概要
このActionはリポジトリを$GITHUB_WORKSPACEにチェックアウトし、ワークフローがコードにアクセスできるようにします。認証、スパースチェックアウト、サブモジュール、および複数のフェッチオプションをサポートしています。GitHub公式によってメンテナンスされています。
README プレビュー
[](https://github.com/actions/checkout/actions/workflows/test.yml)\n\n# Checkout v7\n\n## What's new\n\n- Safer fork pull request handling: checkout now refuses to check out fork pull request code by default when the workflow is triggered by `pull_request_target` or `workflow_run`. These triggers run with the base repository's `GITHUB_TOKEN`, secrets, and runner access, where executing a fork's code commonly leads to "pwn request" vulnerabilities.\n - To opt in after [reviewing the risks](https://gh.io/securely-using-pull_request_target), set the new `allow-unsafe-pr-checkout: true` input.\n- Migrated `actions/checkout` to ESM to support new versions of the `@actions/*` packages.\n- Updated direct and transitive dependencies, including security fixes for known vulnerabilities.\n\n# Checkout v6\n\n## What's new\n\n- Improved credential security: `persist-credentials` now stores credentials in a separate file under `$RUNNER_TEMP` instead of directly in `.git/config`\n- No workflow changes required — `git fetch`, `git push`, etc. continue to work automatically\n- Running authenticated git commands from a [Docker container action](https://docs.github.com/actions/sharing-automations/creating-actions/creating-a-docker-container-action) requires Actions Runner [v2.329.0](https://github.com/actions/runner/releases/tag/v2.329.0) or later\n\n# Checkout v5\n\n## What's new\n\n- Updated to the node24 runtime\n - This requires a minimum Actions Runner version of [v2.327.1](https://github.com/actions/runner/releases/tag/v2.327.1) to run.\n\n# Checkout v4\n\nThis action checks-out your repository under `$GITHUB_WORKSPACE`, so your workflow can access it.\n\nOnly a single commit is fetched by default, for the ref/SHA that triggered the workflow. Set `fetch-depth: 0` to fetch all history for all branches and tags. Refer [here](https://docs.github.com/actions/using-workflows/events-that-trigger-workflows) to learn which commit `$GITHUB_SHA` points to for different events.\n\nThe au