to fetch all history for all branches and tags. Refer [here](https://docs.github.com/actions/using-workflows/events-that-trigger-workflows) to learn which commit `$GITHUB_SHA` points to for different events.
+默认情况下，仅获取触发工作流的 ref/SHA 的单个提交。设置 `fetch-depth: 0` 可以获取所有分支和标签的所有历史记录。请参考 [这里](https://docs.github.com/actions/using-workflows/events-that-trigger-workflows) 了解不同事件中 `$GITHUB_SHA` 指向的提交。

-The auth token is persisted in the local git config. This enables your scripts to run authenticated git commands. The token is removed during post-job cleanup. Set `persist-credentials: false` to opt-out.
+认证令牌会持久化到本地 git 配置中。这使得您的脚本可以运行经过身份验证的 git 命令。该令牌会在作业后清理步骤中被移除。设置 `persist-credentials: false` 可以选择不保留。

-When Git 2.18 or higher is not in your PATH, falls back to the REST API to download the files.
+当 Git 2.18 或更高版本不在您的 PATH 中时，将回退到 REST API 来下载文件。

-# What's new
+# 新特性

-Please refer to the [release page](https://github.com/actions/checkout/releases/latest) for the latest release notes.
+请参考 [发布页面](https://github.com/actions/checkout/releases/latest) 获取最新的发布说明。

-# Usage
+# 使用方法

 <!-- start usage -->
 ```yaml
- uses: actions/checkout@v4
+• uses: actions/checkout@v4
+
  with:
-    # Repository name with owner. For example, actions/checkout
-    # Default: ${{ github.repository }}
+    # 仓库名称及所有者。例如，actions/checkout
+    # 默认值: ${{ github.repository }}
    repository: ''

-    # The branch, tag or SHA to checkout. When checking out the repository that
-    # triggered a workflow, this defaults to the reference or SHA for that event.
-    # Otherwise, uses the default branch.
+    # 要检出的分支、标签或 SHA。当检出触发工作流的仓库时，默认为该事件的引用或 SHA。
+    # 否则，使用默认分支。
    ref: ''

-    # Personal access token (PAT) used to fetch the repository. The PAT is configured
-    # with the local git config, which enables your scripts to run authenticated git
-    # commands. The post-job step removes the PAT.
+    # 用于获取仓库的个人访问令牌 (PAT)。该 PAT 会配置到本地 git 配置中，使您的脚本可以运行经过身份验证的 git 命令。
+    # 作业后步骤会移除该 PAT。
    #
-    # We recommend using a service account with the least permissions necessary. Also
-    # when generating a new PAT, select the least scopes necessary.
+    # 我们建议使用具有最低必要权限的服务账户。此外，在生成新的 PAT 时，请选择最低必要的范围。
    #
-    # [Learn more about creating and using encrypted secrets](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)
+    # [了解有关创建和使用加密机密的更多信息](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)
    #
-    # Default: ${{ github.token }}
+    # 默认值: ${{ github.token }}
    token: ''

-    # SSH key used to fetch the repository. The SSH key is configured with the local
-    # git config, which enables your scripts to run authenticated git commands. The
-    # post-job step removes the SSH key.
+    # 用于获取仓库的 SSH 密钥。该 SSH 密钥会配置到本地 git 配置中，使您的脚本可以运行经过身份验证的 git 命令。
+    # 作业后步骤会移除该 SSH 密钥。
    #
-    # We recommend using a service account with the least permissions necessary.
+    # 我们建议使用具有最低必要权限的服务账户。
    #
-    # [Learn more about creating and using encrypted secrets](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)
+    # [了解有关创建和使用加密机密的更多信息](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)
    ssh-key: ''

-    # Known hosts in addition to the user and global host key database. The public SSH
-    # keys for a host may be obtained using the utility `ssh-keyscan`. For example,
-    # `ssh-keyscan github.com`. The public key for github.com is always implicitly
-    # added.
+    # 除用户和全局主机密钥数据库之外的已知主机。可以使用 `ssh-keyscan` 工具获取主机的公共 SSH 密钥。例如，`ssh-keyscan github.com`。
+    # github.com 的公钥始终会隐式添加。
    ssh-known-hosts: ''

-    # Whether to perform strict host key checking. When true, adds the options
-    # `StrictHostKeyChecking=yes` and `CheckHostIP=no` to the SSH command line. Use
-    # the input `ssh-known-hosts` to configure additional hosts.
-    # Default: true
+    # 是否执行严格的主机密钥检查。当为 true 时，会在 SSH 命令行中添加 `StrictHostKeyChecking=yes` 和 `CheckHostIP=no` 选项。
+    # 使用 `ssh-known-hosts` 输入来配置其他主机。
+    # 默认值: true
    ssh-strict: ''

-    # The user to use when connecting to the remote SSH host. By default 'git' is
-    # used.
-    # Default: git
+    # 连接到远程 SSH 主机时使用的用户。默认值为 'git'。
+    # 默认值: git
    ssh-user: ''

-    # Whether to configure the token or SSH key with the local git config
-    # Default: true
+    # 是否将令牌或 SSH 密钥配置到本地 git 配置中
+    # 默认值: true
    persist-credentials: ''

-    # Relative path under $GITHUB_WORKSPACE to place the repository
+    # 在 $GITHUB_WORKSPACE 下放置仓库的相对路径
    path: ''

-    # Whether to execute `git clean -ffdx && git reset --hard HEAD` before fetching
-    # Default: true
+    # 是否在获取前执行 `git clean -ffdx && git reset --hard HEAD`
+    # 默认值: true
    clean: ''

-    # Partially clone against a given filter. Overrides sparse-checkout if set.
-    # Default: null
+    # 针对给定过滤器进行部分克隆。如果设置了此选项，则会覆盖 sparse-checkout。
+    # 默认值: null
    filter: ''

-    # Do a sparse checkout on given patterns. Each pattern should be separated with
-    # new lines.
-    # Default: null
+    # 对给定模式进行稀疏检出。每个模式应以换行符分隔。
+    # 默认值: null
    sparse-checkout: ''

-    # Specifies whether to use cone-mode when doing a sparse checkout.
-    # Default: true
+    # 指定在执行稀疏检出时是否使用 cone 模式。
+    # 默认值: true
    sparse-checkout-cone-mode: ''

-    # Number of commits to fetch. 0 indicates all history for all branches and tags.
-    # Default: 1
+    # 要获取的提交数量。0 表示所有分支和标签的所有历史记录。
+    # 默认值: 1
    fetch-depth: ''

-    # Whether to fetch tags, even if fetch-depth > 0.
-    # Default: false
+    # 是否获取标签，即使 fetch-depth > 0。
+    # 默认值: false
    fetch-tags: ''

-    # Whether to show progress status output when fetching.
-    # Default: true
+    # 获取时是否显示进度状态输出。
+    # 默认值: true
    show-progress: ''

-    # Whether to download Git-LFS files
-    # Default: false
+    # 是否下载 Git-LFS 文件
+    # 默认值: false
    lfs: ''

-    # Whether to checkout submodules: `true` to checkout submodules or `recursive` to
-    # recursively checkout submodules.
+    # 是否检出子模块：`true` 表示检出子模块，`recursive` 表示递归检出子模块。
    #
-    # When the `ssh-key` input is not provided, SSH URLs beginning with
-    # `git@github.com:` are converted to HTTPS.
+    # 当未提供 `ssh-key` 输入时，以 `git@github.com:` 开头的 SSH URL 会被转换为 HTTPS。
    #
-    # Default: false
+    # 默认值: false
    submodules: ''

-    # Add repository path as safe.directory for Git global config by running `git
-    # config --global --add safe.directory <path>`
-    # Default: true
+    # 通过运行 `git config --global --add safe.directory <path>` 将仓库路径添加为 Git 全局配置的安全目录。
+    # 默认值: true
    set-safe-directory: ''

-    # The base URL for the GitHub instance that you are trying to clone from, will use
-    # environment defaults to fetch from the same instance that the workflow is
-    # running from unless specified. Example URLs are https://github.com or
-    # https://my-ghes-server.example.com
+    # 尝试克隆的 GitHub 实例的基本 URL，将使用环境默认值从工作流运行的同一实例获取，除非指定。示例 URL 包括 https://github.com 或 https://my-ghes-server.example.com
    github-server-url: ''
 ```
 <!-- end usage -->

-# Scenarios
+# 场景

- [Fetch only the root files](#Fetch-only-the-root-files)
- [Fetch only the root files and `.github` and `src` folder](#Fetch-only-the-root-files-and-github-and-src-folder)
- [Fetch only a single file](#Fetch-only-a-single-file)
- [Fetch all history for all tags and branches](#Fetch-all-history-for-all-tags-and-branches)
- [Checkout a different branch](#Checkout-a-different-branch)
- [Checkout HEAD^](#Checkout-HEAD)
- [Checkout multiple repos (side by side)](#Checkout-multiple-repos-side-by-side)
- [Checkout multiple repos (nested)](#Checkout-multiple-repos-nested)
- [Checkout multiple repos (private)](#Checkout-multiple-repos-private)
- [Checkout pull request HEAD commit instead of merge commit](#Checkout-pull-request-HEAD-commit-instead-of-merge-commit)
- [Checkout pull request on closed event](#Checkout-pull-request-on-closed-event)
- [Push a commit using the built-in token](#Push-a-commit-using-the-built-in-token)
- [Push a commit to a PR using the built-in token](#Push-a-commit-to-a-PR-using-the-built-in-token)
+- [仅获取根文件](#Fetch-only-the-root-files)
+- [仅获取根文件和 `.github` 及 `src` 文件夹](#Fetch-only-the-root-files-and-github-and-src-folder)
+- [仅获取单个文件](#Fetch-only-a-single-file)
+- [获取所有标签和分支的所有历史记录](#Fetch-all-history-for-all-tags-and-branches)
+- [检出不同分支](#Checkout-a-different-branch)
+- [检出 HEAD^](#Checkout-HEAD)
+- [并行检出多个仓库](#Checkout-multiple-repos-side-by-side)
+- [嵌套检出多个仓库](#Checkout-multiple-repos-nested)
+- [检出多个私有仓库](#Checkout-multiple-repos-private)
+- [检出拉取请求的 HEAD 提交而不是合并提交](#Checkout-pull-request-HEAD-commit-instead-of-merge-commit)
+- [在关闭事件上检出拉取请求](#Checkout-pull-request-on-closed-event)
+- [使用内置令牌推送提交](#Push-a-commit-using-the-built-in-token)
+- [使用内置令牌向拉取请求推送提交](#Push-a-commit-to-a-PR-using-the-built-in-token)

-## Fetch only the root files
+## 仅获取根文件

 ```yaml
- uses: actions/checkout@v4
+• uses: actions/checkout@v4
+
  with:
    sparse-checkout: .
 ```

-## Fetch only the root files and `.github` and `src` folder
+## 仅获取根文件和 `.github` 及 `src` 文件夹

 ```yaml
- uses: actions/checkout@v4
+• uses: actions/checkout@v4
+
  with:
    sparse-checkout: |
      .github
      src
 ```

-## Fetch only a single file
+## 仅获取单个文件

 ```yaml
- uses: actions/checkout@v4
+• uses: actions/checkout@v4
+
  with:
    sparse-checkout: |
      README.md
    sparse-checkout-cone-mode: false
 ```

-## Fetch all history for all tags and branches
+## 获取所有标签和分支的所有历史记录

 ```yaml
- uses: actions/checkout@v4
+• uses: actions/checkout@v4
+
  with:
    fetch-depth: 0
 ```

-## Checkout a different branch
+## 检出不同分支

 ```yaml
- uses: actions/checkout@v4
+• uses: actions/checkout@v4
+
  with:
    ref: my-branch
 ```

-## Checkout HEAD^
+## 检出 HEAD^

 ```yaml
- uses: actions/checkout@v4
+• uses: actions/checkout@v4
+
  with:
    fetch-depth: 2
- run: git checkout HEAD^
+• run: git checkout HEAD^
+
 ```

-## Checkout multiple repos (side by side)
+## 并行检出多个仓库

 ```yaml
- name: Checkout
+• name: Checkout
+
  uses: actions/checkout@v4
  with:
    path: main

- name: Checkout tools repo
+• name: Checkout tools repo
+
  uses: actions/checkout@v4
  with:
    repository: my-org/my-tools
    path: my-tools
 ```
-> - If your secondary repository is private or internal you will need to add the option noted in [Checkout multiple repos (private)](#Checkout-multiple-repos-private)
+> - 如果您的次要仓库是私有或内部的，您需要添加 [Checkout multiple repos (private)](#Checkout-multiple-repos-private) 中提到的选项

-## Checkout multiple repos (nested)
+## 嵌套检出多个仓库

 ```yaml
- name: Checkout
+• name: Checkout
+
  uses: actions/checkout@v4

- name: Checkout tools repo
+• name: Checkout tools repo
+
  uses: actions/checkout@v4
  with:
    repository: my-org/my-tools
    path: my-tools
 ```
-> - If your secondary repository is private or internal you will need to add the option noted in [Checkout multiple repos (private)](#Checkout-multiple-repos-private)
+> - 如果您的次要仓库是私有或内部的，您需要添加 [Checkout multiple repos (private)](#Checkout-multiple-repos-private) 中提到的选项

-## Checkout multiple repos (private)
+## 检出多个私有仓库

 ```yaml
- name: Checkout
+• name: Checkout
+
  uses: actions/checkout@v4
  with:
    path: main

- name: Checkout private tools
+• name: Checkout private tools
+
  uses: actions/checkout@v4
  with:
    repository: my-org/my-private-tools
-    token: ${{ secrets.GH_PAT }} # `GH_PAT` is a secret that contains your PAT
+    token: ${{ secrets.GH_PAT }} # `GH_PAT` 是包含您 PAT 的机密
    path: my-tools
 ```
+> - `${{ github.token }}` 的范围限定在当前仓库，因此如果您想检出其他私有仓库，则需要提供您自己的 [PAT](https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line)。

-> - `${{ github.token }}` is scoped to the current repository, so if you want to checkout a different repository that is private you will need to provide your own [PAT](https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line).
-
-
-## Checkout pull request HEAD commit instead of merge commit
+## 检出拉取请求的 HEAD 提交而不是合并提交

 ```yaml
- uses: actions/checkout@v4
+• uses: actions/checkout@v4
+
  with:
    ref: ${{ github.event.pull_request.head.sha }}
 ```

-## Checkout pull request on closed event
+## 在关闭事件上检出拉取请求

 ```yaml
 on:
@ -266,10 +264,11 @@ jobs:
  build:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      ◦ uses: actions/checkout@v4
+
 ```

-## Push a commit using the built-in token
+## 使用内置令牌推送提交

 ```yaml
 on: push
@ -277,21 +276,23 @@ jobs:
  build:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
-      - run: |
+      ◦ uses: actions/checkout@v4
+
+      ◦ run: |
+
          date > generated.txt
-          # Note: the following account information will not work on GHES
+          # 注意：以下账户信息在 GHES 上不起作用
          git config user.name "github-actions[bot]"
          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
          git add .
          git commit -m "generated"
          git push
 ```
-*NOTE:* The user email is `{user.id}+{user.login}@users.noreply.github.com`. See users API: https://api.github.com/users/github-actions%5Bbot%5D
+*注意:* 用户邮箱为 `{user.id}+{user.login}@users.noreply.github.com`。请参阅用户 API: https://api.github.com/users/github-actions%5Bbot%5D

-## Push a commit to a PR using the built-in token
+## 使用内置令牌向拉取请求推送提交

-In a pull request trigger, `ref` is required as GitHub Actions checks out in detached HEAD mode, meaning it doesn’t check out your branch by default.
+在拉取请求触发器中，需要指定 `ref`，因为 GitHub Actions 默认以分离的 HEAD 模式检出，这意味着它不会默认检出您的分支。

 ```yaml
 on: pull_request
@ -299,21 +300,31 @@ jobs:
  build:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      ◦ uses: actions/checkout@v4
+
        with:
          ref: ${{ github.head_ref }}
-      - run: |
+      ◦ run: |
+
          date > generated.txt
-          # Note: the following account information will not work on GHES
+          # 注意：以下账户信息在 GHES 上不起作用
          git config user.name "github-actions[bot]"
          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
          git add .
          git commit -m "generated"
          git push
 ```
-*NOTE:* The user email is `{user.id}+{user.login}@users.noreply.github.com`. See users API: https://api.github.com/users/github-actions%5Bbot%5D
+*注意:* 用户邮箱为 `{user.id}+{user.login}@users.noreply.github.com`。请参阅用户 API: https://api.github.com/users/github-actions%5Bbot%5D

+# 推荐权限

-# License
+在 GitHub Actions 工作流中使用 `checkout` 操作时，建议设置以下 `GITHUB_TOKEN` 权限以确保正常功能，除非通过 `token` 或 `ssh-key` 输入提供了替代身份验证：

-The scripts and documentation in this project are released under the [MIT License](LICENSE)
+```yaml
+permissions:
+  contents: read
+```
+
+# 许可证
+
+此项目中的脚本和文档均根据 [MIT 许可证](LICENSE) 发布
--- a/adrs/0153-checkout-v2.md
+++ b/adrs/0153-checkout-v2.md
@ -1,290 +1,274 @@
 # ADR 0153: Checkout v2

-**Date**: 2019-10-21
+**日期**: 2019-10-21

-**Status**: Accepted
+**状态**: 已接受

-## Context
+## 背景

-This ADR details the behavior for `actions/checkout@v2`.
+本 ADR 详细说明了 `actions/checkout@v2` 的行为。

-The new action will be written in typescript. We are moving away from runner-plugin actions.
+新操作将用 TypeScript 编写。我们将不再使用运行器插件操作。

-We want to take this opportunity to make behavioral changes, from v1. This document is scoped to those differences.
+我们希望借此机会从 v1 进行行为变更。本文档的范围仅限于这些差异。

-## Decision
+## 决策

-### Inputs
+### 输入参数

 ```yaml
  repository:
-    description: 'Repository name with owner. For example, actions/checkout'
-    default: ${{ github.repository }}
+    描述: '仓库名称及所有者。例如，actions/checkout'
+    默认值: ${{ github.repository }}
  ref:
-    description: >
-      The branch, tag or SHA to checkout. When checking out the repository that
-      triggered a workflow, this defaults to the reference or SHA for that
-      event.  Otherwise, uses the default branch.
+    描述: >
+      要检出的分支、标签或 SHA。当检出触发工作流的仓库时，默认为该事件的引用或 SHA。
+      否则，使用默认分支。
  token:
-    description: >
-      Personal access token (PAT) used to fetch the repository. The PAT is configured
-      with the local git config, which enables your scripts to run authenticated git
-      commands. The post-job step removes the PAT.
+    描述: >
+      用于获取仓库的个人访问令牌 (PAT)。该 PAT 会配置到本地 git 配置中，使您的脚本可以运行经过身份验证的 git 命令。
+      作业后步骤会移除该 PAT。

+      我们建议使用具有最低必要权限的服务账户。
+      此外，在生成新的 PAT 时，请选择最低必要的范围。

-      We recommend using a service account with the least permissions necessary.
-      Also when generating a new PAT, select the least scopes necessary.
-
-
-      [Learn more about creating and using encrypted secrets](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)
-    default: ${{ github.token }}
+      [了解有关创建和使用加密机密的更多信息](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)
+    默认值: ${{ github.token }}
  ssh-key:
-    description: >
-      SSH key used to fetch the repository. The SSH key is configured with the local
-      git config, which enables your scripts to run authenticated git commands.
-      The post-job step removes the SSH key.
+    描述: >
+      用于获取仓库的 SSH 密钥。该 SSH 密钥会配置到本地 git 配置中，使您的脚本可以运行经过身份验证的 git 命令。
+      作业后步骤会移除该 SSH 密钥。

+      我们建议使用具有最低必要权限的服务账户。

-      We recommend using a service account with the least permissions necessary.
-
-
-      [Learn more about creating and using
-      encrypted secrets](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)
+      [了解有关创建和使用加密机密的更多信息](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)
  ssh-known-hosts:
-    description: >
-      Known hosts in addition to the user and global host key database. The public
-      SSH keys for a host may be obtained using the utility `ssh-keyscan`. For example,
-      `ssh-keyscan github.com`. The public key for github.com is always implicitly added.
+    描述: >
+      除用户和全局主机密钥数据库之外的已知主机。可以使用 `ssh-keyscan` 工具获取主机的公共 SSH 密钥。例如，`ssh-keyscan github.com`。
+      github.com 的公钥始终会隐式添加。
  ssh-strict:
-    description: >
-      Whether to perform strict host key checking. When true, adds the options `StrictHostKeyChecking=yes`
-      and `CheckHostIP=no` to the SSH command line. Use the input `ssh-known-hosts` to
-      configure additional hosts.
-    default: true
+    描述: >
+      是否执行严格的主机密钥检查。当为 true 时，会在 SSH 命令行中添加 `StrictHostKeyChecking=yes` 和 `CheckHostIP=no` 选项。
+      使用 `ssh-known-hosts` 输入来配置其他主机。
+    默认值: true
  persist-credentials:
-    description: 'Whether to configure the token or SSH key with the local git config'
-    default: true
+    描述: '是否将令牌或 SSH 密钥配置到本地 git 配置中'
+    默认值: true
  path:
-    description: 'Relative path under $GITHUB_WORKSPACE to place the repository'
+    描述: '在 $GITHUB_WORKSPACE 下放置仓库的相对路径'
  clean:
-    description: 'Whether to execute `git clean -ffdx && git reset --hard HEAD` before fetching'
-    default: true
+    描述: '是否在获取前执行 `git clean -ffdx && git reset --hard HEAD`'
+    默认值: true
  fetch-depth:
-    description: 'Number of commits to fetch. 0 indicates all history for all tags and branches.'
-    default: 1
+    描述: '要获取的提交数量。0 表示所有分支和标签的所有历史记录。'
+    默认值: 1
  lfs:
-    description: 'Whether to download Git-LFS files'
-    default: false
+    描述: '是否下载 Git-LFS 文件'
+    默认值: false
  submodules:
-    description: >
-      Whether to checkout submodules: `true` to checkout submodules or `recursive` to
-      recursively checkout submodules.
+    描述: >
+      是否检出子模块：`true` 表示检出子模块，`recursive` 表示递归检出子模块。

-
-      When the `ssh-key` input is not provided, SSH URLs beginning with `git@github.com:` are
-      converted to HTTPS.
-    default: false
+      当未提供 `ssh-key` 输入时，以 `git@github.com:` 开头的 SSH URL 会被转换为 HTTPS。
+    默认值: false
 ```

-Note:
- SSH support is new
- `persist-credentials` is new
- `path` behavior is different (refer [below](#path) for details)
+注意：
+- 新增 SSH 支持
+- 新增 `persist-credentials` 参数
+- `path` 行为不同（详见下文 [path](#path)）

-### Fallback to GitHub API
+### 回退到 GitHub API

-When a sufficient version of git is not in the PATH, fallback to the [web API](https://developer.github.com/v3/repos/contents/#get-archive-link) to download a tarball/zipball.
+当 PATH 中没有足够版本的 git 时，回退到 [Web API](https://developer.github.com/v3/repos/contents/#get-archive-link) 下载 tarball/zipball。

-Note:
- LFS files are not included in the archive. Therefore fail if LFS is set to true.
- Submodules are also not included in the archive.
+注意：
+- 存档中不包含 LFS 文件。因此，如果 LFS 设置为 true，则会失败。
+- 存档中也不包含子模块。

-### Persist credentials
+### 持久化凭据

-The credentials will be persisted on disk. This will allow users to script authenticated git commands, like `git fetch`.
+凭据将持久化到磁盘。这将允许用户编写经过身份验证的 git 命令脚本，如 `git fetch`。

-A post script will remove the credentials (cleanup for self-hosted).
+作业后脚本将移除凭据（自托管环境的清理）。

-Users may opt-out by specifying `persist-credentials: false`
+用户可以通过指定 `persist-credentials: false` 选择退出

-Note:
- Users scripting `git commit` may need to set the username and email. The service does not provide any reasonable default value. Users can add `git config user.name <NAME>` and `git config user.email <EMAIL>`. We will document this guidance.
+注意：
+- 编写 `git commit` 脚本的用户可能需要设置用户名和电子邮件。服务不会提供任何合理的默认值。用户可以添加 `git config user.name <NAME>` 和 `git config user.email <EMAIL>`。我们将记录此指导。

 #### PAT

-When using the `${{github.token}}` or a PAT, the token will be persisted in the local git config. The config key `http.https://github.com/.extraheader` enables an auth header to be specified on all authenticated commands `AUTHORIZATION: basic <BASE64_U:P>`.
+使用 `${{github.token}}` 或 PAT 时，令牌将持久化到本地 git 配置中。配置键 `http.https://github.com/.extraheader` 允许在所有经过身份验证的命令上指定 auth header `AUTHORIZATION: basic <BASE64_U:P>`。

-Note:
- The auth header is scoped to all of github `http.https://github.com/.extraheader`
-  - Additional public remotes also just work.
-  - If users want to authenticate to an additional private remote, they should provide the `token` input.
+注意：
+- auth header 的范围限定在所有 github `http.https://github.com/.extraheader`
+  - 额外的公共远程仓库也能正常工作。
+  - 如果用户需要对额外的私有远程仓库进行身份验证，他们应提供 `token` 输入。

-#### SSH key
+#### SSH 密钥

-The SSH key will be written to disk under the `$RUNNER_TEMP` directory. The SSH key will
-be removed by the action's post-job hook. Additionally, RUNNER_TEMP is cleared by the
-runner between jobs.
+SSH 密钥将写入 `$RUNNER_TEMP` 目录下的磁盘。SSH 密钥将由操作的作业后钩子移除。此外，RUNNER_TEMP 在作业之间会被运行器清除。

-The SSH key must be written with strict file permissions. The SSH client requires the file
-to be read/write for the user, and not accessible by others.
+SSH 密钥必须以严格的文件权限写入。SSH 客户端要求文件对用户可读/写，且其他用户无法访问。

-The user host key database (`~/.ssh/known_hosts`) will be copied to a unique file under
-`$RUNNER_TEMP`. And values from the input `ssh-known-hosts` will be added to the file.
+用户主机密钥数据库 (`~/.ssh/known_hosts`) 将被复制到 `$RUNNER_TEMP` 下的唯一文件中。输入 `ssh-known-hosts` 的值将被添加到该文件中。

-The SSH command will be overridden for the local git config:
+SSH 命令将覆盖本地 git 配置：

 ```sh
 git config core.sshCommand 'ssh -i "$RUNNER_TEMP/path-to-ssh-key" -o StrictHostKeyChecking=yes -o CheckHostIP=no -o "UserKnownHostsFile=$RUNNER_TEMP/path-to-known-hosts"'
 ```

-When the input `ssh-strict` is set to `false`, the options `CheckHostIP` and `StrictHostKeyChecking` will not be overridden.
+当输入 `ssh-strict` 设置为 `false` 时，选项 `CheckHostIP` 和 `StrictHostKeyChecking` 将不会被覆盖。

-Note:
- When `ssh-strict` is set to `true` (default), the SSH option `CheckHostIP` can safely be disabled.
-  Strict host checking verifies the server's public key. Therefore, IP verification is unnecessary
-  and noisy. For example:
-  > Warning: Permanently added the RSA host key for IP address '140.82.113.4' to the list of known hosts.
- Since GIT_SSH_COMMAND overrides core.sshCommand, temporarily set the env var when fetching the repo. When creds
-  are persisted, core.sshCommand is leveraged to avoid multiple checkout steps stomping over each other.
- Modify actions/runner to mount RUNNER_TEMP to enable scripting authenticated git commands from a container action.
- Refer [here](https://linux.die.net/man/5/ssh_config) for SSH config details.
+注意：
+- 当 `ssh-strict` 设置为 `true`（默认值）时，可以安全地禁用 SSH 选项 `CheckHostIP`。
+  严格的主机检查会验证服务器的公钥。因此，IP 验证是不必要的，并且会产生噪音。例如：
+  > 警告：已将 RSA 主机密钥永久添加到已知主机列表中，IP 地址为 '140.82.113.4'。
+- 由于 GIT_SSH_COMMAND 会覆盖 core.sshCommand，因此在获取仓库时会临时设置环境变量。当凭据被持久化时，core.sshCommand 将被利用以避免多个检出步骤相互覆盖。
+- 修改 actions/runner 以挂载 RUNNER_TEMP，从而允许从容器操作中编写经过身份验证的 git 命令脚本。
+- 有关 SSH 配置详细信息，请参阅 [这里](https://linux.die.net/man/5/ssh_config)。

-### Fetch behavior
+### 获取行为

-Fetch only the SHA being built and set depth=1. This significantly reduces the fetch time for large repos.
+仅获取正在构建的 SHA 并将深度设置为 1。这显著减少了大型仓库的获取时间。

-If a SHA isn't available (e.g. multi repo), then fetch only the specified ref with depth=1.
+如果 SHA 不可用（例如多仓库），则仅获取指定的 ref，深度为 1。

-The input `fetch-depth` can be used to control the depth.
+可以使用输入 `fetch-depth` 控制深度。

-Note:
- Fetching a single commit is supported by Git wire protocol version 2. The git client uses protocol version 0 by default. The desired protocol version can be overridden in the git config or on the fetch command line invocation (`-c protocol.version=2`). We will override on the fetch command line, for transparency.
- Git client version 2.18+ (released June 2018) is required for wire protocol version 2.
+注意：
+- Git 线路协议版本 2 支持获取单个提交。git 客户端默认使用协议版本 0。可以在 git 配置中或在 fetch 命令行调用时覆盖所需的协议版本（`-c protocol.version=2`）。我们将在 fetch 命令行上覆盖，以确保透明性。
+- Git 客户端版本 2.18+（2018 年 6 月发布）需要线路协议版本 2。

-### Checkout behavior
+### 检出行为

-For CI, checkout will create a local ref with the upstream set. This allows users to script git as they normally would.
+对于 CI，检出将创建一个设置了上游的本地引用。这允许用户像平常一样编写 git 脚本。

-For PR, continue to checkout detached head. The PR branch is special - the branch and merge commit are created by the server. It doesn't match a users' local workflow.
+对于 PR，继续检出分离的 HEAD。PR 分支是特殊的 - 分支和合并提交由服务器创建。它不匹配用户的本地工作流。

-Note:
- Consider deleting all local refs during cleanup if that helps avoid collisions. More testing required.
+注意：
+- 如果有助于避免冲突，可以考虑在清理时删除所有本地引用。需要更多测试。

-### Path
+### 路径

-For the mainline scenario, the disk-layout behavior remains the same.
+对于主线场景，磁盘布局行为保持不变。

-Remember, given the repo `johndoe/foo`, the mainline disk layout looks like:
+记住，对于仓库 `johndoe/foo`，主线磁盘布局如下：

 ```
 GITHUB_WORKSPACE=/home/runner/work/foo/foo
 RUNNER_WORKSPACE=/home/runner/work/foo
 ```

-V2 introduces a new constraint on the checkout path. The location must now be under `github.workspace`. Whereas the checkout@v1 constraint was one level up, under `runner.workspace`.
+V2 对检出路径引入了新的约束。位置现在必须在 `github.workspace` 下。而 checkout@v1 的约束是在上一级，位于 `runner.workspace` 下。

-V2 no longer changes `github.workspace` to follow wherever the self repo is checked-out.
+V2 不再更改 `github.workspace` 以跟随自仓库的检出位置。

-These behavioral changes align better with container actions. The [documented filesystem contract](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/virtual-environments-for-github-hosted-runners#docker-container-filesystem) is:
+这些行为变化更好地与容器操作对齐。[记录的文件系统契约](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/virtual-environments-for-github-hosted-runners#docker-container-filesystem) 是：

 - `/github/home`
- `/github/workspace` - Note: GitHub Actions must be run by the default Docker user (root). Ensure your Dockerfile does not set the USER instruction, otherwise you will not be able to access `GITHUB_WORKSPACE`.
+- `/github/workspace` - 注意：GitHub Actions 必须由默认的 Docker 用户（root）运行。确保您的 Dockerfile 没有设置 USER 指令，否则您将无法访问 `GITHUB_WORKSPACE`。
 - `/github/workflow`

-Note:
- The tracking config will not be updated to reflect the path of the workflow repo.
- Any existing workflow repo will not be moved when the checkout path changes. In fact some customers want to checkout the workflow repo twice, side by side against different branches.
- Actions that need to operate only against the root of the self repo, should expose a `path` input.
+注意：
+- 跟踪配置不会更新以反映工作流仓库的路径。
+- 当检出路径更改时，任何现有的工作流仓库都不会被移动。实际上，一些客户希望并行检出工作流仓库到不同分支的旁边。
+- 需要仅针对自仓库的根目录操作的 Actions 应公开一个 `path` 输入。

-#### Default value for `path` input
+#### `path` 输入的默认值

-The `path` input will default to `./` which is rooted against `github.workspace`.
+`path` 输入将默认为 `./`，相对于 `github.workspace`。

-This default fits the mainline scenario well: single checkout
+此默认值非常适合主线场景：单一检出

-For multi-checkout, users must specify the `path` input for at least one of the repositories.
+对于多检出，用户必须至少为一个仓库指定 `path` 输入。

-Note:
- An alternative is for the self repo to default to `./` and other repos default to `<REPO_NAME>`. However nested layout is an atypical git layout and therefore is not a good default. Users should supply the path info.
+注意：
+- 另一种选择是自仓库默认为 `./`，其他仓库默认为 `<REPO_NAME>`。然而，嵌套布局是一种非典型的 git 布局，因此不是好的默认值。用户应提供路径信息。

-#### Example - Nested layout
+#### 示例 - 嵌套布局

-The following example checks-out two repositories and creates a nested layout.
+以下示例检出两个仓库并创建嵌套布局。

 ```yaml
-# Self repo - Checkout to $GITHUB_WORKSPACE
- uses: checkout@v2
+自仓库 - 检出到 $GITHUB_WORKSPACE
+• uses: checkout@v2
+
+
+其他仓库 - 检出到 $GITHUB_WORKSPACE/myscripts
+• uses: checkout@v2

-# Other repo - Checkout to $GITHUB_WORKSPACE/myscripts
- uses: checkout@v2
  with:
    repository: myorg/myscripts
    path: myscripts
 ```

-#### Example - Side by side layout
+#### 示例 - 并排布局

-The following example checks-out two repositories and creates a side-by-side layout.
+以下示例检出两个仓库并创建并排布局。

 ```yaml
-# Self repo - Checkout to $GITHUB_WORKSPACE/foo
- uses: checkout@v2
+自仓库 - 检出到 $GITHUB_WORKSPACE/foo
+• uses: checkout@v2
+
  with:
    path: foo

-# Other repo - Checkout to $GITHUB_WORKSPACE/myscripts
- uses: checkout@v2
+其他仓库 - 检出到 $GITHUB_WORKSPACE/myscripts
+• uses: checkout@v2
+
  with:
    repository: myorg/myscripts
    path: myscripts
 ```

-#### Path impact to problem matchers
+#### 路径对问题匹配器的影响

-Problem matchers associate the source files with annotations.
+问题匹配器将源文件与注释关联。

-Today the runner verifies the source file is under the `github.workspace`. Otherwise the source file property is dropped.
+目前，运行器验证源文件是否在 `github.workspace` 下。否则，源文件属性将被丢弃。

-Multi-checkout complicates the matter. However even today submodules may cause this heuristic to be inaccurate.
+多检出使问题复杂化。然而，即使是现在，子模块也可能导致此启发式不准确。

-A better solution is:
+更好的解决方案是：

-Given a source file path, walk up the directories until the first `.git/config` is found. Check if it matches the self repo (`url = https://github.com/OWNER/REPO`). If not, drop the source file path.
+给定源文件路径，向上遍历目录，直到找到第一个 `.git/config`。检查它是否与自仓库匹配（`url = https://github.com/OWNER/REPO`）。如果不匹配，则丢弃源文件路径。

-### Submodules
+### 子模块

-With both PAT and SSH key support, we should be able to provide frictionless support for
-submodules scenarios: recursive, non-recursive, relative submodule paths.
+有了 PAT 和 SSH 密钥支持，我们应该能够为子模块场景提供无缝支持：递归、非递归、相对子模块路径。

-When fetching submodules, follow the `fetch-depth` settings.
+获取子模块时，遵循 `fetch-depth` 设置。

-Also when fetching submodules, if the `ssh-key` input is not provided then convert SSH URLs to HTTPS: `-c url."https://github.com/".insteadOf "git@github.com:"`
+此外，在获取子模块时，如果未提供 `ssh-key` 输入，则将 SSH URL 转换为 HTTPS：`-c url."https://github.com/".insteadOf "git@github.com:"`

-Credentials will be persisted in the submodules local git config too.
+凭据也将持久化到子模块的本地 git 配置中。

-### Port to typescript
+### 转换为 TypeScript

-The checkout action should be a typescript action on the GitHub graph, for the following reasons:
- Enables customers to fork the checkout repo and modify
- Serves as an example for customers
- Demystifies the checkout action manifest
- Simplifies the runner
- Reduce the amount of runner code to port (if we ever do)
+出于以下原因，检出操作应该是 GitHub graph 上的 TypeScript 操作：
+- 使客户能够 fork 检出仓库并进行修改
+- 作为客户的示例
+- 澄清检出操作清单
+- 简化运行器
+- 减少需要移植的运行器代码量（如果我们曾经这样做）

-Note:
- This means job-container images will need git in the PATH, for checkout.
+注意：
+- 这意味着作业容器镜像需要在 PATH 中有 git，以便进行检出。

-### Branching strategy and release tags
+### 分支策略和发布标签

- Create a servicing branch for V1: `releases/v1`
- Merge the changes into the default branch
- Release using a new tag `preview`
- When stable, release using a new tag `v2`
+- 为 V1 创建一个维护分支：`releases/v1`
+- 将更改合并到默认分支
+- 使用新标签 `preview` 发布
+- 稳定后，使用新标签 `v2` 发布

-## Consequences
+## 后果

- Update the checkout action and readme
- Update samples to consume `actions/checkout@v2`
- Job containers now require git in the PATH for checkout, otherwise fallback to REST API
- Minimum git version 2.18
- Update problem matcher logic regarding source file verification (runner)
+- 更新检出操作和自述文件
+- 更新示例以使用 `actions/checkout@v2`
+- 作业容器现在需要 PATH 中有 git 才能进行检出，否则回退到 REST API
+- 最低 git 版本 2.18
+- 更新问题匹配器逻辑，关于源文件验证（运行器）
Author	SHA1	Message	Date
寻觅	357fea8c37	[汉化] 翻译一些说明和更新日志	2025-05-07 12:00:45 +08:00
Josh Gross	85e6279cec	Adjust positioning of user email note and permissions heading (#2044 ) Some checks failed CodeQL / Analyze (javascript) (push) Has been cancelled Details Licensed / Check licenses (push) Has been cancelled Details Build and Test / build (push) Has been cancelled Details Build and Test / test (macos-latest) (push) Has been cancelled Details Build and Test / test (ubuntu-latest) (push) Has been cancelled Details Build and Test / test (windows-latest) (push) Has been cancelled Details Build and Test / test-proxy (push) Has been cancelled Details Build and Test / test-bypass-proxy (push) Has been cancelled Details Build and Test / test-git-container (push) Has been cancelled Details Build and Test / test-output (push) Has been cancelled Details	2025-01-16 15:56:18 -05:00
Ben Wells	009b9ae9e4	Documentation update - add recommended permissions to Readme (#2043 ) * Update README.md * Update README.md Co-authored-by: Josh Gross <joshmgross@github.com> --------- Co-authored-by: Josh Gross <joshmgross@github.com>	2025-01-16 14:14:48 -05:00